Jul 30, 2020
Today's episode is all about creating and deploying your own pentest dropbox! In part 1 I talked about some "gotchas" but this time around I'm ready to dump a whole slug of specific and updated tips on ya! Below are the tips covered in this episode that are better read than said:
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0 Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
tzutil /s "Central Standard Time"
$LocalTempDir = $env:TEMP; $ChromeInstaller = "ChromeInstaller.exe"; (new-object System.Net.WebClient).DownloadFile('http://dl.google.com/chrome/install/375.126/chrome_installer.exe', "$LocalTempDir\$ChromeInstaller"); & "$LocalTempDir\$ChromeInstaller" /silent /install; $Process2Monitor = "ChromeInstaller"; Do { $ProcessesFound = Get-Process | ?{$Process2Monitor -contains $_.Name} | Select-Object -ExpandProperty Name; If ($ProcessesFound) { "Still running: $($ProcessesFound -join ', ')" | Write-Host; Start-Sleep -Seconds 2 } else { rm "$LocalTempDir\$ChromeInstaller" -ErrorAction SilentlyContinue -Verbose } } Until (!$ProcessesFound)
Install-Module -Name PowerUpSQL
powercfg.exe -change -standby-timeout-ac 0
dism /online /Enable-Feature /FeatureName:"NetFx3"
apt install openssh-server -y mkdir /etc/ssh/default_keys mv /etc/ssh/ssh_host_* /etc/ssh/default_keys/ dpkg-reconfigure openssh-server systemctl enable ssh.service systemctl start ssh.service
wget https://github.com/gentilkiwi/mimikatz/releases/download/2.2.0-20200519/mimikatz_trunk.zip wget https://github.com/BloodHoundAD/BloodHound/raw/master/Ingestors/SharpHound.exe
sudo pip3 install pypykatz
curl https://github.com/byt3bl33d3r/CrackMapExec/releases/download/v5.0.1dev/cme-ubuntu-latest.zip -L -o cme.zip