Server 2019 + WSL Build Instructions :)

[OG-Sadpanda]

Build Process Developed By

Twitter: @sadpanda_sec Twitter: @grnbeltwarrior

These instructions allowed us to get the attack lab running on Windows Server 2019 with WSL (Ubuntu latest LTS) Follow these instructions in order...

Dependencies Windows Server Pre-Reqs

install vbox and vbox guest additions
install Git
install vagrant

Install WSL ubuntu - after install open powershell as admin and then open the bash console (as root). Run the following commands

sudo apt-get update 
sudo apt-get install -y linux-headers-generic vagrant
sudo apt-get install -y ruby-dev python3-pip git libffi-dev libssl-dev ansible 
sudo gem install winrm-elevated
sudo gem install winrm

Export Envs in WSL (as root) FOLLOW THIS - in the WSL bash console (as root) export PATH and enable windows access https://www.vagrantup.com/docs/other/wsl

• Add the following exports to the bottom of your .bashrc file within the root account of WSL so that you dont have to keep on exporting env vars...
  • DANGER: DO NOT export the the following PATH env var verbatim...This is unique to the user account used on my box

export VAGRANT_WSL_ENABLE_WINDOWS_ACCESS="1"
export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/mnt/c/Windows/System32:/mnt/c/Windows:/mnt/c/Windows/System32/wbem:/mnt/c/Windows/System32/WindowsPowerShell/v1.0:/mnt/c/Windows/System32/OpenSSH:/mnt/c/Program Files (x86)/NVIDIA Corporation/PhysX/Common:/mnt/c/HashiCorp/Vagrant/bin:/mnt/c/Users/Administrator/AppData/Local/Programs/Python/Python310/Scripts:/mnt/c/Users/Administrator/AppData/Local/Programs/Python/Python310:/mnt/c/Users/Administrator/AppData/Local/Microsoft/WindowsApps:/mnt/c/Users/Administrator/Ubuntu:/snap/bin:/mnt/c/Program Files/Oracle/VirtualBox"

Install Ansible Dependencies In WSL bash console (as root) run these two commands

ansible-galaxy collection install community.windows chocolatey.chocolatey
vagrant plugin install vagrant-hostmanager vagrant-vbguest

Deploy :) Within a root bash console in WLS run the following command... enjoy vagrant up

Build Caveats If you get some weird schannel errors (see below) during the vagrant deployment open a windows cmd/powershell console as admin and run the git commands listed below.. i am uncertain if this solved the problem or not because i believe i installed git on Windows and/or on WSL after i was getting this error.. could have been the lack of the git package on either Windows or WSL that was causing this problem. either way... if you do get this error after installing git in Windows and WSL try the commands below.

• [Error] InitializeSecurityContext failed: Unknown error (0x80092013) #2187

  git config --global http.sslBackend "openssl"
  git config --global http.sslCAInfo "C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt"

[OG-Sadpanda]

install vagrant 2.2.19 on the Windows host and WSL.. current Ubuntu package list only contains vagrant 2.2.6.. do not apt-get install vagrant within wsl

[Marshall-Hallenbeck]

@OG-Sadpanda Trying this on my main desktop it for some reason thinks there's an issue with PowerShell. I'm running v5, but it thinks it's not even 3?

Vagrant failed to initialize at a very early stage:

The version of powershell currently installed on this host is less than
the required minimum version. Please upgrade the installed version of
powershell to the minimum required version and run the command again.

  Installed version: /mnt/c/Windows/System32/WindowsPowerShell/v1.0/powershell.exe: Invalid argument

  Minimum required version: 3

It also can't recognize the Vagrant version I have installed on Windows (both are 2.2.19)

Vagrant cannot currently enable access to manage machines within the Windows
environment because the version of Vagrant installed on Windows does not
match this version of Vagrant running within the Windows Subsystem for Linux.
Please ensure both installation of Vagrant are the same. If you do not want
update your Vagrant installations you can disable Windows access by unsetting
the `VAGRANT_WSL_ACCESS_WINDOWS_USER` environment variable.

  Windows Vagrant version: unknown
  Windows Subsystem for Linux Vagrant version: 2.2.19

[OG-Sadpanda]

That is really weird...

Here is my PSVersionTable output

did you include those exports within your root bashrc file? those are important... but you cant copy those verbatim per the instructions.. within WSL root bash console i can find both vagrant binaries just fine.. see screenshot below

[Marshall-Hallenbeck]

I ended up getting this working on one of my computers. I'm re-testing on a third computer to see if I can get a solid handle on the specifics.

[OG-Sadpanda]

Awesome 🙂

[Marshall-Hallenbeck]

One big thing to note that I found is if running via Windows Terminal, you HAVE to run it as Administrator before opening a WSL tab (at least once it seems) or you get a really unhelpful error about Powershell not being version 3 (even though it prints out it's version 3 🙄).

Working through one more error that previously figured out but forgot to document right now.

[OG-Sadpanda]

Yeah the way I've been doing it is opening up a PowerShell console as Administrator, enter a WSL bash console, elevate to root, run vagrant up. Haven't had any issues since building my lab and I've included some additional OS's and Ansible automation to upgrade eval copies of windows to fully licensed versions as well as deploying software to the endpoints such as office, Adobe, AV, etc..

[Marshall-Hallenbeck]

@OG-Sadpanda that's awesome to hear. I finally nailed down the reason for issues on some of my hosts, but not others: I use Docker on one of them.

Apparently VirtualBox/HyperV/Docker/WSL2 all conflict in various ways so it's a PITA to get them all working together (I got one instance of them all working, but it was painfully slow).

Would you mind showing me a screenshot of the "Windows Features" you have enabled? I'm trying to nail down which ones are causing issues. I'm running in a weird discrepancy between my laptop & desktop and would like to see someone else's.

[OG-Sadpanda]

Not currently near my lab but I dont believe I have HyperV or Docker installed on my lab machine. IIRC I had issues in the past with HyperV and Vbox installed simultaneously.

[Marshall-Hallenbeck]

@OG-Sadpanda That's fine, I finally got it working. Virtualization on Windows is a mess.

What I ended up doing is completely uninstalling all the virtualization features, saying screw it to Docker, then reinstalling WSL and reinstalling Virtual Box. It was SUPER important to install VirtualBox after installing WSL, because for some reason Windows freaks out otherwise.

Also, the newer versions of VirtualBox mess with the network configuration for some reason, so I kept getting the error

The IP address configured for the host-only network is not within the allowed ranges. Please update the address used to be within the allowed ranges and run the command again.

Which is tied to VirtualBox v6.1.28, so make sure to install v6.1.26 from here.

I've gotta compile all this into the installation doc, but I'm glad it's finally working on my main Windows machine now. What a headache.

[OG-Sadpanda]

Sounds like a nightmare 😂 I'm sorry you had to go through the headaches. But I'm glad you got it working!