PowerShell framework for managing and infecting systems via Windows Desired State Configuration (DSC) DSC is a built-in feature in Windows Management Framework 4.0 (PowerShell v4) and is installed natively on Windows operating systems beginning with Server 2012 R2 and Windows 8.1.
- Must have PowerShell 4.0 or later installed
- Install DSC service
Add-WindowsFeature Dsc-Service -IncludeManagementTools
- This will only work on Server 2012 R2 or later
- See link for steps to go through the pain of installing on Server 2008
- Download xPSDesiredStateConfiguration Module
- Unzip the contentsto $env:ProgramFiles\WindowsPowerShell\Modules and relaunch PS
- To confirm installation run
Get-DSCResource
and confirm the following modules are present:- xDscWebService
- xWindowsProcess
- xService
- xRemoteFile
- xPackage
- xGroup
- xFileUpload
- Verify winrm is running with command
winrm quickconfig
- Run
Configure-Server
function fromConfigure-Server.psm1
- On server run generate varaibles as
Configure-Payload
orConfigure-User
objects - Run
Generate-Config
. The output of this function is a GUID - Save GUID for victim configuration
- Save Pull Server Address for victime configuration
- On victim run import
Configure-Victim.ps1
and run `Configure-Victim - Provide GUID and Remote Address as arguments
- If you get the error
Invoke-CimMethod : The SendConfigurationApply function did not succeed.
when attempting to run a very short-lived process (e.g. a console app that requires arguments that have been omitted, thereby terminating immediately), it may be due to the OS mis-interpreting that the configuration failed. The process still executed.