Some of the words
Through the login user's self-start file modification, so as to achieve permission promotion
About the run&Runonce registry contents
The Run and RunOnce registry keys cause the program to Run each time the user logs in
The Run registry key will Run the task on each login, the RunOnce registry key will Run the task once and then delete the entry, and RunOnce will automatically delete the entry upon successful execution
The four different positions available are as follows
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
Actual use
Environment configuration
Create a new folder as follows
Give authenticated users full control as follows
Enter the registry and write the relevant function path as follows
winPEAS
Easy to use, if you can't not know how to use, you can follow my history blog
Simple to use
Upload the Trojan file to the destination path and rename it to the path information in the registry
After the target machine is restarted, users with high permissions are granted the following permissions
