Repository: mandiant/commando-vm
Branch: main
Commit: 2f87bbe559e1
Files: 24
Total size: 160.6 KB
Directory structure:
gitextract_hd18lnk6/
├── .github/
│ └── ISSUE_TEMPLATE/
│ ├── bug_report.md
│ └── feature_request.md
├── .gitignore
├── Docs/
│ ├── Categories.md
│ ├── Changelog.md
│ ├── Commando_Quickstart_Guide.md
│ ├── Contibuting.md
│ └── Troubleshooting.md
├── License.txt
├── Profiles/
│ ├── Configs/
│ │ ├── win10config.xml
│ │ ├── win10victimconfig.xml
│ │ ├── win11armconfig.xml
│ │ ├── win11armvictimconfig.xml
│ │ ├── win11config.xml
│ │ └── win11victimconfig.xml
│ ├── Default - ARM.xml
│ ├── Default.xml
│ ├── Developer.xml
│ ├── Full - ARM.xml
│ ├── Full.xml
│ ├── Lite.xml
│ └── Victim.xml
├── README.md
└── install.ps1
================================================
FILE CONTENTS
================================================
================================================
FILE: .github/ISSUE_TEMPLATE/bug_report.md
================================================
---
name: Bug report
about: Create a report to help us improve
title: BUG
labels: ''
assignees: ''
---
**Describe the bug and expected behavior**
A clear and concise description of what the bug is.
**To Reproduce**
Steps to reproduce the behavior:
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error
**Screenshots**
If applicable, add screenshots to help explain your problem.
**Version**
- OS: [e.g. Win7]
**Additional context**
Add any other context about the problem here.
================================================
FILE: .github/ISSUE_TEMPLATE/feature_request.md
================================================
---
name: Feature request
about: Suggest an idea for this project
title: FEATURE REQUEST
labels: ''
assignees: ''
---
**Would you like have a tool or script added? Please include a link**
Name of the tool requested and a link to the tool
**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
**If related to a problem, describe the solution you'd like**
A clear and concise description of what you want to happen.
**Describe alternatives you've considered**
A clear and concise description of any alternative solutions or features you've considered.
**Additional context**
Add any other context or screenshots about the feature request here.
================================================
FILE: .gitignore
================================================
.DS_Store
available_packages.xml
/Profiles/Custom.xml
================================================
FILE: Docs/Categories.md
================================================
# Categories
The following is the current list of supported categories for CommandoVM.
These will serve as the Folders used to organize
tools in the user's Desktop\Tools\ directory.
- Command & Control
- Credential Access
- Exploitation
- Lateral Movement
- Payload Development
- Persistence
- Privilege Escalation
- Reconnaissance
- Utilities
- Wordlists
================================================
FILE: Docs/Changelog.md
================================================
# Changelog
## 2023.3 - September 4 2023
- Update to coincide with installer rearchitecture detailed in [this PR](https://github.com/mandiant/VM-Packages/pull/656)
- Changes include modularity of debloat and config functions which will aid in our support for Win11 and Win11ARM
- Removed all debloater functions and moved into [common.vm](https://github.com/mandiant/VM-Packages/tree/main/packages/common.vm)
- Added logic to detect OS and profile settings and move appropriate config file to expected location
- renamed "config.xml" in install script to "packages.xml" to avoid confusion with new install features
- Added "config.xml" as the OS customizations
- Moved `Images\Docs\*` to `Docs\img\*`
- Removed blue text output as Win10 default powershell has blue background and is very hard to read
- Changed console prompt from red font to green
- Disabled automatic malware sample sending in Victim profile
- Created new low-priv user for Victim profile
- Enabled Light Mode for Victim machine for easy visibility
- Added blue logo for Victim machine for easy visibility
## 3.0 - August 9 2023
- Completely rebuilt everything
## 2021.2 - July 14 2021
- Require users to disable Defender before installing
* Too many issues arise from Defender magically turning itself back on. Disabling defender with the preconfig script has been unreliable since Win10 1909.
- removed update requirement (legacy requirement for Windows 7. Windows 7 support was removed last year)
- Added support for Windows 10 20H2 and 21H1
- Removed vcpython27 #204
- updated proxycap install args #203, #200. #196
- updated sqlitebrowser.fireeye to remove newly created desktop shortcuts #200
- Closed issues #203, #204, #202, #200, #196, #195, #192, #191, #190, #189, #188, #186, #185, #184, #177, #175, #174, #170, #169, #160, #134, #133
## 2020.2 - June 17 2020
- Added support for Windows 10 2004
- Corrected syspin verb #124
- Removed WSL from default install #146, #120
- Removed Hyper V from default install #146, #120
- Removed Kali from default install #95, #120
- Removed Docker from default install #95, #120
- Created wsl.fireeye package #95, #120
- Created hyperv.fireeye package #95, #120
- Created multiple install profiles #95, #120
- Default, NestedV, Lite, Full, and Developer
- Removed some dependencies causing %PATH% variable to be truncated to 1024 characters #141
- Added logic to help speed up install
- Removed dependency on custom libraries file #131
- Added custom logging for installation of packages #70
- Fixed bug in autohotkey script for unhardening of UNC paths #68
- Updated Readme #140
## 2020.1 - March 3 2020
- added logic to attempt automatically updating system #88
- added qbittorrent #88
- added dbeaver #88
- added hfsexplorer #88
- added lockhunter #88
- fixed typo for PwnedPasswordsNTLM in packages.json #101
- added BeRoot
- added BloodHound Custom Queries - Hausec
- added Dumpert
- added Recon-AD
- added Net-GPPPassword
- added Gadget2JScript
- added OffensiveCSharp - matterpreter
- added powercat
- added Privesc - enjoiz
- added PSBits
- added ThreadContinue
- added SysWhispers
- added TikiTorch
- added Virus Total Uploader #88
- added NirLauncher #88
- added SimpleDnsCrypt #88
- added Tor Browser #88
- added HeidiSQL #88
- added HTTP File Server #88
- Removed support for Windows 7 (install should still work, but is no longer maintained)
- improved error handling for commandovm.win10.config.fireeye package
- updated commandovm.win10.preconfig.fireeye
- Fixed taskbar pinning on 1903 (still not working for 1909)
- Updated install instructions on readme
- Updated ~45 packages
- Removed Watson binaries (static binaries are not updated in this repo)
- Removed PoshC2 (deprecated, will look at supporting PoshC2 Python)
- Removed Covenant (will support again in a future release)
- Removed Elite (deprecated)
## 2.0 - August 5 2019
- Added Kali Linux https://www.kali.org
- Added Docker https://www.docker.com #88
- Added SpiderFoot https://github.com/smicallef/spiderfoot #84
- Added Amass https://github.com/OWASP/Amass
- Added customization support #42, #25
## 1.3 - June 28 2019
- Added RottenPotatoNG https://github.com/breenmachine/RottenPotatoNG #63
- Added Juicy Potato https://github.com/ohpe/juicy-potato #63, #64
- Added Watson https://github.com/rasta-mouse/Watson #64
- Added PwndPasswordsNTLM https://github.com/JacksonVD/PwnedPasswordsNTLM #67
- Added FOCA https://github.com/JacksonVD/PwnedPasswordsNTLM #71
- Added Vulcan https://github.com/praetorian-code/vulcan
- Added SharpClipHistory https://github.com/mwrlabs/SharpClipHistory
- Added NetRipper https://github.com/NytroRST/NetRipper
- Added RobotsDisallowed https://github.com/danielmiessler/RobotsDisallowed
- Added Probable-Wordlists https://github.com/berzerk0/Probable-Wordlists
- Added SharpSploit https://github.com/cobbr/SharpSploit
- Changed WinRM configuration #65
- Un-hardened UNC file paths #68
- Fixed install issues with Covenant #61, #76
## 1.2 - May 31 2019
- Added recommended hardware settings #20, #17
- Added DomainPasswordSpray https://github.com/dafthack/DomainPasswordSpray #2
- Added GoBuster https://github.com/OJ/gobuster #39
- Added Wfuzz https://github.com/xmendez/wfuzz #40
- Added Notepad++ #30
- Added TextFX plugin for Notepad++
- Added Explorer Suite (CFF Explorer)
## 1.1 - April 30 2019
- Added AD-Control-Paths https://github.com/ANSSI-FR/AD-control-paths/releases
- Added DefenderCheck https://github.com/matterpreter/DefenderCheck
- Added dnsrecon https://github.com/darkoperator/dnsrecon
- Added EvilClippy https://github.com/outflanknl/EvilClippy
- Added NtdsAudit https://github.com/Dionach/NtdsAudit
- Added SharpExec https://github.com/anthemtotheego/SharpExec
- Added Subdomain-Bruteforce https://github.com/visualbasic6/subdomain-bruteforce
- Fixed issue #18 with PATH
- Added Commando Logos with transparent backgrounds to $Home\Pictures
- Pinned Firefox to Taskbar
- Fixed misspellings in Readme #42/#43
- Added Ruby and Ruby Devkit #1
- Updated Rubeus package to current version (1.4.2) #31
1.0.2 - April 10 2019
- Added missing 'seclists.fireeye' package to packages.json #38
1.0.1 - March 31 2019
- Used https instead of http to install boxstarter #10
================================================
FILE: Docs/Commando_Quickstart_Guide.md
================================================
The goal of this guide is to get **anyone** who would like to contribute to the project get started, even with minimal experience with Git.
This guide does not assume prior experience of contributing to Github projects, because a large number of those performing, learning, or researching offensive security may not have had many experiences working on projects with multiple contributors.
To get started with the project, there are a couple key points a contributor will need to understand first:
- CommandoVM is built using a combination of **Chocolatey, Boxstarter, and some custom powershell scripts**. Boxstarter allows installations to continue on reboot (since some package installations may require restarts to work properly), and **Chocolatey** is similar to package managers such as apt, brew, or yum.
- All of the packages used for Commando can be found in the **[vm-packages](https://github.com/mandiant/VM-Packages)** repository. These are then built and pushed to a public package feed on MyGet, which is where Chocolatey goes to fetch the packages. The VM-Packages repository supports other Mandiant virtual machine projects as well, such as [FlareVM](https://github.com/mandiant/flare-vm).
- The **VM-packages [wiki](https://github.com/mandiant/VM-Packages/wiki)** contains great information on contributing to the VM-packages repo.
## What areas need work?
### CommandoVM
There are a couple areas that will need work and regular maintenance. On the **CommandoVM** side, there can be improvements made to:
- the installer. While this is mostly static, certain logic may change as Windows changes, such as certain locations of registry keys. Search for `Installer Functions` around line `932` to begin seeing the functions that contribute to installation logic (the section above handles GUI elements). [installer.ps1](https://github.com/mandiant/commando-vm/blob/main/install.ps1)
- updating installation profiles with new tools. This ensures the latest packages are available and appropriate for the job at hand: offensive security. See the available [profiles](https://github.com/mandiant/commando-vm/tree/main/Profiles).
On top of all this, regular bugs, issues, and improvement recommendations are also provided by the community on the Github page.
### VM-Packages
Many issues have to do with missing packages or packages that fail to install because they are outdated or their installation paths have changed. For those issues, improvements and additions can be made to the **VM-Packages** repository. For more information on adding, testing, and fixing packages, see the **VM-packages [wiki](https://github.com/mandiant/VM-Packages/wiki)**
One major effort maintained here is the `debloat.vm` package that performs the cleanup of a fresh Windows VM, greatly reducing resources consumed (as well as general eye strain). The package can be found here: [debloat.vm](https://github.com/mandiant/VM-Packages/tree/main/packages/debloat.vm)
Another significant part of the project is the **common.vm** package. It helps provide a set of standardized powershell helper functions across Mandiant VMs and provides a method for customization through environment variables. Additional information can be found here [common.vm readme](https://github.com/mandiant/VM-Packages/tree/main/packages/common.vm) and the code is here in the [Common.vm Powershell Module](https://github.com/mandiant/VM-Packages/blob/main/packages/common.vm/tools/vm.common/vm.common.psm1).
## Contributing to VM-Packages
For more information on adding, testing, and fixing packages, see the **VM-packages [wiki](https://github.com/mandiant/VM-Packages/wiki)** and specifically the "**My first package [walk through](https://github.com/mandiant/VM-Packages/wiki/My-first-package-walk-through)**"
I highly recommend referring to recently closed PRs and newly added packages to get a good idea of how packages are structured.
## Contributing to CommandoVM
This section covers the workflow for making a contribution to Commando VM.
**1.** Create a fork of the repository in your Github account
> 
**2.** Clone the repository to your development computer
```
git clone https://github.com/<your-username>/commando-vm
```
- Change directory into the newly cloned directory
```
cd commando-vm
```
- (Optional) set the remote upstream repository so you can keep your clone up to date.
```
git remote add upstream https://github.com/mandiant/commando-vm
```
**3.** Create and checkout a branch for the change
```
git checkout -b <update/fix-for-something>
```
**4.** Make the changes. Add and commit regularly so the comments are descriptive and helpful. Larger commits can be confusing to review.
- After making changes, first stage the changed files.
```
git add .
```
- Commit the changes with a message for each change.
```
git commit -m "This is a change"
```
- Repeat as needed.
**5.** Then push those commits to your fork of Commando VM. This will upload the changes to your Github repository.
```
git push --set-upstream origin <branch-name>
```
**6.** Create a Pull Request to integrate the changes into the Mandiant repository of Commando VM.
- Navigate to your cloned repository
- Use the "Compare & pull request" button to create a pull request. Fill out the title and details about what was changed and the Mandiant team will either approve and merge the change or comment with questions/requested changes.
> 
**7.** Next time you want to use your cloned repository, make sure it is up to date with the following commands:
- `git fetch upstream` to get the upstream changes locally.
- `git checkout main` to select your main branch of the cloned fork.
- `git merge upstream/main` merge the upstream changes with your version.
- `git add .` to stage the changed files after the merge (resolve conflicts first if necessary)
- `git commit` to commit the changes
- `git push origin main` to update the remote fork with changes from the upstream repository
================================================
FILE: Docs/Contibuting.md
================================================
## Contributing
Want to get started contributing? See the links below to learn how.
### Installer
* [Commando VM installation script, GUI, and configuration](https://github.com/mandiant/commando-vm)
### Tool Packages
* [Repository of all tool packages (VM-packages)](https://github.com/mandiant/VM-Packages)
* [Documentation and contribution guides for tool packages](https://github.com/mandiant/VM-Packages/wiki)
* [Submit new tool packages or report package related issues](https://github.com/mandiant/VM-Packages/issues)
================================================
FILE: Docs/Troubleshooting.md
================================================
# Troubleshooting the Install
This page lists the full steps necessary to install CommandoVM, with any additional information that might help you troubleshoot your issues:
- [Requirements](#requirements)
- [Pre-Install Steps](#pre-install-steps)
- [Graphical Install](#graphical-install)
- [Command-Line Install](#command-line-install)
## CommandoVM Requirements
- Windows 10 22H2
- Windows 11 TBA
- Minimum 70 GB Hard Drive
- Minimum 4 GB RAM
## Pre-Install Steps
**Disclaimer**
> The installer will not allow you to continue until you satisfy these requirements. You may skip them by passing the `-skipChecks` flag if you know what you are doing, but we do not recommend it.
### Supported Operating System
CommandoVM currently supports Windows 10 22H2 (19045).
### Running in a Virtual Machine
You should never install CommandoVM on your host machine. CommandoVM makes irreversible changes to the system that you cannot uninstall. We recommend installing it on a virtual machine in VirtualBox or VMWare.
### Storage Requirement
Windows itself takes up significant space on disk and CommandoVM installs a large number of additional packages and tools. Ensure that you have at least **70GB** of storage in your VM. If you opt-in to install the **Full** CommandoVM profile, you will want approximately 110 GB.
### Running as Administrator
CommandoVM uses Chocolatey and Boxstarter to install its packages. Installing packages requires Administrator rights, so you must run your terminal as Administrator as shown on the image below.
### PowerShell Execution Policy
By default PowerShell restricts scripts from being loaded on Windows Workstations and requires them to be signed by a trusted publisher on Windows servers. CommandoVM installation is performed using PowerShell, so you need to disable these restrictions using the following PowerShell command from an elevated prompt:
```powershell
Set-ExecutionPolicy Unrestricted
```
### PowerShell `Unblock-File`
Whenever you download files from the internet, Windows places a "Mark of the Web" identifier on them. Scripts within this repository need to be unblocked so that they can run automatically and not cause issues with the install after clicking the "Go" button.
### Windows Defender and Tamper Protection
In the past CommandoVM would try to programmatically disable Windows Defender for you. Unfortunately Windows Defender is constantly evolving, so we cannot keep up with the changes. You **must** disable Windows Defender and Tamper Protection manually before starting the install. It is not enough to simply disable Real-Time Protection, because **it will become re-enabled after a reboot**.
See the following links for the latest methods of disabling it known to us on Windows 10 and 11:
- [Windows 10](https://superuser.com/questions/1757339/how-to-permanently-disable-windows-defender-real-time-protection-with-gpo)
- [Windows 11](https://www.makeuseof.com/permanently-disable-microsoft-defender-windows-11/)
> **WARNING:** If you do not properly disable Windows Defender, your installation will most certainly fail
## Graphical Install
First, download the CommandoVM repo from GitHub either as a ZIP, or using `git` from PowerShell if you have it installed already:
```powershell
git clone https://github.com/mandiant/commando-vm.git
```
Next, run an elevated terminal and navigate to the folder where you cloned CommandoVM files. Once inside, run the `install.ps1` script:
```powershell
.\install.ps1
```
The pre-install checks menu will open. Make sure you go through the [Pre-Install Steps](#pre-install-steps) section of this page to ensure you pass all of them. The installer will not allow you to click "Continue" until the checks are satisfied or you override them.
