Services

We can abuse services for persistence, for this example, we will create a new service called "UpdaterServ":

sc create UpdaterServ binpath= "c:\binary" start= auto

We can see If it worked with:

sc query UpdaterServ

We can finally start the service with:

sc start UpdaterServ

Note: You will get an error if your persistence executable does not contain the necessary functions to function as a windows service. For more information on how to write a windows service:

Simple Windows Service in C++CodeProject

You can also modify an existing service to point to your persistence executable like so:

sc stop UpdaterServ
sc config UpdaterServ binpath= "c:\binary"
sc start UpdaterServ

PreviousSSP NextDefault File Extension

Last updated 3 years ago

Was this helpful?