In this post, We covered the third part of Windows Persistence Techniques and specifically we covered Backdooring Windows Services as part of TryHackMe Windows Local Persistence.

Windows services offer a great way to establish persistence since they can be configured to run in the background whenever the victim machine is started. If we can leverage any service to run something for us, we can regain control of the victim machine each time it is started.

A service is basically an executable that runs in the background. When configuring a service, you define which executable will be used and select if the service will automatically run when the machine starts or should be manually started.

Get OSCP Certificate Notes

There are two main ways we can abuse services to establish persistence

  • Create a new service
  • Modify an existing one to execute our payload.

Room Answers

Insert flag7 here

Insert flag8 here

Video Walk-Through

, ,
Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles