Microsoft Windows

All posts tagged Microsoft Windows

Apache is the most popular web server but Microsoft’s IIS  is fast gathering  pace. IIS 8  has introduced many popular features to the  Microsoft web server  to bring its competitive level on par with its counterparts. IIS 8 is only present in Windows Server 2012 and Windows 8. Today let’s see how to set up a web server in Windows Server 2012.

Open Server Manager, on the Local server click on “Add Roles and Features”.

wsws1

 

The Add Roles and Features wizard appears. with a default warnings page. Click on “Next”. 

wsws2

 

On the Installation type page, Select “Role based or Feature based selection” and click on “Next”.

wsws3

On the Server Selection page, Select the server on which you want to install the web server. Since I have only one server installed, I selected that. Click on Next.

wsws4

On the Server Roles page, select the role of “Web Server” and click on “Next”.

wsws5

 

On the Features page, click on “Next” since we don’t need any additional features to be installed for the web server.

wsws6

 

A web Server Role page opens which is somewhat like a summary  page. Click on “Next”.

wsws7

 

A Role Services page opens. Select the services you want to install for your web server. If you are not sure, continue with the default services by clicking on “Next”.

wsws8

 

On the Confirmation page, Click on “Install”.

wsws9

 

The installation will take a few minutes. After the installation is finished, Click on “Close”.

wsws10

To check if your web server is successfully installed, open Internet Explorer and type ‘localhost’. If you see the below IIS8 displayed, you have successfully installed a web server on your Windows Server 2012.

wsws11

 

I have been searching for a way to send an executable file to someone and make him to execute it. Sending the exe directly is not feasible. So let’s see how to hide an exe file in a jpeg and test its feasibility. First of all, create a new directory named test and download some images and name them similarly. I downloaded images of a popular Tollywood actress. The plan is to lure the victim into falling in the trap. I did this on a Windows 7 machine.

expeg1

 

Go to Folder Options”, go to View tab”deselect ‘ Hide extensions for known file types‘ and select option Show hidden files, folders and drives. This will allow us to see the extensions of the files we are working with.

expeg2

 

Open Notepad, type the following text and save it with the extenson .bat”. What the following code does is it creates a new user named “hacker” with password “abc123″ in the Windows machine this code gets executed.

expeg3

 

Download BAT to EXE converter and convert the batch file we just created to an exe.

expeg4

 

expeg5

 

 

Rename the file “samy.exe” to  “samy_3.jpg”. Windows will prompt a warning. Ignore it.

expeg6

 

Right click on the file “samy_3.jpg”, drag it a little and leave. Select ‘Create Shortcuts here’. We are creating a shortcut for the file samy_3.jpg.

expeg7

 

Rename the shortcut to “samy_0.jpg”. Whatever the name you give make sure that the shortcut is clicked first and not the exe file.

expeg8

 

Right click on “samy_0.jpg” and select Properties. In the “Start in” column delete the entire text. In the “Target:” column type “C:Windowssystem32cmd.exec samy_3.jpg.” This will run the file samy_3.jpg when clicked on the samy_0.jpg.

expeg9

 

Click on “Change Icon” tab. Replace the text inside with “%SystemRoot%system32SHELL32.dll” and click on “OK”.

expeg10

 

Compress all files into zip archive with the name “samy unseen.zip”. Remember that name should be attractive enough to lure the victim into clicking the images.

expeg11

 

OK, package is ready. Now the bigger challenge is to send the package to the victim’s computer. I tried to mail the package to the victim but it didn’t work out.

expeg12

 

 So I suggest you to find your own way of sending it to the victim. To test if the package will work on the victim’s system or not open “CMD” and type the command “net user” before executing the image. It will show us all the users on the system.

expeg13

 

Then click on the image samy_0.jpg. Open “CMD” and type the “net user” command again.

expeg14

 

A new user named hacker has been created. So the trick worked.

Virtual penetration testing lab is a lab created on a single system using any virtualization software. It can be very helpful for people practising for CEH or similar certification. Any penetration testing lab has two machines, attacker and victim. In this lab we will set up Kali Linux as the attacker and Windows XP( most favourite victim machine ) as the victim. I am going to set up this lab in Vmware Workstation 9. Hope this will be helpful.

