TASK [windows_common : include] ****
[DEPRECATION WARNING]: "include" is deprecated, use
include_tasks/import_tasks/import_playbook instead. This feature will be
removed in version 2.16. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=firefox)
included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=git)
included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=notepadplusplus)
included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=7zip)
included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=adobereader)
included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=python)
TASK [windows_common : install firefox] ****
[WARNING]: Chocolatey was missing from this system, so it was installed during
this task run.
fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": true, "command": "C:\ProgramData\Chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]}
...ignoring
TASK [windows_common : install git] ****
fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]}
...ignoring
TASK [windows_common : install notepadplusplus] ****
fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]}
...ignoring
TASK [windows_common : install 7zip] ***
fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]}
...ignoring
TASK [windows_common : install adobereader] ****
fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]}
...ignoring
TASK [windows_common : install python] *****
fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]}
...ignoring
==> ar-win-attack-range-key-pair-ar-0: Running provisioner: ansible...
ar-win-attack-range-key-pair-ar-0: Running ansible-playbook...
[DEPRECATION WARNING]: "include" is deprecated, use include_tasks/import_tasks
instead. This feature will be removed in version 2.16. Deprecation warnings can
be disabled by setting deprecation_warnings=False in ansible.cfg.
TASK [red_team_tools : Git clone SharpHound] ***
fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": true, "cmd": "git clone https://github.com/BloodHoundAD/SharpHound3.git C:\tools\SharpHound3", "delta": "0:00:01.031985", "end": "2023-07-04 14:28:21.452308", "msg": "non-zero return code", "rc": 1, "start": "2023-07-04 14:28:20.420323", "stderr": "git : The term 'git' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the \r\nspelling of the name, or if a path was included, verify that the path is correct and try again.\r\nAt line:1 char:65\r\n+ ... le]::InputEncoding = New-Object Text.UTF8Encoding $false; git clone h ...\r\n+ ~\r\n + CategoryInfo : ObjectNotFound: (git:String) [], CommandNotFoundException\r\n + FullyQualifiedErrorId : CommandNotFoundException", "stderr_lines": ["git : The term 'git' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the ", "spelling of the name, or if a path was included, verify that the path is correct and try again.", "At line:1 char:65", "+ ... le]::InputEncoding = New-Object Text.UTF8Encoding $false; git clone h ...", "+ ~", " + CategoryInfo : ObjectNotFound: (git:String) [], CommandNotFoundException", " + FullyQualifiedErrorId : CommandNotFoundException"], "stdout": "", "stdout_lines": []}
Resolved by manually installing the choco on Windows server. Initial failure cause was .NET framework installation required reboot to continue installing choco.
TASK [windows_common : include] **** [DEPRECATION WARNING]: "include" is deprecated, use include_tasks/import_tasks/import_playbook instead. This feature will be removed in version 2.16. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=firefox) included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=git) included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=notepadplusplus) included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=7zip) included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=adobereader) included: /opt/attack_range/packer/ansible/roles/windows_common/tasks/install_app_chocolatey.yml for ar-win-attack-range-key-pair-ar-0 => (item=python)
TASK [windows_common : install firefox] **** [WARNING]: Chocolatey was missing from this system, so it was installed during this task run. fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": true, "command": "C:\ProgramData\Chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]} ...ignoring
TASK [windows_common : install git] **** fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]} ...ignoring
TASK [windows_common : install notepadplusplus] **** fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]} ...ignoring
TASK [windows_common : install 7zip] *** fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]} ...ignoring
TASK [windows_common : install adobereader] **** fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]} ...ignoring
TASK [windows_common : install python] ***** fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": false, "command": "C:\ProgramData\chocolatey\bin\choco.exe list --local-only --limit-output --all-versions", "msg": "Error checking installation status for chocolatey packages", "rc": 1, "stderr": "", "stderr_lines": [], "stdout": "Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.\r\n", "stdout_lines": ["Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information."]} ...ignoring
TASK [windows_universal_forwarder : Download Splunk UF from Splunk website] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_universal_forwarder : Install Splunk_UF MSI] ***** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_universal_forwarder : Start Splunk] ** ok: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_universal_forwarder : Create folder directory for outputs configuration] *** changed: [ar-win-attack-range-key-pair-ar-0] => (item=C:\Program Files\SplunkUniversalForwarder\etc\apps\win_outputs_app\local)
TASK [windows_universal_forwarder : Copy an outputs.conf using templating] ***** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_universal_forwarder : Create folder directory for inputs configuration] *** changed: [ar-win-attack-range-key-pair-ar-0] => (item=C:\Program Files\SplunkUniversalForwarder\etc\apps\powershell_inputs_app\local)
TASK [windows_universal_forwarder : Copy inputs.conf configuration] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_universal_forwarder : Create folder directory for inputs configuration] *** changed: [ar-win-attack-range-key-pair-ar-0] => (item=C:\Program Files\SplunkUniversalForwarder\etc\apps\attack_simulation_inputs_app\local)
