7MS #450: DIY Pentest Dropbox Tips - Part 4
2 min read Pentesting, Podcast, dropbox, diy

7MS #450: DIY Pentest Dropbox Tips - Part 4

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit SafePass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!

Hey friends! We're continuing our series on pentest dropbox building - specifically playing off last week's episode where we started talking about automating the OS builds that go on our dropboxes. Today we'll zoom in a little closer and talk about some of the specific scripting we do to get a Windows 2019 Active Directory Domain Controller installed and updated so that it's ready to electronically punch in the face with some of your mad pentesting skills! Specifically, we talk about these awesome commands:

tzutil /s "Central Standard Time" - this is handy to set the time zone of your server build

powercfg.exe -change -standby-timeout-ac 0 will stop your VM from falling asleep

Invoke-WebRequest "https://somesite/somefile.file" -OutFile "c:\some\path\somefile.file" is awesome for quickly downloading files you need. Couple it with Expand-Archive "C:\some\path\some.zip" -DestinationPath "c:\path\to\where\you\want\to\extract\the\zip" to make auto-provisioning your toolkit even faster!

Don't like it that Server Manager loves to rear its dumb head upon every login? Kill the task for it with Get-ScheduledTask -TaskName ServerManager | Disable-ScheduledTask -Verbose. Byeeeeee!!!!

I love Chrome more than I love IE/Edge, so I auto install it with:

$Path = $env:TEMP; $Installer = "chrome_installer.exe"; Invoke-WebRequest "http://dl.google.com/chrome/install/375.126/chrome_installer.exe" -OutFile $Path\$Installer; Start-Process -FilePath $Path\$Installer -Args "/silent /install" -Verb RunAs -Wait; Remove-Item $Path\$Installer

Now get all the Windows updates!

Install-PackageProvider -name nuget -force
Install-Module PSWindowsUpdate -force
Import-Module PSWindowsUpdate
Get-WindowsUpdate
Install-WindowsUpdate -AcceptAll -IgnoreReboot

Then rename your machine:

Write-Host "Picking a new name for this machine...you'll need to provide your admin pw to do so"
Rename-Computer -LocalCredential administrator -PassThru
Write-Host "New name accepted!"

When you're ready to install Active Directory, you can grab the RSAT tools:

Write-Host "Lets install the RSAT tooleeeage!"
add-windowsfeature -name rsat-adds

And then the AD domain services themselves:

Write-Host "Now lets install the AD domain services!"
add-windowsfeature ad-domain-services

Then install the new forest:

install-addsforest -domainname your.domain -installdns -DomainNetbiosName yourdomain