> **WARNING:** Do not override the checks if you have no idea why they are failing
Once you pass all the pre-install checks, the main installer window will open. If you wish to customize your install and change what packages are installed, see the [Customization](Customization.md) documentation page. Otherwise, select a profile from the dropdown menu and click "Install".
You will get a password prompt for Boxstarter. If you do not have a password set or your password is blank, click "OK" without entering anything. Otherwise, enter your password into the textbox and click "OK".
The installer GUI will now close and the installation will start. You may monitor its progress inside the terminal window you used to launch the install script. During this time your system will restart multiple times. You will know that installation is finished when your background image gets changed to the Commando logo.
Installation may take over an hour, depending on the specs of the target virtual machine.
> **WARNING:** CommandoVM is not a fully-unattended install. You need to monitor the install progress for any failures or errors.
## Command-Line Install
First, download the CommandoVM repo from GitHub either as a ZIP, or using `git` from PowerShell if you have it installed already:
```powershell
git clone https://github.com/mandiant/commando-vm.git
```
The CommandoVM CLI install is non-interactive. You will need to pass several flags for it to start properly:
- `-cli` - required to avoid spawning the GUI installer
- `-customProfile` - path to an XML profile. See [Customization](Customization.md) for the format.
- `-noPassword` - if your user does not have a password set or the password is blank, pass this flag
- `-password` - if your password is not blank, pass it to the installer using this flag
Here is an example of how you can install the default profile without a password:
```powershell
.\install.ps1 -cli -customProfile .\Profiles\Default.xml -noPassword
```
Here is an example of how you can install the default profile with a password:
```powershell
.\install.ps1 -cli -customProfile .\Profiles\Default.xml -password "Summer2023!"
```
The the installation will now start. During this time your system will restart multiple times. Installation may take over an hour, depending on the specs of the target virtual machine.
> **WARNING:** CommandoVM is not a fully-unattended install. You need to monitor the install progress for any failures or errors.
================================================
FILE: License.txt
================================================
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.
"Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:
You must give any other recipients of the Work or Derivative Works a copy of this License; and
You must cause any modified files to carry prominent notices stating that You changed the files; and
You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and
If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License.
You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
================================================
FILE: Profiles/Configs/win10config.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<apps>
<!--
INFO:
Removes installed AppX packages. Try:
$packages = Get-AppxPackage
$packages.Name
FORMAT:
<app name="APP_NAME"/>
-->
</apps>
<services>
<!--
INFO:
Sets Services to "Manual" startup type. Try:
$services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
$services.Name
FORMAT:
<service name="SERVICE_NAME"/>
-->
</services>
<tasks>
<!--
INFO:
Disables Scheduled Tasks. Try:
$tasks = Get-ScheduledTask
$tasks.TaskName
FORMAT:
<task name="DESCRIPTIVE_NAME" value="TASK_NAME"/>
-->
</tasks>
<registry-items>
<!--
INFO:
Makes custom edits to the registry
FORMAT:
<registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/>
-->
<registry-item name="Set Dark Mode on System" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" value="SystemUsesLightTheme" type="DWord" data="0"/>
<registry-item name="Set Dark Mode on Apps" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" value="AppsUseLightTheme" type="DWord" data="0"/>
<registry-item name="Show full directory path in Explorer title bar" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState" value="FullPath" type="DWord" data="1"/>
<registry-item name="Show known file extensions" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="HideFileExt" type="DWord" data="0"/>
<registry-item name="Show hidden files" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="Hidden" type="DWord" data="1"/>
<registry-item name="Show super hidden files" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="ShowSuperHidden" type="DWord" data="1"/>
<registry-item name="Enable .NET Strong Crypto" path="HKLM:\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" value="SchUseStrongCrypto" type="DWord" data="1" />
<registry-item name="Enable .NET Strong Crypto Wow6432Node" path="HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319" value="SchUseStrongCrypto" type="DWord" data="1" />
<registry-item name="Enable NTFS Long Paths" path="HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem" value="LongPathsEnabled" type="DWord" data="1" />
<registry-item name="Disable SmartScreen" path="HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" value="EnableSmartScreen" type="DWord" data="0" />
<registry-item name="Disable Microsoft Edge Phishing Filter" path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" value="EnabledV9" type="DWord" data="0" />
<registry-item name="Disable Windows Firewall (Standard Profile)" path="HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile" value="EnableFirewall" type="DWord" data="0" />
<registry-item name="Disable UAC Consent Prompt for Administrators" path="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" value="ConsentPromptBehaviorAdmin" type="DWord" data="0" />
<registry-item name="Disable UAC Prompt on Secure Desktop" path="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" value="PromptOnSecureDesktop" type="DWord" data="0" />
<registry-item name="Disable LLMNR" path="HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" value="EnableMulticast" type="DWord" data="0" />
</registry-items>
<path-items>
<!--
INFO:
Removes files and folders from the system
FORMAT:
<path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
-->
</path-items>
<custom-items>
<!--
INFO:
Performs custom commands
FORMAT:
<custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
-->
<custom-item name="Renaming Computer to 'commando'">
<cmd value="Rename-Computer -NewName 'commando'" />
</custom-item>
<custom-item name="Disabling Windows Firewall">
<cmd value="Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False" />
</custom-item>
</custom-items>
</config>
================================================
FILE: Profiles/Configs/win10victimconfig.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<apps>
<!--
INFO:
Removes installed AppX packages. Try:
$packages = Get-AppxPackage
$packages.Name
FORMAT:
<app name="APP_NAME"/>
-->
</apps>
<services>
<!--
INFO:
Sets Services to "Manual" startup type. Try:
$services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
$services.Name
FORMAT:
<service name="SERVICE_NAME"/>
-->
</services>
<tasks>
<!--
INFO:
Disables Scheduled Tasks. Try:
$tasks = Get-ScheduledTask
$tasks.TaskName
FORMAT:
<task name="DESCRIPTIVE_NAME" value="TASK_NAME"/>
-->
</tasks>
<registry-items>
<!--
INFO:
Makes custom edits to the registry
FORMAT:
<registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/>
-->
<registry-item name="Set Light Mode on System" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" value="SystemUsesLightTheme" type="DWord" data="1"/>
<registry-item name="Set Light Mode on Apps" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" value="AppsUseLightTheme" type="DWord" data="1"/>
<registry-item name="Show full directory path in Explorer title bar" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState" value="FullPath" type="DWord" data="1"/>
<registry-item name="Show known file extensions" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="HideFileExt" type="DWord" data="0"/>
<registry-item name="Show hidden files" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="Hidden" type="DWord" data="1"/>
<registry-item name="Show super hidden files" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="ShowSuperHidden" type="DWord" data="1"/>
</registry-items>
<path-items>
<!--
INFO:
Removes files and folders from the system
FORMAT:
<path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
-->
</path-items>
<custom-items>
<!--
INFO:
Performs custom commands
FORMAT:
<custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
-->
<custom-item name="Renaming Computer to 'commando'">
<cmd value="Rename-Computer -NewName 'commando'" />
</custom-item>
<custom-item name="Create Exclusions folder">
<cmd value="Set-MpPreference -ExclusionPath $Env:RAW_TOOLS_DIR" />
</custom-item>
<custom-item name="Disable Defender Automatic Sample Submission">
<cmd value="Set-MpPreference -SubmitSamplesConsent 2" />
</custom-item>
<custom-item name="Create low-priv user account">
<cmd name="Generate random password, create user, save password to logfile" value="$userPassword = -join ((97..122) | Get-Random -Count 20 | ForEach-Object {[char]$_}); $securePassword = ConvertTo-SecureString -String $userPassword -AsPlainText -Force; New-LocalUser -Name 'prometheus' -Description 'Created by Commando Installer' -Password $securePassword; VM-Write-Log 'INFO' $('Created new user prometheus with password ' + $userPassword)" />
</custom-item>
</custom-items>
</config>
================================================
FILE: Profiles/Configs/win11armconfig.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<apps>
<!--
INFO:
Removes installed AppX packages. Try:
$packages = Get-AppxPackage
$packages.Name
FORMAT:
<app name="APP_NAME"/>
-->
</apps>
<services>
<!--
INFO:
Sets Services to "Manual" startup type. Try:
$services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
$services.Name
FORMAT:
<service name="SERVICE_NAME"/>
-->
</services>
<tasks>
<!--
INFO:
Disables Scheduled Tasks. Try:
$tasks = Get-ScheduledTask
$tasks.TaskName
FORMAT:
<task name="DESCRIPTIVE_NAME" value="TASK_NAME"/>
-->
</tasks>
<registry-items>
<!--
INFO:
Makes custom edits to the registry
FORMAT:
<registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/>
-->
</registry-items>
<path-items>
<!--
INFO:
Removes files and folders from the system
FORMAT:
<path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
-->
</path-items>
<custom-items>
<!--
INFO:
Performs custom commands
FORMAT:
<custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
-->
<custom-item name="Renaming Computer to 'commando'">
<cmd value="Rename-Computer -NewName 'commando'" />
</custom-item>
</custom-items>
</config>
================================================
FILE: Profiles/Configs/win11armvictimconfig.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<apps>
<!--
INFO:
Removes installed AppX packages. Try:
$packages = Get-AppxPackage
$packages.Name
FORMAT:
<app name="APP_NAME"/>
-->
</apps>
<services>
<!--
INFO:
Sets Services to "Manual" startup type. Try:
$services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
$services.Name
FORMAT:
<service name="SERVICE_NAME"/>
-->
</services>
<tasks>
<!--
INFO:
Disables Scheduled Tasks. Try:
$tasks = Get-ScheduledTask
$tasks.TaskName
FORMAT:
<task name="DESCRIPTIVE_NAME" value="TASK_NAME"/>
-->
</tasks>
<registry-items>
<!--
INFO:
Makes custom edits to the registry
FORMAT:
<registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/>
-->
</registry-items>
<path-items>
<!--
INFO:
Removes files and folders from the system
FORMAT:
<path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
-->
</path-items>
<custom-items>
<!--
INFO:
Performs custom commands
FORMAT:
<custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
-->
<custom-item name="Renaming Computer to 'commando'">
<cmd value="Rename-Computer -NewName 'commando'" />
</custom-item>
</custom-items>
</config>
================================================
FILE: Profiles/Configs/win11config.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<apps>
<!--
INFO:
Removes installed AppX packages. Try:
$packages = Get-AppxPackage
$packages.Name
FORMAT:
<app name="APP_NAME"/>
-->
</apps>
<services>
<!--
INFO:
Sets Services to "Manual" startup type. Try:
$services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
$services.Name
FORMAT:
<service name="SERVICE_NAME"/>
-->
</services>
<tasks>
<!--
INFO:
Disables Scheduled Tasks. Try:
$tasks = Get-ScheduledTask
$tasks.TaskName
FORMAT:
<task name="DESCRIPTIVE_NAME" value="TASK_NAME"/>
-->
</tasks>
<registry-items>
<!--
INFO:
Makes custom edits to the registry
FORMAT:
<registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/>
-->
</registry-items>
<path-items>
<!--
INFO:
Removes files and folders from the system
FORMAT:
<path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
-->
</path-items>
<custom-items>
<!--
INFO:
Performs custom commands
FORMAT:
<custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
-->
<custom-item name="Renaming Computer to 'commando'">
<cmd value="Rename-Computer -NewName 'commando'" />
</custom-item>
</custom-items>
</config>
================================================
FILE: Profiles/Configs/win11victimconfig.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<apps>
<!--
INFO:
Removes installed AppX packages. Try:
$packages = Get-AppxPackage
$packages.Name
FORMAT:
<app name="APP_NAME"/>
-->
</apps>
<services>
<!--
INFO:
Sets Services to "Manual" startup type. Try:
$services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
$services.Name
FORMAT:
<service name="SERVICE_NAME"/>
-->
</services>
<tasks>
<!--
INFO:
Disables Scheduled Tasks. Try:
$tasks = Get-ScheduledTask
$tasks.TaskName
FORMAT:
<task name="DESCRIPTIVE_NAME" value="TASK_NAME"/>
-->
</tasks>
<registry-items>
<!--
INFO:
Makes custom edits to the registry
FORMAT:
<registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/>
-->
</registry-items>
<path-items>
<!--
INFO:
Removes files and folders from the system
FORMAT:
<path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
-->
</path-items>
<custom-items>
<!--
INFO:
Performs custom commands
FORMAT:
<custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
-->
<custom-item name="Renaming Computer to 'commando'">
<cmd value="Rename-Computer -NewName 'commando'" />
</custom-item>
</custom-items>
</config>
================================================
FILE: Profiles/Default - ARM.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<envs>
<env name="MIN_DISK_SPACE" value="70" />
<env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
<env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
<env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
<env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
</envs>
<packages>
<package name="notepadplusplus.vm" />
<package name="7zip-15-05.vm" />
<package name="azurehound.vm" />
<package name="bloodhound.vm" />
<package name="cmder.vm" />
<package name="cyberchef.vm" />
<package name="gobuster.vm" />
<package name="sqlrecon.vm" />
<package name="awscli" />
<package name="az.powershell" />
<package name="azure-cli" />
<package name="teamfiltration.vm" />
<package name="obsidian" />
<package name="firefox" />
<package name="greenshot" />
<package name="keepass" />
<package name="ilspy.vm" />
<package name="wireshark.vm" />
<package name="cyberchef.vm" />
<package name="pebear.vm" />
<package name="sysinternals.vm" />
<package name="situational-awareness-bof.vm" />
<package name="unhook-bof.vm" />
<package name="stracciatella.vm" />
<package name="nanodump.vm" />
<package name="truestedsec-remote-ops-bof.vm" />
<package name="outflank-c2-tool-collection.vm" />
<package name="certify.vm" />
<package name="streamdivert.vm" />
<package name="whisker.vm" />
<package name="confuserex.vm" />
<package name="dotnettojscript.vm" />
<package name="gadgettojscript.vm" />
<package name="sharpup.vm" />
<package name="az.powershell" />
<package name="azure-cli" />
<package name="routesixtysink.vm" />
<package name="sharphound.vm" />
<package name="spoolsample.vm" />
<package name="sharpview.vm" />
<package name="seatbelt.vm" />
<package name="telnet.vm" />
<package name="badassmacros.vm" />
<package name="bloodhound-custom-queries.vm" />
<package name="burp-free.vm" />
<package name="c3.vm" />
<package name="covenant.vm" />
<package name="credninja.vm" />
<package name="dumpert.vm" />
<package name="evilclippy.vm" />
<package name="exiftool.vm" />
<package name="gowitness.vm" />
<package name="group3r.vm" />
<package name="hxd.vm" />
<package name="invokedosfuscation.vm" />
<package name="invokeobfuscation.vm" />
<package name="juicypotato.vm" />
<package name="keethief.vm" />
<package name="kerbrute.vm" />
<package name="mailsniper.vm" />
<package name="mfasweep.vm" />
<package name="minidump.vm" />
<package name="microburst.vm" />
<package name="netgpppassword.vm" />
<package name="nmap.vm" />
<package name="payloadsallthethings.vm" />
<package name="petitpotam.vm" />
<package name="powercat.vm" />
<package name="powermad.vm" />
<package name="powersploit.vm" />
<package name="powerupsql.vm" />
<package name="powerzure.vm" />
<package name="processdump.vm" />
<package name="rubeus.vm" />
<package name="sharpdpapi.vm" />
<package name="sharplaps.vm" />
<package name="sharpsecdump.vm" />
<package name="sharpwmi.vm" />
<package name="sliver.vm" />
<package name="snaffler.vm" />
<package name="syswhispers2.vm" />
<package name="tor-browser.vm" />
<package name="upx.vm" />
<package name="windbg.vm" />
<package name="adconnectdump.vm" />
<package name="ldapnomnom.vm" />
<package name="pesieve.vm" />
<package name="shellcode_launcher.vm" />
<package name="asreproast.vm" />
<package name="dnspyex.vm" />
<package name="fakenet-ng.vm" />
<package name="nasm.vm" />
<package name="mimikatz.vm" />
<package name="safetykatz.vm" />
<package name="sharpcliphistory.vm" />
<package name="sharpdump.vm" />
<package name="sharpexec.vm" />
<package name="syswhispers3.vm" />
<package name="vnc-viewer.vm" />
<package name="wmimplant.vm" />
<package name="x64dbg.vm" />
<package name="getlapspasswords.vm" />
<package name="inveigh.vm" />
<package name="merlin.vm" />
<package name="openvpn.vm" />
<package name="resourcehacker.vm" />
<package name="sqlitebrowser.vm" />
<package name="winscp.vm" />
<package name="jre8" />
<package name="unxutils" />
</packages>
</config>
================================================
FILE: Profiles/Default.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<envs>
<env name="MIN_DISK_SPACE" value="70" />
<env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
<env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
<env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
<env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
</envs>
<packages>
<package name="notepadplusplus.vm" />
<package name="7zip-15-05.vm" />
<package name="azurehound.vm" />
<package name="bloodhound.vm" />
<package name="cmder.vm" />
<package name="cyberchef.vm" />
<package name="gobuster.vm" />
<package name="sqlrecon.vm" />
