Episode 10: Locking It Down: Restricting User Accesswith File Permissions Description: Secure your sensitive data! Learn thecritical skill of restricting user access to folders using NTFS permissions inWindows Server 2022. We'll demonstrate creating new users, setting explicit"Deny" permissions, and verifying their effectiveness, highlightingthe importance of granular access control.

Episode 9: Files & Formats: Working with FAT32 andNTFS Description: Demystify file systems! This episode guides youthrough creating and managing files in both FAT32 and NTFS formats on WindowsServer 2022. You'll learn how to format drives, perform file operations, verifyallocation, and configure advanced NTFS permissions for security.

Dig deep into system memory! Learn how to illustrate the memory layout of a basic program and use advanced PowerShell commands (WMI, security-focused queries) todebug, check process integrity, detect DLL injections, and identify suspicious processes on Windows Server 2022.

Commands:

• Get-Process | Where-Object { $_.ProcessName -eq "notepad" }
• Get-WmiObject -Class Win32_OperatingSystem | Select-Object TotalVisibleMemorySize, FreePhysicalMemory
• Get-Process
• Get-WmiObject -Class Win32_Process | Select Name, ProcessId, ExecutablePath. For new powershell version simply use: Get-Process | Select-Object Name, Id, Path
• Get-WmiObject -Class Win32_Process | Select-Object Name, ProcessId, ParentProcessId
• Get-WmiObject -Class Win32_Process -Filter "Name = 'notepad.exe'" | Select-Object ProcessId, Name, @{Name='Owner';Expression={$_.GetOwner().User}}
• Get-Process -Name notepad | Select-Object -ExpandProperty Modules | Select ModuleName, FileName
• Get-WmiObject Win32_Process | Where-Object { $_.ExecutablePath -and ($_.ExecutablePath -notlike "C:\Windows\*" -and $_.ExecutablePath -notlike "C:\Program Files\*") } | Select Name, ProcessId, ExecutablePath
• Get-Process | Where-Object { $_.Modules.ModuleName -contains "ntdll.dll" }
• Get-WmiObject Win32_Process | Select-Object Name, ProcessId, CommandLine
• Get-Process | Sort-Object StartTime -Descending | Select-Object Name, Id, StartTime | Select-Object -First 10

Don't let errors stop you! This episode focuses on practical debugging techniques for both PowerShell and Bash scripts. We'll intentionally introduce common errors (like typos or wrong parameters) and walk through how to identify and fix them, building crucial troubleshooting skills.

Powershell Script:

#Script to log multiple event IDs
$BeginTime = (Get-Date).AddMinutes(-20)
Get-EventLog -LogName "Securityy" -After $BeginTime |
Where-Object { $_.EventID -in '4624', '4625'} |
Select-Object TimeGenerated, EventID, Message |
Format-Table -AutoSize |
Out-Files C:\EventLogs_MultipleEvents.txt

BASH Script:

#!/bin/bash
#Variables
USERNAME="testuser" # User accountname
PASSWORD="P@ssw0rd" # User password
GROUP="testgroup" # Custom groupname
SSH_DIR="/home/$USERNAME/.ssh"
PUB_KEY="ssh-rsa AAAAB3...your-public-key... user@kali"

#Step 1: Check ifuser already exists
if id "$USERNAME" &>/dev/null; then
echo "Error: User '$USERNAME'already exists!"
exit 1
fi

#Step 2: Create userand set password
echo "Creating user '$USERNAME'..."
useradd -m -n -s /bin/bash "$USERNAME" # Error 1: -n is an invalidoption
if [ $? -ne 0 ]; then
echo "Error: Failed to create user'$USERNAME'"
exit 1
fi
echo "$USERNAME:$PASSWORD" | chpasswd
echo "Password set for user '$USERNAME'."

#Step 3: Add user tosudoers
echo "Granting sudo access to '$USERNAME'..."
usermod -aG sudo "$USERNAME"
if [ $? -ne 0 ]; then
echo "Error: Failed to add'$USERNAME' to sudoers"
exit 1
fi

#Step 4: Createcustom group and add user
echo "Creating group '$GROUP' and adding user..."
groupadd "$GROUP" 2>/dev/null
usermod -aG "wronggroup" "$USERNAME" # Error 2:"wronggroup" does not exist
if [ $? -ne 0 ]; then
echo "Error: Failed to add'$USERNAME' to group '$GROUP'"
exit 1
fi

#Step 5: Setup SSHkey-based authentication
echo "Setting up SSH key-based authentication..."
mkdir -p "$SSH_DIR"
echo "$PUB_KEY" > "$SSH_DIR/authorized_keys"
chmod 600 "$SSH_DIR/authorized_keys"
chmod 700 "$SSH_DIR"
chown -R "$USERNAME:$USERNAME" "$SSH_DIR"
if [ $? -ne 0 ]; then
echo "Error: Failed to set up SSHkeys"
exit 1
fi
echo "SSH keys configured for '$USERNAME'."

