Posts

Posted on

Bypass Windows 11 Internet Connection Requirement

To install Windows 11 (version 22H2 or 21H2) without an internet connection, use these steps:

  1. Start the PC with the Windows 11 USB flash drive.
  2. Press any key to continue.
  3. Click the Next button.
  4. Click the Install now button.
  5. lick the “I don’t have a product key” option if you are doing a reinstallation. If the Windows 11 installation were previously activated after the installation, reactivation would happen automatically.
  6. Select the edition of “Windows 11” that your license key activates (if applicable).
  7. Check the “I accept the license terms” option.
  8. Click the Next button.
  9. Select the “Custom: Install Windows only (advanced)” option.
  10. Select each partition in the hard drive you want to install Windows 11 and click the Delete button. (Usually, the “Drive 0” is the drive that contains all the installation files.)
    Note: It is recommended to delete ALL partitions on drive 0 and let Windows re-partition your system for you.
  11. Select the hard drive (Drive 0 Unallocated Space) to install Windows 11
  12. Click the Next button.
  13. Select your region setting after the installation on the first page of the out-of-the-box experience (OOBE).
  14. Click the Yes button.
  15. Select your keyboard layout setting.
  16. Click the Yes button.
  17. Click the Skip button if you do not need to configure a second layout.
  18. On the “Oops, you’ve lost internet connection” or “Let’s connect you to a network” page, use the “Shift + F10” keyboard shortcut.
  19. In Command Prompt, type the OOBE\BYPASSNRO command to bypass network requirements on Windows 11 and press Enter.
  20. The computer will restart automatically, and the out-of-box experience (OOBE) will start again.
  21. Click the “I don’t have internet” option.
  22. Click the “Continue with limited setup” option.
  23. Click the Accept button (if applicable).
  24. Continue your Windows 11 installation normally.
Posted on

Security Podcasts

To stay on top of the ever changing security landscape I listen to security focused podcasts during my commute into and out of the office. Not only does this keep my knowledge fresh it also gives me insight into bleeding edge information, events and other information I can share as part of my consulting and training.

Here is a list of podcasts I follow:

Cyberwire: https://thecyberwire.com/podcasts
Security Now: https://twit.tv/shows/security-now
Darknet Diaries: https://darknetdiaries.com/
Risky Biz: https://risky.biz/
Paul’s Security Weekly: https://securityweekly.com
SANS Stormcast: https://isc.sans.edu/podcast.html

Can you recommend any others?

Posted on

OpenSSL – List Trusted Certificate Authorities

Unlike Microsoft Windows, which provides the Trusted Root Certification Authorities Certificate Store, Redhat and CentOS distributions do not provide a “straight forward” way in which to quickly check if a Certificate Authority is included into the Certificate Authority Bundle (CA Bundle).

During a recent project engagement I came across a simple CLI command which can be used to parse the CA bundle and list all of the CA’s included:

[m@srv /home/user]# awk -v cmd='openssl x509 -noout -subject' '
    /BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-bundle.crt

Alternatively the same command can be ran, piped through grep to identify a specific CA, for example “Entrust” – 

[m@srv /home/user]# awk -v cmd='openssl x509 -noout -subject' '
    /BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-bundle.crt | grep Entrust

Whilst not complicated, this simple syntax saves a substantial amount of time manually searching CA bundles with a text editor.

Posted on

Angry IP Scanner – Fast Network Scanner

Angry IP scanner is a very easy to use, fast network scanner – basically a cross-platform IP address and port scanner. It can scan IP addresses in any range as well as any their ports, it’s also very lightweight and doesn’t require any installation, it can be freely copied and used anywhere.

 

Angry IP scanner simply pings each IP address to check if it’s alive, then optionally it is resolving its hostname, determines the MAC address, scans ports, etc. The amount of gathered data about each host can be extended with plugins.

How it Works

Angry IP Scanner implements several different methods of detecting alive hosts (pinging).

As a rule, if hosts don’t respond to pings, they are considered dead and therefore not scanned further. This behaviour can be changed in the Preferences dialogue -> Scanning tab. In the same place, you can also select the pinging method:

  • ICMP Echo pinging – This is the same method used by the ping program.
  • ICMP.DLL pinging – This is Windows-only pinging method to compensate for the absence of Raw Sockets.
  • UDP packet pinging – This pinging method is preferred when you don’t have administrative privileges.
  • TCP port probe – This method tries to connect to some TCP port that is unlikely to be filtered (e.g. 80).

Features

  • Very fast (multi-threaded)
  • Scan IP addresses in any range
  • Scan for open ports
  • Cross-platform
  • Portable (doesn’t require installation)
  • Hostname Resolution
  • MAC address capture
  • NetBIOS information gathering
  • Computer Name
  • WorkGroup Name
  • Logged in User
  • Favourite IP ranges
  • Web Server detection
  • Customizable openers
  • Scanning results in:
  • CSV
  • TXT
  • XML
  • IP-Port List

You can download Angry IP Scanner here:

Or read more here.

Posted on

Getting a Folder Tree Size with PowerShell

PowerShell is a Windows System Admins swiss army knife and there seems to be no limit to the things you can accomplish with it!

It is particularly easy to get the size of a set of folders (e.g. folders within a folder tree) using PowerShell. This is accomplished by getting the total contents size of each directory recursively to an output

Example:

$colItems = Get-ChildItem $startFolder | Where-Object {$_.PSIsContainer -eq $true} | Sort-Object
foreach ($i in $colItems)
{
    $subFolderItems = Get-ChildItem $i.FullName -recurse -force | Where-Object {$_.PSIsContainer -eq $false} | Measure-Object -property Length -sum | Select-Object Sum
    $i.FullName + " -- " + "{0:N2}" -f ($subFolderItems.sum / 1MB) + " MB"
}

Note: This will not include results for any items whic you don’t have read access to.