Navigation :
Startup Applications
Startup Applications
Detection
icacls.exe "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"
Get-Acl "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" | fl
Exploitation
1) Compile an executable file with the right name
2) Place it in the identified location
3) Wait for a high-privileged user to log in