7MS #463: DIY Pentest Dropbox Tips - Part 5
7 Minute Security14 Apr 2021

7MS #463: DIY Pentest Dropbox Tips - Part 5

In the last two episodes of this series (#449 and #450) we've been diving into how to not only speed up the process of spinning up a DIY pentest dropbox, but how to automate nearly the entire build process!

In today's episode we talk specifically about how to streamline the Windows 10 build process. As previously mentioned, this article is awesome for creating a core Win 10 answer file that will format C:, setup a local admin, login once to the configured desktop and then do whatever things you want it to do. Personally, I like having a single batch file get fired off that:

  • Sets the timezone with tzutil /s "Central Standard Time"

  • Stops the VM from falling asleep with powercfg.exe -change -standby-timeout-ac 0

  • Grabs and runs a PS file that does a ton of downloading and unzipping of files with:

invoke-webrequest https://somesite/somefile.zip -outfile c:\somewhere\somefile.zip expand-archive c:\somewhere\somefile.zip -destinationpath "c:\somewhere\extracted\"
  • Installs Windows updates with:
Install-PackageProvider -name nuget -force Install-Module PSWindowsUpdate -force Import-Module PSWindowsUpdate Get-WindowsUpdate Install-WindowsUpdate -AcceptAll -IgnoreReboot
  • Sets a new name for the machine:
Write-Host "Picking a new name for this machine...you'll need to provide your admin pw to do so" Rename-Computer -LocalCredential administrator -PassThru Write-Host "New name accepted!"
  • Does a set of actions depending on the IP range with this code (which sets the IP address to a variable and then does stuff if the machine sits in that subnet):
$ip = ((ipconfig | findstr [0-9].\.)[0]).Split()[-1] f ($ip -like "192.168.0.*") { Invoke-Webrequest https://somesite/somefile.ps1 -OutFile c:\someplace\somefile.ps1 }

Also, I talk in this episode about how I try to host these "seed" files as securely as possible using Amazon Lightsail instances, the built-in firewall, and LetsEncrypt.

Avsnitt(720)

7MS #311: How to Build a Cuckoo Sandbox

7MS #311: How to Build a Cuckoo Sandbox

This week I dove into building a Cuckoo Sandbox for malware analysis. There are certainly a ton of posts and videos out there about it, but this entry called Painless Cuckoo Sandbox Installation caugh...

24 Maj 201815min

7MS #310: Secure the Radio Commercials

7MS #310: Secure the Radio Commercials

Last week I was in the recording studio to record three 7MS commercials aimed at churches. The goal was to educate them on some security topics and close with a "hook" to contact 7MS for help securing...

18 Maj 201812min

7MS #309: Password Cracking in the Cloud - Part 2

7MS #309: Password Cracking in the Cloud - Part 2

Cracking passwords in the cloud is super fun (listen to last week's episode to learn how to build your own cracking box on the cheap at Paperspace)! In the last couple weeks, customers have asked me a...

9 Maj 201813min

7MS #308: Password Cracking in the Cloud

7MS #308: Password Cracking in the Cloud

I had an absolute ball this week trying to figure out how to crack passwords effectively, and on the cheap, and in the cloud. Today's episode goes into much more detail, and embedded below is the Gist...

2 Maj 201811min

7MS #307: Writing Security-Focused Radio Commercials

7MS #307: Writing Security-Focused Radio Commercials

Hey, so this week I am without my main machine - thus no jingle or "jungle boogie" intro music. Feels weird. Feels real weird. Anyway, ya know how I teased last week that 7MS could possibly be coming ...

25 Apr 201812min

7MS #306: A Peek into the 7MS Mail Bag - Part 2

7MS #306: A Peek into the 7MS Mail Bag - Part 2

We've dug into some pretty technical topics the last few weeks so we're gonna take it easy today. Below are some FAQs and updates I'll cover on today's show: FAQs What security certs should a sales ...

19 Apr 201818min

7MS #305: Evaluating Endpoint Protection Solutions - Part 2

7MS #305: Evaluating Endpoint Protection Solutions - Part 2

Today is part two of evaluating endpoint solutions, where I primarily focus on Caldera which is an adversary simulation system that's really awesome! You can essentially setup a virtual attacker and c...

12 Apr 201811min

7MS #304: Integrating Pwned Passwords with Active Directory

7MS #304: Integrating Pwned Passwords with Active Directory

I've been super pumped about Troy Hunt's Pwned Passwords project ever since it came out - especially when I saw a tweet about using it in Active Directory so that enterprises could essentially stop pe...

5 Apr 201817min

Populärt inom Politik & nyheter

aftonbladet-krim
p3-krim
rss-krimstad
spar
aftonbladet-daily
svenska-fall
politiken
flashback-forever
rss-expressen-dok
rss-sanning-konsekvens
rss-krimreportrarna
kungligt
ett-rent-noje
rss-vad-fan-hande
motiv
rss-frandfors-horna
blenda-2
rss-flodet
krimmagasinet
svd-ledarredaktionen