exegol
Install basic Active Directory pentesting package
Follow the instructions to get requirements, wrapper install and activation complete, and then:
exegol install free --accept-eulaYou can only install a specific package if you have a commercial license.
Run
exegol startRun on a headless system
Out of nowhere I got this nonsense when trying to start exegol on a fresh Ubuntu box:
<snip>
[?] Is the container configuration correct? [Y/n]:
[*] Command line of the configuration: exegol start default free
[*] To use exegol without interaction, read CLI options with exegol start -h
[*] Creating new exegol container
[-] Docker error received: invalid mount config for type "bind": bind source path does not exist: /tmp/.X11-unix
[*] Rollback: removing dedicated workspace directory
[!] Error while creating exegol container. Exiting.
[*] Exiting... This was the fix!
exegol start default free --disable-X11Turn on logging
exegol start ad -lTIP
When logging is turned on, logs get saved to /home/sevminsec/.exegol/workspaces/ad/logs
Also, if you're looking for log output from tools like Responder, check the /opt/tools subfolder within the exegol prompt (in other words, not the /opt in the root of your hard drive).
Sync time to domain controller
If the DC is 10.3.10.40:
faketime "$(rdate -n 10.3.10.40 -p | awk '{print $2, $3, $4}' | date -f - "+%Y-%m-%d %H:%M:%S")" zshThen you should be able to grab the ticket you need without it complaining of time skew.
Update
If you installed with pipx, do this outside of the exegol shell:
pipx upgrade exegol