Now, if there is an unexpected reboot you will get your shell back, to clean up the shell all you need to do is run the clean up by running the multi_console_command script and point it at the cleanup file which is given to you when you run the persistence command.
One thing I found lacking though was the use of random file names. While normally that is not an issue, I found that sometimes I needed to give the files a name. Either so I could tell a point of contact ‘here is the registry key or service I created WRPIQDAHVMHJ’ also at times I felt that this string of random characters would look odd if you were trying not to get caught.
I took it upon myself to alter the built in script to suit my needs. I added functionality to the persistence script to take a new parameter ‘-N’ which allows you to specify a name for the service or registry key. If you don’t specify the switch it will just default to random. Now you can name it whatever you want. Give it a name like Microsoft-Active-Switch or something relevant to the company and it will be harder to detect and easier to relay as information to a point of contact. I needed the option and I hope it can be useful to you as well.
While I have written in python, I have never tried to alter a ruby script before. This was my first attempt here it is.