Need Help Making Persistence Undetectable

Mar 19, 2016 06:49 PM

I got into a meterpreter session without any issues, but now want to make sure I can reconnect to the victim (my desktop) after reboots. I tried using persistence but the AV caught it. I feel like there is a way to encode it that should work, but I am not sure how to encode a persistence payload.

I tried using Veil-Evasion backdoor factory(was 17 in the list) but AV detected that also. I tried using it with a custom exe payload(that was not detected by AV itself), but when I used it in conjunction with veil-evasion payload 17 as the ORIGINAL-exe it was detected as well.

My next thought was once connected to the meterpreter session, to immediately get into their startup folder and put my exe, so on reboots it would start my payload automatically. This works, but I always have to have a waiting meterpreter session listening, ready to connect.

Related Articles

637587411395252764.jpg

How to Perform Advanced Man-in-the-Middle Attacks with Xerosploit

635211718118959676.jpg

How to Get Unlimited Free Trials Using a "Real" Fake Credit Card Number

Comments

No Comments Exist

Be the first, drop a comment!