TASK [windows_universal_forwarder : Copy inputs.conf configuration] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_universal_forwarder : Create folder directory for inputs configuration] *** changed: [ar-win-attack-range-key-pair-ar-0] => (item=C:\Program Files\SplunkUniversalForwarder\etc\apps\sysmon_inputs_app\local)
TASK [windows_universal_forwarder : Copy inputs.conf configuration] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_universal_forwarder : Create folder directory for inputs configuration] *** changed: [ar-win-attack-range-key-pair-ar-0] => (item=C:\Program Files\SplunkUniversalForwarder\etc\apps\win_inputs_app\local)
TASK [windows_universal_forwarder : Copy inputs.conf configuration] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_universal_forwarder : Create folder directory for inputs configuration] *** changed: [ar-win-attack-range-key-pair-ar-0] => (item=C:\Program Files\SplunkUniversalForwarder\etc\apps\aurora_agent_inputs_app\local)
TASK [windows_universal_forwarder : Copy inputs.conf configuration] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_universal_forwarder : Restart splunk] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [sysmon : Create ansible directories] ***** changed: [ar-win-attack-range-key-pair-ar-0] => (item=c:\Program Files\ansible) changed: [ar-win-attack-range-key-pair-ar-0] => (item=c:\ProgramData\ansible\log)
TASK [sysmon : check if sysmon archive is present] ***** ok: [ar-win-attack-range-key-pair-ar-0]
TASK [sysmon : download sysmon] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [sysmon : unzip sysmon] *** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [sysmon : add sysmon to PATH] ***** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [sysmon : Copy Sysmon template] *** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [sysmon : install sysmon with defined config] ***** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [sysmon : WINEVT Channels Event Log Enabled] ** ok: [ar-win-attack-range-key-pair-ar-0] => (item=Microsoft-Windows-Sysmon/Operational)
TASK [sysmon : WINEVT Channels Event Log size review] ** changed: [ar-win-attack-range-key-pair-ar-0] => (item=Microsoft-Windows-Sysmon/Operational)
TASK [sysmon : WINEVT Channels Event Log retention review] ***** changed: [ar-win-attack-range-key-pair-ar-0] => (item=Microsoft-Windows-Sysmon/Operational)
TASK [sysmon : Reboot server] ** changed: [ar-win-attack-range-key-pair-ar-0]
PLAY RECAP ***** ar-win-attack-range-key-pair-ar-0 : ok=47 changed=31 unreachable=0 failed=0 skipped=1 rescued=0 ignored=6
==> ar-win-attack-range-key-pair-ar-0: Running provisioner: ansible... ar-win-attack-range-key-pair-ar-0: Running ansible-playbook... [DEPRECATION WARNING]: "include" is deprecated, use include_tasks/import_tasks instead. This feature will be removed in version 2.16. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
PLAY [all] *****
TASK [Gathering Facts] ***** ok: [ar-win-attack-range-key-pair-ar-0]
TASK [set_hostname_win : Change the hostname] ** ok: [ar-win-attack-range-key-pair-ar-0]
TASK [set_hostname_win : reboot | Rebooting Server] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_splunk_post : Change Splunk password] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_splunk_post : Change Hostname] *** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [windows_splunk_post : Restart] *** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : features | Installing Windows DNS Server] ***** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : reboot | Rebooting Server] **** skipping: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : set local admin password] ***** ok: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : features | Installing RSAT AD Admin Center] *** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : features | Installing AD Domain Services] ***** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : Creating a windows domain] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : Setting DNS Servers] ** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : reboot | Rebooting Server] **** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : Managing Domain Controller Membership] **** ok: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : Enable Kerberos LogLevel] ***** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : Enable Kerberos Authentication Service Logging] *** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [create_domain_controller : Enable Kerberos Service Ticket Operations Logging] *** changed: [ar-win-attack-range-key-pair-ar-0]
TASK [update_sysmon_config : Copy Sysmon template] ***** skipping: [ar-win-attack-range-key-pair-ar-0]
TASK [update_sysmon_config : install sysmon with defined config] *** skipping: [ar-win-attack-range-key-pair-ar-0]
TASK [update_sysmon_config : Reboot server] **** skipping: [ar-win-attack-range-key-pair-ar-0]
TASK [red_team_tools : Git clone SharpHound] *** fatal: [ar-win-attack-range-key-pair-ar-0]: FAILED! => {"changed": true, "cmd": "git clone https://github.com/BloodHoundAD/SharpHound3.git C:\tools\SharpHound3", "delta": "0:00:01.031985", "end": "2023-07-04 14:28:21.452308", "msg": "non-zero return code", "rc": 1, "start": "2023-07-04 14:28:20.420323", "stderr": "git : The term 'git' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the \r\nspelling of the name, or if a path was included, verify that the path is correct and try again.\r\nAt line:1 char:65\r\n+ ... le]::InputEncoding = New-Object Text.UTF8Encoding $false; git clone h ...\r\n+
~\r\n + CategoryInfo : ObjectNotFound: (git:String) [], CommandNotFoundException\r\n + FullyQualifiedErrorId : CommandNotFoundException", "stderr_lines": ["git : The term 'git' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the ", "spelling of the name, or if a path was included, verify that the path is correct and try again.", "At line:1 char:65", "+ ... le]::InputEncoding = New-Object Text.UTF8Encoding $false; git clone h ...", "+ ~", " + CategoryInfo : ObjectNotFound: (git:String) [], CommandNotFoundException", " + FullyQualifiedErrorId : CommandNotFoundException"], "stdout": "", "stdout_lines": []}PLAY RECAP ***** ar-win-attack-range-key-pair-ar-0 : ok=17 changed=13 unreachable=0 failed=1 skipped=4 rescued=0 ignored=0
Ansible failed to complete successfully. Any error output should be visible above. Please fix these errors and try again.