Closed nomad231 closed 1 year ago
Hello,
Let me first start by saying I don't condone doing illegal activity and I'm assume you are doing this with proper permissions. To run the Powershell script in a hidden background window you can use the command below in a CMD console (use the old windows console not the advanced terminal it does not work).
PowerShell.exe -WindowStyle hidden -File backdoor.ps1
Now to for the persistence. The USB ducky/flipper bindAndExecute payload uses the following windows registry entry to maintain persistence after every reboot.
HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\run
You can of course also use
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Open Regedit and go to the path you selected then you want to make a new entry following the one in the gif below. We are going to use the same command as before. (If its hard to read try clicking on the actual gif)
Now after rebooting my PC I can confirm the test script is now running in the background with Process Hacker.
The Powershell backdoor script will try to reconnect every 5 seconds if it looses connection to your PC. Please let me know if you have any other questions or issues.
Best, Drew Alleman
Thanks.
Hi,
When i run backdoor its running in a powershell window. How can i run it background and persist it?
Thanks.