Barbhack-2025

BARBHACK-2025

source : Barbhack-2025

Virtualbox setup (aka “Les Snapshot sans raquer”)

 

vagrant icon_vwmare icon_ansible

Prerequisites

 

  • Providing

    • Virtualbox
    • Vagrant
    • Vagrant plugins:
      • vagrant-reload
      • on some distributions also the vagrant plugins :
        • winrm
        • winrm-fs
        • winrm-elevated

  • Provisioning with python

  • Or provisioning With Docker

Install VirtualBox

 

  • Download and install VirtualBox
  • You can probably use the version of your package manager, but I would recommend using the latest one from Oracle.

Install Vagrant

 

  • vagrant from their official site vagrant. The version you can install through your favorite package manager (apt, yum, …) is probably not the latest one.
  • Install vagrant plugin vbguest if you want the guest addition: vagrant plugin install vagrant-vbguest (not mandatory)
  • Vagrant installation is well described in the official vagrant page (tests are ok on 2.3.4)
  • Some github issues indicate vagrant got some issues on some version and works well with 2.2.19 (apt install vagrant=2.2.19)
wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install vagrant
  • on some recent versions (ubuntu 23.04), you should consider running:
gem install winrm winrm-fs winrm-elevated

Install Ansible

 

Installing with pipx

 

pipx is a great way to avoid conflicting Python dependencies when installing applications. Installing ansible with pipx is documented here: https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-and-upgrading-ansible-with-pipx.

pipx install --include-deps ansible

pywinrm is a library, so it needs to be installed with pip.

python3 -m pip install pywinrm

If you encounter any issue, try the virtualenv installation below.

  • Install all the ansible-galaxy requirements:
    • ansible windows
    • ansible community.windows
    • ansible chocolatey (not needed anymore)
    • ansible community.general
ansible-galaxy install -r ansible/requirements.yml

Installing with a virtualenv

 

  • If you want to play ansible from your host or a linux vm you should launch the following commands :

  • Create a python >= 3.8 virtualenv

sudo apt install git
git clone https://github.com/Pennyw0rth/NetExec-Lab
cd Barbhack-2025/ansible
sudo apt install python3.8-venv
python3.8 -m virtualenv .venv
source .venv/bin/activate
  • Install ansible and pywinrm in the .venv
    • ansible following the extensive guide on their website ansible.
    • Tested with ansible-core (2.12)
    • pywinrm be sure you got the pywinrm package installed
python3 -m pip install --upgrade pip
python3 -m pip install ansible-core==2.12.6
python3 -m pip install pywinrm
  • Install all the ansible-galaxy requirements
    • ansible windows
    • ansible community.windows
    • ansible chocolatey (not needed anymore)
    • ansible community.general
ansible-galaxy install -r ansible/requirements.yml

Install

 

Create the vms

 

  • To create the VMs just run
cd ad/BARBHACK/providers/virtualbox
vagrant up

note: For some distributions, you may need to run additional commands to install WinRM gems this can be done via the following commands:

vagrant plugin install winrm
vagrant plugin install winrm-fs
vagrant plugin install winrm-elevated
  • At the end of the vagrantup you should have the vms created and running

Launch provisioning with Ansible

 

  • launch the provision script (launch ansible with failover on errors)
cd ansible
export ANSIBLE_COMMAND="ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory"
export LAB="BARBHACK"
../scripts/provisionning.sh
  • or launch ansible directly
cd ansible/
ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory main.yml

Once install has finished disable vagrant user to avoid using it

 

cd ansible/
ansible-playbook -i ../ad/BARBHACK/providers/virtualbox/inventory_disablevagrant disable_vagrant.yml

Now do a reboot of all the machines to avoid unintended secrets stored / am looking at you Lsassy

 

cd ansible/
ansible-playbook -i ../ad/BARBHACK/providers/virtualbox/inventory_disablevagrant reboot.yml

Lab Information

 

Servers

 

Hostname IP Address Role
BLACKPEARL 192.168.10.10 Domain Controller
JOLLYROGER 192.168.10.11 Web Server (Caddy 8080)
QUEENREV 192.168.10.12 MSSQL Server
FLYINGDUTCHMAN 192.168.10.13 Windows Server

Domain

 

  • Domain: PIRATES.BRB
  • Domain Admin Password: REDqC8aQtyhd78A

Attack Path

 

  1. Web application enumeration (port 8080)
  2. Credential stuffing with found credentials
  3. NTLMv1 relay to LDAP
  4. SPN-less RBCD
  5. DPAPI credential recovery
  6. GMSA offline password recovery
  7. MSSQL impersonation
  8. S4U2Self privilege escalation
  9. Kerberos Constrained Delegation
  10. NTDS backup forensics
  11. Domain Admin!

