How does the Waitfor.exe backdoor work and what is its limitation?

The Waitfor.exe backdoor works by first entering a waiting mode using a command like `waitfor signalname & command`, then a remote attacker sends the signal via `waitfor /s target /si signalname` to trigger the command. However, after the command executes, the waitfor.exe process exits, making the backdoor non-reusable. To maintain persistence, an attacker must either manually restart the waiting mode or use a script that automatically re-enables it after each trigger, as demonstrated in the Use Waitfor.exe to maintain persistence article.