Microsoft Windows

Information about the Microsoft Windows operating system

Follow these steps:

  1. Insert your USB Flash Drive into an available port.
  2. Open the Command Prompt (Admin) by right-clicking on the Start button, clicking Command Prompt (Admin), and then click Yes on the UAC prompt.
  3. Type “diskpart”and press Enter.
  4. Type “list disk” to determine the disk number of your USB Flash Drive.  Type “select disk X”, where “X” is the disk number of your USB Flash Drive.
  5. Type “clean” to erase the contents of your USB Flash Drive.
  6. Type “create partition primary size =5000”. This will create a 5GB primary partition on the USB Flash Drive.  You can later create an additional partition on the USB Flash Drive for persistent storage.
  7. Type “select partition 1”.
  8. Type “active” to make the partition active
  9. Type “format fs=ntfs quick” to format the partition.
  10. Type “assign” to give the USB Flash Drive a drive letter.
  11. Copy the contents of the Windows 8.1 DVD to the USB Flash Drive.

Alternatively, you can download the Universal USB Installer from http://www.pendrivelinux.com and follow the instructions on the site.

Here is a summary of how to capture an image for the Deployment Workbench.

  1. Boot the system to be captured and use the sysprep tool.
  2. Boot the system from either the CD or PXE boot and choose command prompt from the menu.
  3. Run diskpart at the command prompt.
  4. list volume # Check the volume of the disk you are imaging to get the correct drive letter
  5. exit #leave diskpart
  6. net use u: \\g212win2012r2\DeploymentShare$ # Capture network drive to place image in.  You will need to adjust based on your server name and deployment share.  This is using the default share created by MDT.  Use domain name in the username.
  7. dism /Capture-Image /CaptureDir:D:\ /ImageFile:U:\Captures\TestImage.wim /Name:”TestImage”
  8. Import captured OS in the Deployment Workbench
  9. Create new task
  10. Boot from CD or PXE to install your newly capture image to another system

Here is a quick outline of the steps I followed to install the MDT and WADK on a Windows Server 2012 R2 System.  Please be advised that these are from notes from the first walkthrough of setting this system up.  I am certain there will be some typos, unnecessary steps, out of order steps, and other issues with these instructions.

  1. Install Microsoft Deployment Tools
  2. Install WADK
  3. Start Deployment Tools and create Deployment Share
  4. Right-click Operating Systems and Import Operating System
  5. Right-click Operating system and update operating system
  6. Create new install task
  7. Burn ISO file in Boot folder to CD
  8. Boot new machine from CD
  9. Start task
  10. From Deployment and Imaging Tools Environment, Create Bootable flash Drive
  11. copype amd64 C:\winpe_amd64
  12. MakeWinPEMedia /UFD C:\winpe_amd64 F:
  13. Create Deployment from Windows System Image Manager
  14. File, Create Distribution Share
  15. Copy install.wim from media to server
  16. Select Windows Image file, will have to create a catalog file

Some helpful links from Microsoft are:

http://technet.microsoft.com/en-us/windows/dn282138

http://technet.microsoft.com/en-us/library/hh825212.aspx

Once you boot from the remote system, you work from the command prompt to create a new image.  The tool is DISM.

I have been playing around with the Microsoft Deployment Toolkit (MDT) on Windows Server 2012 R2 and decided I need to my client machines to perform a PXE boot instead of booting from a CD, which takes quite awhile.  Configuring Windows Deployment Server is a fairly easy process, especially if you all ready have a bootable WIM created from using MDT.  These instructions assume you have already setup MDT on your server and that your server is a member of a Windows Domain.  The basic process is as follows:

  1. Add the Windows Deployment Server (WDS) Role from Server Manager on the server you wish to boot from.  You will need to restart the server after this role is added.
  2. Open a command line to initialize your server with the command wdsutil /Initialize-Server /RemInst:”C:\DeploymentShare\boot”,  assuming you are using the default directory from your MDT installation.  If you encounter an error during the initialize step, you may need to issue the command wdsutil /Uninitialize-Server so that you can fix the error and then try to initialize the server again.
  3. Next you will add the WIM you wish to boot from with the command wdsutil /Add-Image /ImageFile:”c:\DeploymentShare\Boot\LiteTouchPE_x64.wim” /ImageType:Boot.
  4. Check Services to make for sure the Windows Deployment Services Server is running.

Assuming everything worked correctly, you should know be able to connect a computer to the same network as the server and PXE boot from the client to the server without the need of a flash drive or optical disk.  You may need to enable PXE boot on the client machine, or change the boot order of the devices.

Microsoft has a web page that includes all of the syntax for the wdsutil command available at http://technet.microsoft.com/en-us/library/cc771206.aspx.

 

I decided to try out the USB Rubber Ducky http://usbrubberducky.com/ from www.hak5.org.  The downside to the Rubber Ducky is that it does not come with very good documentation for those that want to set it up on the Windows side.  I had a difficult time with the creating the sample tutorial Hello Word duck script, but after an hour or so was able to work through it.  Here is how to setup the Duck from a Windows machine.

  1. Make for sure you have the latest version of Java installed on your computer, and that the Java directory is in your PATH Environment Variable.
  2. Download the DuckEncoder (duckencode.jar) from https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Downloads.  The Duck Encoder was at version 1.2 at the time of this post.  I would recommend creating a directory to hold the Duck Encoder file and the scripts you are going to create.
  3. Remove the MicroSD card from the Duck.  This can be difficult as the MicroSD is very snug, but it will come out.   I actually had to use needle nose pliers to get mine out.
  4. Insert the MicroSD card into the included adapter and plug into a USB slot on your Windows machine.  Your MicroSD card will be assigned a drive letter.
  5. (Optional) Browse to the drive letter and rename the file inject.bin to something like injectOriginal.bin.  I did this to preserve the original inject.bin file on the Duck.
  6. Open Notepad and key in your Duck script.  I used the Hello World script from https://github.com/hak5darren/USB-Rubber-Ducky/wiki/My-first-payload.  Note that if you copy and paste this script into notepad, you will need to remove the blank space at the beginning of each line, otherwise you will get an error.
  7. Save your file (i.e. helloWorld.txt), preferably into the folder with the duckencode.jar file.
  8. Open a command prompt and change to the directory with your script and duckencode.jar files.
  9. At the command prompt, key the following:  java -jar duckencode -i helloWorld.txt -o f:\inject.bin  ##(Note that your drive letter may be different)
  10. Safely remove the USB adapter from your system and insert the MicroSD card back into the Duck.
  11. Insert the duck into a USB port and your script should run.

Some sample payloads are available at https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads .