trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
3151668a7f485e21b275ab01a4399bc580852188
DetectionLab/Vagrant/Vagrantfile
Chris Long 553f9a13c5 Adding more code for Exchange
2021-03-29 20:50:01 -07:00

305 lines
15 KiB
Ruby
Raw Blame History

build_exchange = false
Vagrant.configure("2") do |config|
config.vm.define "logger" do |cfg|
cfg.vm.box = "bento/ubuntu-18.04"
cfg.vm.hostname = "logger"
cfg.vm.provision :shell, path: "logger_bootstrap.sh"
cfg.vm.network :private_network, ip: "192.168.38.105", gateway: "192.168.38.1", dns: "8.8.8.8"
cfg.vm.provider "vmware_desktop" do |v, override|
v.vmx["displayname"] = "logger"
v.memory = 4096
v.cpus = 2
v.gui = true
end
cfg.vm.provider "virtualbox" do |vb, override|
vb.gui = true
vb.name = "logger"
vb.customize ["modifyvm", :id, "--memory", 4096]
vb.customize ["modifyvm", :id, "--cpus", 2]
vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--nicpromisc2", "allow-all"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
cfg.vm.provider "libvirt" do |lv, override|
lv.graphics_type = "vnc"
lv.video_type = "vga"
lv.input :type => "tablet", :bus => "usb"
lv.video_vram = 32768
lv.memory = 4096
lv.cpus = 2
# This is required for Vagrant to properly configure the network interfaces.
# See https://github.com/clong/DetectionLab/wiki/LibVirt-Support for more information
lv.management_network_name = "VagrantMgmt"
lv.management_network_address = "192.168.123.0/24"
lv.management_network_mode = "none"
lv.cpu_mode = "host-passthrough"
# Which storage pool path to use. Default to /var/lib/libvirt/images or ~/.local/share/libvirt/images depending on if you are running a system or user QEMU/KVM session.
#libvirt.storage_pool_path = '/media/storage_nvme/system_session_vm_pool'
lv.storage_pool_name = 'default'
override.vm.box = "generic/ubuntu1604"
override.vm.synced_folder './', '/vagrant', type: 'rsync'
end
end
config.vm.define "dc" do |cfg|
cfg.vm.box = "detectionlab/win2016"
cfg.vm.hostname = "dc"
cfg.vm.boot_timeout = 600
cfg.winrm.transport = :plaintext
cfg.vm.communicator = "winrm"
cfg.winrm.basic_auth_only = true
cfg.winrm.timeout = 300
cfg.winrm.retry_limit = 20
cfg.vm.network :private_network, ip: "192.168.38.102", gateway: "192.168.38.1", dns: "8.8.8.8"
# Added DNS here because libvirt fails to properly configure the windows client otherwise... :(
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.102 -dns 8.8.8.8 -gateway 192.168.38.1"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "reload"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-redteam.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-choco-extras.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-velociraptor.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-ou.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-wef-gpo.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-powershelllogging.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-AuditingPolicyGPOs.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-rdp-user-gpo.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-disable-windows-defender-gpo.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-taskbar-layout-gpo.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: false
cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: false
cfg.vm.provider "vmware_desktop" do |v, override|
v.vmx["displayname"] = "dc.windomain.local"
v.memory = 3072
v.cpus = 2
v.gui = true
v.enable_vmrun_ip_lookup = false
end
cfg.vm.provider "virtualbox" do |vb, override|
vb.gui = true
vb.name = "dc.windomain.local"
vb.default_nic_type = "82545EM"
vb.customize ["modifyvm", :id, "--memory", 3072]
vb.customize ["modifyvm", :id, "--cpus", 2]
vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
cfg.vm.provider "libvirt" do |lv, override|
lv.graphics_type = "spice"
lv.video_type = "qxl"
lv.input :type => "tablet", :bus => "usb"
override.vm.box = "../Boxes/windows_2016_libvirt.box"
lv.video_vram = 32768
lv.memory = 3072
lv.cpus = 2
# This is NOT the right semantic for Vagrant synced folder. It's a workaround:
# https://github.com/Cimpress-MCP/vagrant-winrm-syncedfolders/issues/11
override.vm.synced_folder '.', '/', type: 'winrm'
end
end
config.vm.define "wef" do |cfg|
cfg.vm.box = "detectionlab/win2016"
cfg.vm.hostname = "wef"
cfg.vm.boot_timeout = 600
cfg.vm.communicator = "winrm"
cfg.winrm.basic_auth_only = true
cfg.winrm.timeout = 300
cfg.winrm.retry_limit = 20
cfg.vm.network :private_network, ip: "192.168.38.103", gateway: "192.168.38.1", dns: "192.168.38.102"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.103 -dns 8.8.8.8 -gateway 192.168.38.1"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "reload"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false
cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
