7MS #463: DIY Pentest Dropbox Tips - Part 5
7 Minute Security14 Apr 2021

7MS #463: DIY Pentest Dropbox Tips - Part 5

In the last two episodes of this series (#449 and #450) we've been diving into how to not only speed up the process of spinning up a DIY pentest dropbox, but how to automate nearly the entire build process!

In today's episode we talk specifically about how to streamline the Windows 10 build process. As previously mentioned, this article is awesome for creating a core Win 10 answer file that will format C:, setup a local admin, login once to the configured desktop and then do whatever things you want it to do. Personally, I like having a single batch file get fired off that:

  • Sets the timezone with tzutil /s "Central Standard Time"

  • Stops the VM from falling asleep with powercfg.exe -change -standby-timeout-ac 0

  • Grabs and runs a PS file that does a ton of downloading and unzipping of files with:

invoke-webrequest https://somesite/somefile.zip -outfile c:\somewhere\somefile.zip expand-archive c:\somewhere\somefile.zip -destinationpath "c:\somewhere\extracted\"
  • Installs Windows updates with:
Install-PackageProvider -name nuget -force Install-Module PSWindowsUpdate -force Import-Module PSWindowsUpdate Get-WindowsUpdate Install-WindowsUpdate -AcceptAll -IgnoreReboot
  • Sets a new name for the machine:
Write-Host "Picking a new name for this machine...you'll need to provide your admin pw to do so" Rename-Computer -LocalCredential administrator -PassThru Write-Host "New name accepted!"
  • Does a set of actions depending on the IP range with this code (which sets the IP address to a variable and then does stuff if the machine sits in that subnet):
$ip = ((ipconfig | findstr [0-9].\.)[0]).Split()[-1] f ($ip -like "192.168.0.*") { Invoke-Webrequest https://somesite/somefile.ps1 -OutFile c:\someplace\somefile.ps1 }

Also, I talk in this episode about how I try to host these "seed" files as securely as possible using Amazon Lightsail instances, the built-in firewall, and LetsEncrypt.

Avsnitt(706)

7MS #257: Speaking at Secure360

7MS #257: Speaking at Secure360

The nervous butterflies are chewing up my organs this week. Why? Because I'm speaking at Secure360 next Tuesday and Wednesday. I'm trying to build a presentation that: Appeals to both techie nerds like me, as well as regular human people Strikes a healthy balance between fun and informative So, my outline is roughly as follows: Intros Lets talk about pentesting vs. vulnerability scans Build your own hackin' lab for $500! Good/bad training (CEH vs. OSCP) Lets hack some stuff following a methodology! Tune in today's episode for more...

11 Maj 201711min

7MS #256: AlienVault Certified System Engineer - Part 2

7MS #256: AlienVault Certified System Engineer - Part 2

So a few weeks ago I did an episode about the AlienVault Certified Security Engineer certification, and last Friday I took a stab at the test. I failed. It kicked my butt. Today I'm here to both rant about the unfairness of the test and offer you some study tips so you don't suffer a similar fate. P.S. - you should definitely check out this blog as it's one of the few valuable study guides I could find out there on the Interwebs.

4 Maj 201711min

7MS #255: PwnPro 101

7MS #255: PwnPro 101

I'm kicking the tires on the PwnPro which is an all-in-one wired, wireless and Bluetooth assessment and pentesting tool. Upon getting plugged into a network, it peers with a cloud portal and lets you assess and pentest from the comfort of your jammies back at your house! Oh, and did I mention it runs Kali on the back end? Delicious. Today's episode dives into some of what I've been learning about the PwnPro as I run it through its paces at work and warm it up for our first customer assessment...

27 Apr 201710min

7MS #254: Bash Bunny

7MS #254: Bash Bunny

I've been working with the Bash Bunny for the past few weeks in preparation for a presentation/demo I'm doing in a few weeks. Today I want to talk about what the Bunny is, the cool things it can do, and some of my favorite payloads. Also, I started thinking about what conversation topics spawn from a demo of the Bunny. Specifically, I want to know how people would defend against the Bunny using AD policies, peripheral controls, etc. Check out the Hak5 thread I started about this, as it has got some great ideas.

20 Apr 201710min

7MS #253: Desperately Seeking Service Accounts

7MS #253: Desperately Seeking Service Accounts

Find the show notes here!

13 Apr 20179min

7MS #252: LAPS - Local Administrator Password Solution

7MS #252: LAPS - Local Administrator Password Solution

Show notes are here.

6 Apr 20178min

7MS #251: Blackholing Malvertising with Pi-Hole

7MS #251: Blackholing Malvertising with Pi-Hole

Show notes are here

30 Mars 201710min

7MS #250: The PBS Telethon Episode!

7MS #250: The PBS Telethon Episode!

Show notes for today's episode can be found here!

23 Mars 201710min

Populärt inom Politik & nyheter

svenska-fall
motiv
aftonbladet-krim
p3-krim
flashback-forever
politiken
rss-viva-fotboll
fordomspodden
aftonbladet-daily
rss-sanning-konsekvens
rss-vad-fan-hande
spar
rss-krimstad
rss-krimreportrarna
olyckan-inifran
blenda-2
rss-frandfors-horna
dagens-eko
rss-flodet
rss-expressen-dok