Hey friends, today I’m super excited to share I found the missing link! Specifically, the missing piece that now allows me to create *fully automated* Windows 10 installs that serve as virtual pentest jumpboxes. Here are the high points:
* When your deployment script is finishing and you need the system to reboot and run some final commands, temporarily add your account as an auto-login account like so:
new-itemproperty -path 'hklm:\software\microsoft\windows nt\currentversion\winlogon' -name AutoAdminLogon -value 1 -force
new-itemproperty -path 'hklm:\software\microsoft\windows nt\currentversion\winlogon' -name DefaultUserName -value "your-local-user" -force
new-itemproperty -path 'hklm:\software\microsoft\windows nt\currentversion\winlogon' -name DefaultPassword -value "your-password" -force
Then tell Windows to run your final script *one time* after automatically logging in as `your-local-user`:
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v MyRunOnceKey /t REG_SZ /d "c:\your-final-script.bat"
Finally, make sure your `your-final-script.bat` deletes the auto-login creds:
reg delete "hkey_local_machine\software\microsoft\windows nt\currentversion\Winlogon" /v DefaultUserName /f
reg delete "hkey_local_machine\software\microsoft\windows nt\currentversion\Winlogon" /v DefaultPassword /f
reg delete "hkey_local_machine\software\microsoft\windows nt\currentversion\Winlogon" /v AutoAdminLogon /f
Share on socials: