Version 1.1

README.md

@@ -7,7 +7,7 @@
                \/             \/      \/     \/     \/      \/       
                         C O M P L E T E  M A N D I A N T                    
                              O F F E N S I V E   V M                        
-                                   Version 1.0                                 
+                                   Version 1.1                                 
                _____________________________________________________          
 
                                    Developed by                                
@@ -67,7 +67,6 @@ Type the following command to update all of the packages to the most recent vers
     cup all
 
 
-
 Installed Tools
 ===============
 
@@ -89,12 +88,15 @@ Installed Tools
 - Java
 - Python 2
 - Python 3 (default)
+- Ruby
+- Ruby Devkit
 - Visual Studio 2017 Build Tools (Windows 10)
 - Visual Studio Code
 
 ### Evasion
 - CheckPlease
 - Demiguise
+- DefenderCheck
 - DotNetToJScript
 - Invoke-CradleCrafter
 - Invoke-DOSfuscation
@@ -114,6 +116,7 @@ Installed Tools
 - CrackMapExec
 - CrackMapExecWin
 - DAMP
+- EvilClippy
 - Exchange-AD-Privesc
 - FuzzySec's PowerShell-Suite
 - FuzzySec's Sharp-Suite
@@ -149,6 +152,7 @@ Installed Tools
 - PrivExchange
 - Ruler
 - SharpExchangePriv
+- SharpExec
 - SpoolSample
 - UACME
 - impacket-examples-windows
@@ -160,6 +164,7 @@ Installed Tools
 - ADOffline
 - ADRecon
 - BloodHound
+- dnsrecon
 - Get-ReconInfo
 - GoWitness
 - Nmap
@@ -235,21 +240,45 @@ Installed Tools
 - yEd Graph Tool
 
 ### Vulnerability Analysis
+- AD Control Paths
 - Egress-Assess
 - Grouper2
+- NtdsAudit
 - zBang
 
 ### Web Applications
 - Burp Suite
 - Fiddler
 - Firefox
 - OWASP Zap
+- Subdomain-Bruteforce
 
 ### Wordlists
 - FuzzDB
 - PayloadsAllTheThings
 - SecLists
 
+## Changelog:
+1.1 - April 30 2019
+- Added AD-Control-Paths https://github.com/ANSSI-FR/AD-control-paths/releases
+- Added DefenderCheck https://github.com/matterpreter/DefenderCheck
+- Added dnsrecon https://github.com/darkoperator/dnsrecon
+- Added EvilClippy https://github.com/outflanknl/EvilClippy
+- Added NtdsAudit https://github.com/Dionach/NtdsAudit
+- Added SharpExec https://github.com/anthemtotheego/SharpExec
+- Added Subdomain-Bruteforce https://github.com/visualbasic6/subdomain-bruteforce
+- Fixed issue #18 with PATH 
+- Added Commando Logos with transparent backgrounds to $Home\Pictures
+- Pinned Firefox to Taskbar
+- Fixed misspellings in Readme #42/#43
+- Added Ruby and Ruby Devkit #1
+- Updated Rubeus package to current version (1.4.2) #31
+
+1.0.2 - April 10 2019
+- Added missing 'seclists.fireeye' package to packages.json
+
+1.0.1 - March 31 2019
+- Used https instead of http to install boxstarter
 
 Legal Notice
 ============
@@ -366,5 +395,7 @@ http://www.gnu.org/copyleft/gpl.html
 https://github.com/x64dbg/x64dbg/blob/development/LICENSE
 https://www.yworks.com/products/yed/license.html
 http://www.apache.org/licenses/LICENSE-2.0
+https://github.com/Dionach/NtdsAudit/blob/master/LICENSE
+https://github.com/ANSSI-FR/AD-control-paths/blob/master/LICENSE.txt
 
 </pre>

commandovm.win10.config.fireeye/commandovm.win10.config.fireeye.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win10.config.fireeye</id>
-    <version>1.0.0.2</version>
+    <version>1.0.0.3</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
     <description>CommandoVM - Penetration Testing Distribution</description>

commandovm.win10.config.fireeye/tools/chocolateyinstall.ps1

@@ -144,6 +144,12 @@ $backgroundzip = 'Backgrounds.7z'
 $backgrounds = Join-Path $toolsDir $backgroundzip
 Invoke-Expression "copy $backgrounds ${Env:USERPROFILE}\Pictures"
 Write-Host "`t[+] Alternative backgrounds copied to ${Env:USERPROFILE}\Pictures" -ForegroundColor Yellow
+# Copy Logos
+$backgroundzip = 'CommandoVMLogos.7z'
+$backgrounds = Join-Path $toolsDir $backgroundzip
+Invoke-Expression "copy $backgrounds ${Env:USERPROFILE}\Pictures"
+Write-Host "`t[+] Commando logos copied to ${Env:USERPROFILE}\Pictures" -ForegroundColor Yellow
+
 foreach ($item in "0", "1", "2") {
   # Try to set it multiple times! Windows 10 is not consistent
   if ((Test-Path $publicWallpaper) -eq $false)
@@ -164,6 +170,30 @@ $fileReadme = Join-Path $toolsDir 'readme.txt'
 $desktopReadme = Join-Path ${Env:USERPROFILE} "Desktop\README.txt"
 Copy-Item $fileReadme $desktopReadme
 
+# Fix PATH issues with Python installers #18
+$paths = @(
+    "${Env:HomeDrive}\\Python37\\Scripts",
+    "${Env:HomeDrive}\\Python37",
+    "${Env:HomeDrive}\\Python27\\Scripts",
+    "${Env:HomeDrive}\\Python27"
+)
+
+$env_path = cmd /c echo %PATH%
+if ($env_path[-1] -ne ';') {
+    $env_path += ';'
+}
+$old_path = $env_path
+foreach ($p in $paths) {
+    if ($env_path -match "$p[\\]{0,1};") {
+        $env_path = $env_path -replace "$p[\\]{0,1};",""
+        $env_path += $p.Replace("\\","\") + ";"
+    }
+}
+
+if ($env_path -ne $old_path) {
+    setx /M PATH $env_path
+    refreshenv
+}
 
 # Remove desktop.ini files
 Get-ChildItem -Path (Join-Path ${Env:UserProfile} "Desktop") -Hidden -Filter "desktop.ini" -Force | foreach {$_.Delete()}

commandovm.win10.config.fireeye/tools/readme.txt

@@ -6,14 +6,13 @@
                \/             \/      \/     \/     \/      \/       
                         C O M P L E T E  M A N D I A N T                    
                              O F F E N S I V E   V M                        
-                                   Version 1.0                                 
+                                   Version 1.1                                 
                _____________________________________________________          
 
                                    Developed by                                
                                    Jake Barteaux                               
                                  Proactive Services  
-                                  Blaine Stancill
-                     FireEye Labs Advanced Reverse Engineering                            
+                                  Blaine Stancill                          
                                     Nhan Huynh   
                      FireEye Labs Advanced Reverse Engineering                            
 ______________________________________________________________________________ 
@@ -25,7 +24,8 @@ Please make sure to take a snapshot after installing so you can always revert
 back if you have issues.
 
 This image has the Chocolatey package manager installed, and you can continue to
-customize this machine with any package from the Chocolatey repository.
+customize this machine with any package from the Chocolatey repository - 
+https://chocolatey.org/packages.
 
 Try this:
   choco install github 
@@ -35,14 +35,31 @@ Or:
 To keep this distribution up to date, type this into an Administrative terminal:
   cup all
 
-
-This machine now has the Windows package manager Chocolatey installed. For
-information on tools available to install, check out chocolatey.org/packages
-
 As this is a Red Teaming and Penetration Testing build certain protections have
 been disabled, and certain 'risky' features and tweaks have been enabled.
 
