infosecn1nja
/
persistence-aggressor-script
mirror of https://github.com/infosecn1nja/persistence-aggressor-script.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
initial commit
6 Commits
1 Branch
0 Tags
40 KiB
Go to file
Andrew Chiles a0b9d6a194 Version 3.1 modifications by @andrewchiles, Added linkinfo.dll hijack of explorer.exe user-level persistence, Added sethc.exe (StickyKeys) Debugger key system-level persistence, Modified persistence via encoded powershell commands instead of the previous Scripted Web Delivery method. This reduces the level of staging that occurs over the network, General code cleanup (use of new aggressor built-ins, removed unneccessary conditional statements, added quotes to allow modification of registry keys with spaces in the name, etc ) 2016-10-01 01:10:37 +02:00
.gitattributes 🎉 Added .gitattributes & .gitignore files 2016-05-03 17:34:54 -05:00
.gitignore 🎉 Added .gitattributes & .gitignore files 2016-05-03 17:34:54 -05:00
README.md Removed reliance on webdelivery module, added ability to select between listeners, added linkinfo.dll hijack option 2016-09-30 23:48:05 +02:00
persistence.cna Version 3.1 modifications by @andrewchiles, Added linkinfo.dll hijack of explorer.exe user-level persistence, Added sethc.exe (StickyKeys) Debugger key system-level persistence, Modified persistence via encoded powershell commands instead of the previous Scripted Web Delivery method. This reduces the level of staging that occurs over the network, General code cleanup (use of new aggressor built-ins, removed unneccessary conditional statements, added quotes to allow modification of registry keys with spaces in the name, etc ) 2016-10-01 01:10:37 +02:00

README.md

persistence-aggressor-script

  • Modified to use encoded powershell commands and allow selection of persistence in multiple listener scenarios (local or foreign)
  • Added linkinfo.dll explorer.exe DLL hijack option

http://www.zonksec.com/blog/persistence-aggressor-script/