cfg.vm.provision "shell", path: "scripts/install-wefsubscriptions.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-windows_ta.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-redteam.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-evtx-attack-samples.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-choco-extras.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-velociraptor.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-pslogstranscriptsshare.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: false
cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
cfg.vm.provision "shell", path: "scripts/install-microsoft-ata.ps1", privileged: false
cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: false
cfg.vm.provider "vmware_desktop" do |v, override|
v.vmx["displayname"] = "wef.windomain.local"
v.memory = 2048
v.cpus = 2
v.gui = true
v.enable_vmrun_ip_lookup = false
end
cfg.vm.provider "virtualbox" do |vb, override|
vb.gui = true
vb.name = "wef.windomain.local"
vb.default_nic_type = "82545EM"
vb.customize ["modifyvm", :id, "--memory", 2048]
vb.customize ["modifyvm", :id, "--cpus", 2]
vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
cfg.vm.provider "libvirt" do |lv, override|
lv.graphics_type = "spice"
lv.video_type = "qxl"
lv.input :type => "tablet", :bus => "usb"
override.vm.box = "../Boxes/windows_2016_libvirt.box"
lv.video_vram = 32768
lv.memory = 2048
lv.cpus = 2
override.vm.synced_folder '.', '/', type: 'winrm'
end
end
if build_exchange
config.vm.define "exchange" do |cfg|
cfg.vm.box = "detectionlab/win2016"
cfg.vm.hostname = "exchange"
cfg.vm.boot_timeout = 600
cfg.vm.communicator = "winrm"
cfg.winrm.basic_auth_only = true
cfg.winrm.timeout = 300
cfg.winrm.retry_limit = 20
cfg.vm.network :private_network, ip: "192.168.38.106", gateway: "192.168.38.1", dns: "192.168.38.102"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.106 -dns 8.8.8.8 -gateway 192.168.38.1"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "reload"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false
cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-windows_ta.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-redteam.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-choco-extras.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-velociraptor.ps1", privileged: false
cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: false
cfg.vm.provider "vmware_desktop" do |v, override|
v.vmx["displayname"] = "exchange.windomain.local"
v.memory = 8192
v.cpus = 4
v.gui = true
v.enable_vmrun_ip_lookup = false
end
cfg.vm.provider "virtualbox" do |vb, override|
vb.gui = true
vb.name = "exchange.windomain.local"
vb.default_nic_type = "82545EM"
vb.customize ["modifyvm", :id, "--memory", 8192]
vb.customize ["modifyvm", :id, "--cpus", 4]
vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
cfg.vm.provider "libvirt" do |lv, override|
lv.graphics_type = "spice"
lv.video_type = "qxl"
lv.input :type => "tablet", :bus => "usb"
override.vm.box = "../Boxes/windows_2016_libvirt.box"
lv.video_vram = 32768
lv.memory = 8192
lv.cpus = 4
override.vm.synced_folder '.', '/', type: 'winrm'
end
end
end
config.vm.define "win10" do |cfg|
cfg.vm.box = "detectionlab/win10"
cfg.vm.hostname = "win10"
cfg.vm.boot_timeout = 1200
cfg.vm.communicator = "winrm"
cfg.winrm.basic_auth_only = true
cfg.winrm.timeout = 1200
cfg.winrm.retry_limit = 20
cfg.vm.network :private_network, ip: "192.168.38.104", gateway: "192.168.38.1", dns: "192.168.38.102"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "-ip 192.168.38.104 -dns 8.8.8.8 -gateway 192.168.38.1"
cfg.vm.provision "shell", path: "scripts/MakeWindows10GreatAgain.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "reload"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false
cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-redteam.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-choco-extras.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-velociraptor.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: false
cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: false
cfg.vm.provider "vmware_desktop" do |v, override|
v.vmx["displayname"] = "win10.windomain.local"
v.vmx["gui.fullscreenatpoweron"] = "FALSE"
v.vmx["gui.viewModeAtPowerOn"] = "windowed"
v.memory = 2048
v.cpus = 1
v.gui = true
v.enable_vmrun_ip_lookup = false
end
cfg.vm.provider "virtualbox" do |vb, override|
vb.gui = true
vb.name = "win10.windomain.local"
vb.default_nic_type = "82545EM"
vb.customize ["modifyvm", :id, "--memory", 2048]
vb.customize ["modifyvm", :id, "--cpus", 1]
vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["setextradata", "global", "GUI/SuppressMessages", "all" ]
end
cfg.vm.provider "libvirt" do |lv, override|
lv.graphics_type = "spice"
lv.video_type = "qxl"
lv.input :type => "tablet", :bus => "usb"
override.vm.box = "../Boxes/windows_10_libvirt.box"
lv.video_vram = 32768
lv.memory = 2048
lv.cpus = 2
override.vm.synced_folder '.', '/', type: 'winrm'
end
end
end
Reference in New Issue View Git Blame Copy Permalink