First of all install Kali Linux and Windows XP in Vmware Workstation.

vpl1

 

vpl2

Shut them down. In the Vmware Workstation menu, Select Edit” and click on Virtual Network editor.

vpl3

The window below will open showing the virtual network adapters. Click on “Add network”.

vpl4

Vmware provides nine virtual networks from 0 to 9. Vmnet0, Vmnet1 and Vmnet8 are automatically assigned for  bridged, Host-only and NAT types of network respectively. Select the network “Vmnet3″.

vpl5

We can see that our network is added as Host-Type with a automatically assigned subnet IP.

vpl6

 

Click on our network. We can see its settings below.

vpl7

 

Deselect the option ‘Connect a host virtual adapter to the network‘.This will make our network a custom type. Change the subnet IP to 10.10.10.0( choice is yours).  Select the ‘Use local DHCP service to distribute IP address to VMs‘ option. This will automatically assign IP addresses to our machines. Click on ‘DHCP settings‘.

vpl8

You will see the below window. Make changes if you like. I am going to leave it default. Click OK twice to exit.

vpl9

 

We have successfully created our custom network. Now let’s add our machines to the network. Open the tab of Kali Linux and click on ‘network adapter‘ setting.

vpl10

In the settings, select the ‘custom radio button and select the network Vmnet3 from the dropdown menu. Click on OK.

vpl11

Do the same for Windows XP. Then let’s boot up our victim machine and check it’s IP address by typing ‘ipconfig‘ in the command line.The DHCP server has automatically assigned it the IP address 10.10.10.129.

vpl12

 

Boot the attacker machine and check it’s ip address by typing ‘ifconfig’ in the terminal. It has been assigned the address 10.10.10.128.

vpl13

Ping the victim IP machine (10.10.10.129) to see whether the two machines can communicate.

vpl14

 

We have successfully created a virtual penetration testing lab. Happy testing.

Windows Server 2012 introduced a new configuration option called Minimal Server Interface. Minimal Server Interface is in simple words compromise between Server GUI Full Installation and Server Core installation. Minimal Server Interface installation reduces footprint of the server to some extent thus decreasing security hazards. In the same time it increases deployment scenarios.

Following tools are installed in Minimal Server Interface.

  • Server Manager
  • MMC
  • Some Control Panel Applets

The items which are not installed during Minimal Server Interface are

  • Start Screen
  • Desktop
  • Windows Explorer
  • Internet Explorer

Let’s see how to convert Server GUI full installation to Minimal Server Interface in Windows server 2012. If you want to convert Server GUI full  installation to Server Core installation, read here.

Login as Administrator. Open  “Powershell”. Type the command

“Uninstall-WindowsFeature Server-Gui-Shell -remove” and Press “Enter”.

guimsi1

 

After collecting some data, the system will start removing the Server-Gui-Shell.

guimsi2

After the removal of Server-gui-shell is finished, the system will ask us to restart the system.

guimsi3

 

Restart the system by typing “shutdown -r -t 0″. The system will reboot to Minimal server Interface which will look like below.

guimsi4

 

One day, I was intently searching for a method to emulate a router or switch in Oracle VirtualBox  After a long search, I didn’t find a method but I found  another virtualizing software called GNS3.  GNS3 is a network emulation software which can be really helpful to someone preparing for CCNA,CCNP,CCIE,JNCIA,JNCIS and JNCIE. It can emulate  Cisco IOS’s, Junos routers and also  complex networks functioning as close as possible to the real networks without needing the network hardware like routers and switches. The best part of it is that it is open source. However we will have to download Cisco IOS and Junos separately.

GNS3 is available for Windows,Linux and MacOS X. In this article, I am going to show you how to install GNS3 in Windows step by step.

Download the software suitable for your Windows from here. The all-in-one download is recommended.

Click on the executable file downloaded. The welcome message pops up.Click on “Next”.

w1

Then the License Agreement is displayed.Click on “I Agree”.

w2

 

Then you are asked to choose the start menu folder in which your  program’s shortcuts will be stored. If you choose the default folder, click “Next”. You can also create a new folder if you want.

w3

 

Then you can choose which components you want to install from the components shown. I suggest you to choose all the options. Click on “Next”.

w4

 

Then you are asked to choose where you want to install your program. you can choose a different folder if you want but the default folder should be OK. Click on “Install”.

w5

 

Then the WinPcap installation wizard starts. WinPcap is an opensource library for packet capture and network analysis for Win32 platforms. Click on “Next”.

w6

 

Click on “Next”.

w7

 

On the WinPcap License Agreement, click on “I Agree”.

w8

 

On the review WinPcap installation options, Click on “Install”.

w9

 

The installation starts.

w10

 

After the installation is finished, Click on “Finish”.

w11

 

Then the  Wireshark installation wizard” opens (only if you selected the component for installation above). Wireshark is a network sniffer. Click on “Next”.

w12

 

You are shown the License Agreement of Wireshark. Click on “I Agree”.

