Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@mrgrumpymonkey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mrgrumpymonkey</span></a></span> depends...</p><ul><li>We've already seen shit that cracked <a href="https://infosec.space/tags/Windowy8Bing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windowy8Bing</span></a>, <a href="https://infosec.space/tags/Windows10S" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows10S</span></a> and <a href="https://infosec.space/tags/Windows11Home" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows11Home</span></a> wide open with <a href="https://infosec.space/tags/Adware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Adware</span></a> that also disables <a href="https://infosec.space/tags/WindowsDefender" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WindowsDefender</span></a>.</li></ul><p>Next logical step is some <a href="https://infosec.space/tags/PowerShell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PowerShell</span></a> script that downloads a <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> distro image, repartition the system drive, add some unallocated space at the end, put a <a href="https://infosec.space/tags/CloudInit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudInit</span></a> config in it and then do an <a href="https://infosec.space/tags/UnattendedInstall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UnattendedInstall</span></a> of said system with <code>bcd</code> by calling up <a href="https://infosec.space/tags/bcdedit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bcdedit</span></a> to <a href="https://infosec.space/tags/chainload" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>chainload</span></a> said partition.</p><ul><li>I jist have neither the time nor spoons to do that shit myself, but in theory a <a href="https://infosec.space/tags/NetInstaller" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetInstaller</span></a> image of ~ 100MB should suffice...</li></ul>
Recent searches
No recent searches
Search options
Only available when logged in.
ioc.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
INDICATORS OF COMPROMISE (IOC)
InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.
Administered by:
Server stats:
1.3Kactive users
ioc.exchange: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#windows11home
0 posts · 0 participants · 0 posts today
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload