Tunneling Windows VM to Target Environment (WireGuard)
Last updated
Last updated
There have been many cases where I needed a to use a Windows machine on internal tests but only had access to a Linux VM internally. Most of the time, I need a Windows VM the most when doing Active Directory testing and running into tooling issue on Linux. One option is to turn the Linux machine into a WireGuard VPN server and connect via a Windows VM. Once you have the connection, you can use the windows runas
command to launch a PowerShell session as an authenticated domain user in the client environment.
The above assumes you are using eth0
as your primary network adaptor in the client environment.
Note that the above setup will not be persistent across reboots! In order to restart the VPN service, run sudo wg-quick up wg0
after a reboot. This is by design since I don’t want random VPNs active client devices. Make sure to reboot the Linux client device or shutdown the VPN once the test is complete.
Paste in the contents of client.conf
that was created during the sever setup
After activating the WireGuard VPN profile, test the connect using the following command.
This technique of launching shells as AD user in non-AD connected system was originally found in the SharpHound Documentation