mandiant / commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
https://www.mandiant.com/resources/blog/commando-vm-windows-offensive-distribution
Apache License 2.0
6.87k stars 1.28k forks source link

GoogleChrome keeping crash the installation - Checksum problem #299

Closed bernardofsr closed 4 months ago

bernardofsr commented 1 year ago

Description During the installation process of the script, an error is consistently occurring, causing the installation to fail. The root cause of this failure is attributed to the GoogleChrome package failing the checksum test. This issue prevents the successful completion of the installation process, leading to a disrupted user experience.

Error Log 2023-08-17 18:23:38,827 6916 [DEBUG] - Verifying package provided checksum of '140c6fe739a944b380268595d2a09d1a113d69e9cf8ac7fa45a7e6ab7d0fa123' for 'C:\Users\brodrigues\AppData\Local\ChocoCache\GoogleChrome\115.0.5790.171\googlechromestandaloneenterprise64.msi'. 2023-08-17 18:23:38,827 6916 [DEBUG] - Running Get-ChecksumValid -file 'C:\Users\brodrigues\AppData\Local\ChocoCache\GoogleChrome\115.0.5790.171\googlechromestandaloneenterprise64.msi' -checksum '140c6fe739a944b380268595d2a09d1a113d69e9cf8ac7fa45a7e6ab7d0fa123' -checksumType 'sha256' -originalUrl 'https://dl.google.com/tag/s/dl/chrome/install/googlechromestandaloneenterprise64.msi' 2023-08-17 18:23:38,842 6916 [DEBUG] - checksum.exe found at 'C:\ProgramData\chocolatey\helpers\..\tools\checksum.exe' 2023-08-17 18:23:38,842 6916 [DEBUG] - Executing command ['C:\ProgramData\chocolatey\helpers\..\tools\checksum.exe' -c="140c6fe739a944b380268595d2a09d1a113d69e9cf8ac7fa45a7e6ab7d0fa123" -t="sha256" -f="C:\Users\brodrigues\AppData\Local\ChocoCache\GoogleChrome\115.0.5790.171\googlechromestandaloneenterprise64.msi"] 2023-08-17 18:23:39,467 6916 [DEBUG] - Command ['C:\ProgramData\chocolatey\helpers\..\tools\checksum.exe' -c="140c6fe739a944b380268595d2a09d1a113d69e9cf8ac7fa45a7e6ab7d0fa123" -t="sha256" -f="C:\Users\brodrigues\AppData\Local\ChocoCache\GoogleChrome\115.0.5790.171\googlechromestandaloneenterprise64.msi"] exited with '1'. 2023-08-17 18:23:39,498 6916 [ERROR] - ERROR: Checksum for 'C:\Users\brodrigues\AppData\Local\ChocoCache\GoogleChrome\115.0.5790.171\googlechromestandaloneenterprise64.msi' did not meet '140c6fe739a944b380268595d2a09d1a113d69e9cf8ac7fa45a7e6ab7d0fa123' for checksum type 'sha256'. Consider passing the actual checksums through with --checksum --checksum64 once you validate the checksums are appropriate. A less secure option is to pass --ignore-checksums if necessary. 2023-08-17 18:23:39,530 6916 [DEBUG] - Built-in PowerShell host called with ['[System.Threading.Thread]::CurrentThread.CurrentCulture = '';[System.Threading.Thread]::CurrentThread.CurrentUICulture = '';[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::SystemDefault; & import-module -name 'C:\ProgramData\chocolatey\helpers\chocolateyInstaller.psm1'; & 'C:\ProgramData\chocolatey\helpers\chocolateyScriptRunner.ps1' -packageScript 'C:\ProgramData\chocolatey\lib\GoogleChrome\tools\chocolateyInstall.ps1' -installArguments '' -packageParameters '' -preRunHookScripts $null -postRunHookScripts $null'] exited with '-1'. 2023-08-17 18:23:39,530 6916 [DEBUG] - Calling command ['"C:\Windows\System32\shutdown.exe" /a']

It's also found some compatibility problems with CyberChef (Link to Image Below)

Screenshots Compatibility Error

nos3curity commented 1 year ago

Thank you for reporting this. We'll look into it and try to reproduce.

vivekaom commented 1 year ago

I had the same issue 2 days ago. Has anything been done to resolve this?

bernardofsr commented 1 year ago

Hello @vivekaom,

In order to proceed with the installation until there is a solution, I disabled the checksum functionality.

The feature can be found in:

C:\ProgramData\chocolatey\config\chocolatey.config

Changing the enabled to false:

<feature name="checksumFiles" enabled="true" setExplicitly="false" description="Checks files when they are obtained from the Internet (based on the package)." />

It is important to remember that this reduces the level of security during installation.

D4rthMaulCop commented 12 months ago

As a workaround, I've had luck with running the GUI installer and omitting the Google Chrome package from being installed in any of the installation profiles. Seems to install just fine after that.

day1player commented 12 months ago

Removed chrome dependency from cyberchef https://github.com/mandiant/VM-Packages/pull/642

We will need to remove Chrome from our profiles to consider this issue resolved.

Ana06 commented 11 months ago

gowitness.vm also requires Chrome at the moment. Note that the Chrome community package breaks when Chrome is updated until the link is updated in the package. This is something that is outside our control.

geo-lit commented 4 months ago

Fixed. Please see the mentioned issue above.