.

Some troubles setting it up. i used UBUNTU25 Desktop on a HP Probook 8th Gen Laptop with 16GB

bolke@hacky:~/NetExec-Lab/Barbhack-2025/ad/BARBHACK/providers/virtualbox$ ls -la
total 40
drwxrwxr-x 3 bolke bolke  4096 Feb  1 10:03 .
drwxrwxr-x 5 bolke bolke  4096 Jan 30 21:52 ..
-rw-rw-r-- 1 bolke bolke 15740 Feb  1 10:03 ConfigureRemotingForAnsible.ps1
-rw-rw-r-- 1 bolke bolke  5211 Feb  1 09:57 Install-WMF3Hotfix.ps1
drwxrwxr-x 4 bolke bolke  4096 Jan 30 21:53 .vagrant
-rw-rw-r-- 1 bolke bolke  3260 Jan 30 21:52 Vagrantfile
bolke@hacky:~/NetExec-Lab/Barbhack-2025/ad/BARBHACK/providers/virtualbox$ vagrant up
Bringing machine 'BARBHACK2025-DC01' up with 'virtualbox' provider...
Bringing machine 'BARBHACK2025-SRV01' up with 'virtualbox' provider...
Bringing machine 'BARBHACK2025-SRV02' up with 'virtualbox' provider...
Bringing machine 'BARBHACK2025-SRV03' up with 'virtualbox' provider...
==> BARBHACK2025-DC01: Checking if box 'StefanScherer/windows_2022' version '2021.08.23' is up to date...
==> BARBHACK2025-DC01: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> BARBHACK2025-DC01: flag to force provisioning. Provisioners marked to run always will still run.
==> BARBHACK2025-SRV01: Checking if box 'StefanScherer/windows_2022' version '2021.08.23' is up to date...
==> BARBHACK2025-SRV01: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> BARBHACK2025-SRV01: flag to force provisioning. Provisioners marked to run always will still run.
==> BARBHACK2025-SRV02: Checking if box 'StefanScherer/windows_2022' version '2021.08.23' is up to date...
==> BARBHACK2025-SRV02: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> BARBHACK2025-SRV02: flag to force provisioning. Provisioners marked to run always will still run.
==> BARBHACK2025-SRV03: Checking if box 'StefanScherer/windows_2022' version '2021.08.23' is up to date...
==> BARBHACK2025-SRV03: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> BARBHACK2025-SRV03: flag to force provisioning. Provisioners marked to run always will still run.
bolke@hacky:~/NetExec-Lab/Barbhack-2025/ad/BARBHACK/providers/virtualbox$ vagrant status
Current machine states:

BARBHACK2025-DC01         running (virtualbox)
BARBHACK2025-SRV01        running (virtualbox)
BARBHACK2025-SRV02        running (virtualbox)
BARBHACK2025-SRV03        running (virtualbox)

