Jan 04, 2020 Windows 7 introduced Branch Cache Method for the BITS Transfer. When BITS downloads a file, the actual download is done behind the svchost.exe service. BITSAdmin is used to download files from or upload files to HTTP web servers and SMB file shares. Bitsadmin.md Download via the command line on Windows 7 If you want to test your connection or have some other reason to use the command line to download a file, this is how. BITSAdmin can be used to create BITS Jobs to upload and/or download files. Enterprise T1570: Lateral Tool Transfer: BITSAdmin can be used to create BITS Jobs to upload and/or download files from SMB file servers. I tried testing the URL created with bitsadmin.exe and it works. The application is deployed as Windows Service with LocalSystemAccount logon. Operating systems involved are WinXPSP2/SP3, Win2K SP4. Please help to know what i'm doing wrong here ThanksNKH int BITSGet(WCHAR.filelist, WCHAR. src, WCHAR. destination, long.
![Bitsadmin Exe Bitsadmin Exe](https://i.imgur.com/2how0oa.jpg)
Powershell Bitsadmin
Use bitsadmin to maintain persistence and bypass Autoruns
Report to MSRC.
Author: 3gstudent@3gstudent
License: BSD 3-Clause
POC
(1) First we should have the administrator's right.
Bitsadmin.exe
(2) Then run this on cmd with administrator's right:
Bits Job Queue
(3) Then it will run the following command to start a calc.exe:
(4) What's more,after we restart the system,the command to start a calc.exe runs again and again.
Impact of the issue
Autoruns's startup monitor can't find this. Wine for mac os x.
Test success on Win7 、Win8、Server 2008 and so on.
Detect
Bitsadmin Access Denied
Run this to check the jobs and delete it:
or
More deatils:
Reference
《Use bitsadmin to maintain persistence and bypass Autoruns》