A PowerShell script to automate enabling Remote Desktop, creating a local administrator user, and configuring firewall rules for RDP access. This script simplifies the process, especially in environments like Evil-WinRM sessions where executing certain commands can be challenging. Once we have enable RDP , open the required port and added the "pwn" user, we can enjoy the full Windows GUI and run commands freely.
- Creates a Local Admin User: Automatically creates a user named
pwnedwith a predefined password. - Adds to Administrators Group: Ensures the user is added to the Administrators group.
- Enables Remote Desktop: Modifies the registry to enable RDP access on the target machine.
- Configures RDP Firewall Rules: Creates a firewall rule to allow RDP traffic on port 3389.
- Error Handling: Skips actions if they’ve already been completed (e.g., user exists, firewall rule exists).
- PowerShell: The script is designed to run in a PowerShell environment.
- Administrative Privileges: Ensure the session has the required privileges to execute the commands.
- Predefined Password: The script uses the password
YourSecurePassword123for thepwneduser.
Clone the repository or download the script directly:
git clone https://github.com/Y3llowDuck/RDP-Automation.gitSet-ExecutionPolicy Bypass -Scope CurrentUser -Force
Get-ExecutionPolicy -Scope CurrentUserHere’s an example of what running the script looks like:
