diff --git a/README.md b/README.md
index 3d68bfa..6117ac3 100644
--- a/README.md
+++ b/README.md
@@ -37,6 +37,10 @@ The below 3rd party libraries are used in this project.
* `Install-Package TaskScheduler -Version 2.8.11`
* You can now build the project yourself!
+* Merge The Dependencies into a Standalone binary using [ILMerge](https://github.com/dotnet/ILMerge)
+
+ * `ILMerge.exe" "C:\SharPersist\SharPersist\bin\Release\SharPersist.exe" /out:"C:\SharPersist_Standalone.exe" "C:\SharPersist\SharPersist\bin\Release\Microsoft.Win32.TaskScheduler.dll"`
+
# Arguments/Options
* -t - persistence technique
@@ -70,8 +74,9 @@ The below 3rd party libraries are used in this project.
# Optional Add-Ons (-o)
* `env` - optional add-on for env variable obfuscation for registry
-* `hourly` - optional add-on for schtask frequency
-* `daily` - optional add-on for schtask frequency
+* `minute ` - optional add-on for schtask frequency
+* `hourly ` - optional add-on for schtask frequency
+* `daily ` - optional add-on for schtask frequency
* `logon` - optional add-on for schtask frequency
@@ -128,7 +133,12 @@ The below 3rd party libraries are used in this project.
`SharPersist -t schtask -c "C:\Windows\System32\cmd.exe" -a "/c echo 123 >> c:\123.txt" -n "Some Task" -m add`
-`SharPersist -t schtask -c "C:\Windows\System32\cmd.exe" -a "/c echo 123 >> c:\123.txt" -n "Some Task" -m add -o hourly`
+##### (Runs Scheduled Task every 2 hours)
+`SharPersist -t schtask -c "C:\Windows\System32\cmd.exe" -a "/c echo 123 >> c:\123.txt" -n "Some Task" -m add -o "hourly 2"`
+##### (Runs Scheduled Task every 5 minutes)
+`SharPersist -t schtask -c "C:\Windows\System32\cmd.exe" -a "/c echo 123 >> c:\123.txt" -n "Some Task" -m add -o "minute 5"`
+##### (Runs Scheduled Task every 2 days)
+`SharPersist -t schtask -c "C:\Windows\System32\cmd.exe" -a "/c echo 123 >> c:\123.txt" -n "Some Task" -m add -o "daily 2"`
## Removing Persistence Triggers (Remove)
@@ -215,6 +225,8 @@ The below 3rd party libraries are used in this project.
`SharPersist -t schtask -c "C:\Windows\System32\cmd.exe" -a "/c echo 123 >> c:\123.txt" -n "Some Task" -m check`
+##### (List Scheduled Task that runs hourly)
+
`SharPersist -t schtask -c "C:\Windows\System32\cmd.exe" -a "/c echo 123 >> c:\123.txt" -n "Some Task" -m check -o hourly`
diff --git a/SharPersist/Properties/AssemblyInfo.cs b/SharPersist/Properties/AssemblyInfo.cs
index 09e8e89..975de88 100644
--- a/SharPersist/Properties/AssemblyInfo.cs
+++ b/SharPersist/Properties/AssemblyInfo.cs
@@ -30,5 +30,5 @@
// You can specify all the values or you can default the Build and Revision Numbers
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("1.0.1")]
-[assembly: AssemblyFileVersion("1.0.1")]
+[assembly: AssemblyVersion("1.1")]
+[assembly: AssemblyFileVersion("1.1")]
diff --git a/SharPersist/SchTask.cs b/SharPersist/SchTask.cs
index d67e404..8c7f60d 100644
--- a/SharPersist/SchTask.cs
+++ b/SharPersist/SchTask.cs
@@ -1,4 +1,4 @@
-using Microsoft.Win32.TaskScheduler;
+using Microsoft.Win32.TaskScheduler;
using System;
using System.Collections.Generic;
using System.Globalization;
@@ -92,7 +92,8 @@ public void addPersistence(string command, string commandArg, string theName, st
td.RegistrationInfo.Description = theName;
// set trigger time appropriately based on option provided
- string triggerTime = option.ToLower();
+ string[] optional_addon = option.Split(' ');
+ string triggerTime = optional_addon[0].ToLower();
// daily schtask
if (triggerTime.Equals("daily"))
@@ -101,7 +102,9 @@ public void addPersistence(string command, string commandArg, string theName, st
// Create a trigger that runs every day and will start randomly between 10 a.m. and 12 p.m.
DailyTrigger dt = new DailyTrigger();
dt.StartBoundary = DateTime.Today + TimeSpan.FromHours(10);
- dt.DaysInterval = 1;
+
+ int interval = Int32.Parse(optional_addon[1]);
+ dt.DaysInterval = (short)interval;
dt.RandomDelay = TimeSpan.FromHours(2);
td.Triggers.Add(dt);
@@ -112,10 +115,26 @@ public void addPersistence(string command, string commandArg, string theName, st
else if (triggerTime.Equals("hourly"))
{
TimeTrigger tt = new TimeTrigger();
- tt.Repetition.Interval = TimeSpan.FromMinutes(60);
+ int interval = Int32.Parse(optional_addon[1]);
+ tt.Repetition.Interval = TimeSpan.FromMinutes(interval*60);
+ td.Triggers.Add(tt);
+
+ }
+
+
+
+ // schtask every n minutes
+
+ else if (triggerTime.Equals("minute"))
+ {
+ TimeTrigger tt = new TimeTrigger();
+ int interval = Int32.Parse(optional_addon[1]);
+ tt.Repetition.Interval = TimeSpan.FromSeconds(interval * 60);
td.Triggers.Add(tt);
+
}
+
// schtask at logon. this will run as system
else if (triggerTime.Equals("logon"))
{
@@ -299,6 +318,8 @@ public void listPersistence(string persistMethod, string command, string command
string schtaskName = task.Name;
DateTime runTime = task.NextRunTime;
string theRunTime = runTime.ToString("G", CultureInfo.CurrentCulture);
+ DateTime lastrunTime = task.LastRunTime;
+ string theLastRunTime = lastrunTime.ToString("G", CultureInfo.CurrentCulture);
// once we find the schtask, display its details
if (schtaskName.ToLower().Equals(theName.ToLower()))
@@ -333,6 +354,9 @@ public void listPersistence(string persistMethod, string command, string command
Console.WriteLine("[*] INFO: TASK OWNER:");
Console.WriteLine(owner);
Console.WriteLine("");
+ Console.WriteLine("[*] INFO: LAST RUN TIME:");
+ Console.WriteLine(theLastRunTime);
+ Console.WriteLine("");
Console.WriteLine("[*] INFO: NEXT RUN TIME:");
Console.WriteLine(theRunTime);
Console.WriteLine("");
@@ -398,6 +422,8 @@ public void listPersistence(string persistMethod, string command, string command
string schtaskName = task.Name;
DateTime runTime = task.NextRunTime;
string theRunTime = runTime.ToString("G", CultureInfo.CurrentCulture);
+ DateTime lastrunTime = task.LastRunTime;
+ string theLastRunTime = lastrunTime.ToString("G", CultureInfo.CurrentCulture);
bool taskActive = task.IsActive;
// only proceed to list schtask info if it is active
@@ -427,8 +453,80 @@ public void listPersistence(string persistMethod, string command, string command
if (optionSpecified)
{
- if (option.ToLower().Equals("hourly") && triggerType.ToLower().Equals("time"))
+
+ int lastrunday = lastrunTime.Day;
+ int nextrunday = runTime.Day;
+ int lastrunhour = lastrunTime.Hour;
+ int nextrunhour = runTime.Hour;
+ int lastrunminute = lastrunTime.Minute;
+ int nextrunminute = runTime.Minute;
+
+
+ int timediffday = nextrunday - lastrunday;
+ int timediffhour = nextrunhour - lastrunhour;
+ int timediffminute = nextrunminute - lastrunminute;
+
+
+ string[] optional_addon = option.Split(' ');
+ string triggerTime = optional_addon[0].ToLower();
+
+
+
+ if (triggerTime.ToLower().Equals("minute") && triggerType.ToLower().Equals("time") && timediffminute > 0 && timediffhour <= 0 && timediffday <= 0)
