7 Minute Security7 Tammi 2021

7MS #449: DIY Pentest Dropbox Tips - Part 3

Happy new year! This episode continues our series on DIY pentest dropboxes with a focus on automation - specifically as it relates to automating the build of Windows 10, Windows Server 2019, Kali and Ubuntu VMs. Here's the resources I talk about in more detail on today's episode that helps make the automagic happen:

Windows VMs
This article from Windowscentral.com does a great job of walking you through building a Windows 10 unattended install. A key piece of the automation is the autounattend.xml file, which you can somewhat automatically build here, but I think you'll want to install the Windows System Image Manager to really get in the tech weeds and fully tweak that answer file. The handy AnyBurn utility will help you make ISOs out of your Windows 10 / Server 2019 customized builds.

Ubuntu VMs
I set out to build a Ubuntu 18.x box because Splashtop only supports a few Linux builds. I found a freakin' sweet project called Linux unattended installation that helps you build the preseed.cfg file (kind of like the Windows equivalent of an answer file). The area of preseed.cfg I've been spending hours dorking around with is:

d-i preseed/late_command string \

Under this section you can customize things to your heart's content. For example, you could automatically pull down and install all OS packages/updates and a bunch of third party utils you want:

in-target sh -c 'apt-get update'; \ in-target sh -c 'apt-get upgrade -y'; \ in-target sh -c 'apt-get install curl dnsrecon git net-tools nmap openssh-server open-vm-tools-desktop python3.8 python3-pip python-libpcap ubuntu-gnome-desktop unzip wget xsltproc -y'; \

Finally, the project provides a slick script that will wrap up your Ubuntu build plus an SSH key into a ready-to-go ISO:

build-iso.sh ~/.ssh/id_rsa.pub ~/Desktop/My-kool-kustomized-Ubuntu.iso

Awesome!

Kali VMs
There is some decent documentation on building a preseed.cfg file for Kali. But the best resource I found with some excellent prebuilt config file is this kali-preseed project.

Once your seed file is built, it's super easy to simply host it on a machine in your network and let Kali pull it during install. For example, if you've got a Linux box with Python on the network at 192.168.0.7, just make a temporary folder with the preseed.cfg file in it and then run:

sudo python3 -m http.server 80

Then, in your virtual environment, create a new VM and boot it to a Kali NetInstaller image. At the splash screen, hit Tab and it'll display a command line you can edit. Remove the line that says something like preseed/file=/cdrom/simple-cdd/default.preseed, add auto=true and then the URL path to your preseed file, such as url=http://192.168.0.7/preseed.cfg. The Kali will ask for a few questions, such as a username and hostname to configure, and then if you're watching your machine hosting preseed.cfg, you'll see your Kali machine grab the config file and take care of the rest from there!

Got a better/cooler/funner/faster/awesomer way to do this type of automation? Let us know!

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(689)

7MS #690: Tales of Pentest Pwnage – Part 74

Today’s tale of pentest pwnage is a classic case of “If your head is buried in the pentest sand, pop it out for a while, touch grass, and re-enumerate what you’ve already enumerated, because that can lead to absolute GOLD!”

29 Elo 21min

7MS #689: Pwning Ninja Hacker Academy – Part 2

Hello friends! Today your friend and mine, Joe “The Machine” Skeen joins me as we keep chipping away at pwning Ninja Hacker Academy! Today’s pwnage includes: “Upgrading” our Sliver C2 connection to a full system shell using PrintSpoofer! Abusing nanodump to do an lsass minidump….and find our first cred. Analyzing BloodHound data to find (and own) excessive permissions against Active Directory objects

22 Elo 15min

7MS #688: Building a Pentest Training Course Is Fun and Frustrating

Today I talk about a subject I love while also driving me crazy at the same time: building a pentest training course! Specifically, I dissect a fun/frustrating GPO attack that I need to build very carefully so that every student can pwn it while also not breaking the domain for everybody else. I also talk about how three different flavors of AI failed me in solving a simple task.

16 Elo 22min

7MS #687: A Peek into the 7MS Mail Bag – Part 5

Hi friends, we’re doing something today we haven’t done in a hot minute: take a dip into the 7MinSec mail bag! Today we cover these questions: If I’m starting a solo business venture as a security consultancy, is it a good idea to join forces with other solo security business owners and form a consortium of sorts? Have you ever had anything go catastrophically wrong during a pentest? Yes, and this is an important link in the story: https://github.com/fortra/impacket/issues/1436 What ever happened with the annoying apartment neighbor who stomped around like a rhino when you made any noise during COVID? What happened to the “difficult family situation” you vaguely talked about a few months ago that involved police and lawyers – did that ever get resolved?

11 Elo 57min

7MS #686: Our New Pentest Training Course is Almost Ready

Oh man, I’m so excited I can hardly sleep. Our new three-day (4 hours per day) training is getting closer to general release. I talk about the good/bad/ugly of putting together an attack-sensitive lab that students can abuse (but hopefully not break!), and the technical/curriculum-writing challenges that go along with it.

1 Elo 23min

7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K

Today’s kind of a “story time with your friend Brian” episode: a tale of how my neighbor almost got scammed out of $13k. The story has a lot of red flags we can all keep in mind to keep ourselves (as well as kids/friends/parents/etc.) safer from these types of shenanigans.

25 Heinä 22min

7MS #684: Pwning Ninja Hacker Academy

Hey friends, today we start pwning Ninja Hacker Academy – cool CTF-style lab that has you start with no cred and try to conquer domain admin on two domains!

18 Heinä 22min

7MS #683: What I'm Working on This Week - Part 4

This week I’m working on a mixed bag of fun security and marketing things: A pentest I’m stuck on My latest lab CTF obsession: Ninja Hacker Academy A cool “about 7MinSec” marketing video that was recorded in a pro studio!

12 Heinä 30min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää