Registry Autoruns
Windows can be configured to run commands at startup. If we compromise an administrator’s account, we can add our reverse shell to Registry Run Keys, so that to be triggered each time the system boots up.
Exploitation
We are going to exploit registry AutoRuns to achieve persistence
Now we will place our reverse shell executable to the directory we specified in the registry.
We need to wait for the system to restart so that to get our payload executed. for the purpose of demonstration, we will restart the system .
Nice!