1 00:00:00,570 --> 00:00:07,580 In this lecture, we will gain persistence on the system by using run at start up future of Windows. 2 00:00:09,000 --> 00:00:16,050 To do so, we will create a class called persistence, and inside the class we will define a function 3 00:00:16,050 --> 00:00:20,670 to add our executable file to start up folder by using registry keys. 4 00:00:22,150 --> 00:00:28,510 In order to use registry keys, we will use registry package of .NET that, but it's not a 5 00:00:28,510 --> 00:00:32,230 defaultly the installed package, so you need to install it first. 6 00:00:34,260 --> 00:00:36,030 We will be using two methods. 7 00:00:37,260 --> 00:00:44,550 Opensubkey method for opening the registrky key, and setvalue method for setting a new value into the 8 00:00:44,550 --> 00:00:53,550 key, the full path of the registry key, which is corresponding to the start up folder, is this. 9 00:00:54,520 --> 00:00:57,970 So if you need it, just copy and use it. 10 00:01:00,760 --> 00:01:06,850 Let's start coding, but if you are new to this concepts, I highly encourage you to learn more about 11 00:01:06,850 --> 00:01:08,260 them before keep continue. 12 00:01:09,960 --> 00:01:11,970 So lets continue now. 13 00:01:15,600 --> 00:01:21,540 We need to create a class to do so, create a new file by clicking the new file button. 14 00:01:23,350 --> 00:01:32,110 I would call it pers.cs and copy the contents of the program.cs into the new file you have 15 00:01:32,110 --> 00:01:32,770 created. 16 00:01:33,710 --> 00:01:39,440 Oops, sorry about that, it shouldn't be here and copy the contents. 17 00:01:44,570 --> 00:01:52,520 Changed the last name, I will use persistance as my class name and remove that trivial part. 18 00:01:54,430 --> 00:02:04,270 For the first step, we need to install the registry package to do so, open up your terminal and type 19 00:02:04,720 --> 00:02:13,240 dotnet add package Microsoft.Win32.Registry 20 00:02:20,970 --> 00:02:24,030 For the next step, we need to create a function. 21 00:02:25,770 --> 00:02:26,460 Let's do it. 22 00:02:28,980 --> 00:02:35,370 I will call it, addtostartup 23 00:02:38,810 --> 00:02:44,360 Since it won't be returning anything I selected void as my return data type. 24 00:02:46,290 --> 00:02:56,800 And for the next step, we need to create an instance of registrykey class to do so, use 25 00:02:56,970 --> 00:03:00,870 Microsoft.Win32 namespace and use registrykey 26 00:03:02,120 --> 00:03:06,290 and create an instance of it, I will use a rkInstance as name. 27 00:03:09,730 --> 00:03:17,110 And we will be using opensubkey method of the registry class in order to open a registry key to do so, 28 00:03:19,030 --> 00:03:28,690 use Microsoft.Win32 namespace again, we will be using current user's opensubkey method. 29 00:03:31,580 --> 00:03:39,200 Opensubkey method takes two arguments, the first one is the full path of the registry key and second 30 00:03:39,200 --> 00:03:40,310 one is for. 31 00:03:42,780 --> 00:03:43,830 write access. 32 00:03:45,410 --> 00:03:50,990 Let's copy the full path of the registry key as first argument 33 00:03:55,930 --> 00:04:03,880 and for the second argument we will use true, as you can see from its definition set it to true, if 34 00:04:03,880 --> 00:04:07,150 you need to write access to the key, so we need to write it. 35 00:04:07,150 --> 00:04:08,350 So we set it true. 36 00:04:12,330 --> 00:04:22,630 And we will use the setvalue method of the registry key in order to add or executable file to start-up 37 00:04:22,650 --> 00:04:23,250 folder. 38 00:04:29,000 --> 00:04:35,630 This method takes two arguments, first one is the name, it doesn't matter which name you 39 00:04:35,630 --> 00:04:36,200 are using. 40 00:04:36,650 --> 00:04:44,420 I will be using the redteamdevelop as a name and the second one will be the full path of our executable 41 00:04:44,420 --> 00:04:44,910 file. 42 00:04:46,070 --> 00:04:54,320 We already have that information inside the general information class, so we need to access this variable. 43 00:04:55,430 --> 00:05:04,840 To do so, we need to create an instance of general info class inside the persistance class. 44 00:05:06,560 --> 00:05:07,280 Let's do it. 45 00:05:11,450 --> 00:05:13,190 I will call it newinstance. 46 00:05:14,870 --> 00:05:22,520 And in order to initialize its value, let's create a new constructor. 47 00:05:28,280 --> 00:05:37,010 And our constructor will take the generalinfo instance as argument. 48 00:05:42,500 --> 00:05:48,500 And we will initialize our newinstance inside the constructor function. 49 00:05:57,620 --> 00:06:07,470 So now we can access to executable path information via newinstance object, 50 00:06:10,700 --> 00:06:11,260 epath 51 00:06:14,250 --> 00:06:20,670 And we need to use two more methods for the proper coding. 52 00:06:21,980 --> 00:06:33,630 It will be dispose() for releasing all resources used by the the rkInstance. 53 00:06:34,800 --> 00:06:37,950 And then we need to close our key. 54 00:06:44,280 --> 00:06:45,340 So we are ready. 55 00:06:46,500 --> 00:06:51,180 Let's see if everything work well to do so. 56 00:06:51,330 --> 00:06:58,320 Switch back to program.cs file and create a new instance of the persistence class. 57 00:07:02,160 --> 00:07:14,430 I would call persObj and it will take infoObject as argument. 58 00:07:14,430 --> 00:07:16,410 InfoObj is an instance of the generalinfo class. 59 00:07:23,470 --> 00:07:33,280 We can call the AddtoStartUp function to see if it works or not. 60 00:07:36,260 --> 00:07:43,730 Open up your terminal and type dotnet run in order to compile and execute our program. 61 00:07:48,480 --> 00:07:54,120 And let's see if our executable added to start-up folder. 62 00:07:56,700 --> 00:07:57,960 Open your task manager. 63 00:07:59,970 --> 00:08:06,310 And under the startup tab, as you can see, red team develop is here. 64 00:08:08,130 --> 00:08:12,450 So everything went well, that's it for this lecture. 65 00:08:12,720 --> 00:08:13,790 See you in the next one.