Found that the post module post/windows/manage/persistence_exe could not replace the meterpreter script metsvc flawlessly.
The main reason is that we could not run non-service applications as service, it didn't implement method to control the service status. So after this post module run, we could get a system session only once, restart or killed we lost it, which is not persistent.
My opinion is to create a new post module according to ./external/source/metsvc/src/metsvc-server.cpp, refactor it to apply most kinds of payloads.
Any suggestion?
Relevant issue: #10291
Found that the post module
post/windows/manage/persistence_execould not replace the meterpreter scriptmetsvcflawlessly.The main reason is that we could not run non-service applications as service, it didn't implement method to control the service status. So after this post module run, we could get a system session only once, restart or killed we lost it, which is not persistent.
My opinion is to create a new post module according to
./external/source/metsvc/src/metsvc-server.cpp, refactor it to apply most kinds of payloads.Any suggestion?
Relevant issue: #10291