Please read the entire README thoroughly before modifying anything on this computer.
You will receive points for answering any "Forensics Questions" on your Desktop correctly. Valid (scored) "Forensics Questions" will only be located directly on your Desktop. We highly recommend reading all "Forensics Questions" thoroughly before doing anything to this computer, because you could destroy information necessary for answering the forensics question.
The Roos have decided to set up a server for them to host their miscellaneous projects. Although they have not come up with any use for their server yet, they wish to set up remote desktop so that all the Roos of the Roo family can use the server. However, they heard of all the recent events with people and governments getting hacked, so they asked you, an honorable CTF player, to secure their system for them. Good that they asked, because little did they know, last night the evil rooReaper hacked into their server and may have planted some backdoors. Please help to secure their server and get rid of any bad stuff rooReaper did!
In this image, you will be scored based on how many security misconfigurations and vulnerabilities in the image that you can mitigate. You will recieve the flag upon reaching 90 points. At that time the flag will show up on your "Scoring Report," which contains information about the vulnerabilities you have fixed and your progress in the image. This is located on your Desktop as a shortcut.
Please keep the print spooler service running. The Roos need it to print their important documents!
Because the Roos like the olden days, they use Internet Explorer as their primary browser. Please keep it as secure as you can, because they don't want to get hacked because they used an insecure browser.
roocursion just came back from vacation. Please create an account called roocursion with administrator access, please.
Please enable as many preventative measures against exploits as you can, the last thing the Roos want is someone to AAAAAAAAAAAAAAAAAAAAA their system away.
Do not use Windows Update on the image. As I said, the Roos LOVE retro style, so they will NOT tolerate any updates, even security updates.
Windows defender is the only authorized antivirus on this server. Please do not install any other antivirus software.
Rename the built-in Administrator account to rooFirepwny. Security by obscurity FTW!
Do not stop the "Non-sucking service manager" process, as this runs the scoring engine.
Please do NOT disable SMB, although the image hints at this. Doing so may cause the image to remove points from you.