Need Help Making Persistence Undetectable
I got into a meterpreter session without any issues, but now want to make sure I can reconnect to the victim (my desktop) after reboots. I tried using persistence but the AV caught it. I feel like there is a way to encode it that should work, but I am not sure how to encode a persistence payload.
I tried using Veil-Evasion backdoor factory(was 17 in the list) but AV detected that also. I tried using it with a custom exe payload(that was not detected by AV itself), but when I used it in conjunction with veil-evasion payload 17 as the ORIGINAL-exe it was detected as well.
My next thought was once connected to the meterpreter session, to immediately get into their startup folder and put my exe, so on reboots it would start my payload automatically. This works, but I always have to have a waiting meterpreter session listening, ready to connect.