w13

 

Then you are prompted to select the components of Wireshark you want to install. Choose all and Click on “Next”.

w14

 

Then you are prompted to select which shortcuts you want to create. The choice is yours. Click on “Next”.

w15

 

 

Then choose the directory in which you want to install Wireshark and click on “Next”.

w16

 

Then Wireshark starts installing.

w17

 

After the installation is completed, Click on “Next”.

w18

 

Then Completion of Wireshark installation Wizard appears. You are prompted to choose if you want to run Wireshark. Don’t make any selection. Click on “Finish”.

w19

 

Then the installation of GNS3 starts.

w20

 

After the installation is completed, click on “Next”.

w21

 

Completion of GNS3 wizard appears. Click on “Finish”.

w22

 

Start GNS3. The following window appears when we start GNS3 for the first time. Click on 1(the space enclosed in a red box).

w23

 

This is to check whether path to Dynamips and the path to its working directory are valid or not. Dynamips is the core program that allows IOS simulation.Click “OK”.

w24

 

Let’s go to Step 2. Here we configure path to our IOS image directory.We have to store all our images in this directory.Make changes to the path if you want otherwise click on “OK”.

w25

 

Step 3: In this step, we will add one or more uncompressed IOS images of a router or switch. As already said, IOS images should be downloaded separately due to license agreements.

w26

Browse to the folder where your IOS image is.I am adding a CISCO c3700 router for example. Click on Save and your window should like this.

w27

 

Click on “Close” and your GNS3  windows appears.

w28

 

In the Node Types section, click on C700 (the type we just added)  and drag it to the right to see if our router has been added or not. If it is like below, then your installation is success. Happy practising.

w29

 

Hi Friends, Today we will see how to install and promote a domain controller in Windows server 2012. It has seen a change while installing a domain controller.The “dcpromo.exe” present in previous versions has been deprecated. We need to install domain controller from Server Manager only.Before we start installing the domain controller let’s change our server’s name to ‘Server‘ and IP address to “10.10.10.1″.

wdc1

wdc2

Now let’s go to Server Manager and start adding Active Directory Domain Services” role from Add Roles and Features.Click on “Add Roles and Features”.

wdc3

 

Before we begin,we are presented with basic information on IP addresses,Windows updates and configuring strong passwords.Click “Next”.

wdc4

 

Then we are prompted for the type of installation.Select Role Based or Feature based installation” and click Next”.

wdc5

 

Then we are prompted to select the destination server.Select the server we just named and click “Next”.

wdc6

 

Then we are asked to select the roles we want to install.Select Active Directory Domain Services and click “Next”.

wdc7

 

Then we get a pop-up to add features that are required for Active Directory domain services. These features are automatically selected.Click on Add Features”.

wdc8

 

We can see that Group Policy Management which is required for Active Directory Domain services has been automatically selected.

wdc9

 

Then we are given a brief description about Active Directory domain services and some basic things to note.Click Next”.

wdc10

 

Then we are shown the roles that will be installed on the server as a confirmation.Click on Install”.

wdc11

 

Then the installation starts.

wdc12

 

As the installation is finished,we get a message ‘Configuration required.Installation succeeded on server’. Click on Close”.

wdc13

 

We have successfully installed Active Directory Domain Services on our server.Now we need to promote the domain controller.In the previous versions of Windows server, it is here we used dcpromo.exe. In our Server Manager, we have a notification flag with a yellow triangle with an exclamation mark inside it.Click on it.

wdc14

 

Click on ‘Promote this server as domain controller’.

wdc15

We are prompted to choose the configuration of our domain controller. Choose Add a new forest and specify the root domain name as shunya.com. Click on Next”.

wdc16

 

We are asked to choose the domain controller options. Set the forest functional level and domain functional level as Windows Server 2012. Select DNS server.Since this is the root domain in the forest it is automatically Read only domain controller. Enter the DSRM password and click on Next”.

wdc17

 

 

Then DNS options screen appears. Click on Next”.

wdc18

 

Look at the NETBIOS name which is automatically assigned.It is shunya.

wdc19

 

The location where the AD DS database,log files and SYSVOL are shown. We can specify different locations if we choose to be. Click on Next”.

wdc20

 

Then we see a review of our selections.Click on Next”.

wdc21

 

Then we see a Windows Powershell script for AD DS deployment.

wdc22

 

Then we get a prerequsites check window.Click on Install”.

wdc23

 

After all the prerequisites are validated successfully,the server is successfully configured as a domain controller and the system is restarted.

wdc24

 

After the system restarts, we are asked to login into the shunya domain.

wdc25