7MS #381: DIY $500 Pentesting Lab Deployment Tips

Brian Johnson -

Today's episode is brought to you by ITProTV. It’s never too late to start a new career in IT or move up the ladder, and ITProTV has you covered - from CompTIA and Cisco to EC-Council and VMWare. Get over 65 hours of IT training for free by visiting https://itpro.tv/7minute.

Over the last few weeks I've been working on trying to streamline/automate my DIY pentest lab setup, so I wanted to share the following tips/tricks I've been learning along the way:

For Windows VMs

  • Take a snapshot right after the OS is installed, as (I believe) the countdown timer for Windows evaluation mode starts upon first "real" boot.
  • Want to quickly run Windows updates on a fresh Win VM? Try this (here's the source):
powershell Install-PackageProvider -Name NuGet -Force
powershell Install-Module PSWindowsUpdate -force
powershell Set-ExecutionPolicy bypass
powershell Import-Module PSWindowsUpdate
powershell Get-WindowsUpdate
powershell Install-WindowsUpdates -AcceptAll -AutoReboot
  • To turn on remote desktop:
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
  • To set the firewall to allow RDP:
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
  • To stop the freakin' Windows hosts from going to sleep:
powercfg.exe -change -standby-timeout-ac 0
  • To automate the install of VMWare tools, grab the package from VMWare's site, decompress it, then:
setup64.exe /s /v "/qn reboot=r"
  • To set the time zone via command line, run tzutil /l and then you can set your desired zone with something like tzutil /s "Central Standard Time"

For Linux VMs

  • Get SSH keys regenerated and install/run openssh server:
apt install openssh-server -y
mkdir /etc/ssh/default_keys
mv /etc/ssh/ssh_host_* /etc/ssh/default_keys/
dpkg-reconfigure openssh-server
systemctl enable ssh.service
systemctl start ssh.service

Also, there's a new 7MS User Group meeting coming up September 30!