Windows Domains Virtual Labs

Labs

Introductión

We all know how hard it can be for the security professional to combine daily work and keep up with the latest trends in the industry.

Ihacklabs has created 4 mini labs with the latest versions of Windows, in order to offer the user the experience of connecting theory with work reality.

Being smaller, these laboratories are more agile and dynamic without losing a minimum of fun. We have added the common vulnerabilities we commonly encounter in a security assessment and other less common ones, to make the most interesting challenges

.

Figure 1 – New hacking labs with versions of Microsoft Windows

The mini-labs contain, among others, the following licensed versions of Microsoft Windows:

Figure 2 – Some of the versions of the laboratories

Content

To make the content of the laboratories more agile and enjoyable without losing the opportunity to create new ways of learning, they have installed domain controllers in all of them. These mini laboratories have, among other active services, a domain controller for each of them, simulating 4 different environments.

All the exposed vulnerabilities correspond to real cases that our professionals find doing their work day by day. The goal is to become the domain administrator of each of them.

These servers have built-in clients within the domain controller to be able to simulate external and internal attacks, in case a successful attacker could extract user accounts and thus compromise the entire organization. Some vulnerabilities detected would be the following

  • Windows Common Vulnerabilities
  • Lack of protection against external attacks
  • Excessive permissions on shares and files
  • Lack of virus / malware protection
  • Weak or nonexistent encryption
  • Failure to comply with the minimum security policy
  • Weak security policies
  • Lack of active services
  • Weak or default passwords

Other common vulnerabilities and configuration errors in an active directory can be found in our mini-labs.

Figure 3 There is a domain controller in each laboratory

  • Default Active Directory Settings
  • Too many domain administrator accounts
  • Insufficient patch on servers / workstations
  • Do not carry an inventory of accounts / users with delegated access
  • Excessive privilege service accounts
  • Do not bring privileged user access control to AD
  • Using the same password on different servers
  • Obsolete Authentication Methods (LM / NTLMv1)
  • Access from systems with no trust relationship
  • Executing non-essential services on domain controllers
  • Do not properly isolate network resources, such as critical servers
  • Fail to keep security updates current
  • Incorrect handling of credentials

Through these vulnerabilities, a malicious attacker could achieve a total compromise of the system, with the consequences that we all know.

In our laboratories we provide vulnerable scenarios where the user takes the role of the real attacker, acquiring the necessary vision to develop and learn essential techniques for the labor market.

Within our Windows Domain Labs laboratories, we can practice, among others, the following subjects.

  • Advanced Hacking Techniques
  • Black Box Pentesting
  • Vulnerability scan
  • Security audits
  • Identification of traditional and non-traditional points of attack

Tools and equipment

The connection to our lab is done via private VPN, however we are aware that an analysis from the internet can sometimes be a bit heavy and so we have made available a KALI 2.0 server in the RedBox with all the tools necessary for the user Just think about learning and having fun

Figure 4 Server available to users with a multitude of tools

User support

We have Slack and Telegram channels for registered users where doubts are resolved, tracks are exchanged and there is talk of the latest news of the moment.

  • Telegram
  • Slack
  • Email

References:

https://adsecurity.org/?p=1684

 

Menu