7MS #558: How to Build a Vulnerable Pentest Lab - Part 2

February 7, 202322m 4s

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Today we continue part 2 of a series we started a few weeks ago all about building a vulnerable pentesting lab. Check out the video above, and here are the main snippets of code and tips to get you going:

Use Youzer to import a bunch of bogus users into your Active Directory:

sudo python ./youzer.py --generate --generate_length 20 --ou "ou=Contractors,dc=brifly,dc=us" --domain brifly.us --users 1000 --output lusers.csv

Make a Kerberoastable user:

New-AdUser -Name "Kerba Roastable" -GivenName "Kerba" -Surname "Roastable" -SamAccountName Kerba -Description "ROASTED!" -Path "OU=Contractors,DC=brifly,DC=us" -AccountPassword (ConvertTo-SecureString "Password1" -AsPlainText -force) -passThru -PasswordNeverExpires $true enable-adaccount Kerba setspn -a IIS_SITE/brifly-dc01.brily.us:77777 briflyus\kerba

← All episodes of 7 Minute Security