PowerShell CryptoStudio v2.1.0.2 Released. "A PKI in Your Pocket"

PowerShell CryptoStudio v 2.1.0.2 Released. Creates a two tier PKI to create certificates for your servers

Whats new in 2.1.x

• Redesigned as a proper module, retaining 100% compatibility with previous versions
• No longer have to specify a Subject Alternate Name (SAN) however the Subject Name (commonName) is added to the SAN as per RFC 2818 (https://tools.ietf.org/html/rfc2818) (https://www.chromestatus.com/features/4981025180483584)
• Option added to install certificates locally
• Add ability to uninstall CryptoStudio

Functions within module

• New-RootSubCa- Installs CryptoStudio's two tier PKI. Required before certificates can be issued
• New-HostCert- Creates new certificates. All certificates are stored in $env:USERPROFILE\Documents\MyCerts
• **New** Remove-RootSubCa- Uninstalls PS-CryptoStudio by removing the Root and SubCa certificates. While this does not remove any certificates created by PS-CryptoStudio, trust will be an issue unless you have backups of the Root and SubCa certificates (As in ActiveDirectory)
• **New** Get-CertInfo- Gets certificate information from a pfx file. Returns Subject Name, SAN, Signature Hash Algorithm, Keysize and Issuer. Returns false on all errors

Usage
New-RootSubCa- Requires three manadatory parameters

• RootKeyLength- Accepts values of 1, 2, 4, 8, 16 (to be multiplied by 1024)
• SubCa01KeyLength-Accepts values of 1, 2, 4, 8, 16 (to be multiplied by 1024)
• SubCa02KeyLength. Accepts values of 1, 2, 4, 8, 16 (to be multiplied by 1024).
• Example- New-RootSubCa -RootKeyLength 4 -SubCA01KeyLength 4 -SubCA02KeyLength 4

New-HostCert-Accepts five parameters, three being mandatory.

• HostName (Mandatory) specifies the subject name for the certificate. This is also added to the SAN list
• FullDNSName (Optional) the list of hosts to be added to the SAN list. Should be FQDN
• FriendlyName (Mandatory) A simple common name for the certificate. Not tied to SAN or Subject name.
• HostKeylength (Mandatory) The key length of the certificate accepts values of 1, 2, 4, 8, 16 (to be multiplied by 1024)
• InstallCertLocal(Optional) Installs certificate in the Cert:\LocalMachine\My store (LocalMachine-Personal)
• Example-New-HostCert -HostName "myhost.com" -FullDNSName "vpn.myhost.com", "mail.myhost.com", "remote.myhost.com" -FriendlyName "My Test Cert" -HostkeyLength 4

Remove-RootSubCa- Requires no parameters.Removes the RootCa and SubCa certificates without warning. use with caution. Example Remove-RootSubCa

Get-CertInfo requires a single mandatory parameter

• FilePath- the location and name of the certificate .
• Example "C:\Users\User-01\Documents\MyCerts\Private\MyCert.Pfx"

To do

• Add support for modern ECC (Elliptic Curve Cryptography)
• Add support for symmetric cryptography (100 % done, need to incorporate with PS-CryptoStudio)
• Add support for Let's Encrypt auto-renew (75% done, need to re-write IIS handlers)

 

Available at the PowerShell Gallery-

https://www.powershellgallery.com/packages/PS-CryptoStudio/2.1.0.2

Stellar Exchange Toolkit Overview

If you have worked long enough in IT you will have already had that dreaded call. Users are reporting that they can't access something. Very few incidents however are worse then the dreaded 'Our email is down' especially when it is through out the organization.

It is absolutely critical for anyone who works with email to be able to a recovery in any situation. When working with Microsoft Exchange Server, unfortunately the tools from Microsoft leave a lot to be desired with a OST converter unavailable and dumping the email database to PST files requiring a functional Exchange Server (sort of defeats the purpose if the server is down and you need access to the emails). With this in mind I will be doing a comprehensive review of the Stellar Phoenix Exchange Toolkit.

Lab Setup

For the purpose of this review, I have setup a lab as following:
A domain controller with the following

• Intel i5 2400 3.1 Ghz
• 16 GB RAM
• 2 1TB Samsung 860 EVO SSD in RAID 1 configuration
• Windows Server 2016 Standard Server Core-Configured as DC

A Exchange Server with the following

•  Intel Xeon E5-2430 @ 2.20 GHZ (2 Proccessors)
• 32 GB RAM
• 4 600 GB SAS Drives configured as RAID 10
• Windows Server 2016 Standard With Desktop Experience
• Exchange Server 2016 Standard

Two  Workstations with the following

• Intel i5 2400 3.1 Ghz
• 16 GB RAM
• 512 GB Samsung 860 EVO SSD
• Windows 10 Enterprise (x64)
• Office 2016 (x86)

***Note, all computers configured are physical machines. Virtualization has not been used in this lab.

 A standard Exchange Server install has been done. 100 users and mailboxes were created with the Create-TestUsers PowerShell script. I have also used Paul Cunningham's Start-MailGen PowerShell script for 7 days to create a massive amount of mail flow.