-Please enjoy the VM and submit any feedback or feature reqeuests as github 
+Please enjoy the VM and submit any feedback or feature requests as github 
 issues here:
-https://github.com/fireeye/commandovm
+https://github.com/fireeye/commando-vm
+
+Changelog:
+1.1 - April 30 2019
+- Added AD-Control-Paths https://github.com/ANSSI-FR/AD-control-paths/releases
+- Added DefenderCheck https://github.com/matterpreter/DefenderCheck
+- Added dnsrecon https://github.com/darkoperator/dnsrecon
+- Added EvilClippy https://github.com/outflanknl/EvilClippy
+- Added NtdsAudit https://github.com/Dionach/NtdsAudit
+- Added SharpExec https://github.com/anthemtotheego/SharpExec
+- Added Subdomain-Bruteforce https://github.com/visualbasic6/subdomain-bruteforce
+- Fixed issue #18 with PATH 
+- Added Commando Logos with transparent backgrounds to $Home\Pictures
+- Pinned Firefox to Taskbar
+- Fixed misspellings in (this) Readme #42/#43
+- Added Ruby and Ruby Devkit #1
+- Updated Rubeus package to current version (1.4.2) #31
+
+1.0.2 - April 10 2019
+- Added missing 'seclists.fireeye' package to packages.json
 
+1.0.1 - March 31 2019
+- Used https instead of http to install boxstarter

commandovm.win10.installer.fireeye/commandovm.win10.installer.fireeye.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win10.installer.fireeye</id>
-    <version>1.0.1.3</version>
+    <version>1.0.1.4</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
     <description>CommandoVM - Penetration Testing Distribution</description>

commandovm.win10.installer.fireeye/tools/packages.json

@@ -20,6 +20,8 @@
         {"name": "python3"},
         {"name": "golang"},
         {"name": "dep"},
+        {"name": "ruby"},
+        {"name": "ruby2.devkit"},
         {"name": "adexplorer.fireeye"},
         {"name": "rsat.fireeye"},
         {"name": "tortoisesvn"},
@@ -76,6 +78,7 @@
         },
         {"name": "burp.free.fireeye"},
         {"name": "kali_windowsbinaries.fireeye"},
+        {"name": "unxUtils"},
 
         {"name": "ADACLScanner.fireeye"},
         {"name": "ADAPE-Script.fireeye"},
@@ -104,7 +107,6 @@
             "name": "gowitness.fireeye",
             "x64Only": true
         },
-
         {"name": "Grouper2.fireeye"},
         {"name": "impacket.fireeye"},
         {"name": "impacket-examples-windows.fireeye"},
@@ -171,6 +173,13 @@
         {"name": "WMIOps.fireeye"},
         {"name": "zBang.fireeye"},
         {"name": "Elite.fireeye"},
+        {"name": "ad-control-paths.fireeye"},
+        {"name": "defendercheck.fireeye"},
+        {"name": "dnsrecon.fireeye"},
+        {"name": "EvilClippy.fireeye"},
+        {"name": "NtdsAudit.fireeye"},
+        {"name": "SharpExec.fireeye"},
+        {"name": "subdomain-bruteforce.fireeye"},
         {"name": "openvpn.fireeye", "args":"--parameters \'/SELECT_SHORTCUTS=0 /SELECT_LAUNCH=0\'"}
     ]
 }

commandovm.win7.config.fireeye/commandovm.win7.config.fireeye.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>commandovm.win7.config.fireeye</id>
-    <version>1.0.0.2</version>
+    <version>1.0.0.3</version>
     <title>CommandoVM</title>
     <authors>Jake Barteaux</authors>
     <description>CommandoVM - Penetration Testing Distribution</description>

commandovm.win7.config.fireeye/tools/chocolateyinstall.ps1

@@ -236,6 +236,12 @@ $backgroundzip = 'Backgrounds.7z'
 $backgrounds = Join-Path $toolsDir $backgroundzip
 Invoke-Expression "copy $backgrounds ${Env:USERPROFILE}\Pictures"
 Write-Host "`t[+] Alternative backgrounds copied to ${Env:USERPROFILE}\Pictures" -ForegroundColor Yellow
+# Copy Logos
+$backgroundzip = 'CommandoVMLogos.7z'
+$backgrounds = Join-Path $toolsDir $backgroundzip
+Invoke-Expression "copy $backgrounds ${Env:USERPROFILE}\Pictures"
+Write-Host "`t[+] Commando logos copied to ${Env:USERPROFILE}\Pictures" -ForegroundColor Yellow
+
 foreach ($item in "0", "1", "2") {
   # Try to set it multiple times! Windows 10 is not consistent
   if ((Test-Path $publicWallpaper) -eq $false)
@@ -260,6 +266,30 @@ $fileReadme = Join-Path $toolsDir 'readme.txt'
 $desktopReadme = Join-Path ${Env:USERPROFILE} "Desktop\README.txt"
 Copy-Item $fileReadme $desktopReadme
 
+# Fix PATH issues with Python installers #18
+$paths = @(
+    "${Env:HomeDrive}\\Python37\\Scripts",
+    "${Env:HomeDrive}\\Python37",
+    "${Env:HomeDrive}\\Python27\\Scripts",
+    "${Env:HomeDrive}\\Python27"
+)
+
+$env_path = cmd /c echo %PATH%
+if ($env_path[-1] -ne ';') {
+    $env_path += ';'
+}
+$old_path = $env_path
+foreach ($p in $paths) {
+    if ($env_path -match "$p[\\]{0,1};") {
+        $env_path = $env_path -replace "$p[\\]{0,1};",""
+        $env_path += $p.Replace("\\","\") + ";"
+    }
+}
+
+if ($env_path -ne $old_path) {
+    setx /M PATH $env_path
+    refreshenv
+}
 
 # Remove desktop.ini files
 Get-ChildItem -Path (Join-Path ${Env:UserProfile} "Desktop") -Hidden -Filter "desktop.ini" -Force | foreach {$_.Delete()}

commandovm.win7.config.fireeye/tools/readme.txt

@@ -6,14 +6,13 @@
                \/             \/      \/     \/     \/      \/       
                         C O M P L E T E  M A N D I A N T                    
                              O F F E N S I V E   V M                        
-                                   Version 1.0                                 
+                                   Version 1.1                                 
                _____________________________________________________          
 
                                    Developed by                                
                                    Jake Barteaux                               
                                  Proactive Services  
-                                  Blaine Stancill
-                     FireEye Labs Advanced Reverse Engineering                            
+                                  Blaine Stancill                        
                                     Nhan Huynh   
                      FireEye Labs Advanced Reverse Engineering                            
 ______________________________________________________________________________ 
@@ -25,7 +24,8 @@ Please make sure to take a snapshot after installing so you can always revert
 back if you have issues.
 
 This image has the Chocolatey package manager installed, and you can continue to
-customize this machine with any package from the Chocolatey repository.
+customize this machine with any package from the Chocolatey repository - 
+https://chocolatey.org/packages.
 
 Try this:
   choco install github 
@@ -35,13 +35,31 @@ Or:
 To keep this distribution up to date, type this into an Administrative terminal:
   cup all
 
-This machine now has the Windows package manager Chocolatey installed. For
-information on tools available to install, check out chocolatey.org/packages
-
-Note: As this is a Red Teaming and Penetration Testing build certain protections have
+As this is a Red Teaming and Penetration Testing build certain protections have
 been disabled, and certain 'risky' features and tweaks have been enabled.
 
-Please enjoy the VM and submit any feedback or feature reqeuests as github 
+Please enjoy the VM and submit any feedback or feature requests as github 
 issues here:
-https://github.com/fireeye/commandovm
+https://github.com/fireeye/commando-vm
+
+Changelog:
+1.1 - April 30 2019
+- Added AD-Control-Paths https://github.com/ANSSI-FR/AD-control-paths/releases
+- Added DefenderCheck https://github.com/matterpreter/DefenderCheck
+- Added dnsrecon https://github.com/darkoperator/dnsrecon
+- Added EvilClippy https://github.com/outflanknl/EvilClippy
+- Added NtdsAudit https://github.com/Dionach/NtdsAudit
+- Added SharpExec https://github.com/anthemtotheego/SharpExec
+- Added Subdomain-Bruteforce https://github.com/visualbasic6/subdomain-bruteforce
+- Fixed issue #18 with PATH 
+- Added Commando Logos with transparent backgrounds to $Home\Pictures
+- Pinned Firefox to Taskbar
+- Fixed misspellings in (this) Readme #42/#43
+- Added Ruby and Ruby Devkit #1
+- Updated Rubeus package to current version (1.4.2) #31
+
+1.0.2 - April 10 2019
+- Added missing 'seclists.fireeye' package to packages.json
 
+1.0.1 - March 31 2019
+- Used https instead of http to install boxstarter