bootshell¶
$ target-query <path/to/target> -f bootshell
Module |
|
Output |
|
Module documentation
Generic Windows plugin.
Provides Windows operating system plugins too small to fit in a separate plugin.
Function documentation
Return the BootShell registry key entry.
Usually contains a path to bootim.exe which is Windows’s recovery menu. This registry key can be used as a persistence mechanism.