Maintaining access
So far in this book, we have seen the various phases in a penetration test. All these phases require substantial time and effort. Let's assume you are conducting a penetration test on a target and have worked hard to get remote system access using Metasploit. You want to keep this hard-earned access for a few days while your assignment continues. However, there's no guarantee whether the compromised system will reboot during this period. If it reboots, your access will be lost and you may have to work again to gain the same access. This is the exact scenario where we want to maintain, or persist, access to our compromised system irrespective of whether it reboots.
Metasploit offers some excellent built-in mechanisms that can help us maintain the persistent access to the compromised system. The first step will be to use a suitable exploit available against the vulnerable target system and get Meterpreter access, as shown in the following screenshot:
Once the exploit is...