Stellar Exchange Toolkit

Part One-Overview

 The Stellar Exchange Toolkit consists of five different programs

1. Stellar Phoenix Mailbox Exchange Recovery 
2. Stellar Mailbox Extractor for Exchange Server
3. Stellar OST to PST Converter
4. Stellar Mailbox Extractor for Exchange Backup
5. Stellar Phoenix Password Recovery for Microsoft Exchange.

Stellar Phoenix Mailbox Exchange Recovery

Stellar Phoenix Mailbox Exchange Recovery can recover corrupted  EDB files and restore the data  including emails, attachments, contacts, calendars, tasks  and journals.
Stellar Phoenix Mailbox Exchange Recovery can also recover email and attachments from corrupt EDB files and save them as PST, MSG, EML, HTML, RTF and PDF format.

One of the interesting things about Stellar Phoenix Mailbox Exchange Recovery is that it supports all versions of Exchange Server, back to 5.5 days! (That's March 1997, back in the Windows 95 days!)

Stellar Mailbox Extractor for Exchange Server

Stellar Mailbox Extractor for Exchange Server is similar to Stellar Phoenix Mailbox Exchange Recovery as it converts mailboxes from Microsoft Exchange database files into  PST  files.  Stellar Mailbox Extractor also works with both online and offline Exchange databases (EDB). Previewing the mailboxes is also available.

As well, Stellar Mailbox Extractor also supports all versions of Exchange Server, back to 5.5

Stellar OST to PST Converter

Stellar OST to PST Converter converts OST files to PST files as well as DBX and MBOX format (and MSG, EML, RTF, PDF, HTML) , plus many other formats. It is important to note that the folder structure of the original OST file is preserved with this program when converting to PST

Stellar Mailbox Extractor for Exchange Backup

Stellar Mailbox Extractor for Exchange Backup will extract mailboxes from Exchange databases . Where this version differs from the other two extractors is that this one can access the mailboxes directly from a VHDx or BKF files. This can be really handy as you don't have to restore the backups first.

Stellar Phoenix Password Recovery for Microsoft Exchange.

While Stellar Phoenix Password Recovery for Microsoft Exchange is branded as an Exchange product, it is more for Windows Servers in general than Exchange servers. What Stellar Phoenix Password Recovery does is reset passwords on servers. It can reset passwords on domain controllers as well as member servers.

The Manual

This where things get interesting, the manual itself is fully illustrated. All five programs are independently documented here. One thing to note is that the documentation does not refer to itself, that is you don't need to know how one program works in order to use another one. This is actually very good, I wish more companies would use this approach.

Creating a Bootable Windows 10 Install USB Disk With DiskPart

Of all the deployment options available, I think that the DVD option is by far the least desirable. These discs are prone to issues from dust, fingerprints and scratches. I have had many times bad installs from Windows XP as it nears completion only to ended with errors to a bad disk.

With the introduction of Windows Vista, Microsoft changed the way Windows installs and makes it easy to create a bootable USB which will avoid all the issues with optical media.

In this tutorial I will show you how to create a bootable USB drive using nothing but Windows built in utilities-Including DiskPart.

What you will need is a Windows 10 machine, Windows 10 ISO and a USB drive- 8GB or bigger is good.

CAUTION-ALL DATA ON USB DRIVE WILL BE DESTROYED!

The first thing you want to do is open an elevated command prompt by hitting the start button and typing CMD, right clicking on it and selecting run as administrator. From here type in DiskPart to enter the DiskPart utility.

The next thing you want to do is get a list of all drives connected to the computer. This is done by the command List Disk

You need to select the USB Disk to use, in this example it is obvious what the disk number is. It is also a good idea to unplug any drives that are plugged into the computer to avoid any chance of selecting the wrong disk.

For this example, I will Select Disk 1 and continue.

I always list disk again, to verify the correct disk has been selected. Here you can see the asterisk besides the selected disk.

 Next, we need to wipe the disk clean, deleting all data. This is done with the Clean command

 

After this is done, we need to create partition. For this I almost always use the entire space available on the USB drive. This is done with Create Partition Primary

Next, we need to format the USB drive. This is done with the format command. The usage of it is Format FS=NTFS Quick Label=”Windows10_x64_Pro”. The syntax is straight forward. We are formatting the USB drive with the NTFS file format quick with a label of Windows10_x64_Pro.

Some might say it is better to format with the Fat32 file system, however I have been using this method for around 10 years or so and have never had an issue with NTFS. You can use Fat32, I prefer to use NTFS.

Now for the last part, the most important step. I have seen people forget this step and wonder why the computer will not boot from the USB drive. In this step we must tell Windows to set the USB drive as active. This is done by simply typing Active

After this is done, Windows should have assigned a drive letter to the USB Drive automatically. This can checked by opening Windows Explorer and verifying the USB drive is present. If it is not you can assign a letter to the USB drive by using this command Assign letter=x Where x is any free drive letter.

After this is done, you can type exit and or close the Command Prompt window.

Now we need to copy the contents of the Windows 10 ISO to the USB drive. To start, double click on the Windows 10 ISO file as this will open and mount the ISO to a drive letter.

All that is left to do is select all the files and copy them to the USB Drive. Once this is done you will have a bootable Windows 10 USB drive ready to go.