Many years ago I happened to purchase one of these Motorola Xooms from a Vodafone outlet with the prospect of using it to learn Android development. Of course the Android store was becoming full of great applications, and my Hello World alternatives were not going to cut the mustard when it came to competitive use. So eventually this tablet went into a box, moved house a few times, and has now reappeared on my desk whilst I am in the midst of studying Hacking Countermeasures.

What follows can only be described as 'To be expected'.

Whilst developing a working image for standalone laptops where the configuration of accounts shouldn't change, yet must be deployed across a number of assets, I needed to create a method of distributing a system image amongst devices in a way which would avoid static configurations.

Part of this was in the creation of an unattend.xml file for the Windows installation, and using Audit mode to modify the installation and apply system patches to the system image.

Using PowerShell it is possible to rename the Windows PC through some user input. The scriptlet I have used in this example is:

$varHostname = Read-Host "Enter the Laptop Asset ID (e.g. xxxxxxxx)"

$PC = Get-WmiObject -Class Win32_ComputerSystem
$PC.Rename($varHostname)

Restart-Computer

When executed through the PowerShell command prompt, the user will be prompted to provide an Asset ID to which the Windows PC will be renamed. Subsequently, the Windows PC needs to be restarted for these changes to occur.

Windows PowerShell is an immensely powerful tool and can be used for both good and evil, however we are going to focus on an Information Assurance application of PowerShell to verify a downloaded file from the Internet.

Why would we do this? So we can be sure that the file has maintained it's integrity from the source to your computer system. This allows us to check if the file has been tampered with along the way, or malicious replaced at the trusted vendor.

Subcategories