From a7ceadc6cf1a4a74c8ab62eb7ac6cfcaa1cce609 Mon Sep 17 00:00:00 2001
From: John Hammond <johnhammond010@gmail.com>
Date: Fri, 27 May 2022 23:43:24 -0700
Subject: [PATCH] Updated Active Directory generator code to create local admin
 accounts on the Domain Controller

---
 code/gen_ad.ps1        | 61 +++++++++++++++++++++++++++++++++---------
 code/random_domain.ps1 | 40 +++++++++++++++++++++++----
 2 files changed, 84 insertions(+), 17 deletions(-)

diff --git a/code/gen_ad.ps1 b/code/gen_ad.ps1
index a52ac78..585cc72 100644
--- a/code/gen_ad.ps1
+++ b/code/gen_ad.ps1
@@ -1,4 +1,7 @@
-param( [Parameter(Mandatory=$true)] $JSONFile )
+param( 
+    [Parameter(Mandatory=$true)] $JSONFile,
+    [switch]$Undo
+ )
 
 function CreateADGroup(){
     param( [Parameter(Mandatory=$true)] $groupObject )
@@ -42,25 +45,59 @@ function CreateADUser(){
             Write-Warning "User $name NOT added to group $group_name because it does not exist"
         }
     }
+    
+    # Add to local admin as needed
+    if ( $userObject.local_admin -eq $True){
+        net localgroup administrators $Global:Domain\$username /add
+    }
+
+}
+
+function RemoveADUser(){
+    param( [Parameter(Mandatory=$true)] $userObject )
+
+    $name = $userObject.name
+    $firstname, $lastname = $name.Split(" ")
+    $username = ($firstname[0] + $lastname).ToLower()
+    $samAccountName = $username
+    Remove-ADUser -Identity $samAccountName -Confirm:$False
 }
 
 function WeakenPasswordPolicy(){
     secedit /export /cfg C:\Windows\Tasks\secpol.cfg
-    (Get-Content C:\Windows\Tasks\secpol.cfg).replace("PasswordComplexity = 1", "PasswordComplexity = 0") | Out-File C:\Windows\Tasks\secpol.cfg
+    (Get-Content C:\Windows\Tasks\secpol.cfg).replace("PasswordComplexity = 1", "PasswordComplexity = 0").replace("MinimumPasswordLength = 7", "MinimumPasswordLength = 1") | Out-File C:\Windows\Tasks\secpol.cfg
     secedit /configure /db c:\windows\security\local.sdb /cfg C:\Windows\Tasks\secpol.cfg /areas SECURITYPOLICY
     rm -force C:\Windows\Tasks\secpol.cfg -confirm:$false
 }
 
-WeakenPasswordPolicy
-
-$json = ( Get-Content $JSONFile | ConvertFrom-JSON)
-
-$Global:Domain = $json.domain
-
-foreach ( $group in $json.groups ){
-    CreateADGroup $group
+function StrengthenPasswordPolicy(){
+    secedit /export /cfg C:\Windows\Tasks\secpol.cfg
+    (Get-Content C:\Windows\Tasks\secpol.cfg).replace("PasswordComplexity = 0", "PasswordComplexity = 1").replace("MinimumPasswordLength = 1", "MinimumPasswordLength = 7") | Out-File C:\Windows\Tasks\secpol.cfg
+    secedit /configure /db c:\windows\security\local.sdb /cfg C:\Windows\Tasks\secpol.cfg /areas SECURITYPOLICY
+    rm -force C:\Windows\Tasks\secpol.cfg -confirm:$false
 }
 
-foreach ( $user in $json.users ){
-    CreateADUser $user
+
+$json = ( Get-Content $JSONFile | ConvertFrom-JSON)
+$Global:Domain = $json.domain
+
+if ( -not $Undo) {
+    WeakenPasswordPolicy
+
+    foreach ( $group in $json.groups ){
+        CreateADGroup $group
+    }
+    
+    foreach ( $user in $json.users ){
+        CreateADUser $user
+    }
+}else{
+    StrengthenPasswordPolicy
+
+    foreach ( $user in $json.users ){
+        RemoveADUser $user
+    }
+    foreach ( $group in $json.groups ){
+        RemoveADGroup $group
+    }
 }
\ No newline at end of file
diff --git a/code/random_domain.ps1 b/code/random_domain.ps1
index 61d20a5..3418cb8 100644
--- a/code/random_domain.ps1
+++ b/code/random_domain.ps1
@@ -1,4 +1,10 @@
-param( [Parameter(Mandatory=$true)] $OutputJSONFile )
+param( 
+    [Parameter(Mandatory=$true)] $OutputJSONFile,
+    [int]$UserCount,
+    [int]$GroupCount,
+    [int]$LocalAdminCount
+ )
+
 
 $group_names = [System.Collections.ArrayList](Get-Content "data/group_names.txt")
 $first_names = [System.Collections.ArrayList](Get-Content "data/first_names.txt")
@@ -8,16 +14,34 @@ $passwords = [System.Collections.ArrayList](Get-Content "data/passwords.txt")
 $groups = @()
 $users = @()
 
-$num_groups = 10
-for ( $i = 0; $i -lt $num_groups; $i++ ){
+# Default UserCount set to 5 (if not set)
+if ( $UserCount -eq 0 ){
+    $UserCount = 5
+}
+
+# Default GroupCount set to 5 (if not set)
+if ( $GroupCount -eq 0 ){
+    $GroupCount = 1
+}
+
+if ( $LocalAdminCount -ne 0){
+    $local_admin_indexes = @()
+    while (($local_admin_indexes | Measure-Object ).Count -lt $LocalAdminCount){
+        
+        $random_index = (Get-Random -InputObject (1..($UserCount)) | Where-Object { $local_admin_indexes -notcontains $_ } )
+        $local_admin_indexes += @( $random_index )
+        echo "adding $random_index to local_admin_indexes $local_admin_indexes"
+    }
+}
+
+for ( $i = 1; $i -le $GroupCount; $i++ ){
     $group_name = (Get-Random -InputObject $group_names)
     $group = @{ "name" = "$group_name" }
     $groups += $group
     $group_names.Remove($group_name)
 }
 
-$num_users = 100
-for ( $i = 0; $i -lt $num_users; $i++ ){
+for ( $i = 1; $i -le $UserCount; $i++ ){
     $first_name = (Get-Random -InputObject $first_names)
     $last_name = (Get-Random -InputObject $last_names)
     $password = (Get-Random -InputObject $passwords)
@@ -27,6 +51,12 @@ for ( $i = 0; $i -lt $num_users; $i++ ){
         "password"="$password"
         "groups" = (Get-Random -InputObject $groups).name
         }
+
+    if ( $local_admin_indexes | Where { $_ -eq $i  } ){
+        echo "user $i is local admin"
+        $new_user["local_admin"] = $true
+    }
+
     $users += $new_user
 
     $first_names.Remove($first_name)