.png)
SharpEventPersist is a Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file “C:\path\to\shellcode.bin” -instanceid 1337 -source Persistence -eventlog “Key Management Service”. The shellcode is converted to hex and written to the “Key Management Service”, event level is set to “Information” and source is “Persistence”.Run the SharpEventLoader tool to …
Continue reading “SharpEventPersist : Persistence By Writing/Reading Shellcode From Event Log”