#Step 6: Setpassword expiry to 30 days
echo "Setting password expiry policy for '$USERNAME'..."
chage -M 30 "$USERNAME"
if [ $? -ne 0 ]; then
echo "Error: Failed to setpassword expiry"
exit 1
fi

#Step 7: Logactivity to/var/log/user_setup.log
LOG_FILE="/var/log/user_setup.log"
echo "$(date) - User '$USERNAME' created and configured" >>"$LOG_FILE"
if [ $? -ne 0 ]; then
echo "Error: Failed to write logto $LOG_FILE"
exit 1
fi

#Step 8:Confirmation Message
echo "Testing SSH connection to '$USERNAME'@localhosts..."
ssh "$USERNAME@localhost"
if [ $? -ne 0 ]; then
echo "Error: SSH connection failed."
exit 1
fi
echo "User '$USERNAME' created and configured successfully!"

Master automation in Linux with Bash scripts! Discover how to create and debug scripts for user setup, including creating new users, setting passwords, adding them to groups, configuring SSH key-based login, and setting password expiry. We’ll also cover testing and verification.

Script:

#!/bin/bash
#Variables
USERNAME="Jason" # User account name
PASSWORD="P@ssw0rd" # User password
GROUP="developers" # Custom group name
SSH_DIR="/home/$USERNAME/.ssh"
PUB_KEY="ssh-rsa AAAAB3...your-public-key... user@kali" # Replace with your actual public key

#Step 1: Check if user already exists
if id "$USERNAME" &>/dev/null; then
echo "Error: User '$USERNAME' already exists!"
exit 1
fi

#Step 2: Create user and set password
echo "Creating user '$USERNAME'..."
useradd -m -s /bin/bash "$USERNAME"
if [ $? -ne 0 ]; then
echo "Error: Failed to create user '$USERNAME'"
exit 1
fi
echo "$USERNAME:$PASSWORD" | chpasswd
echo "Password set for user '$USERNAME'."

#Step 3: Add user to sudoers
echo "Granting sudo access to '$USERNAME'..."
usermod -aG sudo "$USERNAME"
if [ $? -ne 0 ]; then
echo "Error: Failed to add '$USERNAME' to sudoers"
exit 1
fi

#Step 4: Create custom group and add user
echo "Creating group '$GROUP' and adding user..."
groupadd "$GROUP" 2>/dev/null
usermod -aG "$GROUP" "$USERNAME"
if [ $? -ne 0 ]; then
echo "Error: Failed to add '$USERNAME' to group '$GROUP'"
exit 1
fi

#Step 5: Setup SSH key-based authentication
echo "Setting up SSH key-based authentication..."
mkdir -p "$SSH_DIR"
echo "$PUB_KEY" > "$SSH_DIR/authorized_keys"
chmod 600 "$SSH_DIR/authorized_keys"
chmod 700 "$SSH_DIR"
chown -R "$USERNAME:$USERNAME" "$SSH_DIR"
if [ $? -ne 0 ]; then
echo "Error: Failed to set up SSH keys"
exit 1
fi
echo "SSH keys configured for '$USERNAME'."

#Step 6: Set password expiry to 30 days
echo "Setting password expiry policy for '$USERNAME'..."
chage -M 30 "$USERNAME"
if [ $? -ne 0 ]; then
echo "Error: Failed to set password expiry"
exit 1
fi

#Step 7: Log activity to /var/log/user_setup.log
LOG_FILE="/var/log/user_setup.log"
echo "$(date) - User '$USERNAME' created and configured" >> "$LOG_FILE"
if [ $? -ne 0 ]; then
echo "Error: Failed to write log to $LOG_FILE"
exit 1
fi

#Step 8: Confirmation Message
echo "User '$USERNAME' created and configured successfully!"

Unlock automation on Windows! We'll start with PowerShell basics, showing you how to write, execute, and expand simple scripts to display messages, get dates, list processes, and manage services. Learn to automate tasks efficiently on Windows Server 2022.

Commands:

.\WelcomeScript.ps1

Get-Date

Get-Process

Get-Service | Where-Object { $_.Status -eq 'Running' }

Get-WmiObject -Class Win32_Product | Select-Object Name,Version

Get-NetIPAddress

Explore active information gathering in Linux! This episode teaches you how to enumerate a vulnerable Bee-Box machine using Kali Linux tools. You'll learn Nmap for identifying open ports and services, and Metasploit for deeper SMTP enumeration, strengthening your reconnaissance skills.

Link: Bee-Box official download page

Commands: nmap -Pn -sS –sV

nmap -Pn -sS -sV -p 25

auxiliary/scanner/smtp/smtp_enum

set RHOSTS

set THREADS

Uncover the hidden information on Windows systems! Learn how to use Microsoft's powerful PsTools suite to gather system information, track user sessions, enumerate services, and analyze event logs on a Windows Server 2022. We'll explorecommands like pslist.exe, psloglist.exe, and saving output to files.

PsTools Link: https://learn.microsoft.com/en-us/sysinternals/downloads/pstools.

Commands: .\pslist.exe

.\psloggedon.exe

.\psloglist.exe

.\psservice.exe

Save output by:

.\psloglist.exe >> C:\Logdata.txt