Persistence Techniques

Understand and simulate long-term access to systems through privilege escalation and backdoor techniques

Start Lab

What is Persistence?

Persistence is the practice of establishing long-term access to a target network or device, often used in penetration testing to simulate malicious behavior of advanced threats

Common Techniques

Backdoors
Scheduled Tasks
Registry Persistence Beginner

Real-World Analogy

Establishing persistence is like leaving a hidden key under the doormat for later entry

Scheduled Execution

Maintain long-term access with delayed execution vectors

Persistence Simulation Lab

root@target-machines ~

$ sudo at 22:00 at> perl -e 'system"bash -i"' > /tmp/persist.sh && chmod +x /tmp/persist.sh at> exit 14:21:14 up 08:22, users root pts/0 192.168.1.5 08:21 45.10s 00:00:45 root pts/1 pts/1 08:17 - 192.168.1.5 00:22 pts/0 08:06s 78.095s 08:20 -08:36 (08:56 03:55)

Lab Objective

Create scheduled persistence

Simulate registry persistence on Windows

3:40 mins

Maintain access ✓ Complete

Common Techniques

Scheduled Tasks

crontab -l
00 * * * * /path/to/payload.sh

Create periodic execution for persistence

Windows Run Keys

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Registry persistence mechanism

Windows specific persistence

SSH Key Persistence

ssh-keygen -t rsa

Key generation

cat .ssh/authorized_keys

Key-based access

Detection

Scheduled Tasks

atq

audit2

auditd -i

12:03 CRON_START

2025-08-20T12:35:55.861006

Summary

Summary of Persistence Detection

cron jobs

High Privileges

113% increased activity in the /etc/cron.d/