Windows Terminal Profile

Location:

%LOCALAPPDATA%\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\LocalState\settings.json

Classification:

Criteria	Value
Permissions	User
Security context	User
Persistence type	File
Code type	EXE
Launch type	User initiated¹
Impact	Non-destructive
OS Version	All OS versions
Dependencies	Additional software required²
Toolset	Scriptable

Description:

Modify the settings.json located in %localappdata% and add a custom profile that contains your payload

Change the defaultProfile value and put your GUID

Add the value "startOnUserLogin": true

References:

https://twitter.com/nas_bench/status/1550836225652686848
https://nasbench.medium.com/persistence-using-windows-terminal-profiles-5035d3fc86fe

Credits:

@nas_bench

Remarks:

Windows Terminal must be run ↩
Windows Terminal required ↩

persistence-info.github.io

Windows Terminal Profile

Location:

Classification:

Description:

References:

Credits:

See also:

Remarks: