Active Directory Lab Setup - 102

A step-by-step guide for building your very own Cybersecurity Home Lab using VMware Workstation

TEARING DOWN the DOMAIN CONTROLLER

We executed ./gen_ad.ps1 but we dont know the important part of this Powershell Script. Lets look at our ./gen_ad.ps1 a little bit more.

function WeakenPasswordPolicy(){
    secedit /export /cfg C:\Windows\Tasks\secpol.cfg
    (Get-Content C:\Windows\Tasks\secpol.cfg).replace("PasswordComplexity = 1", "PasswordComplexity = 0").replace("MinimumPasswordLength = 7", "MinimumPasswordLength = 1") | Out-File C:\Windows\Tasks\secpol.cfg
    secedit /configure /db c:\windows\security\local.sdb /cfg C:\Windows\Tasks\secpol.cfg /areas SECURITYPOLICY
    rm -force C:\Windows\Tasks\secpol.cfg -confirm:$false
}

function StrengthenPasswordPolicy(){
    secedit /export /cfg C:\Windows\Tasks\secpol.cfg
    (Get-Content C:\Windows\Tasks\secpol.cfg).replace("PasswordComplexity = 0", "PasswordComplexity = 1").replace("MinimumPasswordLength = 1", "MinimumPasswordLength = 7") | Out-File C:\Windows\Tasks\secpol.cfg
    secedit /configure /db c:\windows\security\local.sdb /cfg C:\Windows\Tasks\secpol.cfg /areas SECURITYPOLICY
    rm -force C:\Windows\Tasks\secpol.cfg -confirm:$false
}

The provided PowerShell functions WeakenPasswordPolicy and StrengthenPasswordPolicy are designed to modify the local security policy on a Windows machine. These functions specifically adjust the password complexity requirements and minimum password length settings. Here's a detailed explanation of each function:

Function: WeakenPasswordPolicy

The Purpose of this is to weaken the password policy by setting:

• Password complexity requirement to off (0).

• Minimum password length to 1 character.

Steps:

1. Export Current Security Policy:

   powershellCopy codesecedit /export /cfg C:\Windows\Tasks\secpol.cfg

   This command exports the current security policy settings to a configuration file secpol.cfg.

2. Modify Security Policy Settings:

   powershellCopy code(Get-Content C:\Windows\Tasks\secpol.cfg).replace("PasswordComplexity = 1", "PasswordComplexity = 0").replace("MinimumPasswordLength = 7", "MinimumPasswordLength = 1") | Out-File C:\Windows\Tasks\secpol.cfg

   This line reads the exported configuration file, replaces the PasswordComplexity setting from 1 (enabled) to 0 (disabled), and changes the MinimumPasswordLength from 7 to 1. The modified content is then written back to secpol.cfg.

3. Apply Modified Security Policy:

   powershellCopy codesecedit /configure /db c:\windows\security\local.sdb /cfg C:\Windows\Tasks\secpol.cfg /areas SECURITYPOLICY

   This command applies the modified security policy settings from secpol.cfg to the system.

4. Remove Temporary Configuration File:

   powershellCopy coderm -force C:\Windows\Tasks\secpol.cfg -confirm:$false

   This line deletes the temporary configuration file secpol.cfg without asking for confirmation.

Function: StrengthenPasswordPolicy

The Purpose to strengthen the password policy by setting:

• Password complexity requirement to on (1).

• Minimum password length to 7 characters.

Steps:

1. Export Current Security Policy:

   powershellCopy codesecedit /export /cfg C:\Windows\Tasks\secpol.cfg

   This command exports the current security policy settings to a configuration file secpol.cfg.

2. Modify Security Policy Settings:

   powershellCopy code(Get-Content C:\Windows\Tasks\secpol.cfg).replace("PasswordComplexity = 0", "PasswordComplexity = 1").replace("MinimumPasswordLength = 1", "MinimumPasswordLength = 7") | Out-File C:\Windows\Tasks\secpol.cfg

   This line reads the exported configuration file, replaces the PasswordComplexity setting from 0 (disabled) to 1 (enabled), and changes the MinimumPasswordLength from 1 to 7. The modified content is then written back to secpol.cfg.

3. Apply Modified Security Policy:

   powershellCopy codesecedit /configure /db c:\windows\security\local.sdb /cfg C:\Windows\Tasks\secpol.cfg /areas SECURITYPOLICY

   This command applies the modified security policy settings from secpol.cfg to the system.

4. Remove Temporary Configuration File:

   powershellCopy coderm -force C:\Windows\Tasks\secpol.cfg -confirm:$false

   This line deletes the temporary configuration file secpol.cfg without asking for confirmation.

Summary :

• WeakenPasswordPolicy reduces security by allowing simpler and shorter passwords.

• StrengthenPasswordPolicy enhances security by requiring more complex and longer passwords.

Both functions automate the process of exporting, modifying, applying, and cleaning up the local security policy configuration to change password requirements on a Windows system.