7MS #463: DIY Pentest Dropbox Tips - Part 5
7 Minute Security14 Apr 2021

7MS #463: DIY Pentest Dropbox Tips - Part 5

In the last two episodes of this series (#449 and #450) we've been diving into how to not only speed up the process of spinning up a DIY pentest dropbox, but how to automate nearly the entire build process!

In today's episode we talk specifically about how to streamline the Windows 10 build process. As previously mentioned, this article is awesome for creating a core Win 10 answer file that will format C:, setup a local admin, login once to the configured desktop and then do whatever things you want it to do. Personally, I like having a single batch file get fired off that:

  • Sets the timezone with tzutil /s "Central Standard Time"

  • Stops the VM from falling asleep with powercfg.exe -change -standby-timeout-ac 0

  • Grabs and runs a PS file that does a ton of downloading and unzipping of files with:

invoke-webrequest https://somesite/somefile.zip -outfile c:\somewhere\somefile.zip expand-archive c:\somewhere\somefile.zip -destinationpath "c:\somewhere\extracted\"
  • Installs Windows updates with:
Install-PackageProvider -name nuget -force Install-Module PSWindowsUpdate -force Import-Module PSWindowsUpdate Get-WindowsUpdate Install-WindowsUpdate -AcceptAll -IgnoreReboot
  • Sets a new name for the machine:
Write-Host "Picking a new name for this machine...you'll need to provide your admin pw to do so" Rename-Computer -LocalCredential administrator -PassThru Write-Host "New name accepted!"
  • Does a set of actions depending on the IP range with this code (which sets the IP address to a variable and then does stuff if the machine sits in that subnet):
$ip = ((ipconfig | findstr [0-9].\.)[0]).Split()[-1] f ($ip -like "192.168.0.*") { Invoke-Webrequest https://somesite/somefile.ps1 -OutFile c:\someplace\somefile.ps1 }

Also, I talk in this episode about how I try to host these "seed" files as securely as possible using Amazon Lightsail instances, the built-in firewall, and LetsEncrypt.

Episoder(720)

7MS #616: Interview with Andrew Morris of GreyNoise

7MS #616: Interview with Andrew Morris of GreyNoise

Hey friends, today we have a super fun interview with Andrew Morris of GreyNoise to share. Andrew chatted with us about: Young Andrew's early adventures in hacking his school's infrastructure (note:...

22 Mar 202459min

7MS #615: Tales of Pentest Pwnage – Part 54

7MS #615: Tales of Pentest Pwnage – Part 54

Hey friends, sorry I'm so late with this (er, last) week's episode but I'm back! Today is more of a prep for tales of pentest pwnage, but topics covered include: Make sure when you're snafflin' that...

19 Mar 202421min

7MS #614: How to Succeed in Business Without Really Crying - Part 16

7MS #614: How to Succeed in Business Without Really Crying - Part 16

How much fun I had attending and speaking at Netwrix Connect Being a sales guy in conference situations without being an annoying sales guy in conference situations A recap of the talk I co-presented ...

8 Mar 202436min

7MS #613: Tales of Pentest Pwnage – Part 53

7MS #613: Tales of Pentest Pwnage – Part 53

Today's tale of pentest covers: Farming for credentials (don't forget to understand trusted zones to make this happen properly!) Snaffling for juice file shares Stealing Kerberos tickets with Rubeus

1 Mar 202433min

7MS #612: Pentestatonix - Part 2

7MS #612: Pentestatonix - Part 2

Hello friends, we're still deep in the podcast trenches this quarter and wanted to share some nuggets of cool stuff we've been learning along the way: Snaffler – pairs nicely with PowerHuntShares to ...

25 Feb 202432min

7MS #611: Pentestatonix

7MS #611: Pentestatonix

Hey friends, sorry for the late episode but I've been deep in the trenches of pentest adventures.  I'll do a more formal tale of pentest pwnage when I come up for air, but for now I wanted to share so...

19 Feb 202434min

7MS #610: DIY Pentest Dropbox Tips – Part 9

7MS #610: DIY Pentest Dropbox Tips – Part 9

Hey friends, today we cover a funstrating (that's fun + frustrating) issue we had with our DIY pentest dropboxes. TLDL:   The preseed file got jacked because I had a bad Kali metapackage in it. While...

9 Feb 202420min

7MS #609: First Impressions of Sysreptor

7MS #609: First Impressions of Sysreptor

Hey friends, today is a first impressions episode about Sysreptor, which according to their GitHub page, is a fully customisable, offensive security reporting solution designed for pentesters, red tea...

2 Feb 202430min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
popradet
stopp-verden
fotballpodden-2
rss-gukild-johaug
lydartikler-fra-aftenposten
nokon-ma-ga
det-store-bildet
hanna-de-heldige
dine-penger-pengeradet
rss-ness
rss-espen-lee-usensurert
aftenbla-bla
e24-podden
rss-dannet-uten-piano
rss-penger-polser-og-politikk
frokostshowet-pa-p5