A very short blog post for all of you that cannot let go of Task Scheduler as a persistence technique:https://www.a12d404.net/windows/2019/10/30/schedsvc-persist-without-task.html …
Great post- Always interested in undocumented dll sideloads, but mostly from the perspective of converting file creation to code execution in exploit chains :) For persistence maybe cng.sys is interesting? If exists in system32 it will get loaded on boot- I assume as a driver
-
-
I should probaly mention: beware, an invalid file will make your system bsod on boot. The requirements for making a valid file is unknown to me but an interesting topic to research :)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I think the driver needs to be signed, so that could be another obstacle that you need to overcome.
-
true, forgot about that
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.