<package name="awscli" />
<package name="az.powershell" />
<package name="azure-cli" />
<package name="teamfiltration.vm" />
<package name="obsidian" />
<package name="googlechrome" />
<package name="firefox" />
<package name="vscode" />
<package name="greenshot" />
<package name="vlc" />
<package name="keepass" />
<package name="ilspy.vm" />
<package name="wireshark.vm" />
<package name="cyberchef.vm" />
<package name="pebear.vm" />
<package name="sysinternals.vm" />
<package name="situational-awareness-bof.vm" />
<package name="unhook-bof.vm" />
<package name="stracciatella.vm" />
<package name="nanodump.vm" />
<package name="truestedsec-remote-ops-bof.vm" />
<package name="outflank-c2-tool-collection.vm" />
<package name="certify.vm" />
<package name="streamdivert.vm" />
<package name="whisker.vm" />
<package name="confuserex.vm" />
<package name="dotnettojscript.vm" />
<package name="gadgettojscript.vm" />
<package name="sharpup.vm" />
<package name="az.powershell" />
<package name="azure-cli" />
<package name="routesixtysink.vm" />
<package name="sharphound.vm" />
<package name="spoolsample.vm" />
<package name="sharpview.vm" />
<package name="seatbelt.vm" />
<package name="telnet.vm" />
<package name="badassmacros.vm" />
<package name="bloodhound-custom-queries.vm" />
<package name="burp-free.vm" />
<package name="c3.vm" />
<package name="covenant.vm" />
<package name="credninja.vm" />
<package name="dumpert.vm" />
<package name="evilclippy.vm" />
<package name="exiftool.vm" />
<package name="gowitness.vm" />
<package name="group3r.vm" />
<package name="hxd.vm" />
<package name="invokedosfuscation.vm" />
<package name="invokeobfuscation.vm" />
<package name="juicypotato.vm" />
<package name="keethief.vm" />
<package name="kerbrute.vm" />
<package name="mailsniper.vm" />
<package name="mfasweep.vm" />
<package name="minidump.vm" />
<package name="microburst.vm" />
<package name="netgpppassword.vm" />
<package name="nmap.vm" />
<package name="payloadsallthethings.vm" />
<package name="petitpotam.vm" />
<package name="powercat.vm" />
<package name="powermad.vm" />
<package name="powersploit.vm" />
<package name="powerupsql.vm" />
<package name="powerzure.vm" />
<package name="processdump.vm" />
<package name="rubeus.vm" />
<package name="sharpdpapi.vm" />
<package name="sharplaps.vm" />
<package name="sharpsecdump.vm" />
<package name="sharpwmi.vm" />
<package name="sliver.vm" />
<package name="snaffler.vm" />
<package name="syswhispers2.vm" />
<package name="tor-browser.vm" />
<package name="upx.vm" />
<package name="windbg.vm" />
<package name="adconnectdump.vm" />
<package name="ldapnomnom.vm" />
<package name="pesieve.vm" />
<package name="shellcode_launcher.vm" />
<package name="asreproast.vm" />
<package name="dnspyex.vm" />
<package name="fakenet-ng.vm" />
<package name="nasm.vm" />
<package name="mimikatz.vm" />
<package name="safetykatz.vm" />
<package name="sharpcliphistory.vm" />
<package name="sharpdump.vm" />
<package name="sharpexec.vm" />
<package name="syswhispers3.vm" />
<package name="vnc-viewer.vm" />
<package name="wmimplant.vm" />
<package name="x64dbg.vm" />
<package name="getlapspasswords.vm" />
<package name="inveigh.vm" />
<package name="merlin.vm" />
<package name="openvpn.vm" />
<package name="resourcehacker.vm" />
<package name="sqlitebrowser.vm" />
<package name="winscp.vm" />
<package name="jre8" />
<package name="unxutils" />
</packages>
</config>
================================================
FILE: Profiles/Developer.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<envs>
<env name="MIN_DISK_SPACE" value="80" />
<env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
<env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
<env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
<env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
</envs>
<packages>
<package name="notepadplusplus.vm" />
<package name="apimonitor.vm" />
<package name="badassmacros.vm" />
<package name="bytecodeviewer.vm" />
<package name="capa.vm" />
<package name="codetrack.vm" />
<package name="confuserex.vm" />
<package name="covenant.vm" />
<package name="cyberchef.vm" />
<package name="dll-to-exe.vm" />
<package name="dotnettojscript.vm" />
<package name="evilclippy.vm" />
<package name="gadgettojscript.vm" />
<package name="hashmyfiles.vm" />
<package name="invokedosfuscation.vm" />
<package name="invokeobfuscation.vm" />
<package name="merlin.vm" />
<package name="openvpn.vm" />
<package name="pebear.vm" />
<package name="pesieve.vm" />
<package name="pestudio.vm" />
<package name="processdump.vm" />
<package name="resourcehacker.vm" />
<package name="rundotnetdll.vm" />
<package name="scdbg.vm" />
<package name="setdllcharacteristics.vm" />
<package name="shellcode_launcher.vm" />
<package name="sliver.vm" />
<package name="stracciatella.vm" />
<package name="sysinternals.vm" />
<package name="syswhispers2.vm" />
<package name="syswhispers3.vm" />
<package name="telnet.vm" />
<package name="tor-browser.vm" />
<package name="unhook-bof.vm" />
<package name="upx.vm" />
<package name="visualstudio.vm" />
<package name="vcbuildtools.vm" />
<package name="windbg.vm" />
<package name="winscp.vm" />
<package name="wireshark.vm" />
<package name="wmimplant.vm" />
<package name="x64dbg.vm" />
<package name="yara.vm" />
<package name="c3.vm" />
<package name="obsidian" />
<package name="googlechrome" />
<package name="firefox" />
<package name="vscode" />
<package name="greenshot" />
<package name="vlc" />
<package name="gimp" />
<package name="keepass" />
<package name="adobereader" />
<package name="golang" />
<package name="rust" />
<package name="nim" />
<package name="idafree.vm" />
<package name="exiftool.vm" />
<package name="hxd.vm" />
<package name="cmder.vm" />
<package name="python3" />
<package name="fiddlerclassic.vm" />
<package name="burp-free.vm" />
<package name="nmap.vm" />
<package name="git" />
<package name="sublimetext3.app" />
<package name="unxutils" />
<package name="ghidra.vm" />
</packages>
</config>
================================================
FILE: Profiles/Full - ARM.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<envs>
<env name="MIN_DISK_SPACE" value="100" />
<env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
<env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
<env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
<env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
</envs>
<packages>
<package name="notepadplusplus.vm" />
<package name="7zip-15-05.vm" />
<package name="azurehound.vm" />
<package name="bloodhound.vm" />
<package name="cmder.vm" />
<package name="cyberchef.vm" />
<package name="gobuster.vm" />
<package name="sqlrecon.vm" />
<package name="awscli" />
<package name="az.powershell" />
<package name="azure-cli" />
<package name="teamfiltration.vm" />
<package name="obsidian" />
<package name="firefox" />
<package name="greenshot" />
<package name="gimp" />
<package name="keepass" />
<package name="adobereader" />
<package name="golang" />
<package name="rust" />
<package name="nim" />
<package name="visualstudio.vm" />
<package name="ilspy.vm" />
<package name="wireshark.vm" />
<package name="cyberchef.vm" />
<package name="pebear.vm" />
<package name="sysinternals.vm" />
<package name="situational-awareness-bof.vm" />
<package name="unhook-bof.vm" />
<package name="stracciatella.vm" />
<package name="nanodump.vm" />
<package name="truestedsec-remote-ops-bof.vm" />
<package name="outflank-c2-tool-collection.vm" />
<package name="certify.vm" />
<package name="streamdivert.vm" />
<package name="whisker.vm" />
<package name="confuserex.vm" />
<package name="dotnettojscript.vm" />
<package name="gadgettojscript.vm" />
<package name="sharpup.vm" />
<package name="idafree.vm" />
<package name="az.powershell" />
<package name="azure-cli" />
<package name="routesixtysink.vm" />
<package name="sharphound.vm" />
<package name="spoolsample.vm" />
<package name="sharpview.vm" />
<package name="seatbelt.vm" />
<package name="telnet.vm" />
<package name="badassmacros.vm" />
<package name="bloodhound-custom-queries.vm" />
<package name="burp-free.vm" />
<package name="bytecodeviewer.vm" />
<package name="c3.vm" />
<package name="covenant.vm" />
<package name="credninja.vm" />
<package name="dumpert.vm" />
<package name="evilclippy.vm" />
<package name="exiftool.vm" />
<package name="fuzzdb.vm" />
<package name="ghidra.vm" />
<package name="gowitness.vm" />
<package name="group3r.vm" />
<package name="hxd.vm" />
<package name="invokedosfuscation.vm" />
<package name="invokeobfuscation.vm" />
<package name="juicypotato.vm" />
<package name="keethief.vm" />
<package name="kerbrute.vm" />
<package name="mailsniper.vm" />
<package name="mfasweep.vm" />
<package name="minidump.vm" />
<package name="microburst.vm" />
<package name="netgpppassword.vm" />
<package name="nmap.vm" />
<package name="payloadsallthethings.vm" />
<package name="pestudio.vm" />
<package name="petitpotam.vm" />
<package name="powercat.vm" />
<package name="powermad.vm" />
<package name="powersploit.vm" />
<package name="powerupsql.vm" />
<package name="powerzure.vm" />
<package name="processdump.vm" />
<package name="rubeus.vm" />
<package name="seclists.vm" />
<package name="sharpdpapi.vm" />
<package name="sharplaps.vm" />
<package name="sharpsecdump.vm" />
<package name="sharpwmi.vm" />
<package name="sliver.vm" />
<package name="snaffler.vm" />
<package name="statistically-likely-usernames.vm" />
<package name="syswhispers2.vm" />
<package name="tor-browser.vm" />
<package name="upx.vm" />
<package name="windbg.vm" />
<package name="adconnectdump.vm" />
<package name="ldapnomnom.vm" />
<package name="pesieve.vm" />
<package name="shellcode_launcher.vm" />
<package name="asreproast.vm" />
<package name="dnspyex.vm" />
<package name="fakenet-ng.vm" />
<package name="nasm.vm" />
<package name="mimikatz.vm" />
<package name="safetykatz.vm" />
<package name="sharpcliphistory.vm" />
<package name="sharpdump.vm" />
<package name="sharpexec.vm" />
<package name="syswhispers3.vm" />
<package name="vnc-viewer.vm" />
<package name="wmimplant.vm" />
<package name="x64dbg.vm" />
<package name="getlapspasswords.vm" />
<package name="inveigh.vm" />
<package name="merlin.vm" />
<package name="openvpn.vm" />
<package name="resourcehacker.vm" />
<package name="sqlitebrowser.vm" />
<package name="winscp.vm" />
<package name="jre8" />
<package name="tortoisesvn" />
<package name="qbittorrent" />
<package name="dbeaver" />
<package name="hfsexplorer" />
<package name="unxutils" />
</packages>
</config>
================================================
FILE: Profiles/Full.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<envs>
<env name="MIN_DISK_SPACE" value="100" />
<env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
<env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
<env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
<env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
</envs>
<packages>
<package name="notepadplusplus.vm" />
<package name="7zip-15-05.vm" />
<package name="azurehound.vm" />
<package name="bloodhound.vm" />
<package name="cmder.vm" />
<package name="cyberchef.vm" />
<package name="gobuster.vm" />
<package name="sqlrecon.vm" />
<package name="awscli" />
<package name="az.powershell" />
<package name="azure-cli" />
<package name="teamfiltration.vm" />
<package name="obsidian" />
<package name="googlechrome" />
<package name="firefox" />
<package name="vscode" />
<package name="greenshot" />
<package name="vlc" />
<package name="gimp" />
<package name="keepass" />
<package name="adobereader" />
<package name="golang" />
<package name="rust" />
<package name="nim" />
<package name="visualstudio.vm" />
<package name="ilspy.vm" />
<package name="wireshark.vm" />
<package name="cyberchef.vm" />
<package name="pebear.vm" />
<package name="sysinternals.vm" />
<package name="situational-awareness-bof.vm" />
<package name="unhook-bof.vm" />
<package name="stracciatella.vm" />
<package name="nanodump.vm" />
<package name="truestedsec-remote-ops-bof.vm" />
<package name="outflank-c2-tool-collection.vm" />
<package name="certify.vm" />
<package name="streamdivert.vm" />
<package name="whisker.vm" />
<package name="confuserex.vm" />
<package name="dotnettojscript.vm" />
<package name="gadgettojscript.vm" />
<package name="sharpup.vm" />
<package name="idafree.vm" />
<package name="az.powershell" />
<package name="azure-cli" />
<package name="routesixtysink.vm" />
<package name="sharphound.vm" />
<package name="spoolsample.vm" />
<package name="sharpview.vm" />
<package name="seatbelt.vm" />
<package name="telnet.vm" />
<package name="badassmacros.vm" />
<package name="bloodhound-custom-queries.vm" />
<package name="burp-free.vm" />
<package name="bytecodeviewer.vm" />
<package name="c3.vm" />
<package name="covenant.vm" />
<package name="credninja.vm" />
<package name="dumpert.vm" />
<package name="evilclippy.vm" />
<package name="exiftool.vm" />
<package name="fuzzdb.vm" />
<package name="ghidra.vm" />
<package name="gowitness.vm" />
<package name="group3r.vm" />
<package name="hxd.vm" />
<package name="invokedosfuscation.vm" />
<package name="invokeobfuscation.vm" />
<package name="juicypotato.vm" />
<package name="keethief.vm" />
<package name="kerbrute.vm" />
<package name="mailsniper.vm" />
<package name="mfasweep.vm" />
<package name="minidump.vm" />
<package name="microburst.vm" />
<package name="netgpppassword.vm" />
<package name="nmap.vm" />
<package name="payloadsallthethings.vm" />
<package name="pestudio.vm" />
<package name="petitpotam.vm" />
<package name="powercat.vm" />
<package name="powermad.vm" />
<package name="powersploit.vm" />
<package name="powerupsql.vm" />
<package name="powerzure.vm" />
<package name="processdump.vm" />
<package name="rubeus.vm" />
<package name="seclists.vm" />
<package name="sharpdpapi.vm" />
<package name="sharplaps.vm" />
<package name="sharpsecdump.vm" />
<package name="sharpwmi.vm" />
<package name="sliver.vm" />
<package name="snaffler.vm" />
<package name="statistically-likely-usernames.vm" />
<package name="syswhispers2.vm" />
<package name="tor-browser.vm" />
<package name="upx.vm" />
<package name="windbg.vm" />
<package name="adconnectdump.vm" />
<package name="ldapnomnom.vm" />
<package name="pesieve.vm" />
<package name="shellcode_launcher.vm" />
<package name="asreproast.vm" />
<package name="dnspyex.vm" />
<package name="fakenet-ng.vm" />
<package name="nasm.vm" />
<package name="mimikatz.vm" />
<package name="safetykatz.vm" />
<package name="sharpcliphistory.vm" />
<package name="sharpdump.vm" />
<package name="sharpexec.vm" />
<package name="syswhispers3.vm" />
<package name="vnc-viewer.vm" />
<package name="wmimplant.vm" />
<package name="x64dbg.vm" />
<package name="getlapspasswords.vm" />
<package name="inveigh.vm" />
<package name="merlin.vm" />
<package name="openvpn.vm" />
<package name="resourcehacker.vm" />
<package name="sqlitebrowser.vm" />
<package name="winscp.vm" />
<package name="jre8" />
<package name="tortoisesvn" />
<package name="qbittorrent" />
<package name="dbeaver" />
<package name="hfsexplorer" />
<package name="unxutils" />
</packages>
</config>
================================================
FILE: Profiles/Lite.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<envs>
<env name="MIN_DISK_SPACE" value="60" />
<env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
<env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
<env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
<env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
</envs>
<packages>
<package name="notepadplusplus.vm" />
<package name="bloodhound.vm" />
<package name="burp-free.vm" />
<package name="certify.vm" />
<package name="credninja.vm" />
<package name="confuserex.vm" />
<package name="cyberchef.vm" />
<package name="gobuster.vm" />
<package name="fuzzdb.vm" />
<package name="juicypotato.vm" />
<package name="hashmyfiles.vm" />
<package name="mimikatz.vm" />
<package name="nanodump.vm" />
<package name="nmap.vm" />
<package name="openvpn.vm" />
<package name="outflank-c2-tool-collection.vm" />
<package name="petitpotam.vm" />
<package name="powersploit.vm" />
<package name="powerupsql.vm" />
<package name="rubeus.vm" />
<package name="seatbelt.vm" />
<package name="seclists.vm" />
<package name="sharphound.vm" />
<package name="sharpdpapi.vm" />
<package name="sharpup.vm" />
<package name="sharpview.vm" />
<package name="shellcode_launcher.vm" />
<package name="situational-awareness-bof.vm" />
<package name="snaffler.vm" />
<package name="sysinternals.vm" />
<package name="telnet.vm" />
<package name="truestedsec-remote-ops-bof.vm" />
<package name="unhook-bof.vm" />
<package name="whisker.vm" />
<package name="7zip-15-05.vm" />
<package name="obsidian" />
<package name="googlechrome" />
<package name="firefox" />
<package name="vscode" />
<package name="git" />
<package name="bloodhound-custom-queries.vm" />
<package name="unxutils" />
</packages>
</config>
================================================
FILE: Profiles/Victim.xml
================================================
<?xml version="1.0" encoding="utf-8"?>
<config>
<envs>
<env name="MIN_DISK_SPACE" value="50" />
<env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
<env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
<env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
<env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
</envs>
<packages>
<package name="apimonitor.vm" />
<package name="capa.vm" />
<package name="cmder.vm" />
<package name="codetrack.vm" />
<package name="cyberchef.vm" />
<package name="dependencywalker.vm" />
<package name="die.vm" />
<package name="dnspyex.vm" />
<package name="exeinfope.vm" />
<package name="exiftool.vm" />
<package name="file.vm" />
<package name="floss.vm" />
<package name="hashmyfiles.vm" />
<package name="hollowshunter.vm" />
<package name="hxd.vm" />
<package name="idafree.vm" />
<package name="malware-jail.vm" />
<package name="map.vm" />
<package name="ollydbg.vm" />
<package name="pebear.vm" />
<package name="peid.vm" />
<package name="pesieve.vm" />
<package name="pestudio.vm" />
<package name="resourcehacker.vm" />
<package name="rundotnetdll.vm" />
<package name="scdbg.vm" />
<package name="shellcode_launcher.vm" />
<package name="vbdec.vm" />
<package name="windbg.vm" />
<package name="winscp.vm" />
<package name="wireshark.vm" />
<package name="x64dbg.vm" />
<package name="yara.vm" />
<package name="processdump.vm" />
<package name="setdllcharacteristics.vm" />
<package name="googlechrome" />
<package name="firefox" />
<package name="unxutils" />
<package name="sysinternals.vm" />
<package name="fiddlerclassic.vm" />
</packages>
</config>
================================================
FILE: README.md
================================================
## What is CommandoVM?
**Complete Mandiant Offensive VM ("CommandoVM")** is a comprehensive and customizable, Windows-based security distribution for penetration testing and red teaming. CommandoVM comes packaged with a variety of offensive tools not included in [Kali Linux](https://www.kali.org/) which highlight the effectiveness of Windows as an attack platform.
