# Carbon Victim LAN Setup

# Domain Controller - Bannik

Script	Summary
chocolatey-install.ps1	Installs Chocolatey Package Manager
choco-install-packages.ps1	Installs sysinternals, vscode, and microsoft-edge
bannik-create-carbon-domain.ps1	Creates the Carbon scenario Active Directory domain (“skt.local”)
bannik-create-carbon-users.ps1	Creates domain users and domain groups for Carbon scenario
bannik-set-dns-resolution.ps1	Set primary and secondary DNS on endpoints to the DC
bannik-set-adalwolfa-group-membership.ps1	Add Kagarov to Webservers group

Script	Summary
chocolatey-install.ps1	Installs Chocolatey Package Manager
choco-install-packages.ps1	Installs sysinternals, vscode, and microsoft-edge
all-join-carbon-domain.ps1	Join the Carbon domain
all-carbon-enable-remote-desktop-for-domain-users.ps1	Enable remote desktop access for Domain Users

The Hobgoblin host also runs the ViperVPN Windows service used in the scenario. After running the setup, perform the following steps:

Copy the windows-service/dist/ViperVPN.exe file to Hobgoblin
Open Adminstrator Command Prompt on Hobgoblin
Execute the following command from the Command Prompt.
1. ViperVPN.exe --startup delayed install
Install SetACL Studio on Hobgoblin (see WindowsService for download link)
Modify the ACL on the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ViperVPNSvc to grant full control to "Authenticated Users".

Script	Summary
chocolatey-install.ps1	Installs Chocolatey Package Manager
choco-install-packages.ps1	Installs sysinternals, vscode, and microsoft-edge
all-join-carbon-domain.ps1	Join the Carbon domain
all-carbon-enable-remote-desktop-for-domain-users.ps1	Enable remote desktop access for Domain Users

Script	Summary
chocolatey-install.ps1	Installs Chocolatey Package Manager
choco-install-packages.ps1	Installs sysinternals, vscode, and microsoft-edge
all-join-carbon-domain.ps1	Join the Carbon domain
all-carbon-enable-remote-desktop-for-domain-users.ps1	Enable remote desktop access for Domain Users
khabibulin-set-local-admin.ps1	Set Adalwolfa as Local Administrator on khabibulin

Script	Summary
chocolatey-install.ps1	Installs Chocolatey Package Manager
choco-install-packages.ps1	Installs sysinternals, vscode, and microsoft-edge
all-join-carbon-domain.ps1	Join the Carbon domain
all-carbon-enable-remote-desktop-for-domain-users.ps1	Enable remote desktop access for Domain Users
brieftragerin-install-exchange.ps1	Install Exchange
brieftragerin-create-carbon-exchange-admin.ps1	Create Exchange administrator

Script	Summary
kagarov-setup.sh	Installs dependencies for Kagarov and configures DNS
kagarov-join-domain.sh	Joins Kagarov host to domain

Run chocolatey-install.ps1 on all victim machines.
Run choco-install-packages.ps1 on all victim machines.
Run bannik-create-carbon-domain.ps1 script on bannik.
Run bannik-create-carbon-users.ps1 script on bannik.
Run all-join-carbon-domain.ps1 script on all respective Windows endpoints that should be joined to the domain.
Run all-carbon-enable-remote-desktop-for-domain-users.ps1 on all Desktop endpoints to enable remote desktop access for Domain Users.
Run kagarov-setup.sh and kagarov-join-domain.sh on kagarov, as user with effective root permissions.
Run the brieftragerin-install-exchange.ps1 on brieftragrein, make sure that the server was properly joined to the domain in the previous step.
Run brieftragerin-create-carbon-exchange-admin.ps1 on brieftragrein
Run khabibulin-set-local-admin.ps1 on khabibulin
Run bannik-add-computer-descriptions.ps1 on bannik
Run bannik-set-adalwolfa-group-membership.ps1 on bannik
Run bannik-set-dns-resolution.ps1 on bannik
Disable Defender on all Windows machines (requires manual setup)
1. Open MS Defender Settings -> Virus Protection and manually uncheck everything and save.