7MS #463: DIY Pentest Dropbox Tips - Part 5
7 Minute Security14 Apr 2021

7MS #463: DIY Pentest Dropbox Tips - Part 5

In the last two episodes of this series (#449 and #450) we've been diving into how to not only speed up the process of spinning up a DIY pentest dropbox, but how to automate nearly the entire build process!

In today's episode we talk specifically about how to streamline the Windows 10 build process. As previously mentioned, this article is awesome for creating a core Win 10 answer file that will format C:, setup a local admin, login once to the configured desktop and then do whatever things you want it to do. Personally, I like having a single batch file get fired off that:

  • Sets the timezone with tzutil /s "Central Standard Time"

  • Stops the VM from falling asleep with powercfg.exe -change -standby-timeout-ac 0

  • Grabs and runs a PS file that does a ton of downloading and unzipping of files with:

invoke-webrequest https://somesite/somefile.zip -outfile c:\somewhere\somefile.zip expand-archive c:\somewhere\somefile.zip -destinationpath "c:\somewhere\extracted\"
  • Installs Windows updates with:
Install-PackageProvider -name nuget -force Install-Module PSWindowsUpdate -force Import-Module PSWindowsUpdate Get-WindowsUpdate Install-WindowsUpdate -AcceptAll -IgnoreReboot
  • Sets a new name for the machine:
Write-Host "Picking a new name for this machine...you'll need to provide your admin pw to do so" Rename-Computer -LocalCredential administrator -PassThru Write-Host "New name accepted!"
  • Does a set of actions depending on the IP range with this code (which sets the IP address to a variable and then does stuff if the machine sits in that subnet):
$ip = ((ipconfig | findstr [0-9].\.)[0]).Split()[-1] f ($ip -like "192.168.0.*") { Invoke-Webrequest https://somesite/somefile.ps1 -OutFile c:\someplace\somefile.ps1 }

Also, I talk in this episode about how I try to host these "seed" files as securely as possible using Amazon Lightsail instances, the built-in firewall, and LetsEncrypt.

Episoder(720)

7MS #632: Tales of Pentest Pwnage – Part 59

7MS #632: Tales of Pentest Pwnage – Part 59

Today's tale of pentest pwnage includes some fun stuff, including: SharpGPOAbuse helps abuse vulnerable GPOs! Try submitting a harmless POC first via a scheduled task – like ping -n 1 your.kali.ip...

12 Jul 202448min

7MS #631: Tales of Pentest Pwnage – Part 58

7MS #631: Tales of Pentest Pwnage – Part 58

Hi friends, today's a tale full of test tips and tools to help you in your adventures in pentesting! SCCM Exploitation SCCM Exploitation: The First Cred Is the Deepest II w/ Gabriel Prud'homme – fant...

7 Jul 202415min

7MS #630: Epic Road Trip Served with Security Sprinkles

7MS #630: Epic Road Trip Served with Security Sprinkles

Today I recap a two week persona/biz road trip and talk about the security stuff that got sprinkled into it, including: Family members who don't care about their personal security Weakpass – a cool c...

1 Jul 202445min

7MS #629: Interview with Stu Musil of Ambient Consulting

7MS #629: Interview with Stu Musil of Ambient Consulting

Today we have a fun featured interview with my new friend Stu Musil of Ambient Consulting I had a great time talking with Stu about bashing come common misconceptions people have about working with re...

24 Jun 202446min

7MS #628: How to Succeed in Business Without Really Crying – Part 17

7MS #628: How to Succeed in Business Without Really Crying – Part 17

Hey friends, today we talk about some not-so-glamorous but ever-so-important stuff related to running a cybersecurity consultancy, including: Taking an inventory of all the SaaS stuff your business u...

14 Jun 20249min

7MS #627: Migrating from vCenter to Proxmox – Part 2

7MS #627: Migrating from vCenter to Proxmox – Part 2

Hey friends, today we continue our series all about migrating from VMWare to the world Proxmox! Specifically: Getting my first Proxmox-based NUCs out in the field for live engagements! Pulling the t...

10 Jun 202435min

7MS #626: Web Pentesting Pastiche

7MS #626: Web Pentesting Pastiche

Hey friends, today we've got a security milkshake episode about Web app pentesting. Specifically we talk about: Burp Suite Enterprise Caido – a lightweight alternative to Burp wfuzz – Web fuzzer. Us...

31 Mai 202450min

7MS #625: A Peek into the 7MS Mail Bag - Part 4

7MS #625: A Peek into the 7MS Mail Bag - Part 4

Road trip time! I've been traveling this week doing some fun security projects, and thought all this highway time would be a perfect opportunity to take a dip into the 7MS mail bag! Today's questions...

24 Mai 202444min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
popradet
stopp-verden
fotballpodden-2
rss-gukild-johaug
lydartikler-fra-aftenposten
nokon-ma-ga
det-store-bildet
hanna-de-heldige
dine-penger-pengeradet
rss-ness
rss-espen-lee-usensurert
aftenbla-bla
e24-podden
rss-dannet-uten-piano
rss-penger-polser-og-politikk
frokostshowet-pa-p5