I feel it necessary to "defend" what is being done here in a way. It is being replied to as if it defies security, or is some sort of exploit. It is not. NET USER <username> * allows a password to be changed. It doesn't just allow you to change any password willy-nilly- one must have appropriate privileges. On a school network, for example, the user doing so will require domain administrator privileges. Given the context they have provided, it makes sense that they would have these privileges within the virtual images.
By the time this command is of any use for defeating security, that security is already defeated- as Raymond Chen would say, "You're already on the other side of the airtight hatchway".
All that said- I have no idea what the OP is asking for. If you want to deal with multiple accounts, just run the batch file multiple times. (perhaps in a second batch file)