Tasks

Service Management

sc create testservice binPath= "c:\Windows\System32\calc.exe" start= "auto"

sc query testservice
sc qc testservice

sc start testservice
sc delete testservice

Registry Startup Programs

reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
reg query HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v EvilTest /d calc.exe
reg add HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v EvilTest /d calc.exe

reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v EvilTest
reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v EvilTest

User Management

net user testuser P@ssw0rd /add

net user

net localgroup administrators testuser /add

net localgroup administrators

net user testuser /delete

Process Management

calc.exe

tasklist

tasklist | findstr Calc

taskkill /f /pid 4054

Task Scheduling

schtasks /create /sc minute /mo 1 /tn evil /tr calc.exe
schtasks /create /sc onlogon /tn evil /tr calc.exe /ru SYSTEM

schtasks | findstr evil

schtasks /delete /tn evil

PreviousBasics NextNetwork

Last updated 2 years ago