Skip to content

4. Usage

Jump to bottom
Humoud edited this page Jun 3, 2023 · 6 revisions

Requirements

Windows

Both VirtualBox and VMWare Workstation are supported.

For VMWare Workstation:

MacOS

Only VirtualBox is supported on macOS. Vagrant mentioned the following issue with VMware Fusion:

"Starting with the Big Sur release VMware Fusion is no longer able to create network devices with custom subnet and mask settings to attach to guests. This means custom IP addresses are not valid when creating a private network."

Ubuntu Linux

Both VirtualBox and VMWare Workstation are supported.

For VMWare Workstation:

  • Install Vagrant vmware Utility
  • Install vagrant plugin: vagrant-vmware-desktop
    • vagrant plugin install vagrant-vmware-desktop
  • Install reload provisioner:
    • vagrant plugin install vagrant-reload
  • Install netstat:
    • sudo apt install net-tools

Known issues and solutions:

vmnet and vmmon issues and solution: vmware post

For Virtualbox:

  • see top paragraph

Installation

First, clone the repo or download it.

git clone https://github.com/Humoud/BackBag-Lab-VM.git
cd BackBag-Lab-VM

Now, you are expected to do the following:

  1. Select which VMs you work to create
  2. Select the configuration for those VMs
  3. Select which tools those VMs should have

Spin Up Only The Windows Analyst VM

When you don't need to the whole lab, you can only download and provision a single specific VM.

Set config variable AD_DOMAIN under the "WIN01 Config" section in the Vagrantfile to 0, like so:

# WIN01 Config
###
# Join WIN01 to domain
AD_DOMAIN = 0

Spin up the VM:

vagrant up win01 --provider=vmware_desktop or vagrant up win01 --provider=virtualbox depending on what provider you are using.

If you find yourself only using this VM, you can change the config at the top of the Vagrantfile to disable other VMs:

NIX01    = false
WINSRV01 = false
WINSRV02 = false
WIN01    = true

This makes life easier ☕ when running vagrant commands as you dont need to specify the VM name:

vagrant up --provider=vmware_desktop or vagrant up --provider=virtualbox

vagrant halt
vagrant destroy
vagrant rdp
# etc etc

Of course, this can be applied to all other VMs and you can enable\disable more than one VM.

Spin Up The Whole Lab

Lab VM Selection

At the very top of the Vagrantfile file, make sure that all vm name variables are set to true:

NIX01    = true
WINSRV01 = true
WINSRV02 = true
WIN01    = true

Those variables will affect the vagrant up --provider=vmware_desktop command which spins up the lab, one VM at a time.

Note that based on your internet connection, these the command might take a long time to finish on the first run. This is because Vagrant boxes will be downloaded.

To speed up the provisioning process, you can provision WINSRV01 and NIX01 in parallel. Once WINSRV01 is done, you can proceed with provisioning WINSRV02.

VMWare:

# In parallel
vagrant up winsrv01 --provider=vmware_desktop
vagrant up nix01 --provider=vmware_desktop
# Once winsrv01 is done, run the below in parallel
vagrant up winsrv02 --provider=vmware_desktop
vagrant up win01 --provider=vmware_desktop

Virtualbox:

# In parallel
vagrant up winsrv01 --provider=virtualbox
vagrant up nix01 --provider=virtualbox
# Once winsrv01 is done, run the below in parallel
vagrant up winsrv02 --provider=virtualbox
vagrant up win01 --provider=virtualbox

More Examples

For more setup ideas checkout the examples:

Important Note!!!!!

Note that on the Windows machines, 2 shared folders, scripts and resources are mounted onto the VMs at c:\vagrant\ to allow for provisioning. To disable it, set variable MOUNT to false in the Vagrantfile. Note that the vagrant default behavior of mounting a shared folder is disabled in this project more on the default behavior here: https://www.vagrantup.com/docs/synced-folders

I disabled the default behavior and went with explicitly mounting the two needed folders because I faced numerous issues during provisioning when relying on it.

Clone this wiki locally