Tunneling Windows VM to Target Environment (WireGuard)

There have been many cases where I needed a to use a Windows machine on internal tests but only had access to a Linux VM internally. Most of the time, I need a Windows VM the most when doing Active Directory testing and running into tooling issue on Linux. One option is to turn the Linux machine into a WireGuard VPN server and connect via a Windows VM. Once you have the connection, you can use the windows runas command to launch a PowerShell session as an authenticated domain user in the client environment.

Example Windows VM with Active AD Session in Foreign Environment

Setup WireGuard VPN on Internal Network (Kali Linux)

Install WireGuard

Generate Keys

Create Server Config

Create Client Config

Configure Network Adaptor

The above assumes you are using eth0 as your primary network adaptor in the client environment.

Note that the above setup will not be persistent across reboots! In order to restart the VPN service, run sudo wg-quick up wg0 after a reboot. This is by design since I don’t want random VPNs active client devices. Make sure to reboot the Linux client device or shutdown the VPN once the test is complete.

Configure Client (Windows VM)

Install WireGuard Client (PowerShell)

Configure VPN Profile

Create VPN Profile in WireGuard VPN (Windows)

Paste in the contents of client.conf that was created during the sever setup

Example Config (Templated)

Test VPN Access

After activating the WireGuard VPN profile, test the connect using the following command.

Launch Shell as Domain User

This technique of launching shells as AD user in non-AD connected system was originally found in the SharpHound Documentation

Active AD Session in Foreign Environment

PreviousConfiguring Windows 11 for AD TestingNextInveigh

Last updated