Tags: powershell writeup windows

Rating: 5.0

TL;DR ANSWER: Get-LocalUser | Set-LocalUser -Password (ConvertTo-SecureString "ThisIsYourPassword123" -AsPlainText -Force)

-----

### COMMANDS INFO:

There are a few ways to solve this challenge. The most important thing to know is that you will have to use powershell for this challenge.

There are things, in Powershell, called cmdlets (or "commandlets"). We will be using three cmdlets for this challenge:

- *Set-LocalUser* modifies specific properties of local user account.

- *Get-LocalUser* gets all the local accounts and their names.

ConvertTo-SecureString : [https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertto-securestring?view=powershell-7.2](http://)

- *ConvertTo-SecureString* converts plain text or encrypted strings to secure strings.

-----

# STEP BY STEP

PART 1:

The script to change all the users password starts off with the command: Get-LocalUser

The output of this commands looks like this:

COMMAND COMPLETION:

Get-LocalUser

-----

PART 2:

After Get-LocalUser, there is the thing called the pipe symbol which symbolizes the pipeline.
The pipeline is really powerful.

According to Microsoft, A pipeline is a series of commands connected by pipeline operators (|) (ASCII 124). Each pipeline operator sends the results of the preceding command to the next command.

The output of the first command can be sent for processing as input to the second command. And that output can be sent to yet another command. The result is a complex command chain or pipeline that is composed of a series of simple commands.

COMMAND COMPLETION:

Get-LocalUser |

-----

PART 3:

After the pipeline part of this command is the cmdlet Set-LocalUser. Set-LocalUser modifies specific properties of local user account. In this case, the Set-LocalUser cmdlet is going to modify a certain property such as the password in all the accounts since the Get-LocalUser cmdlet **didn't** specify a user. For example: Get-LocalUser -Name User. The following part of the command will be the start of setting all the passwords for every single user account like the challenge goal says.

COMMAND COMPLETION:

Get-LocalUser | Set-LocalUser -Password

-----

PART 4:

The last of of this script/command will be the convert the password into encrypted text so all the user accounts' passwords can be set.
We are going to start this off with a **open bracket parenthesis** followed by the cmdlet ConvertTo-SecureString and the password of your choice in **double quotes**. The ConvertTo-SecureString command converts a plaintext string to system-encrypted string so the -Password parameter can set it. After the password of your choice is in double quotes, you are going to add the -AsPlainText and -Force parameters after the password. The -AsPlainText parameter converts the secure string (encrypted) password to plain text and the -Force command forces the event. After all this, end the command with a **close parenthesis**.

COMMAND COMPLETION:

Get-LocalUser | Set-LocalUser -Password (ConvertTo-SecureString "ThisIsYourPassword123" -AsPlainText -Force)

-----

## END COMMAND:

### Get-LocalUser | Set-LocalUser -Password (ConvertTo-SecureString "ThisIsYourPassword123" -AsPlainText -Force)