search

mandiant / flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Apache License 2.0
6.15k stars 885 forks source link

Invalid path: C:\Tools\Admin Command Prompt.lnk #573

Closed egomy closed 4 months ago

egomy commented 4 months ago

What's the problem?

I've ran the Flare VM installer on Windows 10 (19045) at least 4 times and i keep getting the same error every single time:

ERROR: Invalid path: C:\Tools\Admin Command Prompt.lnk

Anyone got the same errors before?

Steps to Reproduce

  1. Windows 10 (19045)
  2. Disabled Windows Defender and Update
  3. Unblock-File installer.ps1
  4. Set-ExecutionPolicy Unrestricted -Force
  5. .\install.ps1

Environment

[+] Checking if PowerShell version is compatible...
        [+] Installing with PowerShell version 5.1.19041.4046
[+] Checking if script is running as administrator...
        [+] Running as administrator
[+] Checking if execution policy is unrestricted...
        [+] Execution policy is unrestricted
[+] Checking to make sure Operating System is compatible...
        [+] Installing on Windows version 19045
[+] Checking for spaces in the username...
        [+] Username 'flarevm' does not contain any spaces.
[+] Checking if host has enough disk space...
        [+] Disk is larger than 60 GB
[+] Checking for Internet connectivity (google.com)...
        [+] Internet connectivity check for google.com passed
[+] Checking for Internet connectivity (github.com)...
        [+] Internet connectivity check for github.com passed
[+] Checking for Internet connectivity (raw.githubusercontent.com)...
        [+] Internet connectivity check for raw.githubusercontent.com passed
        [+] Network connectivity looks good
[+] Checking if Windows Defender Tamper Protection is disabled...
        [+] Tamper Protection is disabled
[+] Checking if Windows Defender service is disabled...
        [+] Defender is disabled

Additional Information


2024/03/04 02:28:21 [installer.vm] chocolateyinstall.ps1 [+] INFO :     yara.vm has been installed
2024/03/04 02:28:21 [installer.vm] chocolateyinstall.ps1 [+] INFO : Packages installation complete
Illegal characters in path.
WARNING: 'C:\Windows\system32\cmd.exe /k "C:\Users\flarevm\Desktop"' does not exist. If it is not created the shortcut will not be valid.
WARNING: Unable to create shortcut. Error captured was Value does not fall within the expected range..
2024/03/04 02:28:21 [installer.vm] vm.common.psm1 [+] ERROR : Invalid path: C:\Tools\Admin Command Prompt.lnk
2024/03/04 02:28:21 [installer.vm] vm.common.psm1 [+] ERROR : Invalid path: C:\Tools\Admin Command Prompt.lnk
At C:\ProgramData\_VM\vm.common\vm.common.psm1:127 char:9
+         throw $err_msg
+         ~~~~~~~~~~~~~~
ERROR: Invalid path: C:\Tools\Admin Command Prompt.lnk
  installer.vm can be automatically uninstalled.
Environment Vars (like PATH) have changed. Close/reopen your shell to
 see the changes (or in powershell/cmd.exe just type `refreshenv`).
The install of installer.vm was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\installer.vm\tools\chocolateyinstall.ps1'.
 See log for details.

Chocolatey installed 0/1 packages. 1 packages failed.
 See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

Failures
 - installer.vm (exited -1) - Error while running 'C:\ProgramData\chocolatey\lib\installer.vm\tools\chocolateyinstall.ps1'.
 See log for details.
++ Boxstarter finished Calling Chocolatey to install installer.vm. This may take several minutes to complete... 01:04:14.0308906
True
Boxstarter: Restore Automatic Updates from Windows Update
Boxstarter: Enabling UAC
Type ENTER to exit:```
Rhys-Wong commented 4 months ago

I'm getting this error as well, Did you manage to resolve this issue?

egomy commented 4 months ago

I checked package.xmlin %PROGRAMDATA%/_VM/package.xml and yara.vm was the last package in the list, so i'm guessing all the applications that were meant to be installed were all installed.

The error seemed to have come from these 2 lines in CustomStartLayout.xml:

<taskbar:DesktopApp DesktopApplicationLinkPath="%AppData%\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk"/>
<taskbar:DesktopApp DesktopApplicationLinkPath="%RAW_TOOLS_DIR%\Admin Command Prompt.lnk"/>

I'll try editing the xml file and install another instance to see if it works

Ana06 commented 4 months ago

I can reproduce the error. The error is related to creating a shortcut to an admin windows console (the one used in the taskbar) in the installer.vm package. It does not fail the tools installation, but it makes the installer.vm package fail without applying the taskbar configuration and other post installation steps.

Ana06 commented 4 months ago

The issue is still not fixed... working on it.

Ana06 commented 4 months ago

I have deleted the broken packages from myget, which will make flare-vm to use a previous version of the installer until we have a newer working version. It should work now, although the issue is not really fixed in VM-Packages.

Ana06 commented 4 months ago

The issue is now fixed. Thanks for reporting it!