Physical Access Windows

This lab was orginally done with VMWare Workstation. I am using VirtualBox instead so the steps may vary.

Windows Virtual Machine Creation

• Download Windows VM (This may take a while)

• Open VirtualBox

• Import Windows VM (it should auto-import if you click on the image file.)

• Change the guest OS type to 64 bit (my system was having issues with 32 bit one)

Live CD/USB

• Download Kali Live Boot (https://www.kali.org/get-kali/#kali-live)

• Go to your window VM settings --> storage

• Click on Optical Drive in the bottom right

• Attach your kali linux ISO

• Save the setting

• Start your Windows machine, and it should automatically boot Kali!

  • Make sure to boot the top option on the Kali menu when it pops up

• If you configured your VMs correctly, you should be able to see the Windows hard disk on the Kali VM!

Mounting Windows Disk on Kali

• Use the sudo fdisk -l command to list disks in Kali

• Identify which disk is your Windows disk; in my case, it's /dev/sda2

• Create a directory in the Desktop directory for your disk

  • I created a directory called DiskMount

• Mount your disk to the directory you made

• When I tried to mount the disk, it was saying that it had already been mounted, so I ran the following commands:

  • sudo ntfsfix /dev/sda2 to fix the disk if its corrupt

  • sudo mount to get the directory that the disk was mounted in

  • sudo umount /media/kali/######## to unmount the disk from where it was currently (see below for actual numbers)

• After doing these commands, I was able to then mount my disk to the folder I wanted it to be in using the following command:

  • sudo mount /dev/sda2 $(pwd)/DiskMount

• Once you have mounted your disk, go to the Windows32 directory like below:

Changing CMD.exe

• Change Utilman.exe to another name so we don't loose the file (I did PhysicalAccessLab.exe).

• Move cmd.exe to be called Utilman.exe

Utilizing Corrupt Files

• Shut down the VM and start it as a regular Windows VM

• Type in, Utilman.exe in the search bar and you should see the command line pop up!

Add Users

Add a new user named Kali

Add the new user to the administrators group

Restart your machine, and you should see the Kali user!

Restore Cmd.exe and Utilman.exe

As an ethical hacker, it is best practice to restore anything you have broken. We are going to go back and restore cmd.exe and utilman.exe back to the way they were.

• mv Utilman.exe cmd.exe

• mv PhysicalAccessLab.exe Utilman.exe