## Requirements
* Windows 10
> Insider Preview editions of Windows are not supported
* 60 GB Hard Drive
* 2 GB RAM
## Recommended
* Windows 10 22H2
* 80+ GB Hard Drive
* 4+ GB RAM
* 2 network adapters
# Install Instructions
Deploy a Windows Virtual Machine
> [Where can I find a Windows 10 Virtual Machine?](https://www.microsoft.com/en-us/software-download/windows10ISO)
## Pre-Install Procedures
**You MUST disable Windows Defender for a smooth install**. The best way to accomplish this is through Group Policy.
In Windows versions 1909 and higher, Tamper Protection was added.
**Tamper Protection must be disabled first, otherwise Group Policy settings are ignored.**
1. Open Windows Security (type `Windows Security` in the search box)
1. Virus & threat protection > Virus & threat protection settings > Manage settings
1. Switch `Tamper Protection` to `Off`
> It is not necessary to change any other setting (`Real Time Protection`, etc.)
> **Important!** Tamper Protection must be disabled before changing Group Policy settings.
To permanently disable Real Time Protection:
1. Make sure you disabled Tamper Protection
1. Open Local Group Policy Editor (type `gpedit` in the search box)
1. Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > Real-time Protection
1. Enable `Turn off real-time protection`
1. **Reboot**
> Make sure to **reboot** before making the next change
To permanently disable Microsoft Defender:
1. Make sure you rebooted your machine
1. Open Local Group Policy Editor (type `gpedit` in the search box)
1. Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus
1. Enable `Turn off Microsoft Defender Antivirus`
1. **Reboot**
[1]: https://stackoverflow.com/questions/62174426/how-to-permanently-disable-windows-defender-real-time-protection-with-gpo
## Installation
1. Complete the pre-install procedures by disabling Defender
1. Download and extract the zip of the Commando-VM repo
1. Run PowerShell as Administrator
1. `Set-ExecutionPolicy Unrestricted -force`
1. `cd ~/Downloads/commando-vm`
1. `Get-ChildItem .\ -Recurse | Unblock-File`
1. `.\install.ps1` for a GUI install or `.\install.ps1 -cli` for command-line
## Contributing
Looking to contribute? Check the links below to learn how!
### Commando-VM (this repository)
- See our quick start guide to go from zero to Commando ASAP! [https://github.com/mandiant/commando-vm/blob/main/Docs/Commando_Quickstart_Guide.md](https://github.com/mandiant/commando-vm/blob/main/Docs/Commando_Quickstart_Guide.md)
### VM-Packages (where all the packages live)
* [Repository of all tool packages (VM-packages)](https://github.com/mandiant/VM-Packages)
* [Documentation and contribution guides for tool packages](https://github.com/mandiant/VM-Packages/wiki)
* [Submit new tool packages or report package related issues](https://github.com/mandiant/VM-Packages/issues)
## Troubleshooting
See the  for more information.
## Credits
- Jake Barteaux @day1player
- Blaine Stancill @MalwareMechanic
- Nhan Huynh @htnhan
- Drew Farber @0xFarbs
- Alex Tselevich @nos3curity
- George Litvinov @geo-lit
- Dennis Tran @Menn1s
- Joseph Clay @skollr34p3r
- Ana Martinez Gomez @anamma_06
- Moritz Raabe
- Derrick Tran @dumosuku
- Mandiant Red Team
- Mandiant FLARE
## Legal Notice
```
This download configuration script is provided to assist penetration testers
in creating handy and versatile toolboxes for offensive engagements. It provides
a convenient interface for them to obtain a useful set of pentesting Tools directly
from their original sources. Installation and use of this script is subject to the
Apache 2.0 License.
You as a user of this script must review, accept and comply with the license
terms of each downloaded/installed package listed below. By proceeding with the
installation, you are accepting the license terms of each package, and
acknowledging that your use of each package will be subject to its respective
license terms.
```
================================================
FILE: install.ps1
================================================
<#
.SYNOPSIS
Installation script for CommandoVM.
.DESCRIPTION
Placeholder
.PARAMETER cli
Switch parameter to skip customization GUI.
.PARAMETER victim
Switch parameter to to install the victim profile.
.PARAMETER skipChecks
Switch parameter to skip validation checks (not recommended).
.PARAMETER password
[CLI INSTALL] Current user password to allow reboot resiliency via Boxstarter
.PARAMETER noPassword
[CLI INSTALL] Used when the user password is not set or is blank
.PARAMETER customProfile
[CLI INSTALL] Path to a configuration XML file. May be a file path or URL.
.EXAMPLE
.\install.ps1
.LINK
https://github.com/mandiant/commando-vm
https://github.com/mandiant/VM-Packages
#>
param (
[switch]$cli,
[switch]$victim,
[switch]$skipChecks,
[switch]$noPassword,
[string]$password,
[string]$customProfile
)
$asciiArt = @'
▄████▄ ▒█████ ███▄ ▄███▓ ███▄ ▄███▓ ▄▄▄ ███▄ █ ▓█████▄ ▒█████
▒██▀ ▀█ ▒██▒ ██▒▓██▒▀█▀ ██▒▓██▒▀█▀ ██▒▒████▄ ██ ▀█ █ ▒██▀ ██▌▒██▒ ██▒
▒▓█ ▄ ▒██░ ██▒▓██ ▓██░▓██ ▓██░▒██ ▀█▄ ▓██ ▀█ ██▒░██ █▌▒██░ ██▒
▒▓▓▄ ▄██▒▒██ ██░▒██ ▒██ ▒██ ▒██ ░██▄▄▄▄██ ▓██▒ ▐▌██▒░▓█▄ ▌▒██ ██░
▒ ▓███▀ ░░ ████▓▒░▒██▒ ░██▒▒██▒ ░██▒ ▓█ ▓██▒▒██░ ▓██░░▒████▓ ░ ████▓▒░
░ ░▒ ▒ ░░ ▒░▒░▒░ ░ ▒░ ░ ░░ ▒░ ░ ░ ▒▒ ▓▒█░░ ▒░ ▒ ▒ ▒▒▓ ▒ ░ ▒░▒░▒░
░ ▒ ░ ▒ ▒░ ░ ░ ░░ ░ ░ ▒ ▒▒ ░░ ░░ ░ ▒░ ░ ▒ ▒ ░ ▒ ▒░
░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ▒
░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
░ ░
'@
Add-Type -AssemblyName System.Drawing
$errorColor = [System.Drawing.ColorTranslator]::FromHtml("#c80505")
$successColor = [System.Drawing.ColorTranslator]::FromHtml("#417505")
$grayedColor = [System.Drawing.ColorTranslator]::FromHtml("#959393")
$skippedColor = [System.Drawing.ColorTranslator]::FromHtml("#f59f00")
$skippedColor = [System.Drawing.ColorTranslator]::FromHtml("#f59f00")
# Load the GUI controls
if (-not $cli.IsPresent) {
Add-Type -AssemblyName System.Windows.Forms
[System.Windows.Forms.Application]::EnableVisualStyles()
$iconPath = Join-Path $PSScriptRoot "Images/mandiant.png"
$icon = [System.Drawing.Icon]::FromHandle((New-Object System.Drawing.Bitmap -ArgumentList $iconPath).GetHicon())
#################################################################################################
################################ Installer Checks Form Controls #################################
#################################################################################################
$CommandoChecksManager = New-Object system.Windows.Forms.Form
$CommandoChecksManager.ClientSize = New-Object System.Drawing.Point(510,376)
$CommandoChecksManager.text = "CommandoVM Pre-Install Checks"
$CommandoChecksManager.TopMost = $true
$CommandoChecksManager.Icon = $icon
$CommandoChecksManager.StartPosition = 'CenterScreen'
$ChecksPanel = New-Object system.Windows.Forms.Panel
$ChecksPanel.height = 274
$ChecksPanel.width = 89
$ChecksPanel.location = New-Object System.Drawing.Point(365,8)
$InstallChecksGroup = New-Object system.Windows.Forms.Groupbox
$InstallChecksGroup.height = 289
$InstallChecksGroup.width = 462
$InstallChecksGroup.text = "Installation Checks"
$InstallChecksGroup.location = New-Object System.Drawing.Point(23,14)
################################# Check Labels #################################
$RunningAsAdminLabel = New-Object system.Windows.Forms.Label
$RunningAsAdminLabel.text = "Running as Administrator"
$RunningAsAdminLabel.AutoSize = $true
$RunningAsAdminLabel.width = 25
$RunningAsAdminLabel.height = 10
$RunningAsAdminLabel.location = New-Object System.Drawing.Point(15,18)
$RunningAsAdminLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$ExecutionPolicyLabel = New-Object system.Windows.Forms.Label
$ExecutionPolicyLabel.text = "Execution Policy Unrestricted"
$ExecutionPolicyLabel.AutoSize = $true
$ExecutionPolicyLabel.width = 25
$ExecutionPolicyLabel.height = 10
$ExecutionPolicyLabel.location = New-Object System.Drawing.Point(15,59)
$ExecutionPolicyLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$WindowsDefenderLabel = New-Object system.Windows.Forms.Label
$WindowsDefenderLabel.text = "Windows Defender Disabled"
$WindowsDefenderLabel.AutoSize = $true
$WindowsDefenderLabel.width = 25
$WindowsDefenderLabel.height = 10
$WindowsDefenderLabel.location = New-Object System.Drawing.Point(15,104)
$WindowsDefenderLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$WindowsReleaseLabel = New-Object system.Windows.Forms.Label
$WindowsReleaseLabel.text = "Compatible Windows Release"
$WindowsReleaseLabel.AutoSize = $true
$WindowsReleaseLabel.width = 25
$WindowsReleaseLabel.height = 10
$WindowsReleaseLabel.location = New-Object System.Drawing.Point(15,149)
$WindowsReleaseLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$RunningVMLabel = New-Object system.Windows.Forms.Label
$RunningVMLabel.text = "Running in a Virtual Machine"
$RunningVMLabel.AutoSize = $true
$RunningVMLabel.width = 25
$RunningVMLabel.height = 10
$RunningVMLabel.location = New-Object System.Drawing.Point(15,193)
$RunningVMLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$EnoughHardStorageLabel = New-Object system.Windows.Forms.Label
$EnoughHardStorageLabel.text = "Enough Hard Drive Space"
$EnoughHardStorageLabel.AutoSize = $true
$EnoughHardStorageLabel.width = 25
$EnoughHardStorageLabel.height = 10
$EnoughHardStorageLabel.location = New-Object System.Drawing.Point(15,239)
$EnoughHardStorageLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
################################# Check Boolean Controls #################################
$RunningAsAdmin = New-Object system.Windows.Forms.Label
$RunningAsAdmin.text = "False"
$RunningAsAdmin.AutoSize = $true
$RunningAsAdmin.width = 25
$RunningAsAdmin.height = 10
$RunningAsAdmin.location = New-Object System.Drawing.Point(24,18)
$RunningAsAdmin.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$RunningAsAdmin.ForeColor = $errorColor
$ExecutionPolicy = New-Object system.Windows.Forms.Label
$ExecutionPolicy.text = "False"
$ExecutionPolicy.AutoSize = $true
$ExecutionPolicy.width = 25
$ExecutionPolicy.height = 10
$ExecutionPolicy.location = New-Object System.Drawing.Point(24,63)
$ExecutionPolicy.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$ExecutionPolicy.ForeColor = $errorColor
$WindowsDefender = New-Object system.Windows.Forms.Label
$WindowsDefender.text = "False"
$WindowsDefender.AutoSize = $true
$WindowsDefender.width = 25
$WindowsDefender.height = 10
$WindowsDefender.location = New-Object System.Drawing.Point(24,108)
$WindowsDefender.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$WindowsDefender.ForeColor = $errorColor
$WindowsRelease = New-Object system.Windows.Forms.Label
$WindowsRelease.text = "False"
$WindowsRelease.AutoSize = $true
$WindowsRelease.width = 25
$WindowsRelease.height = 10
$WindowsRelease.location = New-Object System.Drawing.Point(24,150)
$WindowsRelease.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$WindowsRelease.ForeColor = $errorColor
$RunningVM = New-Object system.Windows.Forms.Label
$RunningVM.text = "False"
$RunningVM.AutoSize = $true
$RunningVM.width = 25
$RunningVM.height = 10
$RunningVM.location = New-Object System.Drawing.Point(24,195)
$RunningVM.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$RunningVM.ForeColor = $errorColor
$EnoughHardStorage = New-Object system.Windows.Forms.Label
$EnoughHardStorage.text = "False"
$EnoughHardStorage.AutoSize = $true
$EnoughHardStorage.width = 25
$EnoughHardStorage.height = 10
$EnoughHardStorage.location = New-Object System.Drawing.Point(24,241)
$EnoughHardStorage.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$EnoughHardStorage.ForeColor = $errorColor
################################# Check Tooltip Controls #################################
$RunningVMTooltip = New-Object system.Windows.Forms.Label
$RunningVMTooltip.text = "Only run this script inside a Virtual Machine"
$RunningVMTooltip.AutoSize = $true
$RunningVMTooltip.width = 25
$RunningVMTooltip.height = 10
$RunningVMTooltip.location = New-Object System.Drawing.Point(15,219)
$RunningVMTooltip.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$RunningVMTooltip.ForeColor = $grayedColor
$WindowsReleaseTooltip = New-Object system.Windows.Forms.Label
$WindowsReleaseTooltip.text = "Ensure your Windows version is supported"
$WindowsReleaseTooltip.AutoSize = $true
$WindowsReleaseTooltip.width = 25
$WindowsReleaseTooltip.height = 10
$WindowsReleaseTooltip.location = New-Object System.Drawing.Point(15,175)
$WindowsReleaseTooltip.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$WindowsReleaseTooltip.ForeColor = $grayedColor
$WindowsDefenderTooltip = New-Object system.Windows.Forms.Label
$WindowsDefenderTooltip.text = "Disable Windows Defender and Tamper Protection"
$WindowsDefenderTooltip.AutoSize = $true
$WindowsDefenderTooltip.width = 25
$WindowsDefenderTooltip.height = 10
$WindowsDefenderTooltip.location = New-Object System.Drawing.Point(15,130)
$WindowsDefenderTooltip.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$WindowsDefenderTooltip.ForeColor = $grayedColor
$ExecutionPolicyTooltip = New-Object system.Windows.Forms.Label
$ExecutionPolicyTooltip.text = "PowerShell: Set-ExecutionPolicy Unrestricted"
$ExecutionPolicyTooltip.AutoSize = $true
$ExecutionPolicyTooltip.width = 25
$ExecutionPolicyTooltip.height = 10
$ExecutionPolicyTooltip.location = New-Object System.Drawing.Point(15,85)
$ExecutionPolicyTooltip.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ExecutionPolicyTooltip.ForeColor = $grayedColor
$RunningAsAdminTooltip = New-Object system.Windows.Forms.Label
$RunningAsAdminTooltip.text = "Please run this script as Administrator"
$RunningAsAdminTooltip.AutoSize = $true
$RunningAsAdminTooltip.width = 25
$RunningAsAdminTooltip.height = 10
$RunningAsAdminTooltip.location = New-Object System.Drawing.Point(15,41)
$RunningAsAdminTooltip.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$RunningAsAdminTooltip.ForeColor = $grayedColor
$EnoughHardStorageTooltip = New-Object system.Windows.Forms.Label
$EnoughHardStorageTooltip.text = "Have at least 70GB of available storage"
$EnoughHardStorageTooltip.AutoSize = $true
$EnoughHardStorageTooltip.width = 25
$EnoughHardStorageTooltip.height = 10
$EnoughHardStorageTooltip.location = New-Object System.Drawing.Point(15,266)
$EnoughHardStorageTooltip.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$EnoughHardStorageTooltip.ForeColor = $grayedColor
################################# Check Completion Controls #################################
$BreakMyInstallCheckbox = New-Object system.Windows.Forms.CheckBox
$BreakMyInstallCheckbox.text = "I understand that continuing without satisfying all"
$BreakMyInstallCheckbox.AutoSize = $false
$BreakMyInstallCheckbox.width = 324
$BreakMyInstallCheckbox.height = 21
$BreakMyInstallCheckbox.location = New-Object System.Drawing.Point(30,319)
$BreakMyInstallCheckbox.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$BreakMyInstallCheckbox.Add_CheckStateChanged({
if ($BreakMyInstallCheckbox.Checked) {
$ChecksCompleteButton.enabled = $true
} else {
$ChecksCompleteButton.enabled = $false
}
})
$BreakMyInstallLabel = New-Object system.Windows.Forms.Label
$BreakMyInstallLabel.text = "pre-install checks might cause install issues"
$BreakMyInstallLabel.AutoSize = $true
$BreakMyInstallLabel.width = 25
$BreakMyInstallLabel.height = 10
$BreakMyInstallLabel.location = New-Object System.Drawing.Point(30,338)
$BreakMyInstallLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ChecksCompleteButton = New-Object system.Windows.Forms.Button
$ChecksCompleteButton.text = "Continue"
$ChecksCompleteButton.width = 97
$ChecksCompleteButton.height = 37
$ChecksCompleteButton.enabled = $false
$ChecksCompleteButton.DialogResult = [System.Windows.Forms.DialogResult]::OK
$ChecksCompleteButton.location = New-Object System.Drawing.Point(387,315)
$ChecksCompleteButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12)
$ChecksCompleteButton.Add_Click({
$global:checksPassed = $true
[void]$CommandoChecksManager.Close()
})
$InstallChecksGroup.controls.AddRange(@($ChecksPanel,$RunningAsAdminLabel,$ExecutionPolicyLabel,$WindowsDefenderLabel,$WindowsReleaseLabel,$RunningVMLabel,$RunningAsAdminTooltip,$ExecutionPolicyTooltip,$WindowsDefenderTooltip,$WindowsReleaseTooltip,$RunningVMTooltip,$EnoughHardStorageLabel, $EnoughHardStorageTooltip,$RunningAsAdmin,$EnoughHardStorage))
$CommandoChecksManager.controls.AddRange(@($InstallChecksGroup,$ChecksCompleteButton,$BreakMyInstallCheckbox,$BreakMyInstallLabel))
$ChecksPanel.controls.AddRange(@($RunningAsAdmin, $ExecutionPolicy,$WindowsDefender,$WindowsRelease,$RunningVM, $EnoughHardStorage))
#################################################################################################
################################# Main Installer Form Controls ##################################
#################################################################################################
$CommandoInstaller = New-Object system.Windows.Forms.Form
$CommandoInstaller.ClientSize = New-Object System.Drawing.Point(693,574)
$CommandoInstaller.text = "CommandoVM Installer"
$CommandoInstaller.TopMost = $true
$CommandoInstaller.StartPosition = 'CenterScreen'
$CommandoInstaller.Icon = $icon
$CommandoLogo = New-Object system.Windows.Forms.PictureBox
$CommandoLogo.width = 338
$CommandoLogo.height = 246
$CommandoLogo.location = New-Object System.Drawing.Point(179,37)
$CommandoLogo.imageLocation = Join-Path $PSScriptRoot "Images/commando.png"
$CommandoLogo.SizeMode = [System.Windows.Forms.PictureBoxSizeMode]::zoom
################################# Main Installer Profile Selection Controls #################################
$ProfileSelector = New-Object system.Windows.Forms.ComboBox
$ProfileSelector.text = "Select Profile"
$ProfileSelector.width = 141
$ProfileSelector.height = 108
$ProfileSelector.location = New-Object System.Drawing.Point(380,449)
$ProfileSelector.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ProfileSelector.DropDownStyle = [System.Windows.Forms.ComboBoxStyle]::DropDownList
$ProfileSelector.Add_SelectedIndexChanged({
$global:selectedProfile = $ProfileSelector.SelectedItem
if ($ProfileSelector.SelectedItem -eq "Custom") {
$RecommendedDiskSpaceLabel.Visible = $false
$RecommendedDiskSpace.Visible = $false
} else {
# Find the DiskSize from $global:profileData where ProfileName equals $global:selectedProfile
$diskSize = ($global:profileData | Where-Object { $_.ProfileName -eq $global:selectedProfile }).DiskSize
# Set $RecommendedDiskSpace.Text to the found DiskSize
$RecommendedDiskSpace.Text = "$($diskSize)GB"
$RecommendedDiskSpaceLabel.Visible = $true
$RecommendedDiskSpace.Visible = $true
}
})
$ConfigureProfileButton = New-Object system.Windows.Forms.Button
$ConfigureProfileButton.text = "Configure Profile"
$ConfigureProfileButton.width = 142
$ConfigureProfileButton.height = 29
$ConfigureProfileButton.location = New-Object System.Drawing.Point(380,478)
$ConfigureProfileButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ConfigureProfileButton.Add_Click({Open-ProfileManager})
$RecommendedDiskSpace = New-Object system.Windows.Forms.Label
$RecommendedDiskSpace.text = "50GB+"
$RecommendedDiskSpace.AutoSize = $true
$RecommendedDiskSpace.width = 25
$RecommendedDiskSpace.height = 10
$RecommendedDiskSpace.location = New-Object System.Drawing.Point(590,523)
$RecommendedDiskSpace.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$RecommendedDiskSpaceLabel = New-Object system.Windows.Forms.Label
$RecommendedDiskSpaceLabel.text = "Recommended Disk Space - "
$RecommendedDiskSpaceLabel.AutoSize = $true
$RecommendedDiskSpaceLabel.width = 25
$RecommendedDiskSpaceLabel.height = 10
$RecommendedDiskSpaceLabel.location = New-Object System.Drawing.Point(390,523)
$RecommendedDiskSpaceLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$RecommendedDiskSpaceLabel.ForeColor = [System.Drawing.ColorTranslator]::FromHtml("#c10000")
################################# Main Installer Profile Labels #################################
$ProfileLabels = New-Object system.Windows.Forms.Groupbox
$ProfileLabels.height = 166
$ProfileLabels.width = 304
$ProfileLabels.text = "Available Profiles"
$ProfileLabels.location = New-Object System.Drawing.Point(38,342)
$ProfileLabelDefault = New-Object system.Windows.Forms.Label
$ProfileLabelDefault.text = "Default"
$ProfileLabelDefault.AutoSize = $true
$ProfileLabelDefault.width = 25
$ProfileLabelDefault.height = 10
$ProfileLabelDefault.location = New-Object System.Drawing.Point(20,25)
$ProfileLabelDefault.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$ProfileLabelFull = New-Object system.Windows.Forms.Label
$ProfileLabelFull.text = "Full"
$ProfileLabelFull.AutoSize = $true
$ProfileLabelFull.width = 25
$ProfileLabelFull.height = 10
$ProfileLabelFull.location = New-Object System.Drawing.Point(20,50)
$ProfileLabelFull.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$ProfileLabelLite = New-Object system.Windows.Forms.Label
$ProfileLabelLite.text = "Lite"
$ProfileLabelLite.AutoSize = $true
$ProfileLabelLite.width = 25
$ProfileLabelLite.height = 10
$ProfileLabelLite.location = New-Object System.Drawing.Point(20,75)
$ProfileLabelLite.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$ProfileLabelDeveloper = New-Object system.Windows.Forms.Label
$ProfileLabelDeveloper.text = "Developer"
$ProfileLabelDeveloper.AutoSize = $true
$ProfileLabelDeveloper.width = 25
$ProfileLabelDeveloper.height = 10
$ProfileLabelDeveloper.location = New-Object System.Drawing.Point(20,100)
$ProfileLabelDeveloper.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$ProfileLabelVictim = New-Object system.Windows.Forms.Label
$ProfileLabelVictim.text = "Victim"
$ProfileLabelVictim.AutoSize = $true
$ProfileLabelVictim.width = 25
$ProfileLabelVictim.height = 10
$ProfileLabelVictim.location = New-Object System.Drawing.Point(20,125)
$ProfileLabelVictim.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
################################# Main Installer Profile Description Labels #################################
$ProfileLabelDescriptionDefault = New-Object system.Windows.Forms.Label
$ProfileLabelDescriptionDefault.text = "- numerous packages for pentesting"
$ProfileLabelDescriptionDefault.AutoSize = $true
$ProfileLabelDescriptionDefault.width = 25
$ProfileLabelDescriptionDefault.height = 10
$ProfileLabelDescriptionDefault.location = New-Object System.Drawing.Point(70,25)
$ProfileLabelDescriptionDefault.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ProfileLabelDescriptionFull = New-Object system.Windows.Forms.Label
$ProfileLabelDescriptionFull.text = "- all tools suitable for CommandoVM"
$ProfileLabelDescriptionFull.AutoSize = $true
$ProfileLabelDescriptionFull.width = 25
$ProfileLabelDescriptionFull.height = 10
$ProfileLabelDescriptionFull.location = New-Object System.Drawing.Point(50,50)
$ProfileLabelDescriptionFull.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ProfileLabelDescriptionLite = New-Object system.Windows.Forms.Label
$ProfileLabelDescriptionLite.text = "- only the bare minimum essential tools"
$ProfileLabelDescriptionLite.AutoSize = $true
$ProfileLabelDescriptionLite.width = 25
$ProfileLabelDescriptionLite.height = 10
$ProfileLabelDescriptionLite.location = New-Object System.Drawing.Point(50,75)
$ProfileLabelDescriptionLite.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ProfileLabelDescriptionDeveloper = New-Object system.Windows.Forms.Label
$ProfileLabelDescriptionDeveloper.text = "- malware development tooling"
$ProfileLabelDescriptionDeveloper.text = "- malware development tooling"
$ProfileLabelDescriptionDeveloper.text = "- malware development tooling"
$ProfileLabelDescriptionDeveloper.AutoSize = $true
$ProfileLabelDescriptionDeveloper.width = 25
$ProfileLabelDescriptionDeveloper.height = 10
$ProfileLabelDescriptionDeveloper.location = New-Object System.Drawing.Point(90,100)
$ProfileLabelDescriptionDeveloper.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ProfileLabelDescriptionVictim = New-Object system.Windows.Forms.Label
$ProfileLabelDescriptionVictim.text = "- set up with tools for payload testing"
$ProfileLabelDescriptionVictim.AutoSize = $true
$ProfileLabelDescriptionVictim.width = 25
$ProfileLabelDescriptionVictim.height = 10
$ProfileLabelDescriptionVictim.location = New-Object System.Drawing.Point(65,125)
$ProfileLabelDescriptionVictim.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
################################# Main Installer License Labels #################################
$DisclaimerLabelLine1 = New-Object system.Windows.Forms.Label
$DisclaimerLabelLine1.text = "By proceeding with the installation, you are"
$DisclaimerLabelLine1.AutoSize = $true
$DisclaimerLabelLine1.width = 262
$DisclaimerLabelLine1.height = 12
$DisclaimerLabelLine1.location = New-Object System.Drawing.Point(380,344)
$DisclaimerLabelLine1.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$DisclaimerLabelLine2 = New-Object system.Windows.Forms.Label
$DisclaimerLabelLine2.text = "accepting the license terms of each package,"
$DisclaimerLabelLine2.AutoSize = $true
$DisclaimerLabelLine2.width = 262
$DisclaimerLabelLine2.height = 10
$DisclaimerLabelLine2.location = New-Object System.Drawing.Point(380,368)
$DisclaimerLabelLine2.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$DisclaimerLabelLine3 = New-Object system.Windows.Forms.Label
$DisclaimerLabelLine3.text = "and acknowledging that your use of each package"
$DisclaimerLabelLine3.AutoSize = $true
$DisclaimerLabelLine3.width = 262
$DisclaimerLabelLine3.height = 10
$DisclaimerLabelLine3.location = New-Object System.Drawing.Point(380,392)
$DisclaimerLabelLine3.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$DisclaimerLabelLine4 = New-Object system.Windows.Forms.Label
$DisclaimerLabelLine4.text = " will be subject to its respective license terms."
$DisclaimerLabelLine4.AutoSize = $true
$DisclaimerLabelLine4.width = 262
$DisclaimerLabelLine4.height = 10
$DisclaimerLabelLine4.location = New-Object System.Drawing.Point(380,417)
$DisclaimerLabelLine4.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
################################# Main Installer Controls #################################
$InstallButton = New-Object system.Windows.Forms.Button
$InstallButton.text = "Install"
$InstallButton.width = 104
$InstallButton.height = 60
$InstallButton.location = New-Object System.Drawing.Point(548,446)
$InstallButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12)
$InstallButton.Add_Click({
if (Open-PasswordEntry) {
[void]$CommandoInstaller.Close()
[void]$CommandoInstaller.Dispose()
Install-Profile -ProfileName $global:selectedProfile
}
})
$CommandoInstaller.controls.AddRange(@($CommandoLogo,$InstallButton,$ProfileSelector,$ConfigureProfileButton,$ProfileLabels,$RecommendedDiskSpaceLabel,$DisclaimerLabelLine1,$DisclaimerLabelLine2,$DisclaimerLabelLine3,$DisclaimerLabelLine4,$RecommendedDiskSpace))
$ProfileLabels.controls.AddRange(@($ProfileLabelDescriptionLite,$Label1,$ProfileLabelLite,$ProfileLabelFull,$ProfileLabelDescriptionFull,$ProfileLabelDefault,$ProfileLabelDescriptionDefault,$ProfileLabelDeveloper,$ProfileLabelDescriptionDeveloper,$ProfileLabelVictim,$ProfileLabelDescriptionVictim))
#################################################################################################
################################# Profile Manager Form Controls #################################
#################################################################################################
$CommandoProfileManager = New-Object system.Windows.Forms.Form
$CommandoProfileManager.ClientSize = New-Object System.Drawing.Point(660,651)
$CommandoProfileManager.text = "CommandoVM Profile Manager"
$CommandoProfileManager.TopMost = $true
$CommandoProfileManager.StartPosition = 'CenterScreen'
$CommandoProfileManager.Icon = $icon
################################# Profile Manager Preset Selector Controls #################################
$PresetSelector = New-Object system.Windows.Forms.ComboBox
$PresetSelector.text = "Default"
$PresetSelector.width = 122
$PresetSelector.height = 20
$PresetSelector.location = New-Object System.Drawing.Point(252,11)
$PresetSelector.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$PresetSelector.DropDownStyle = [System.Windows.Forms.ComboBoxStyle]::DropDownList
$PresetSelector.Add_SelectedIndexChanged({Set-ProfilePreset -ProfileName $PresetSelector.SelectedItem})
$PresetSelectorLabel = New-Object system.Windows.Forms.Label
$PresetSelectorLabel.text = "Preset"
$PresetSelectorLabel.AutoSize = $true
$PresetSelectorLabel.width = 25
$PresetSelectorLabel.height = 10
$PresetSelectorLabel.location = New-Object System.Drawing.Point(203,14)
$PresetSelectorLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
################################# Profile Manager Package Installation Controls #################################
$SelectedPackagesList = New-Object system.Windows.Forms.ListBox
$SelectedPackagesList.text = "listBox"
$SelectedPackagesList.width = 232
$SelectedPackagesList.height = 266
$SelectedPackagesList.location = New-Object System.Drawing.Point(16,69)
$SelectedPackagesList.Add_SelectedIndexChanged({
# We're only gonna reset the available package selection if we have a selection in this listbox
if ($SelectedPackagesList.SelectedIndex -ne -1) {
Set-PackageInformation -PackageName $SelectedPackagesList.SelectedItem
$AvailablePackagesList.ClearSelected()
}
})
$AvailablePackagesList = New-Object system.Windows.Forms.ListBox
$AvailablePackagesList.text = "listBox"
$AvailablePackagesList.width = 228
$AvailablePackagesList.height = 265
$AvailablePackagesList.location = New-Object System.Drawing.Point(318,69)
$AvailablePackagesList.Add_SelectedIndexChanged({
# We're only gonna reset the selected package selection if we have a selection in this listbox
if ($AvailablePackagesList.SelectedIndex -ne -1) {
Set-PackageInformation -PackageName $AvailablePackagesList.SelectedItem
$SelectedPackagesList.ClearSelected()
}
})
$SelectedPackagesLabel = New-Object system.Windows.Forms.Label
$SelectedPackagesLabel.text = "Selected Packages"
$SelectedPackagesLabel.AutoSize = $true
$SelectedPackagesLabel.width = 25
$SelectedPackagesLabel.height = 10
$SelectedPackagesLabel.location = New-Object System.Drawing.Point(64,42)
$SelectedPackagesLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12)
$AvailablePackagesLabel = New-Object system.Windows.Forms.Label
$AvailablePackagesLabel.text = "Available Packages"
$AvailablePackagesLabel.AutoSize = $true
$AvailablePackagesLabel.width = 25
$AvailablePackagesLabel.height = 10
$AvailablePackagesLabel.location = New-Object System.Drawing.Point(360,42)
$AvailablePackagesLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12)
################################# Profile Manager Package Addition Controls #################################
$PackageInstallationGroup = New-Object system.Windows.Forms.Groupbox
$PackageInstallationGroup.height = 367
$PackageInstallationGroup.width = 563
$PackageInstallationGroup.text = "Package Installation"
$PackageInstallationGroup.location = New-Object System.Drawing.Point(48,37)
$AddPackageButton = New-Object system.Windows.Forms.Button
$AddPackageButton.text = "<"
$AddPackageButton.width = 43
$AddPackageButton.height = 30
$AddPackageButton.location = New-Object System.Drawing.Point(260,103)
$AddPackageButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$AddPackageButton.Add_Click({Add-SelectedPackage})
$AddAllPackagesButton = New-Object system.Windows.Forms.Button
$AddAllPackagesButton.text = "<<"
$AddAllPackagesButton.width = 43
$AddAllPackagesButton.height = 30
$AddAllPackagesButton.location = New-Object System.Drawing.Point(260,147)
$AddAllPackagesButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$AddAllPackagesButton.Add_Click({Add-AllPackages})
$RemovePackageButton = New-Object system.Windows.Forms.Button
$RemovePackageButton.text = ">"
$RemovePackageButton.width = 43
$RemovePackageButton.height = 30
$RemovePackageButton.location = New-Object System.Drawing.Point(260,207)
$RemovePackageButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$RemovePackageButton.Add_Click({Remove-SelectedPackage})
$RemoveAllPackagesButton = New-Object system.Windows.Forms.Button
$RemoveAllPackagesButton.text = ">>"
$RemoveAllPackagesButton.width = 43
$RemoveAllPackagesButton.height = 30
$RemoveAllPackagesButton.location = New-Object System.Drawing.Point(260,254)
$RemoveAllPackagesButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$RemoveAllPackagesButton.Add_Click({Remove-AllPackages})
$AddChocoPackageButton = New-Object system.Windows.Forms.Button
$AddChocoPackageButton.text = "Add Choco Package"
$AddChocoPackageButton.width = 150
$AddChocoPackageButton.height = 25
$AddChocoPackageButton.location = New-Object System.Drawing.Point(396,336)
$AddChocoPackageButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$AddChocoPackageButton.Add_Click({Open-AddChocoPackage})
################################# Profile Manager Package Count Labels #################################
$SelectedCountLabel = New-Object system.Windows.Forms.Label
$SelectedCountLabel.text = "Total:"
$SelectedCountLabel.AutoSize = $true
$SelectedCountLabel.width = 25
$SelectedCountLabel.height = 10
$SelectedCountLabel.location = New-Object System.Drawing.Point(15,342)
$SelectedCountLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',8)
$AvailableCountLabel = New-Object system.Windows.Forms.Label
$AvailableCountLabel.text = "Total:"
$AvailableCountLabel.AutoSize = $true
$AvailableCountLabel.width = 25
$AvailableCountLabel.height = 10
$AvailableCountLabel.location = New-Object System.Drawing.Point(316,340)
$AvailableCountLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',8)
################################# Profile Manager Package Information Controls #################################
$PackageInformationGroup = New-Object system.Windows.Forms.Groupbox
$PackageInformationGroup.height = 168
$PackageInformationGroup.width = 562
$PackageInformationGroup.text = "Package Information"
$PackageInformationGroup.location = New-Object System.Drawing.Point(48,424)
$Authors = New-Object system.Windows.Forms.Label
$Authors.text = "Authors"
$Authors.AutoSize = $false
$Authors.AutoEllipsis = $true
$Authors.width = 450
$Authors.height = 20
$Authors.location = New-Object System.Drawing.Point(70,25)
$Authors.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$Version = New-Object system.Windows.Forms.Label
$Version.text = "Version"
$Version.AutoSize = $true
$Version.width = 25
$Version.height = 10
$Version.location = New-Object System.Drawing.Point(70,50)
$Version.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$Description = New-Object system.Windows.Forms.Label
$Description.text = "Tool Description"
$Description.AutoSize = $false
$Description.width = 529
$Description.height = 50
$Description.location = New-Object System.Drawing.Point(10,100)
$Description.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$AuthorsLabel = New-Object system.Windows.Forms.Label
$AuthorsLabel.text = "Authors:"
$AuthorsLabel.AutoSize = $true
$AuthorsLabel.width = 25
$AuthorsLabel.height = 10
$AuthorsLabel.location = New-Object System.Drawing.Point(10,25)
$AuthorsLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$VersionLabel = New-Object system.Windows.Forms.Label
$VersionLabel.text = "Version:"
$VersionLabel.AutoSize = $true
$VersionLabel.width = 25
$VersionLabel.height = 10
$VersionLabel.location = New-Object System.Drawing.Point(10,50)
$VersionLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$DescriptionLabel = New-Object system.Windows.Forms.Label
$DescriptionLabel.text = "Tool Description"
$DescriptionLabel.AutoSize = $true
$DescriptionLabel.width = 25
$DescriptionLabel.height = 10
$DescriptionLabel.location = New-Object System.Drawing.Point(10,75)
$DescriptionLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
################################# Profile Manager Buttons #################################
$DoneButton = New-Object system.Windows.Forms.Button
$DoneButton.text = "Done"
$DoneButton.width = 94
$DoneButton.height = 30
$DoneButton.location = New-Object System.Drawing.Point(424,604)
$DoneButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$DoneButton.Add_Click({
Save-Profile
# Check if "Custom" exists in $ProfileSelector.Items, and add it if it doesn't
if ("Custom" -notin $ProfileSelector.Items) {
$ProfileSelector.Items.Add("Custom")
}
# Set $ProfileSelector.Text to "Custom"
$ProfileSelector.Text = "Custom"
[void]$CommandoProfileManager.Close()
})
$SaveProfileButton = New-Object system.Windows.Forms.Button
$SaveProfileButton.text = "Save Profile As"
$SaveProfileButton.width = 124
$SaveProfileButton.height = 30
$SaveProfileButton.location = New-Object System.Drawing.Point(115,604)
$SaveProfileButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$SaveProfileButton.Add_Click({Save-ProfileAs})
$ResetProfileButton = New-Object system.Windows.Forms.Button
$ResetProfileButton.text = "Reset Profile"
$ResetProfileButton.width = 127
$ResetProfileButton.height = 30
$ResetProfileButton.location = New-Object System.Drawing.Point(269,604)
$ResetProfileButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ResetProfileButton.Add_Click({Set-ProfilePreset -ProfileName $selectedProfile})
################################# Profile Manager Form Constructor #################################
$CommandoProfileManager.controls.AddRange(@($PackageInstallationGroup,$DoneButton,$SaveProfileButton,$ResetProfileButton,$PackageInformationGroup))
$PackageInstallationGroup.controls.AddRange(@($SelectedPackagesLabel,$PresetSelectorLabel,$AddPackageButton,$AddAllPackagesButton,$RemovePackageButton,$RemoveAllPackagesButton,$PresetSelector,$AvailablePackagesLabel,$availableCountLabel,$selectedCountLabel,$SelectedPackagesList,$AvailablePackagesList,$AddChocoPackageButton))
$PackageInformationGroup.controls.AddRange(@($AuthorsLabel,$Description,$DescriptionLabel,$VersionLabel,$Authors,$Version))
#################################################################################################
################################# Password Entry Form Controls ##################################
#################################################################################################
$CommandoPasswordManager = New-Object system.Windows.Forms.Form
$CommandoPasswordManager.ClientSize = New-Object System.Drawing.Point(400,270)
$CommandoPasswordManager.text = "CommandoVM Boxstarter Password"
$CommandoPasswordManager.TopMost = $true
$CommandoPasswordManager.Icon = $icon
$CommandoPasswordManager.StartPosition = 'CenterScreen'
$PasswordOKButton = New-Object system.Windows.Forms.Button
$PasswordOKButton.text = "OK"
$PasswordOKButton.DialogResult = [System.Windows.Forms.DialogResult]::OK
$PasswordOKButton.width = 95
$PasswordOKButton.height = 28
$PasswordOKButton.location = New-Object System.Drawing.Point(153,230)
$PasswordOKButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$PasswordInfoLabel = New-Object system.Windows.Forms.Label
$PasswordInfoLabel.text = "Boxstarter requires user credentials to automatically login and continue the install on a reboot. `n`nIf you do not have a password set, leave the field blank"
$PasswordInfoLabel.AutoSize = $true
$PasswordInfoLabel.Visible = $false
$PasswordInfoLabel.MaximumSize = New-Object System.Drawing.Size(350, 0)
$PasswordInfoLabel.location = New-Object System.Drawing.Point(11,46)
$PasswordInfoLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$PasswordInfoHeadingLabel = New-Object system.Windows.Forms.Label
$PasswordInfoHeadingLabel.text = "Why is my password required?"
$PasswordInfoHeadingLabel.AutoSize = $true
$PasswordInfoHeadingLabel.width = 25
$PasswordInfoHeadingLabel.height = 10
$PasswordInfoHeadingLabel.location = New-Object System.Drawing.Point(11,19)
$PasswordInfoHeadingLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$PasswordInfoBoxstarterLabel = New-Object system.Windows.Forms.Label
$PasswordInfoBoxstarterLabel.text = "Learn more at:"
$PasswordInfoBoxstarterLabel.AutoSize = $true
$PasswordInfoBoxstarterLabel.width = 25
$PasswordInfoBoxstarterLabel.height = 10
$PasswordInfoBoxstarterLabel.location = New-Object System.Drawing.Point(11,117)
$PasswordInfoBoxstarterLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$PasswordInfoBoxstarterLinkLabel = New-Object system.Windows.Forms.Label
$PasswordInfoBoxstarterLinkLabel.text = "https://boxstarter.org/installingpackages"
$PasswordInfoBoxstarterLinkLabel.AutoSize = $true
$PasswordInfoBoxstarterLinkLabel.width = 25
$PasswordInfoBoxstarterLinkLabel.height = 10
$PasswordInfoBoxstarterLinkLabel.location = New-Object System.Drawing.Point(104,117)
$PasswordInfoBoxstarterLinkLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Underline))
$PasswordTextBox = New-Object system.Windows.Forms.TextBox
$PasswordTextBox.multiline = $false
$PasswordTextBox.width = 226
$PasswordTextBox.height = 20
$PasswordTextBox.UseSystemPasswordChar = $True
$PasswordTextBox.location = New-Object System.Drawing.Point(89,195)
$PasswordTextBox.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',14)
$PasswordEntryLabel = New-Object system.Windows.Forms.Label
$PasswordEntryLabel.text = "Enter your user password:"
$PasswordEntryLabel.AutoSize = $true
$PasswordEntryLabel.width = 25
$PasswordEntryLabel.height = 10
$PasswordEntryLabel.location = New-Object System.Drawing.Point(124,171)
$PasswordEntryLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$PasswordInfoGroup = New-Object system.Windows.Forms.Groupbox
$PasswordInfoGroup.height = 145
$PasswordInfoGroup.width = 380
$PasswordInfoGroup.text = "About"
$PasswordInfoGroup.location = New-Object System.Drawing.Point(10,17)
$CommandoPasswordManager.controls.AddRange(@($PasswordOKButton,$PasswordTextBox,$PasswordEntryLabel,$PasswordInfoGroup))
$PasswordInfoGroup.controls.AddRange(@($PasswordInfoLabel,$PasswordInfoHeadingLabel,$PasswordInfoBoxstarterLabel,$PasswordInfoBoxstarterLinkLabel))
#################################################################################################
################################# Chocolatey Package Dialog Box #################################
#################################################################################################
$CommandoChocoManager = New-Object system.Windows.Forms.Form
$CommandoChocoManager.ClientSize = New-Object System.Drawing.Point(407,287)
$CommandoChocoManager.text = "CommandoVM Chocolatey Package"
$CommandoChocoManager.TopMost = $true
$CommandoChocoManager.Icon = $icon
$CommandoChocoManager.StartPosition = 'CenterScreen'
$ChocoPackageTextBox = New-Object system.Windows.Forms.TextBox
$ChocoPackageTextBox.multiline = $false
$ChocoPackageTextBox.width = 231
$ChocoPackageTextBox.height = 20
$ChocoPackageTextBox.location = New-Object System.Drawing.Point(19,185)
$ChocoPackageTextBox.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',14)
$ChocoAboutGroup = New-Object system.Windows.Forms.Groupbox
$ChocoAboutGroup.height = 118
$ChocoAboutGroup.width = 368
$ChocoAboutGroup.text = "About"
$ChocoAboutGroup.location = New-Object System.Drawing.Point(19,22)
$ChocoPackageErrorLabel = New-Object system.Windows.Forms.Label
$ChocoPackageErrorLabel.text = "Chocolatey package not found"
$ChocoPackageErrorLabel.AutoSize = $true
$ChocoPackageErrorLabel.visible = $false
$ChocoPackageErrorLabel.width = 25
$ChocoPackageErrorLabel.height = 10
$ChocoPackageErrorLabel.location = New-Object System.Drawing.Point(115,216)
$ChocoPackageErrorLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$ChocoPackageLabel = New-Object system.Windows.Forms.Label
$ChocoPackageLabel.text = "Enter Chocolatey package name:"
$ChocoPackageLabel.AutoSize = $true
$ChocoPackageLabel.width = 25
$ChocoPackageLabel.height = 10
$ChocoPackageLabel.location = New-Object System.Drawing.Point(19,157)
$ChocoPackageLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ChocoAboutHeadingLabel = New-Object system.Windows.Forms.Label
$ChocoAboutHeadingLabel.text = "Adding Chocolatey Packages"
$ChocoAboutHeadingLabel.AutoSize = $true
$ChocoAboutHeadingLabel.width = 25
$ChocoAboutHeadingLabel.height = 10
$ChocoAboutHeadingLabel.location = New-Object System.Drawing.Point(4,17)
$ChocoAboutHeadingLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
$ChocoAboutLabel = New-Object system.Windows.Forms.Label
$ChocoAboutLabel.text = "CommandoVM uses Chocolatey to install profile packages. You can add any package available in the Chocolatey Community Package Repository to the Commando install. "
$ChocoAboutLabel.AutoSize = $true
$ChocoAboutLabel.MaximumSize = New-Object System.Drawing.Size(370, 0)
$ChocoAboutLabel.location = New-Object System.Drawing.Point(4,42)
$ChocoAboutLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ChocoLearnMoreLabel = New-Object system.Windows.Forms.Label
$ChocoLearnMoreLabel.text = "Learn More at:"
$ChocoLearnMoreLabel.AutoSize = $true
$ChocoLearnMoreLabel.width = 25
$ChocoLearnMoreLabel.height = 10
$ChocoLearnMoreLabel.location = New-Object System.Drawing.Point(4,93)
$ChocoLearnMoreLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ChocoLinkLabel = New-Object system.Windows.Forms.Label
$ChocoLinkLabel.text = "https://community.chocolatey.org/packages"
$ChocoLinkLabel.AutoSize = $true
$ChocoLinkLabel.width = 25
$ChocoLinkLabel.height = 10
$ChocoLinkLabel.location = New-Object System.Drawing.Point(95,93)
$ChocoLinkLabel.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Underline))
$ChocoAddPackageButton = New-Object system.Windows.Forms.Button
$ChocoAddPackageButton.text = "Add Package"
$ChocoAddPackageButton.DialogResult = [System.Windows.Forms.DialogResult]::OK
$ChocoAddPackageButton.width = 118
$ChocoAddPackageButton.height = 30
$ChocoAddPackageButton.enabled = $false
$ChocoAddPackageButton.location = New-Object System.Drawing.Point(144,238)
$ChocoAddPackageButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ChocoFindPackageButton = New-Object system.Windows.Forms.Button
$ChocoFindPackageButton.text = "Find Package"
$ChocoFindPackageButton.width = 118
$ChocoFindPackageButton.height = 30
$ChocoFindPackageButton.enabled = $true
$ChocoFindPackageButton.location = New-Object System.Drawing.Point(269,185)
$ChocoFindPackageButton.Font = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
$ChocoFindPackageButton.Add_Click({
if (Get-ChocoPackage -PackageName $ChocoPackageTextBox.Text) {
$ChocoPackageErrorLabel.Text = "Found Chocolatey package"
$ChocoPackageErrorLabel.ForeColor = $successColor
$ChocoPackageErrorLabel.Visible = $true
$ChocoAddPackageButton.Enabled = $true
} else {
$ChocoPackageErrorLabel.text = "Chocolatey package not found"
$ChocoPackageErrorLabel.ForeColor = $errorColor
$ChocoPackageErrorLabel.Visible = $true
$ChocoAddPackageButton.Enabled = $false
}
})
$CommandoChocoManager.controls.AddRange(@($ChocoPackageTextBox,$ChocoAddPackageButton,$ChocoAboutGroup,$ChocoPackageErrorLabel,$ChocoPackageLabel,$ChocoFindPackageButton))
$ChocoAboutGroup.controls.AddRange(@($ChocoAboutHeadingLabel,$ChocoAboutLabel,$ChocoLearnMoreLabel,$ChocoLinkLabel))
}
#################################################################################################
#################################################################################################
###################################### Installer Functions ######################################
#################################################################################################
#################################################################################################
################################# Functions that conduct Pre-Install Checks #################################
function Check-Admin {
$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
return $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
}
function Check-ExecutionPolicy {
return (Get-ExecutionPolicy).ToString() -eq "Unrestricted"
}
function Check-DefenderAndTamperProtection {
$defender = Get-WmiObject -Namespace "root\Microsoft\Windows\Defender" -Class MSFT_MpPreference
if ($defender.DisableRealtimeMonitoring) {
if (Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows Defender\Features" -Name "TamperProtection" -ea 0) {
return (Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows Defender\Features" -Name "TamperProtection").TamperProtection -ne 5
}
}
return $false
}
function Check-SupportedOS {
$osVersion = (Get-WmiObject -class Win32_OperatingSystem).BuildNumber
$testedVersions = @(19045, 22621)
return $osVersion -in $testedVersions
}
function Check-VM {
$virtualModels = @('VirtualBox', 'VMware', 'Virtual Machine', 'Hyper-V')
$computerSystemModel = (Get-WmiObject win32_computersystem).model
$isVirtualModel = $false
foreach ($model in $virtualModels) {
if ($computerSystemModel.Contains($model)) {
$isVirtualModel = $true
break
}
}
if (!$isVirtualModel) {
return $false
} else {
return $true
}
}
function Check-Storage {
$disk = Get-PSDrive (Get-Location).Drive.Name
Start-Sleep -Seconds 1
if (($disk.used + $disk.free)/1GB -gt 68.8) {
return $true
} else {
return $false
}
}
################################# Functions that change pre-install check configs #################################
function Check-ChocoBoxstarterVersions {
$boxstarterVersionGood = $false
$chocolateyVersionGood = $false
if(${Env:ChocolateyInstall} -and (Test-Path "${Env:ChocolateyInstall}\bin\choco.exe")) {
$chocoVersion = choco --version
$chocolateyVersionGood = [System.Version]$chocoVersion -ge [System.Version]"0.10.13"
choco info -l -r "boxstarter" | ForEach-Object { $name, $chocoVersion = $_ -split '\|' }
$boxstarterVersionGood = [System.Version]$chocoVersion -ge [System.Version]"3.0.0"
if ($chocolateyVersionGood -and $boxstarterVersionGood) {
return $true
} else {
return $false
}
} else {
return $false
}
}
function Check-ChocoBoxstarterInstalls {
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
# Fix WebThreatDefSvc permissions to prevent NuGet access denial
# See: https://github.com/mandiant/commando-vm/issues/330
try {
$webThreatDefPath = "C:\Windows\System32\WebThreatDefSvc"
if (Test-Path $webThreatDefPath) {
Write-Host "[+] Fixing WebThreatDefSvc permissions for NuGet access" -ForegroundColor Yellow
# Take ownership of the directory
$takeownResult = takeown /f $webThreatDefPath /r /d y 2>&1
if ($LASTEXITCODE -ne 0) {
Write-Host "[!] Warning: Failed to take ownership of WebThreatDefSvc (Exit code: $LASTEXITCODE)" -ForegroundColor Yellow
}
# Grant full control to Administrators
$icaclsAdmin = icacls $webThreatDefPath /grant "Administrators:F" /T /C /Q 2>&1
if ($LASTEXITCODE -ne 0) {
Write-Host "[!] Warning: Failed to grant admin permissions to WebThreatDefSvc (Exit code: $LASTEXITCODE)" -ForegroundColor Yellow
}
# Grant full access to Network Service
$icaclsNetwork = icacls $webThreatDefPath /grant "Network Service:(M)" /T /C /Q 2>&1
if ($LASTEXITCODE -ne 0) {
Write-Host "[!] Warning: Failed to grant Network Service permissions to WebThreatDefSvc (Exit code: $LASTEXITCODE)" -ForegroundColor Yellow
}
Write-Host "[+] WebThreatDefSvc permissions updated successfully" -ForegroundColor Green
} else {
Write-Host "[*] WebThreatDefSvc directory not found, skipping permission fix" -ForegroundColor Gray
}
}
catch {
Write-Host "[!] Warning: Error fixing WebThreatDefSvc permissions: $($_.Exception.Message)" -ForegroundColor Yellow
Write-Host "[*] Continuing with installation..." -ForegroundColor Gray
}
Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://boxstarter.org/bootstrapper.ps1'))
Get-Boxstarter -Force
# Fix verbosity issues with Boxstarter v3
# See: https://github.com/chocolatey/boxstarter/issues/501
$fileToFix = "${Env:ProgramData}\boxstarter\boxstarter.chocolatey\Chocolatey.ps1"
$offendingString = 'if ($val -is [string] -or $val -is [boolean]) {'
if ((Get-Content $fileToFix -raw) -contains $offendingString) {
$fixString = 'if ($val -is [string] -or $val -is [boolean] -or $val -is [system.management.automation.actionpreference]) {'
((Get-Content $fileToFix -raw) -replace [regex]::escape($offendingString),$fixString) | Set-Content $fileToFix
}
$fileToFix = "${Env:ProgramData}\boxstarter\boxstarter.chocolatey\invoke-chocolatey.ps1"
$offendingString = 'Verbose = $VerbosePreference'
if ((Get-Content $fileToFix -raw) -contains $offendingString) {
$fixString = 'Verbose = ($global:VerbosePreference -eq "Continue")'
((Get-Content $fileToFix -raw) -replace [regex]::escape($offendingString),$fixString) | Set-Content $fileToFix
}
}
function Check-BoxstarterConfig {
$Boxstarter.RebootOk = (-not $noReboots.IsPresent)
$Boxstarter.AutoLogin = $true
$Boxstarter.SuppressLogging = $True
$global:VerbosePreference = "SilentlyContinue"
Set-BoxstarterConfig -NugetSources "$env:USERPROFILE\Desktop;.;https://www.myget.org/F/vm-packages/api/v2;https://chocolatey.org/api/v2"
}
function Check-ChocoConfig {
choco sources add -n="vm-packages" -s "$env:USERPROFILE\Desktop;.;https://www.myget.org/F/vm-packages/api/v2;https://chocolatey.org/api/v2" --priority 1
choco feature enable -n allowGlobalConfirmation
choco feature enable -n allowEmptyChecksums
$cache = "${Env:LocalAppData}\ChocoCache"
New-Item -Path $cache -ItemType directory -Force | Out-Null
choco config set cacheLocation $cache
}
################################# Functions that Get Profiles and Packages #################################
function Get-ProfileData {
$profilesFolder = Join-Path $PSScriptRoot "./Profiles/"
$profiles = @()
# Loop over the profiles folder
Get-ChildItem -Path $profilesFolder -Filter "*.xml" | ForEach-Object {
$xmlContent = [xml](Get-Content $_.FullName)
$profileName = $_.BaseName
$diskSize = $xmlContent.config.envs.env | Where-Object { $_.name -eq "MIN_DISK_SPACE" } | Select-Object -ExpandProperty value
# Write the profile metadata to a variable
$profiles += [PSCustomObject]@{
ProfileName = $profileName
DiskSize = $diskSize
XmlPath = $_.FullName
}
}
return $profiles
}
function Get-PackagesFromProfile {
param (
[string]$ProfileName
)
# Get the XML profile path for the specified profile
$profilePath = $global:profileData | Where-Object { $_.ProfileName -eq $ProfileName } | Select-Object -ExpandProperty XmlPath
# Read the XML profile and pull the package names out
if ($profilePath) {
$xmlContent = [xml](Get-Content $profilePath)
$packages = $xmlContent.config.packages.package
return $packages
}
else {
Write-Host "[!] Profile not found." -ForegroundColor Red
return @()
}
}
function Get-AvailablePackages {
$apiUrl = "https://www.myget.org/F/vm-packages/Packages"
$destination = Join-Path $PSScriptRoot "./available_packages.xml"
$blockList = @("flarevm.installer.vm", "common.vm", "debloat.vm", "installer.vm")
$packages = @()
# Define XML namespaces
$nsManager = New-Object -TypeName "System.Xml.XmlNamespaceManager" -ArgumentList (New-Object System.Xml.XmlDocument).NameTable
$nsManager.AddNamespace("atom", "http://www.w3.org/2005/Atom")
$nsManager.AddNamespace("d", "http://schemas.microsoft.com/ado/2007/08/dataservices")
$nsManager.AddNamespace("m", "http://schemas.microsoft.com/ado/2007/08/dataservices/metadata")
do {
# Download the XML from MyGet API
try {
Invoke-WebRequest -Uri $apiUrl -OutFile $destination -ErrorAction Stop
}
catch {
Write-Error "Failed to download available_packages.xml. Error: $_"
exit
}
# Load the XML content
$xmlContent = [xml](Get-Content $destination)
# Extract package information from the XML
$xmlContent.SelectNodes("//atom:entry", $nsManager) | ForEach-Object {
$isLatestVersion = $_.SelectSingleNode("m:properties/d:IsLatestVersion", $nsManager).InnerText
# There are multiple versions of packages, but we only display the latest
if ($isLatestVersion -eq "true") {
$packageName = $_.SelectSingleNode("m:properties/d:Id", $nsManager).InnerText
$packageAuthor = $_.SelectSingleNode("atom:author/atom:name", $nsManager).InnerText
$packageVersion = $_.SelectSingleNode("m:properties/d:Version", $nsManager).InnerText
$packageSummary = $_.SelectSingleNode("m:properties/d:Description", $nsManager).InnerText
# Check if package name is not in the blocklist
if ($packageName -notin $blockList) {
$packages += [PSCustomObject]@{
PackageName = $packageName
PackageAuthor = $packageAuthor
PackageVersion = $packageVersion
PackageSummary = $packageSummary
}
}
}
}
# Check if there is a next link in the XML and set the API URL to that link if it exists
$nextLink = $xmlContent.SelectSingleNode("//atom:link[@rel='next']/@href", $nsManager)
$apiUrl = $nextLink."#text"
}
while ($apiUrl -ne $null)
return $packages
}
function Get-ChocoPackage {
param (
[Parameter(Mandatory=$true)]
[string]$PackageName
)
try {
# Call Chocolatey API to get package metadata
$response = Invoke-RestMethod -Uri ('https://community.chocolatey.org/api/v2/Packages()?$filter=Id%20eq%20%27' + $PackageName + '%27&$orderby=Version%20desc&$top=1')
if (!$response) {
return $false
}
return [PSCustomObject]@{
PackageName = $PackageName
PackageAuthor = $response.author.name
PackageVersion = $response.properties.version
PackageSummary = $response.summary.InnerText
}
}
catch {
return $false
}
}
################################# Functions that Set GUI Controls #################################
function Set-SelectedPackages {
# Get the packages for the specified profile
$packagesFromProfile = Get-PackagesFromProfile -ProfileName $global:selectedProfile
if (-not $null -eq $packagesFromProfile) {
# Update the SelectedPackagesList with the packages from the profile
$SelectedPackagesList.Items.Clear()
$SelectedPackagesList.Items.AddRange($packagesFromProfile.name)
# Update the count labels
$SelectedCountLabel.text = "Total: $($SelectedPackagesList.Items.count)"
}
}
function Set-AvailablePackages {
# Update the AvailablePackagesList with all the package names from the $global:packageData that are not in the $SelectedPackagesList.Items
$AvailablePackagesList.Items.Clear()
$filteredPackages = $global:packageData.PackageName | Where-Object { $_ -notin $SelectedPackagesList.Items }
# Add items only if there are items to add
if ($filteredPackages.Count -gt 0) {
$AvailablePackagesList.Items.AddRange($filteredPackages)
}
# Update the count labels
$AvailableCountLabel.text = "Total: $($AvailablePackagesList.Items.count)"
}
function Set-PackageInformation {
param (
[string]$PackageName
)
if ($PackageName -notmatch "\.vm$") {
$package = Get-ChocoPackage -PackageName $PackageName
} else {
# Get the available package list
$package = $global:packageData | Where-Object { $_.PackageName -eq $PackageName }
}
# Populate the package information fields
if ($package) {
$Description.Text = $package.PackageSummary
$Authors.Text = $package.PackageAuthor
$Version.Text = $package.PackageVersion
} else {
Write-Host "[!] Package not found."
}
}
function Set-ProfilePreset {
param (
[string]$ProfileName
)
# Change the selected profile
$global:selectedProfile = $ProfileName
# Re-render the package lists
Set-SelectedPackages
Set-AvailablePackages
# Check if SelectedPackagesList is empty
if ($SelectedPackagesList.Items.Count -gt 0) {
# If not empty, set the package info to the first package in the selected list
Set-PackageInformation -PackageName $SelectedPackagesList.Items[0]
}
else {
# If empty, set the package info to the first package in the available list
Set-PackageInformation -PackageName $AvailablePackagesList.Items[0]
}
}
################################# Functions that Select Packages #################################
function Add-SelectedPackage {
$selectedItem = $AvailablePackagesList.SelectedItem
# Move the selected package over to selected listbox from available
if ($selectedItem) {
$SelectedPackagesList.Items.Add($selectedItem)
$AvailablePackagesList.Items.Remove($selectedItem)
# Update the total counts
$SelectedCountLabel.Text = "Total: $($SelectedPackagesList.Items.Count)"
$AvailableCountLabel.Text = "Total: $($AvailablePackagesList.Items.Count)"
}
}
function Add-AllPackages {
# Move all items from $AvailablePackagesList.Items to $SelectedPackagesList.Items
foreach ($item in $AvailablePackagesList.Items) {
$SelectedPackagesList.Items.Add($item)
}
# Empty out the $AvailablePackagesList.Items
$AvailablePackagesList.Items.Clear()
# Update the count labels
$SelectedCountLabel.text = "Total: $($SelectedPackagesList.Items.Count)"
$AvailableCountLabel.text = "Total: $($AvailablePackagesList.Items.Count)"
}
function Remove-SelectedPackage {
$selectedItem = $SelectedPackagesList.SelectedItem
# Move over the selected package from selected list to available
if ($selectedItem) {
$AvailablePackagesList.Items.Add($selectedItem)
$SelectedPackagesList.Items.Remove($selectedItem)
# Update the total counts
$SelectedCountLabel.Text = "Total: $($SelectedPackagesList.Items.Count)"
$AvailableCountLabel.Text = "Total: $($AvailablePackagesList.Items.Count)"
}
}
function Remove-AllPackages {
# Add each item from selected to available
foreach ($item in $SelectedPackagesList.Items) {
$AvailablePackagesList.Items.Add($item)
}
# Clear out the selected listbox
$SelectedPackagesList.Items.Clear()
$SelectedCountLabel.Text = "Total: $($SelectedPackagesList.Items.Count)"
$AvailableCountLabel.Text = "Total: $($AvailablePackagesList.Items.Count)"
}
################################# Functions that Save Profiles #################################
function Save-Profile {
param (
[string]$ProfilePath = $(Join-Path -Path $PSScriptRoot (".\Profiles" + "\Custom.xml"))
)
# Get the path to the XML of the preset we're basing the profile on and read it into memory
$selectedProfilePath = ($global:profileData | Where-Object { $_.ProfileName -eq $global:selectedProfile }).XmlPath
[xml]$xmlContent = Get-Content -Path $selectedProfilePath
# Remove the profile if one already exists with the same name
if (Test-Path -Path $ProfilePath) {
Remove-Item -Path $ProfilePath -Force
}
# Clear out the packages section of the preset
$packagesNode = $xmlContent.config.packages
$packagesNode.RemoveAll()
# Overwrite the packages section with our own from the selected packages listbox
foreach ($item in $SelectedPackagesList.Items) {
$packageNode = $xmlContent.CreateElement("package")
$packageNode.SetAttribute("name", $item)
$packagesNode.AppendChild($packageNode)
}
$xmlContent.Save($ProfilePath)
$global:profileData = Get-ProfileData
}
function Save-ProfileAs {
$Title = "Save CommandoVM Profile As"
$Filter = "XML Files (*.xml)|*.xml|All Files (*.*)|*.*"
$InitialDirectory = Join-Path $PSScriptRoot ".\Profiles"
# Create a save-as dialog window at the profiles directory
$saveFileDialog = New-Object System.Windows.Forms.SaveFileDialog
$saveFileDialog.Title = $Title
$saveFileDialog.Filter = $Filter
$saveFileDialog.InitialDirectory = $InitialDirectory
$result = $saveFileDialog.ShowDialog()
# If the user picks a file location, we will pass it to Save-Profile
if ($result -eq "OK") {
Save-Profile -ProfilePath $saveFileDialog.FileName
}
}
################################# Functions that Install Packages #################################
function Install-Profile {
param (
[Parameter(Mandatory = $false)]
[string]$ProfileName,
[Parameter(Mandatory = $false)]
[string]$ProfilePath
)
Write-Host "[+] Settings updated, beginning install. Please wait for a popup letting you know the installation is complete!" -ForegroundColor Green
if (-not $ProfileName -and -not $ProfilePath) {
throw "Either ProfileName or ProfilePath must be specified."
}
try {
if (Check-ChocoBoxstarterVersions) {
Write-Host "[+] Setting Boxstarter config"
Check-BoxstarterConfig
Write-Host "[+] Setting Chocolatey config"
Check-ChocoConfig
} else {
Write-Host "[+] Installing Boxstarter"
Check-ChocoBoxstarterInstalls
Write-Host "[+] Setting Boxstarter config"
Check-BoxstarterConfig
Write-Host "[+] Setting Chocolatey config"
Check-ChocoConfig
}
# Set environment variable for Commando VM
[Environment]::SetEnvironmentVariable('VMname', 'Commando VM', [EnvironmentVariableTarget]::Machine)
Import-Module "${Env:ProgramData}\boxstarter\boxstarter.chocolatey\boxstarter.chocolatey.psd1" -Force
# Install base packages
Write-Host "[+] Installing the common.vm shared module" -ForegroundColor Yellow
choco install common.vm -y --force
refreshenv
Import-Module "$Env:ProgramData\_VM\vm.common\vm.common.psm1" -DisableNameChecking -Force
VM-Write-Log "INFO" "Common libraries installed."
Write-Host "[+] Installing the debloat.vm debloater and performance package"
choco install debloat.vm -y --force
VM-Write-Log "INFO" "Debloating and performance enhancements completed"
# Set profile to be installed
if (-not $ProfilePath) {
$ProfilePath = Join-Path $PSScriptRoot ("\Profiles\" + $ProfileName + ".xml")
}
$destinationPath = Join-Path ${Env:VM_COMMON_DIR} "packages.xml"
if (Test-Path $ProfilePath) {
Copy-Item $ProfilePath $destinationPath -Force
VM-Write-Log "INFO" "Copied profile $ProfilePath to $destinationPath"
Write-Host "[+] Profile copied to %VM_COMMON_DIR%: $ProfileName" -ForegroundColor Green
} else {
Write-Host "[!] Error: Profile not found: $ProfileName" -ForegroundColor Red
}
# Set Windows OS VM configuration file
$configPath = Join-Path ${Env:VM_COMMON_DIR} "config.xml"
$configSource = Join-Path $PSScriptRoot "Profiles\Configs"
$osVersion = VM-Get-WindowsVersion
if ($osVersion -eq "Win10" -and -not $victim.IsPresent){
VM-Write-Log "INFO" "Windows 10 detected, setting win10config.xml for configuration file."
