群里的老哥推荐了Game Of Active Directory这个靶机,说是把GOAD吃透了,AD这部分就吃透了。于是立马着手开始搭建。先把当前用的kali完整克隆一份,然后分配25G内存和200G硬盘(GOAD需要最低24G内存和120G硬盘)。为了搭建这个靶机连夜加购一根16G内存条。

分配好后开机使用sudo gparted分配扩展空间到主硬盘。

在kali上安装virtualbox 和 vagrant 及其插件

sudo apt install virtualbox
sudo apt update && sudo apt install vagrant
vagrant plugin install vagrant-reload vagrant-vbguest winrm winrm-fs winrm-elevated

把repo clone下来,运行:

git clone https://github.com/Orange-Cyberdefense/GOAD.git
cd GOAD
./goad.sh

设定ip范围和安装类型:

set_ip_range 192.168.0
set_lab GOAD # 可选GOAD/GOAD-Light/NHA/SCCM
install

然后就会自动开始安装。若出现ip范围不允许的问题,则可以在sudo vim /etc/vbox/networks.conf路径下创建文件,在文件里加上:

* 192.168.0.0/24

随后我又出现了该平台不支持虚拟化Intel VT-x的问题。使用这篇文章里的办法https://blog.csdn.net/qq_45301716/article/details/131782732

先打开任务管理器->性能 查看虚拟化是否已启用

然后搜索框里搜索"启用或关闭Windows功能"

关闭 Hyper-V(若有),windows沙盒(若有),虚拟机平台, windows虚拟机监控程序平台, linux子系统。然后重启电脑。

管理员身份打开powershell或cmd,输入:

bcdedit /set hypervisorlaunchtype off

重启电脑后再次管理员身份打开powershell或cmd输入:

bcdedit /enum

搜索框搜索“系统信息” 查看“基于虚拟化的安全性”是否已开启

若显示开启,到设置->windows安全中心->设备安全性->内核隔离 关闭内核隔离

重启,查看系统信息基于虚拟化的安全是否已关闭。

然后在vmware中打开,设置->处理器->虚拟化引擎 勾选

若没有这个选项,就去找当前虚拟机的.vmx文件,文本打开在最后加上一行:

vhv.enable = "TRUE"

保存,重启vmware,此时虚拟化引擎选项应该出现。

做完上面这些就可以开始安装了:

接下来就是漫长的等待。等部署好后尝试用fping测试各个机器:

fping -asgq 192.168.0.0/24 > result.txt
cat result.txt
192.168.0.1
192.168.0.10
192.168.0.11
192.168.0.12
192.168.0.22
192.168.0.23

没问题。再用nmap扫描一下端口:

sudo nmap -p- 192.168.0.1,10,11,12,22,23 -T4 --min-rate 2000 -Pn
Not shown: 65534 closed tcp ports (reset)
PORT   STATE SERVICE
22/tcp open  ssh

Stats: 0:00:10 elapsed; 1 hosts completed (6 up), 5 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 41.67% done; ETC: 12:13 (0:00:13 remaining)
Nmap scan report for 192.168.0.10
Host is up (0.00045s latency).
Not shown: 65506 closed tcp ports (reset)
PORT      STATE SERVICE
53/tcp    open  domain
80/tcp    open  http
88/tcp    open  kerberos-sec
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
389/tcp   open  ldap
445/tcp   open  microsoft-ds
464/tcp   open  kpasswd5
593/tcp   open  http-rpc-epmap
636/tcp   open  ldapssl
3268/tcp  open  globalcatLDAP
3269/tcp  open  globalcatLDAPssl
3389/tcp  open  ms-wbt-server
5985/tcp  open  wsman
5986/tcp  open  wsmans
9389/tcp  open  adws
47001/tcp open  winrm
49664/tcp open  unknown
49665/tcp open  unknown
49666/tcp open  unknown
49667/tcp open  unknown
49669/tcp open  unknown
49670/tcp open  unknown
49671/tcp open  unknown
49673/tcp open  unknown
49676/tcp open  unknown
49686/tcp open  unknown
49698/tcp open  unknown
49832/tcp open  unknown
MAC Address: 08:00:27:2A:66:20 (PCS Systemtechnik/Oracle VirtualBox virtual NIC)

