Today’s episode is brought to us by our friends at Blumira!

Today we kick off a series all about building your own vulnerable pentest lab from scratch, specifically:

  • Spinning up a domain controller with a few lines of PowerShell
  • Installing Active Directory Domain Services
  • Setting up an intentionally cruddy password policy
  • Baking in the MS14-025 vulnerability

Here are the code snippets that help you get an Active Directory environment going on the quick:

# Get AD tools
Write-Host "Lets install the RSAT tooleeeage!"
add-windowsfeature -name rsat-adds

# Add domain services
Write-Host "Now lets install the AD domain services!"
add-windowsfeature ad-domain-services

# Add forest and name it
Write-Host "For our final act, lets go ahead and install the forest called!"
$soopersecurepass = ConvertTo-SecureString -String RestorePleaseLOL! -AsPlainText -Force
write-host "And now I'm installing the actual AD forest LOL"

install-addsforest -domainname -installdns -DomainNetbiosName brifly -SafeModeAdministratorPassword $soopersecurepass -force

Written by: Brian Johnson

Share on socials: