🎖️
Challenge: The Resident Evader
Establish a persistent connection on the target machine without creating a single .exe or .dll artifact.
Task 1: The MSBuild Vector
Trigger a reverse shell using the provided payload.xml without tripping the "Suspicious Process" alert.
Task 2: WMI Persistence
Ensure the shell returns every time the machine reboots using a WMI Event Consumer.
Submit Your Exfiltration Key
Locate the hidden flag in the WMI Repository or explorer.exe memory strings: