In this post, We covered the third part of Windows Persistence Techniques and specifically we covered Backdooring Windows Services as part of TryHackMe Windows Local Persistence.

Windows services offer a great way to establish persistence since they can be configured to run in the background whenever the victim machine is started. If we can leverage any service to run something for us, we can regain control of the victim machine each time it is started.

A service is basically an executable that runs in the background. When configuring a service, you define which executable will be used and select if the service will automatically run when the machine starts or should be manually started.

Get OSCP Certificate Notes

There are two main ways we can abuse services to establish persistence

  • Create a new service
  • Modify an existing one to execute our payload.

Room Answers

Insert flag7 here

Insert flag8 here

Video Walk-Through

, ,
Show Comments

The MasterMinds Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles