Closed jezkerwin closed 5 years ago
I disabled Defender on DC and re provisioned and it seemed to work. but when it moved onto WEF host it failed again installing powersploit because of defender
Been tinkering with this and it appears that the debloat or utilities script isn't running when deploying the windows vms so it's not uninstalling defender
I re-ran the build script using Virtualbox and it appears to be a problem with VMWare workstation. Virtualbox appears to have built successfully.
Are you using the stock boxes (downloaded boxes) or did you build them yourself using Packer?
I'm pretty sure that I tried it using both methods, stock boxes and building them myself. I'll re-run the build process again over the weekend using both methods and report back.
I went back, cleaned everything up and re-ran the build script. allowed them to build own boxes using Packer. This is the output.
==> Builds finished. The artifacts of successful builds are:
--> vmware-iso: 'vmware' provider box: windows_10_vmware.box
[packer_build_box] Finished for windows_10. Got exit code: 0
[move_boxes] Running..
[move_boxes] Finished.
[main] Running vagrant_up_host for: logger
[vagrant_up_host] Running for logger
Attempting to bring up the logger host using Vagrant
[vagrant_up_host] Finished for logger. Got exit code: 0
[main] vagrant_up_host finished. Exitcode: 0
Good news! logger was built successfully!
[main] Finished for: logger
[main] Running vagrant_up_host for: dc
[vagrant_up_host] Running for dc
Attempting to bring up the dc host using Vagrant
[vagrant_up_host] Finished for dc. Got exit code: 1
[main] vagrant_up_host finished. Exitcode: 1
WARNING: Something went wrong while attempting to build the dc box.
Attempting to reload and reprovision the host...
[main] Running vagrant_reload_host for: dc
[vagrant_reload_host] Running for dc
[vagrant_reload_host] Finished for dc. Got exit code: 1
C:\Users\Jez\Documents\DetectionLab\build.ps1 : Failed to bring up dc after a reload. Exiting
At line:1 char:1
+ .\build.ps1 -providername vmware_desktop
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,build.ps1
[main] Running post_build_checks
[post_build_checks] Running Caldera Check.
[download] Running for https://192.168.38.105:8888, looking for <title>CALDERA</title>
Error occured on webrequest: Exception calling "DownloadString" with "1" argument(s): "Unable to connect to the remote server"
[post_build_checks] Cladera Result: False
[post_build_checks] Running Splunk Check.
[download] Running for https://192.168.38.105:8000/en-US/account/login?return_to=%2Fen-US%2F, looking for This browser is not supported by Splunk
Error occured on webrequest: Exception calling "DownloadString" with "1" argument(s): "Unable to connect to the remote server"
[post_build_checks] Splunk Result: False
[post_build_checks] Running Fleet Check.
[download] Running for https://192.168.38.105:8412, looking for Kolide Fleet
Error occured on webrequest: Exception calling "DownloadString" with "1" argument(s): "Unable to connect to the remote server"
[post_build_checks] Fleet Result: False
[post_build_checks] Running MS ATA Check.
[download] Running for https://192.168.38.103, looking for
Error occured on webrequest: Exception calling "DownloadString" with "1" argument(s): "Unable to connect to the remote server"
[post_build_checks] ATA Result: False
WARNING: Caldera failed post-build tests and may not be functioning correctly.
WARNING: Splunk failed post-build tests and may not be functioning correctly.
WARNING: Fleet failed post-build tests and may not be functioning correctly.
WARNING: MS ATA failed post-build tests and may not be functioning correctly.
[main] Finished post_build_checks
I've attached the log file from the DC
Hey @jezkerwin - I'm totally unable to reproduce this bug in the CI pipeline (Virtualbox) and on my personal machine (VMware). I'll keep this open for now, but I can't seem to hit the same issue you're running into
Ok, thanks @clong , I'll do some more testing on my end and see if I can figure it out.
Hey @jezkerwin - is it okay to close this issue? I'm unable to reproduce this after multiple builds of the Server 2016 ISO
Description of the issue:
When performing
vagrant up --provider vmware_desktop
The deploy of DC fails with the following error. Looks like that defender isn't being disabled.