exegol

Install

Install git, python3 and pipx

sudo apt update && sudo apt install -y git python3 pipx

Ensure pipx will work correctly

pipx ensurepath

Reload your terminal to apply changes

exec $SHELL

Run exegol base install

pipx install exegol

Set docker permissions

echo "alias exegol='sudo -E $(echo ~/.local/bin/exegol)'" >> ~/.bash_aliases && source ~/.bash_aliases

Run exegol image install

exegol install

When asked to accept the EULA, answer Y.
When asked if you want to activate your Exegol subscription, answer N.
When asked if you're a good person, say Y.
When asked if you want to download exegol resources, answer Y.
When asked if you want to start that download, say Y.
When offered a choice of available images, choose free, then wait for install to complete.

Verify exegol install

exegol start

Build a hosts file (for using on domains/labs)

Scan your subnet:

nxc smb 10.3.10.0/24 --generate-hosts-file hosts.txt

Build the hosts file:

sudo cat hosts.txt >> /etc/hosts

Update exegol to latest version

If you installed with pipx, do this outside of the exegol shell:

pipx upgrade exegol

Troubleshooting

Run on a headless system

Out of nowhere I got this nonsense when trying to start exegol on a fresh Ubuntu box:

<snip>
[?] Is the container configuration correct? [Y/n]: 
[*] Command line of the configuration: exegol start default free                                                                                                                                             
[*] To use exegol without interaction, read CLI options with exegol start -h                                                                                                                                 
[*] Creating new exegol container                                                                                                                                                                            
[-] Docker error received: invalid mount config for type "bind": bind source path does not exist: /tmp/.X11-unix                                                                                             
[*] Rollback: removing dedicated workspace directory                                                                                                                                                         
[!] Error while creating exegol container. Exiting.                                                                                                                                                          

[*] Exiting... 

This was the fix!

exegol start default free --disable-X11

Turn on logging

exegol start ad -l

TIP

When logging is turned on, logs get saved to /home/sevminsec/.exegol/workspaces/ad/logs

Also, if you're looking for log output from tools like Responder, check the /opt/tools subfolder within the exegol prompt (in other words, not the /opt in the root of your hard drive).

Sync time to domain controller

If the DC is 10.3.10.40:

faketime "$(rdate -n 10.3.10.40 -p | awk '{print $2, $3, $4}' | date -f - "+%Y-%m-%d %H:%M:%S")" zsh

Then you should be able to grab the ticket you need without it complaining of time skew.