forked from BoredHackerBlog/LogDetectionLab
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Vagrantfile
83 lines (78 loc) · 4.64 KB
/
Vagrantfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
Vagrant.configure("2") do |config|
config.vagrant.plugins = ["vagrant-reload"]
config.vm.guest = :windows
config.vm.communicator = "winrm"
config.vm.boot_timeout = 600
config.vm.graceful_halt_timeout = 600
config.winrm.retry_limit = 200
config.winrm.retry_delay = 10
config.winrm.max_tries = 20
config.winrm.transport = :plaintext
config.winrm.basic_auth_only = true
config.ssh.username = "vagrant"
config.ssh.password = "vagrant"
config.ssh.insert_key = false
config.vm.provider "virtualbox" do |v|
v.linked_clone = true
v.memory = 2048
v.cpus = 2
v.gui = true
end
config.vm.define "dc1" do |dc1|
dc1.vm.box = "StefanScherer/windows_2019"
dc1.vm.network "private_network", ip: "192.168.200.11"
dc1.vm.network :forwarded_port, guest: 5985, host: 25985, id: "winrm"
dc1.vm.network :forwarded_port, guest: 3389, host: 23389, id: "msrdp"
dc1.vm.hostname = "dc1"
dc1.vm.provision "shell", privileged: false, inline: <<-SHELL
Set-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name AutoAdminLogon -Value 1
Set-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name DefaultUserName -Value "vagrant"
Set-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name DefaultPassword -Value "vagrant"
Remove-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name AutoAdminLogonCount -Confirm -ErrorAction SilentlyContinue
reg add HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /v EnableLUA /d 0 /t REG_DWORD /f /reg:64
SHELL
dc1.vm.provision "reload"
dc1.vm.provision "shell", path: "install-dc.ps1", privileged: true
dc1.vm.provision "reload"
dc1.vm.provision "shell", path: "create-users.ps1", privileged: true
dc1.vm.provision "shell", path: "create-smbshare.ps1", privileged: true
dc1.vm.provision "shell", path: "change_ui.ps1", privileged: true
dc1.vm.provision "shell", path: "change_sec_config.bat", privileged: true
dc1.vm.provision "shell", path: "install-atomicredteam.ps1", privileged: true
dc1.vm.provision "shell", path: "enable_logging.bat", privileged: true
dc1.vm.provision "file", source: "winlogbeat.yml", destination: "C:\\loggingsetup\\winlogbeat\\winlogbeat-7.9.3-windows-x86_64\\winlogbeat.yml"
dc1.vm.provision "shell", path: "setup_winlogbeat.bat", privileged: true
dc1.vm.provision "reload"
end
config.vm.define "workstation1" do |workstation1|
workstation1.vm.box = "StefanScherer/windows_10"
workstation1.vm.network "private_network", ip: "192.168.200.12"
workstation1.vm.network :forwarded_port, guest: 5985, host: 35985, id: "winrm"
workstation1.vm.network :forwarded_port, guest: 3389, host: 33389, id: "msrdp"
workstation1.vm.hostname = "labworkstation1"
workstation1.vm.provision "shell", privileged: false, inline: <<-SHELL
Set-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name AutoAdminLogon -Value 1
Set-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name DefaultUserName -Value "vagrant"
Set-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name DefaultPassword -Value "vagrant"
Remove-ItemProperty "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon" -Name AutoAdminLogonCount -Confirm -ErrorAction SilentlyContinue
reg add HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /v EnableLUA /d 0 /t REG_DWORD /f /reg:64
SHELL
workstation1.vm.provision "reload"
workstation1.vm.provision "shell", path: "join-domain.ps1", privileged: true
workstation1.vm.provision "shell", path: "change_ui.ps1", privileged: true
workstation1.vm.provision "shell", path: "change_sec_config.bat", privileged: true
workstation1.vm.provision "shell", path: "install-atomicredteam.ps1", privileged: true
workstation1.vm.provision "shell", path: "enable_logging.bat", privileged: true
workstation1.vm.provision "file", source: "winlogbeat.yml", destination: "C:\\loggingsetup\\winlogbeat\\winlogbeat-7.9.3-windows-x86_64\\winlogbeat.yml"
workstation1.vm.provision "shell", path: "setup_winlogbeat.bat", privileged: true
workstation1.vm.provision "reload"
end
config.vm.define "kali" do |kali|
kali.vm.guest = :linux
kali.vm.communicator = "ssh"
kali.vm.box = "kalilinux/rolling"
# networking doesn't work correctly. you'll have to just set the ip address on your own.
kali.vm.network "private_network", ip: "192.168.200.13"
# kali.vm.provision "reload"
end
end