- Download a free Windows 10 Virtual Machine.
- Boot the machine and log in as IEUser.
- Launch PowerShell (Desktop App) as Administrator, execute the "Windows_Breakout_PrivEsc_Setup_v1.2.ps1" script and wait for the machine to reboot!
- Extract the "DefCon-Tools.zip" archive in "C:\DefCon-Tools".
- It is important that the Microsoft VM is used as part of the lab relies on AppLocker which is only available in Windows Professional & Enterprise.
- All user account have their password set to "123" for convenience.
- Both "restricted1" and "kiosk2" have startup scripts which will log the user out after authenticating for the first time. Be patient, allow this to complete!