Building a hackable Windows Server, where to start?

By yeoo_andy_ni
in Smart Home, Network & Security

 Share

Recommended Posts

Mentor

yeoo_andy_ni

Posted
Posted

Hi folks!

 

Bit of input needed here. I've got a wee job in work to build a hackable Windows Server 2012 for a project. Where the hell do I start?! I'm not involved in any Info Sec stuff in work, so I'm totally flying blind here. I've had a few ideas though:

  • Rename local admin account and create a new admin account with a more generic password and prevent certain users from being able to change certain account passwords
  • Don't fully patch - in other words, keep a couple of months of patches off the server and maybe remove a critical one here and there
  • Modify the file shares and create newer ones that are slightly less secure
  • Modify the account lockout policy
  • Modify the RDP settings
  • Modify services such as Remote Registry to disabled
  • Don't update the AV/firewall client to the latest definitions
  • Turn UAC off, or at the very least relax it

The end game is to have a treasure hunt on the box to have 4 or 5 folders available, with each acting as a clue to the next folder (and file inside) location. I'm just confused as to how I should go about implementing this to be both fun and a bit of a challenge. Oh, and done right, lol.

 

Cheers!

 

Andy

Link to comment
Share on other sites
Grand Master

BinaryData

Posted
Posted

Hi folks!

 

Bit of input needed here. I've got a wee job in work to build a hackable Windows Server 2012 for a project. Where the hell do I start?! I'm not involved in any Info Sec stuff in work, so I'm totally flying blind here. I've had a few ideas though:

  • Rename local admin account and create a new admin account with a more generic password and prevent certain users from being able to change certain account passwords
  • Don't fully patch - in other words, keep a couple of months of patches off the server and maybe remove a critical one here and there
  • Modify the file shares and create newer ones that are slightly less secure
  • Modify the account lockout policy
  • Modify the RDP settings
  • Modify services such as Remote Registry to disabled
  • Don't update the AV/firewall client to the latest definitions
  • Turn UAC off, or at the very least relax it

The end game is to have a treasure hunt on the box to have 4 or 5 folders available, with each acting as a clue to the next folder (and file inside) location. I'm just confused as to how I should go about implementing this to be both fun and a bit of a challenge. Oh, and done right, lol.

 

Cheers!

 

Andy

The title and the information provided are a bit different, haha.

 

Though I'm not sure this is an appropriate topic to be discussed here.

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

if its suppose to be a challenge why should you make anything easier - patch it to the hilt, follow the hardening guide.. Lock that bad boy down as much as you can lock it down with 2k12

 

then that would be a somewhat of challenge.

 

I would atleast run through https://technet.microsoft.com/en-us/library/cc754997.aspx and make it decent lock down.

Link to comment
Share on other sites
Grand Master

Intersect

Posted
Posted

if you want to make things intresting, as part of the treasure hunt you could have a .PCAP (packet capture file) stored in the documents folder that they need to work with inorder to find out what is in the captured packets. an example of this would be to create a few documents in word add some text to one of them and change the font colour to white or hide the text behind an image, add those filed to a .zip file with a password and send it in an email to some one on your network while you capture the packets. once this is done you will have a .PCAP file to work with

Link to comment
Share on other sites
Grand Master

+John Teacake MVC

Posted
  • MVC
Posted

Does it have to be a Windows box? There are specific Linux Distros for this exact thing, So if you are teaching a class for example its ideal. Its called Damn Insecure Linux or something like that where they purposely build the Distro with known affected plugins, Programs or Modules.

Link to comment
Share on other sites
Grand Master

BinaryData

Posted
Posted

Does it have to be a Windows box? There are specific Linux Distros for this exact thing, So if you are teaching a class for example its ideal. Its called Damn Insecure Linux or something like that where they purposely build the Distro with known affected plugins, Programs or Modules.

I was thinking of Kali Linux, haha. KL is fun, but make sure you don't accidentally flood the wrong network. Oops... ;)

Link to comment
Share on other sites
Veteran

Alwaysonacoffebreak

Posted
Posted

I was thinking of Kali Linux, haha. KL is fun, but make sure you don't accidentally flood the wrong network. Oops... ;)

 

Kali is the way opposite of what he was describing tho ;) Kali is FOR "hacking" (god I hate that word) and the one he was talking about is just unsecure as heck. But yeah, Kali is a lot of fun if you know what you're doing.

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.