+ {
+
+
+ Console.WriteLine("[*] INFO: TASK NAME:");
+ Console.WriteLine(schtaskName);
+ Console.WriteLine("");
+ Console.WriteLine("[*] INFO: TASK PATH:");
+ Console.WriteLine(schtaskFolder);
+ Console.WriteLine("");
+ Console.WriteLine("[*] INFO: TASK OWNER:");
+ Console.WriteLine(owner);
+ Console.WriteLine("");
+ Console.WriteLine("[*] INFO: LAST RUN TIME:");
+ Console.WriteLine(theLastRunTime);
+ Console.WriteLine("");
+ Console.WriteLine("[*] INFO: NEXT RUN TIME:");
+ Console.WriteLine(theRunTime);
+ Console.WriteLine("");
+
+ // get the frequency in which the schtask executes
+ TriggerCollection theTriggers = task.Definition.Triggers;
+ string theTriggerType = "";
+ foreach (Trigger trigger in theTriggers)
+ {
+ RepetitionPattern pattern = trigger.Repetition;
+
+ theTriggerType = trigger.TriggerType.ToString();
+ Console.WriteLine("[*] INFO: TASK TRIGGER:");
+ Console.WriteLine(theTriggerType);
+ Console.WriteLine("");
+ }
+
+
+
+ // get all actions and print
+ foreach (Microsoft.Win32.TaskScheduler.Action action in allActions)
+ {
+ Console.WriteLine("[*] INFO: TASK ACTION:");
+ Console.WriteLine(action.ToString());
+ Console.WriteLine("");
+
+ }
+
+ Console.WriteLine("");
+ Console.WriteLine("");
+ Console.WriteLine("");
+
+ }
+
+
+ if (triggerTime.ToLower().Equals("hourly") && triggerType.ToLower().Equals("time") && timediffhour > 0 && timediffday <= 0)
{
+
+
Console.WriteLine("[*] INFO: TASK NAME:");
Console.WriteLine(schtaskName);
Console.WriteLine("");
@@ -438,6 +536,9 @@ public void listPersistence(string persistMethod, string command, string command
Console.WriteLine("[*] INFO: TASK OWNER:");
Console.WriteLine(owner);
Console.WriteLine("");
+ Console.WriteLine("[*] INFO: LAST RUN TIME:");
+ Console.WriteLine(theLastRunTime);
+ Console.WriteLine("");
Console.WriteLine("[*] INFO: NEXT RUN TIME:");
Console.WriteLine(theRunTime);
Console.WriteLine("");
@@ -469,10 +570,11 @@ public void listPersistence(string persistMethod, string command, string command
Console.WriteLine("");
Console.WriteLine("");
Console.WriteLine("");
+
}
- else if (option.ToLower().Equals("daily") && triggerType.ToLower().Equals("daily"))
+ else if (triggerTime.ToLower().Equals("daily") && triggerType.ToLower().Equals("daily") && timediffday > 0)
{
Console.WriteLine("[*] INFO: TASK NAME:");
Console.WriteLine(schtaskName);
@@ -483,6 +585,9 @@ public void listPersistence(string persistMethod, string command, string command
Console.WriteLine("[*] INFO: TASK OWNER:");
Console.WriteLine(owner);
Console.WriteLine("");
+ Console.WriteLine("[*] INFO: LAST RUN TIME:");
+ Console.WriteLine(theLastRunTime);
+ Console.WriteLine("");
Console.WriteLine("[*] INFO: NEXT RUN TIME:");
Console.WriteLine(theRunTime);
Console.WriteLine("");
@@ -517,7 +622,7 @@ public void listPersistence(string persistMethod, string command, string command
}
- else if ((option.ToLower().Equals("logon") && triggerType.ToLower().Equals("logon")) || (option.ToLower().Equals("boot") && triggerType.ToLower().Equals("boot")))
+ else if ((triggerTime.ToLower().Equals("logon") && triggerType.ToLower().Equals("logon")) || (option.ToLower().Equals("boot") && triggerType.ToLower().Equals("boot")))
{
Console.WriteLine("[*] INFO: TASK NAME:");
Console.WriteLine(schtaskName);
@@ -528,6 +633,9 @@ public void listPersistence(string persistMethod, string command, string command
Console.WriteLine("[*] INFO: TASK OWNER:");
Console.WriteLine(owner);
Console.WriteLine("");
+ Console.WriteLine("[*] INFO: LAST RUN TIME:");
+ Console.WriteLine(theLastRunTime);
+ Console.WriteLine("");
Console.WriteLine("[*] INFO: NEXT RUN TIME:");
Console.WriteLine(theRunTime);
Console.WriteLine("");
@@ -576,6 +684,9 @@ public void listPersistence(string persistMethod, string command, string command
Console.WriteLine("[*] INFO: TASK OWNER:");
Console.WriteLine(owner);
Console.WriteLine("");
+ Console.WriteLine("[*] INFO: LAST RUN TIME:");
+ Console.WriteLine(theLastRunTime);
+ Console.WriteLine("");
Console.WriteLine("[*] INFO: NEXT RUN TIME:");
Console.WriteLine(theRunTime);
Console.WriteLine("");
diff --git a/SharPersist/SharPersist.csproj b/SharPersist/SharPersist.csproj
index 313edfa..7fe7065 100644
--- a/SharPersist/SharPersist.csproj
+++ b/SharPersist/SharPersist.csproj
@@ -42,8 +42,8 @@
..\..\..\..\..\..\..\..\Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Microsoft.CSharp.dll
-
- ..\packages\TaskScheduler.2.8.11\lib\net40\Microsoft.Win32.TaskScheduler.dll
+
+ ..\packages\TaskScheduler.2.10.1\lib\net40\Microsoft.Win32.TaskScheduler.dll
diff --git a/SharPersist/lib/Utils.cs b/SharPersist/lib/Utils.cs
index f0e6f9b..19bfc45 100644
--- a/SharPersist/lib/Utils.cs
+++ b/SharPersist/lib/Utils.cs
@@ -83,8 +83,9 @@ public static void PrintHelp()
Console.Write("OPTIONAL ADD-ONS:\n\n");
Console.Write("\tenv: optional add-on for env variable obfuscation for registry\n\n");
- Console.Write("\thourly: optional add-on for schtask frequency\n\n");
- Console.Write("\tdaily: optional add-on for schtask frequency\n\n");
+ Console.Write("\tminute : optional add-on for schtask frequency\n\n");
+ Console.Write("\thourly : optional add-on for schtask frequency\n\n");
+ Console.Write("\tdaily : optional add-on for schtask frequency\n\n");
Console.Write("\tlogon: optional add-on for schtask frequency\n\n");
Console.Write("REGISTRY KEYS:\n\n");
@@ -103,7 +104,7 @@ public static void PrintHelp()
Console.Write("\t-t reg -c \"\" -a \"\" -k \"\" -m add\n\n");
Console.Write("\t-t schtaskbackdoor -c \"\" -a \"\" -n \"\" -m add\n\n");
Console.Write("\t-t schtask -c \"\" -a \"\" -n \"\" -m add\n\n");
- Console.Write("\t-t schtask -c \"\" -a \"\" -n \"\" -m add -o \n\n");
+ Console.Write("\t-t schtask -c \"\" -a \"\" -n \"\" -m add -o \" \"\n\n");
Console.Write("\t-t startupfolder -c \"\" -a \"\" -f \"\" -m add\n\n");
Console.Write("\t-t tortoisesvn -c \"\" -a \"\" -m add\n\n");
Console.Write("\t-t service -c \"\" -a \"\" -n \"\" -m add\n\n");
diff --git a/SharPersist/packages.config b/SharPersist/packages.config
new file mode 100644
index 0000000..55b7f6f
--- /dev/null
+++ b/SharPersist/packages.config
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file