What is the WMI-based persistence technique used in the Waitfor.exe POC?

The WMI-based technique stores the backdoor payload inside a custom WMI class (Win32_Backdoor) on the target system. After storing the payload as a property, the waitfor command reads and executes it via PowerShell using base64‑encoded commands. This avoids leaving files on disk, and the loop can be designed to automatically re‑arm the waitfor listener after each trigger. The full implementation is detailed in Use Waitfor.exe to maintain persistence.