7MS #556: How to Build a Vulnerable Pentest Lab
Today's episode is brought to us by our friends at Blumira!
Today we kick off a series all about building your own vulnerable pentest lab from scratch, specifically:
- Spinning up a domain controller with a few lines of PowerShell
- Installing Active Directory Domain Services
- Setting up an intentionally cruddy password policy
- Baking in the MS14-025 vulnerability
Here are the code snippets that help you get an Active Directory environment going on the quick:
# Get AD tools
Write-Host "Lets install the RSAT tooleeeage!"
add-windowsfeature -name rsat-adds
# Add domain services
Write-Host "Now lets install the AD domain services!"
add-windowsfeature ad-domain-services
# Add forest and name it
Write-Host "For our final act, lets go ahead and install the forest called briflyworld.com!"
$soopersecurepass = ConvertTo-SecureString -String RestorePleaseLOL! -AsPlainText -Force
write-host "And now I'm installing the actual AD forest LOL"
install-addsforest -domainname briflyworld.com -installdns -DomainNetbiosName brifly -SafeModeAdministratorPassword $soopersecurepass -force
P.S. if you're looking for a more automated/push-button solution to get up and going with a lab to play in, check out some of these options:
https://github.com/Orange-Cyberdefense/GOAD
https://automatedlab.org/en/latest/
https://github.com/microsoft/MSLab
https://github.com/davidprowe/BadBlood
https://github.com/cliffe/secgen
https://github.com/WazeHell/vulnerable-AD