7MS #381: DIY $500 Pentesting Lab Deployment Tips

7 Minute Security - A podcast by Brian Johnson - Fridays

Categories:

For Windows VMs Take a snapshot right after the OS is installed, as (I believe) the countdown timer for Windows evaluation mode starts upon first "real" boot. Want to quickly run Windows updates on a fresh Win VM? Try this (here's the source): powershell Install-PackageProvider -Name NuGet -Force powershell Install-Module PSWindowsUpdate -force powershell Set-ExecutionPolicy bypass powershell Import-Module PSWindowsUpdate powershell Get-WindowsUpdate powershell Install-WindowsUpdates -AcceptAll -AutoReboot To turn on remote desktop: Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0 To set the firewall to allow RDP: Enable-NetFirewallRule -DisplayGroup "Remote Desktop" To stop the freakin' Windows hosts from going to sleep: powercfg.exe -change -standby-timeout-ac 0 To automate the install of VMWare tools, grab the package from VMWare's site, decompress it, then: setup64.exe /s /v "/qn reboot=r" To set the time zone via command line, run tzutil /l and then you can set your desired zone with something like tzutil /s "Central Standard Time" For Linux VMs Get SSH keys regenerated and install/run openssh server: apt install openssh-server -y mkdir /etc/ssh/default_keys mv /etc/ssh/ssh_host_* /etc/ssh/default_keys/ dpkg-reconfigure openssh-server systemctl enable ssh.service systemctl start ssh.service Then grab some essential pentesting tools using Kali essentials, and keep 'em updated git update Next user group meeting September 30!