[TOC]
-
First , you need to install vagrant and virtual box. You can do it manually from the following links.
or automatically via chocolatey. Run the following command with admin privilege.
@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin" && choco install -y vagrant & choco install -y virtualbox
shutdown -r -t 00
- The folder named "LAB" is our vagrant project folder and has some files and folders.
- The Vagrantfile is a Ruby file used to configure Vagrant on a per-project basis. The main function of the Vagrantfile is to described the virtual machines required for a project as well as how to configure and provision these machines.
- There has a folder named provision contains automated PowerShell script files for lab configuration.
- Deployment is simple. Go under LAB folder and run vagrant up
I intend to build a good ad penetration testing lab platform without taking too much time on configuration and set up.
-
This lab contains three machines. dc1,lab1,kali. IP range is 192.168.120.0/24.
dc1 = 192.168.120.2 lab1 = 192.168.120.10 kali = 192.168.120.15 domain name = lab.local
-
dc1 is AD server and lab1 is AD connected client , both are window server 2016.
-
All machines have two network interfaces: NAT and host-only. Only host-only adapters have been assigned within 192.168.120.0/24 network. In this lab, VirtualBox Host-Only Ethernet Adapter #4 is used. If you encounter error related with network card interfaces, you should adjust this.
-
This deployment process can take up to 1.5 or 2 hours. (vary depending on internet speed)
vagrant : vagrant
administrator : Passw0rd
CPU = > 1.6 gigahertz (GHz)
RAM = > 6 GB
Disk Space = > 60 GB
Abusing ACLs Kerberoasting AS-REP Roasting Abuse DnsAdmins Password Spraying DCSync Silver Ticket Golden Ticket Pass-the-Hash Pass-the-Ticket
vagrant up - starts and provisions the vagrant environment
vagrant box list - displays box lists
vagrant status - outputs status of the vagrant machine
vagrant ssh [machine] - connects to machine via SSH
vagrant port [machine] - displays information about guest port mappings
vagrant suspend [machine] - suspends the machine
vagrant resume [machine] - resume a suspended vagrant machine
This project was inspired by vulnerable active directory testing lab.