Nmap scan report for 192.168.0.11
Host is up (0.00050s latency).
Not shown: 65508 closed tcp ports (reset)
PORT      STATE SERVICE
53/tcp    open  domain
88/tcp    open  kerberos-sec
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
389/tcp   open  ldap
445/tcp   open  microsoft-ds
464/tcp   open  kpasswd5
593/tcp   open  http-rpc-epmap
636/tcp   open  ldapssl
3268/tcp  open  globalcatLDAP
3269/tcp  open  globalcatLDAPssl
3389/tcp  open  ms-wbt-server
5985/tcp  open  wsman
5986/tcp  open  wsmans
9389/tcp  open  adws
47001/tcp open  winrm
49664/tcp open  unknown
49665/tcp open  unknown
49666/tcp open  unknown
49667/tcp open  unknown
49669/tcp open  unknown
49671/tcp open  unknown
49672/tcp open  unknown
49675/tcp open  unknown
49678/tcp open  unknown
49701/tcp open  unknown
49828/tcp open  unknown
MAC Address: 08:00:27:2C:77:94 (PCS Systemtechnik/Oracle VirtualBox virtual NIC)

Nmap scan report for 192.168.0.12
Host is up (0.00031s latency).
Not shown: 65508 closed tcp ports (reset)
PORT      STATE SERVICE
53/tcp    open  domain
88/tcp    open  kerberos-sec
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
389/tcp   open  ldap
445/tcp   open  microsoft-ds
464/tcp   open  kpasswd5
593/tcp   open  http-rpc-epmap
636/tcp   open  ldapssl
3268/tcp  open  globalcatLDAP
3269/tcp  open  globalcatLDAPssl
3389/tcp  open  ms-wbt-server
5985/tcp  open  wsman
5986/tcp  open  wsmans
9389/tcp  open  adws
47001/tcp open  winrm
49664/tcp open  unknown
49665/tcp open  unknown
49666/tcp open  unknown
49668/tcp open  unknown
49669/tcp open  unknown
49670/tcp open  unknown
49671/tcp open  unknown
49673/tcp open  unknown
49676/tcp open  unknown
49686/tcp open  unknown
49852/tcp open  unknown
MAC Address: 08:00:27:AC:2E:CA (PCS Systemtechnik/Oracle VirtualBox virtual NIC)

Nmap scan report for 192.168.0.22
Host is up (0.00062s latency).
Not shown: 65516 closed tcp ports (reset)
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
3389/tcp  open  ms-wbt-server
5985/tcp  open  wsman
5986/tcp  open  wsmans
47001/tcp open  winrm
49664/tcp open  unknown
49665/tcp open  unknown
49666/tcp open  unknown
49667/tcp open  unknown
49668/tcp open  unknown
49680/tcp open  unknown
49696/tcp open  unknown
49698/tcp open  unknown
49703/tcp open  unknown
49797/tcp open  unknown
MAC Address: 08:00:27:BB:04:43 (PCS Systemtechnik/Oracle VirtualBox virtual NIC)

Nmap scan report for 192.168.0.23
Host is up (0.00057s latency).
Not shown: 65516 closed tcp ports (reset)
PORT      STATE SERVICE
80/tcp    open  http
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1433/tcp  open  ms-sql-s
3389/tcp  open  ms-wbt-server
5985/tcp  open  wsman
5986/tcp  open  wsmans
47001/tcp open  winrm
49664/tcp open  unknown
49665/tcp open  unknown
49666/tcp open  unknown
49668/tcp open  unknown
49669/tcp open  unknown
49697/tcp open  unknown
49785/tcp open  unknown
49787/tcp open  unknown
49857/tcp open  unknown
49955/tcp open  unknown
MAC Address: 08:00:27:A2:2A:C0 (PCS Systemtechnik/Oracle VirtualBox virtual NIC)

搭建成功.

此作者没有提供个人介绍。
最后更新于 2025-04-04