Picture by: PowerShell Magazine
This journey started when I thought "How nice would it be to enhance my security skill set by running tests in a controlled environment" So I did like any eager engineer would - Head to the "Lab". (Two laptops on docking stations with multi screen set up and a desk compliments of Kijiji).
But no jokes please... its my "lab".
So the first thing I thought was how much a pain it would be to have to build this environment from scratch each time I need to test something new, also the consistency would suffer, as I am only human.
Here is where automation came into play. The decision was made to start off with a Windows Domain environment. This will allow me exploit and consequently learn to defend attacks against this popular enterprise Identity and Authentication management service, also Linux dudes and dudettes always give me static about how Windows cannot handle automation, about how it would be too complicated and... it would be pretty cool to spin up an entire Active Directory domain from one command. So "yah!", sounds easy enough, lets start there.
So my team of software and technology used is listed below, I will explain in the following series of blogs how I achieved my end goal my the journey and decisions on the way.
Visual Studio Code
Desired State Configuration
I loved the idea of typing vagrant up and going to get a coffee, playing around with my daughter for a bit and returning to my "lab" ( no giggling please ) to a fully built and configured environment that I can just start hammering away at.
When I started on this journey, windows vagrant boxes where far and few in-between and most of them I found were not built to my standards, so I did what any logical thinking person would do, built my own. This where packer and boxstarter joined into the action. At one point it seemed every time I thought I was making progress there was some new technology I had to learn to get me even closer to my end goal.
I got a great start from Matt Wrock, he as an awesome post on creating windows vagrant boxes with packer and boxstarter and I used his article to get an idea of what I am getting myself into.
Now you may ask why would I need to build my own boxes and not just use what was in the Altas repos? At that time I found the winrm connection was flaky at best and I also liked the idea that I can build an image with all the latest updates and any third party packages to help with my deployment. One of my prerequisites was the need to have my base image with a minimum of 5.0 version of Powershell so I can leverage some of the enhanced DSC features to configure windows machines. ( Yes I can know you can do it with 4.0 but once you experience it with 5.0 and higher will never look back.)
So the first thing I had to learn is mastering Powershell. I needed to learn Powershell because I have to be able to give instructions to the windows box line by line to achieve my end system state goal, a fully running Active Directory Domain.
At first, I must admit I was scared of the shell, it seems you had to remember 3000 commands and hundreds if not thousands of syntax combinations to achieve a task. To be honest the way I absorb new technology is by being able to logically discover how it all works and, with Powershell's discovery features, it allowed me to do just that.
Powershell is now my life, I totally absorbed myself into it's world, each night I would watch training videos, after training videos, beginning from the basics extending to advance operations like automation, with Desired State Configuration. Firstly, I have to give much thanks to Jeffrey Snover , Don Jones and Jason Helmick, with their voices in my head for countless of hours on the do's and don'ts and how "write-host" is the worst thing since DEA encryption algorithm.
Their YouTube videos and also content from the Microsoft Academy really help propelled me at a rapid pace. I also noticed how it greatly improved my technical knowledge of systems as I literally have to walk systems through their configurations steps it allow me to obtain a greater understanding of systems in general at a level I never thought I could achieve. So guys, "I thank you". Also "thank you" to the other countless number of videos from other Youtubers that also help me developed my skills.
So after getting my feet wet with Powershell, I got into the habit of writing tools and explored Powershell Hacking, I am really excited how the Security community is embracing Powershell for offensive and defensive practices. It is proving to be a powerful scripting tool.
Now that I was comfortable with Powershell, joined all the online communities, attended
podcast and also joined the slack channel where I can learn and even offer advice where I can, I felt that I could have now extended my skill set into automation. It was the same core $ps concepts, now with gravy and sweet potatoes on the side. It is time for Desired State Configuration (DSC).