Copy-Item $(Join-Path $configSource "win10config.xml") $configPath -Force
} elseif ($osVersion -eq "Win10" -and $victim.IsPresent){
VM-Write-Log "INFO" "Windows 10 Victim detected, setting win10victimconfig.xml for configuration file."
Copy-Item $(Join-Path $configSource "win10victimconfig.xml") $configPath -Force
} elseif ($osVersion -eq "Win11" -and -not $victim.IsPresent) {
VM-Write-Log "INFO" "Windows 11 detected, setting win11config.xml for configuration file."
Copy-Item $(Join-Path $configSource "win11config.xml") $configPath -Force
} elseif ($osVersion -eq "Win11" -and $victim.IsPresent) {
VM-Write-Log "INFO" "Windows 11 Victim detected, setting win11victimconfig.xml for configuration file."
Copy-Item $(Join-Path $configSource "win11victimconfig.xml") $configPath -Force
} elseif ($osVersion -eq "Win11ARM" -and -not $victim.IsPresent) {
VM-Write-Log "INFO" "Windows 11 ARM detected, setting win11armconfig.xml for configuration file."
Copy-Item $(Join-Path $configSource "win11armconfig.xml") $configPath -Force
} elseif ($osVersion -eq "Win11ARM" -and $victim.IsPresent) {
VM-Write-Log "INFO" "Windows 11 ARM Victim detected, setting win11armvictimconfig.xml for configuration file."
Copy-Item $(Join-Path $configSource "win11armvictimconfig.xml") $configPath -Force
} else {
VM-Write-Log "WARN" "Unknown OS, choosing win10config.xml for configuration file."
Copy-Item $(Join-Path $configSource "win10config.xml") $configPath -Force
}
# Set background file
$backgroundImage = "${Env:VM_COMMON_DIR}\background.png"
if ($victim.IsPresent){
$sourceImage = Join-Path $PSScriptRoot "Images\background-victim.png"
} else {
$sourceImage = Join-Path $PSScriptRoot "Images\background.png"
}
Copy-Item $sourceImage $backgroundImage -Force
# Set ico file
$icoImage = "${Env:VM_COMMON_DIR}\vm.ico"
$sourceIco = Join-Path $PSScriptRoot "Images\commando.ico"
Copy-Item -Path $sourceIco -Destination $icoImage
# Begin the package install
Write-Host "Installing profile: $ProfileName" -ForegroundColor Yellow
$PackageName = "installer.vm"
if ($noPassword.IsPresent -or ($global:credentials -eq "")) {
$Boxstarter.NoPassword = $true
Install-BoxstarterPackage -PackageName $PackageName
} else {
$Boxstarter.NoPassword = $false
Install-BoxstarterPackage -PackageName $PackageName -Credential $global:credentials
}
}
catch {
Write-Host "[!] Error: Failed to install profile: $PackageName" -ForegroundColor Red
Write-Host $_.Exception.Message -ForegroundColor Red
}
}
################################# Functions that Open GUI Windows #################################
function Open-CheckManager {
if ($CommandoChecksManager.ShowDialog() -ne [System.Windows.Forms.DialogResult]::OK) {
exit
}
}
function Open-Installer {
# Populate the profile selector combo box
$ProfileSelector.Items.Clear()
$ProfileSelector.Items.AddRange($global:profileData.ProfileName)
# Set the value of the profile selector to default
$ProfileSelector.Text = $global:selectedProfile
[void]$CommandoInstaller.ShowDialog()
}
function Open-ProfileManager {
# Populate the combo box with profile names from the $global:profileData array
$PresetSelector.Items.Clear()
$PresetSelector.Items.AddRange($global:profileData.ProfileName)
# Set the value of $PresetSelector.Text to $global:selectedProfile
$PresetSelector.Text = $global:selectedProfile
# Render the package lists
Set-SelectedPackages
Set-AvailablePackages
# Check if SelectedPackagesList is empty
if ($SelectedPackagesList.Items.Count -gt 0) {
# If not empty, set the package info to the first package in the selected list
Set-PackageInformation -PackageName $SelectedPackagesList.Items[0]
}
else {
# If empty, set the package info to the first package in the available list
Set-PackageInformation -PackageName $AvailablePackagesList.Items[0]
}
[void]$CommandoProfileManager.ShowDialog()
}
function Open-AddChocoPackage {
$ChocoPackageTextBox.Text = ""
$ChocoPackageErrorLabel.Visible = $false
$ChocoAddPackageButton.Enabled = $false
if ($CommandoChocoManager.ShowDialog() -eq [System.Windows.Forms.DialogResult]::OK) {
$SelectedPackagesList.Items.Add($ChocoPackageTextBox.Text)
$SelectedCountLabel.Text = "Total: " + $SelectedPackagesList.Items.Count
}
}
function Open-PasswordEntry {
$PasswordInfoLabel.Visible = $true
$PasswordTextBox.Text = ""
if ($CommandoPasswordManager.ShowDialog() -eq [System.Windows.Forms.DialogResult]::OK)
{
$Password = $PasswordTextBox.Text
if ($Password -ne "") {
$SecurePassword = ConvertTo-SecureString -String $Password -AsPlainText -Force
$global:credentials = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $env:username, $SecurePassword
}
[void]$CommandoInstaller.Close()
return $true
} else {
return $false
}
}
#################################################################################################
#################################################################################################
###################################### Installer Workflows ######################################
#################################################################################################
#################################################################################################
# QuickEdit and Insert modes can sometimes freeze the powershell.exe window
Set-ItemProperty -Path 'HKCU:\Console' -Name 'QuickEdit' -Value 0
Set-ItemProperty -Path 'HKCU:\Console' -Name 'InsertMode' -Value 0
# Setting global variables
$global:checksPassed = $true
$osInfo = Get-ComputerInfo
$osArchitecture = $osInfo.OSArchitecture
if ($osArchitecture -match "ARM") {
$global:selectedProfile = "Default - ARM"
} else{
$global:selectedProfile = "Default"
}
$global:credentials = ""
################################# GUI Workflow #################################
if (-not $cli.IsPresent) {
if (-not $skipChecks.IsPresent) {
# Make sure that the user completed all pre-install steps
if (Check-Admin) {
$RunningAsAdmin.Text = "True"
$RunningAsAdmin.ForeColor = $successColor
} else {
$global:checksPassed = $false
}
if (Check-ExecutionPolicy) {
$ExecutionPolicy.Text = "True"
$ExecutionPolicy.ForeColor = $successColor
} else {
$global:checksPassed = $false
}
if (-not $victim.IsPresent) {
if (Check-DefenderAndTamperProtection) {
$WindowsDefender.Text = "True"
$WindowsDefender.ForeColor = $successColor
}
} else {
$WindowsDefender.Text = "Skip"
$WindowsDefender.ForeColor = $skippedColor
$global:selectedProfile = "Victim"
}
if (-not $victim.IsPresent) {
if (Check-DefenderAndTamperProtection) {
$WindowsDefender.Text = "True"
$WindowsDefender.ForeColor = $successColor
}
} else {
$WindowsDefender.Text = "Skip"
$WindowsDefender.ForeColor = $skippedColor
$global:selectedProfile = "Victim"
}
if (Check-SupportedOS) {
$WindowsRelease.Text = "True"
$WindowsRelease.ForeColor = $successColor
} else {
$global:checksPassed = $false
}
if (Check-VM) {
$RunningVM.Text = "True"
$RunningVM.ForeColor = $successColor
} else {
$global:checksPassed = $false
}
if (Check-Storage) {
$EnoughHardStorage.Text = "True"
$EnoughHardStorage.ForeColor = $successColor
} else {
$global:checksPassed = $false
}
if ($global:checksPassed) {
$ChecksCompleteButton.enabled = $true
}
Open-CheckManager
}
if ($global:checksPassed -or $skipChecks.IsPresent) {
# Fetch profiles and packages
Write-Host "[+] Retrieving available packages from MyGet. Please wait."
$global:profileData = Get-ProfileData
$global:packageData = Get-AvailablePackages
Write-Host "[+] Beginning graphical install"
Open-Installer
}
}
################################# CLI Workflow #################################
if ($cli.IsPresent) {
Write-Host "`n$asciiArt" -ForegroundColor Red
Write-Host "`t`tComplete Mandiant Offensive VM - Version 3.0" -ForegroundColor Red
Write-Host "`t`t`tcommandovm@mandiant.com" -ForegroundColor DarkYellow
if ($customProfile -eq "") {
Write-Host "[+] No profile specified, selecting default"
$customProfile = Join-Path $PSScriptRoot "Profiles/Default.xml"
}
if (-not $noPassword.IsPresent) {
# Get user credentials for autologin during reboots
if ([string]::IsNullOrEmpty($password)) {
Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\PowerShell\1\ShellIds" -Name "ConsolePrompting" -Value $True
Start-Sleep -Milliseconds 500
Write-Host "[+] No password provided. Enter it now or use -noPassword if blank."
$global:credentials = Get-Credential ${Env:username}
} else {
$securePassword = ConvertTo-SecureString -String $password -AsPlainText -Force
$global:credentials = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList ${Env:username}, $securePassword
}
}
if (-not $skipChecks.IsPresent) {
# Make sure that the user completed all pre-install steps
Write-Host "=================== CommandoVM Pre-Installation Checks ==================="
if (Check-Admin) {
Write-Host "`t[+] Running as administrator" -ForegroundColor Green
} else {
$global:checksPassed = $false
Write-Host "`t[-] Not running as administrator" -ForegroundColor Red
}
if (Check-ExecutionPolicy) {
Write-Host "`t[+] Execution policy is unrestricted" -ForegroundColor Green
} else {
$global:checksPassed = $false
Write-Host "`t[-] Execution policy is not unrestricted" -ForegroundColor Red
}
if (-not $victim.IsPresent) {
if (Check-DefenderAndTamperProtection) {
Write-Host "`t[+] Windows Defender and Tamper Protection are disabled" -ForegroundColor Green
} else {
$global:checksPassed = $false
Write-Host "`t[-] Windows Defender and Tamper Protection are enabled" -ForegroundColor Red
}
} else {
Write-Host "`t[+] Skipping Windows Defender checks"
}
if (-not $victim.IsPresent) {
if (Check-DefenderAndTamperProtection) {
Write-Host "`t[+] Windows Defender and Tamper Protection are disabled" -ForegroundColor Green
} else {
$global:checksPassed = $false
Write-Host "`t[-] Windows Defender and Tamper Protection are enabled" -ForegroundColor Red
}
} else {
Write-Host "`t[+] Skipping Windows Defender checks"
}
if (Check-SupportedOS) {
Write-Host "`t[+] Current Windows release is supported by CommandoVM" -ForegroundColor Green
} else {
$global:checksPassed = $false
Write-Host "`t[-] Current Windows release is not supported by CommandoVM" -ForegroundColor Red
}
if (Check-VM) {
Write-Host "`t[+] Virtual Machine detected" -ForegroundColor Green
} else {
$global:checksPassed = $false
Write-Host "`t[-] Virtual Machine not detected" -ForegroundColor Red
}
if (Check-Storage) {
Write-Host "`t[+] At least 70GB of storage detected" -ForegroundColor Green
} else {
$global:checksPassed = $false
Write-Host "`t[-] At least 70GB of storage not found" -ForegroundColor Red
}
}
if ($global:checksPassed -or $skipChecks.IsPresent) {
Write-Host "===================== Installing CommandoVM ====================="
Install-Profile -ProfileName $customProfile
} else {
Write-Host "`n[+] Some checks failed. Use the -skipChecks flag if you know what you are doing"
}
}
gitextract_hd18lnk6/ ├── .github/ │ └── ISSUE_TEMPLATE/ │ ├── bug_report.md │ └── feature_request.md ├── .gitignore ├── Docs/ │ ├── Categories.md │ ├── Changelog.md │ ├── Commando_Quickstart_Guide.md │ ├── Contibuting.md │ └── Troubleshooting.md ├── License.txt ├── Profiles/ │ ├── Configs/ │ │ ├── win10config.xml │ │ ├── win10victimconfig.xml │ │ ├── win11armconfig.xml │ │ ├── win11armvictimconfig.xml │ │ ├── win11config.xml │ │ └── win11victimconfig.xml │ ├── Default - ARM.xml │ ├── Default.xml │ ├── Developer.xml │ ├── Full - ARM.xml │ ├── Full.xml │ ├── Lite.xml │ └── Victim.xml ├── README.md └── install.ps1
Condensed preview — 24 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (172K chars).
[
{
"path": ".github/ISSUE_TEMPLATE/bug_report.md",
"chars": 503,
"preview": "---\nname: Bug report\nabout: Create a report to help us improve\ntitle: BUG\nlabels: ''\nassignees: ''\n\n---\n\n**Describe the "
},
{
"path": ".github/ISSUE_TEMPLATE/feature_request.md",
"chars": 754,
"preview": "---\nname: Feature request\nabout: Suggest an idea for this project\ntitle: FEATURE REQUEST\nlabels: ''\nassignees: ''\n\n---\n\n"
},
{
"path": ".gitignore",
"chars": 54,
"preview": ".DS_Store\navailable_packages.xml\n/Profiles/Custom.xml\n"
},
{
"path": "Docs/Categories.md",
"chars": 357,
"preview": "# Categories\nThe following is the current list of supported categories for CommandoVM.\nThese will serve as the Folders u"
},
{
"path": "Docs/Changelog.md",
"chars": 6229,
"preview": "# Changelog\n## 2023.3 - September 4 2023\n- Update to coincide with installer rearchitecture detailed in [this PR](https:"
},
{
"path": "Docs/Commando_Quickstart_Guide.md",
"chars": 6020,
"preview": "The goal of this guide is to get **anyone** who would like to contribute to the project get started, even with minimal e"
},
{
"path": "Docs/Contibuting.md",
"chars": 525,
"preview": "## Contributing\nWant to get started contributing? See the links below to learn how.\n\n### Installer\n* [Commando VM instal"
},
{
"path": "Docs/Troubleshooting.md",
"chars": 6440,
"preview": "# Troubleshooting the Install\n\nThis page lists the full steps necessary to install CommandoVM, with any additional infor"
},
{
"path": "License.txt",
"chars": 9138,
"preview": "Apache License\n\nVersion 2.0, January 2004\n\nhttp://www.apache.org/licenses/\n\nTERMS AND CONDITIONS FOR USE, REPRODUCTION, "
},
{
"path": "Profiles/Configs/win10config.xml",
"chars": 4511,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config> \n <apps>\n <!--\n INFO:\n Removes installed AppX pa"
},
{
"path": "Profiles/Configs/win10victimconfig.xml",
"chars": 3594,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config> \n <apps>\n <!--\n INFO:\n Removes installed AppX pa"
},
{
"path": "Profiles/Configs/win11armconfig.xml",
"chars": 1670,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config> \n <apps>\n <!--\n INFO:\n Removes installed AppX pa"
},
{
"path": "Profiles/Configs/win11armvictimconfig.xml",
"chars": 1670,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config> \n <apps>\n <!--\n INFO:\n Removes installed AppX pa"
},
{
"path": "Profiles/Configs/win11config.xml",
"chars": 1670,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config> \n <apps>\n <!--\n INFO:\n Removes installed AppX pa"
},
{
"path": "Profiles/Configs/win11victimconfig.xml",
"chars": 1670,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config> \n <apps>\n <!--\n INFO:\n Removes installed AppX pa"
},
{
"path": "Profiles/Default - ARM.xml",
"chars": 4485,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config>\n <envs>\n <env name=\"MIN_DISK_SPACE\" value=\"70\" />\n <env name=\"VM_"
},
{
"path": "Profiles/Default.xml",
"chars": 4578,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config>\n <envs>\n <env name=\"MIN_DISK_SPACE\" value=\"70\" />\n <env name=\"VM_"
},
{
"path": "Profiles/Developer.xml",
"chars": 2883,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config>\n <envs>\n <env name=\"MIN_DISK_SPACE\" value=\"80\" />\n <env name=\"VM_"
},
{
"path": "Profiles/Full - ARM.xml",
"chars": 5077,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config>\n <envs>\n <env name=\"MIN_DISK_SPACE\" value=\"100\" />\n <env name=\"VM"
},
{
"path": "Profiles/Full.xml",
"chars": 5171,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config>\n <envs>\n <env name=\"MIN_DISK_SPACE\" value=\"100\" />\n <env name=\"V"
},
{
"path": "Profiles/Lite.xml",
"chars": 2000,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config>\n <envs>\n <env name=\"MIN_DISK_SPACE\" value=\"60\" />\n <env name=\"VM_"
},
{
"path": "Profiles/Victim.xml",
"chars": 1856,
"preview": "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<config>\n <envs>\n <env name=\"MIN_DISK_SPACE\" value=\"50\" />\n <env name=\"VM_"
},
{
"path": "README.md",
"chars": 4646,
"preview": "\n\n## What is CommandoVM?\n\n**Complete Mandiant Offensive VM (\"CommandoVM\")** i"
},
{
"path": "install.ps1",
"chars": 88922,
"preview": "<#\n .SYNOPSIS\n Installation script for CommandoVM.\n .DESCRIPTION\n Placeholder\n .PARAMETER cli\n "
}
]
About this extraction
This page contains the full source code of the mandiant/commando-vm GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 24 files (160.6 KB), approximately 40.2k tokens. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.