Elevated Persistence
These methods are achieved once the operator has elevated its persistence on the workstation, this is helpful to avoid the privilege escalation situation and just come back to a higher permissions shell.
Note: These will require Privilege Escalation beforehand to achieve this level of persistence
Services
Services may be created with Administrator privileges, but they are executed under the SYSTEM level privileges, services can also be started through Service Execution.
A demonstration of the level required to create a Service can be shown below
But once elevated to the Administrator level
Our service has been successfully created and it's currently stopped will proceed to start the service
Even when the service lags or executes with an error it is still run successfully this usually happens when you replace the beneath with a command instead of a binary
All methods of persistence are available at this level of access on the workstation, I just wanted to demonstrate a specific one that can be demonstrated easily when Administrator access is needed.
Copy link