After getting meterpreter shell ; we have to maintain access of shell. You can use meterpreter backdoor & persistent backdoor . But most of times it will caught by AV. You can create FUD payload using Veil.We can also create schedule task for our backdoor.
First create one batch file , put following code in it
“C:\Documents and Settings\fzuckerman\Desktop\backdoor.exe”
Then upload your backdoor & created batch file.Please adjust path of batch file according to your upload path of backdoor.
Get clear text password:-
Following are different methods to get clear text password of windows.
(2) You can also use mimikatz password dump method .
(3)You can also use mimikatz meterpreter plugin which i used in this tutorial.
(4)You can use wce & mimikatz in memory without uploading binary.
(a)WCE in memory:-
execute -H -m -d calc.exe -f /root/wce.exe -a “-o foo.txt”
(b)Mimikatz in memory:-
So till now i upload one batch file ; backdoor & get clear text password.
Now we are going to schedule our backdoor.We are going to use schtasks command. For detail option about schtasks visit here . In this tutorial i schedule my backdoor daily at 22:16. So everyday at 22:16 my backdoor will be executed & i will get shell.
It will ask to enter password which we got before.
You can also use different option like ONIDLE, ONLOGON, and ONSTART & execute different binary according to your need.