Game of Active Directory (GOAD), setup the lab in linux machine

Md. Mahim Bin Firoj
5 min readMay 24, 2024

--

Image source: https://x.com/VolkisAU/status/1634464255100571648

Here in our esxi server, we have created a vm named GOAD-VM and giving resources of 32 GB ram, 8 core cpu’s and 500 GB hard disk (because if you take snapshots then space will be required more). On that vm we have installed ubuntu 22.04 desktop edition operating system. If you have a old machine that is unused and the above mentioned resources are available, then you can still use that machine to create GOAD by installing ubuntu on that machine as the base os. Then rest procedure are same.

Now say you have installed ubuntu on esxi vm or your physical old machine. After that you need to use sudo apt update && apt upgrade command to update all the packages. We have done that and the ip of the ubuntu vm is i.e. 10.10.11.182

We have also installed the following:

sudo apt install open-vm-tools-desktop
sudo apt install open-vm-tools
https://github.com/Orange-Cyberdefense/GOAD

Now if you want to quick install the whole lab, then you first need to install virtual box, docker and vagrant on the system. Then you just need to clone the repo and utilize the goad.sh script. Grab the coffee because it will take time to comple the whole lab.

But we did not follow that approach. We plan to use vmware instead of other providers. So we installed vmware on the ubuntu vm. We also did not provision with docker, instead we used ansible locally.

  1. First of all, you need to download the vmware for our ubuntu machine but this has now become tricky as vmware is acquired by Broadcom. Don’t worry we will tell you how you can download this (Please reach out to me for this). After you download you will get a file like this -> VMware-Wrokstation-Full-175.0–22583795.x86_64.bundle

If you need this file then let me know please.

Now execute the following command one by one to install vmware on ubuntu.

sudo apt update
sudo apt install build-essential -y
sudo bash VMware-Wrokstation-Full-175.0–22583795.x86_64.bundle
sudo vmware-modconfig --console --install-all

Now you will see that in your linux machine, vmware workstation pro has been installed. Open it.

You will see that its asking for gcc-12 or gcc-12–3.0 something like that. You need to install it using following command:

sudo apt install gcc-12 -y

After the install is done, open vmware. Click on browse. The location where gcc file is present is opened by default. Point the gcc-12 and click ok.

Now follow the on screen instruction (given below) and put the license. Please note, we need vmware pro license version for cloning and snapshot the GOAD vm’s. Evaluation mode does not support these features.

Now open the vmware application from your ubuntu system.

Put the license key and click finish.

2. Now we need to install vmware utility vagrant driver.

https://releases.hashicorp.com/vagrant-vmware-utility/1.0.22/vagrant-vmware-utility_1.0.22-1_amd64.deb

From this link you can download the amd64.deb package and install it by the below command. And we follow this step (not the alternative one).

sudo dpkg -i vagrant-vmware-utility_1.0.22-1_amd64.deb
or
apt install ./vagrant-vmware-utility_1.0.22-1_amd64.deb

Or alternatively, you can install the package manually by following below commands which is mentioned on orange cyber defense’s github page.

cd /tmp
wget https://releases.hashicorp.com/vagrant-vmware-utility/1.0.22/vagrant-vmware-utility_1.0.22_linux_amd64.zip
sudo mkdir -p /opt/vagrant-vmware-desktop/bin
sudo unzip -d /opt/vagrant-vmware-desktop/bin vagrant-vmware-utility_1.0.22_linux_amd64.zip
sudo /opt/vagrant-vmware-desktop/bin/vagrant-vmware-utility certificate generate
sudo /opt/vagrant-vmware-desktop/bin/vagrant-vmware-utility service install

Please note that you will also need to install the vmware-desktop plugin after the vagrant installation, so run the below command:

vagrant plugin install vagrant-vmware-desktop

3. Now we need to install the Vagrant. Run the below commands one by one.

wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install vagrant

On some recent versions (ubuntu 23.04), you should consider run also:

sudo apt install ruby-rubygems
gem install winrm winrm-fs winrm-elevated

But in ubuntu 22.04 I tried to install the above, but it failed. Then I tried below and got success.

vagrant plugin install winrm
vagrant plugin install winrm-fs
vagrant plugin install winrm-elevated

4. Now we will install ansible locally.

sudo apt install git
sudo git clone https://github.com/Orange-Cyberdefense/GOAD.git
cd GOAD
sudo apt install python3-pip
pip3 --version
sudo apt install python3-venv
python3 -m venv venvGOAD
cd ansible/
source ~/venvGOAD/bin/activate
pip install ansible-core
pip install pywinrm
ansible-galaxy install -r requirements.yml

5. You can check dependencies using the below command now. (No docker)

cd Desktop/GOAD/
./goad.sh -t check -l GOAD -p vmware -m local

If all ok, then you are good to go.

6. Now navigate to the following path to create all the vm’s using vagrant up command.

cd Desktop/GOAD/ad/GOAD/providers/vmware
vagrant up

Now allow some time. When all your vm’s are up and running then you should go for ansible playbook to run.

7. Ansible playbook to run.

cd Desktop/GOAD/ansible/
ansible-playbook -i ../ad/GOAD/data/inventory -i ../ad/GOAD/providers/vmware/inventory main.yml

In some writeup’s, I saw that they recommend to run individual playbooks one by one. Please don’t do that. Run directly the main.yml playbook file. Give some time. Once done you will see the following.

If you see out of 5, any 1 is failed, then re-run the main.yml playbook again. I encountered the similar thing. Then I re-run the playbook again. And guess what !!!! I got success the second time.

Happy AD Pentest :)

If you find the writeup useful, please subscribe below and share it to your social media. I would like to extend my gratidue to my colleague Mohamed Alamin for his wonderful co-operation with me regarding the RnD session. Thank you.

LinkedIn:

https://www.linkedin.com/in/md-mahimbin-firoj-7b8a5a113/

YouTube:

https://www.youtube.com/@mahimfiroj1802/videos

--

--

Md. Mahim Bin Firoj
Md. Mahim Bin Firoj

Written by Md. Mahim Bin Firoj

0 Followers

Security Enthusiast

Responses (1)