This environment represents multiple VMs. The VMs are all listed
above with their current state. For more information about a specific
VM, run `vagrant status NAME`.
bolke@hacky:~/NetExec-Lab/Barbhack-2025/ad/BARBHACK/providers/virtualbox$ vagrant provision
==> BARBHACK2025-DC01: Running provisioner: shell...
    BARBHACK2025-DC01: Running: ../../../../vagrant/Install-WMF3Hotfix.ps1 as C:\tmp\vagrant-shell.ps1
==> BARBHACK2025-DC01: Running provisioner: shell...
    BARBHACK2025-DC01: Running: ../../../../vagrant/ConfigureRemotingForAnsible.ps1 as C:\tmp\vagrant-shell.ps1
==> BARBHACK2025-DC01: Running provisioner: shell...
    BARBHACK2025-DC01: Running: inline PowerShell script
    BARBHACK2025-DC01: Ok.
    BARBHACK2025-DC01: 
==> BARBHACK2025-SRV01: Running provisioner: shell...
    BARBHACK2025-SRV01: Running: ../../../../vagrant/Install-WMF3Hotfix.ps1 as C:\tmp\vagrant-shell.ps1
==> BARBHACK2025-SRV01: Running provisioner: shell...
    BARBHACK2025-SRV01: Running: ../../../../vagrant/ConfigureRemotingForAnsible.ps1 as C:\tmp\vagrant-shell.ps1
==> BARBHACK2025-SRV01: Running provisioner: shell...
    BARBHACK2025-SRV01: Running: inline PowerShell script
    BARBHACK2025-SRV01: Ok.
    BARBHACK2025-SRV01: 
==> BARBHACK2025-SRV02: Running provisioner: shell...
    BARBHACK2025-SRV02: Running: ../../../../vagrant/Install-WMF3Hotfix.ps1 as C:\tmp\vagrant-shell.ps1
==> BARBHACK2025-SRV02: Running provisioner: shell...
    BARBHACK2025-SRV02: Running: ../../../../vagrant/ConfigureRemotingForAnsible.ps1 as C:\tmp\vagrant-shell.ps1
==> BARBHACK2025-SRV02: Running provisioner: shell...
    BARBHACK2025-SRV02: Running: inline PowerShell script
    BARBHACK2025-SRV02: Ok.
    BARBHACK2025-SRV02: 
==> BARBHACK2025-SRV03: Running provisioner: shell...
    BARBHACK2025-SRV03: Running: ../../../../vagrant/Install-WMF3Hotfix.ps1 as C:\tmp\vagrant-shell.ps1
==> BARBHACK2025-SRV03: Running provisioner: shell...
    BARBHACK2025-SRV03: Running: ../../../../vagrant/ConfigureRemotingForAnsible.ps1 as C:\tmp\vagrant-shell.ps1
==> BARBHACK2025-SRV03: Running provisioner: shell...
    BARBHACK2025-SRV03: Running: inline PowerShell script
    BARBHACK2025-SRV03: Ok.
    BARBHACK2025-SRV03: 
bolke@hacky:~/NetExec-Lab/Barbhack-2025/ad/BARBHACK/providers/virtualbox$

.

VM’s created but not with all content

.

bolke@hacky:~/htb/barbhack2025$ nxc smb 192.168.10.10-13
SMB         192.168.10.10   445    VAGRANT          [*] Windows Server 2022 Build 20348 x64 (name:VAGRANT) (domain:vagrant) (signing:False) (SMBv1:None)
SMB         192.168.10.11   445    VAGRANT          [*] Windows Server 2022 Build 20348 x64 (name:VAGRANT) (domain:vagrant) (signing:False) (SMBv1:None)
SMB         192.168.10.12   445    VAGRANT          [*] Windows Server 2022 Build 20348 x64 (name:VAGRANT) (domain:vagrant) (signing:False) (SMBv1:None)
SMB         192.168.10.13   445    VAGRANT          [*] Windows Server 2022 Build 20348 x64 (name:VAGRANT) (domain:vagrant) (signing:False) (SMBv1:None)
Running nxc against 4 targets ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:00
bolke@hacky:~/htb/barbhack2025$

 

.

bolke@hacky:~/htb/barbhack2025$ nxc smb 192.168.10.10 -u user.list  -p pass.list --no-bruteforce --continue-on-success
SMB         192.168.10.10   445    VAGRANT          [*] Windows Server 2022 Build 20348 x64 (name:VAGRANT) (domain:vagrant) (signing:False) (SMBv1:None)
SMB         192.168.10.10   445    VAGRANT          [-] vagrant\user.list:pass.list STATUS_LOGON_FAILURE 
bolke@hacky:~/htb/barbhack2025$ nxc smb 192.168.10.10 -id 2 --users
SMB         192.168.10.10   445    VAGRANT          [*] Windows Server 2022 Build 20348 x64 (name:VAGRANT) (domain:vagrant) (signing:False) (SMBv1:None)
[19:46:43] ERROR    Invalid database credential ID 2!                                                                                                                        connection.py:361
bolke@hacky:~/htb/barbhack2025$

..

note: For some distributions, you may need to run additional commands to install WinRM gems this can be done via the following commands:

bolke@hacky:~$ vagrant plugin install winrm
Installing the 'winrm' plugin. This can take a few minutes...
Installed the plugin 'winrm (2.3.9)'!
bolke@hacky:~$ vagrant plugin install winrm-fs
Installing the 'winrm-fs' plugin. This can take a few minutes...
Installed the plugin 'winrm-fs (1.3.5)'!
bolke@hacky:~$ vagrant plugin install winrm-elevated
Installing the 'winrm-elevated' plugin. This can take a few minutes...
Installed the plugin 'winrm-elevated (1.2.3)'!
bolke@hacky:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute 
       valid_lft forever preferred_lft forever
2: enp1s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 80:e8:2c:14:2f:04 brd ff:ff:ff:ff:ff:ff
    altname enx80e82c142f04
3: wlp0s20f3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 58:a0:23:5c:d8:5c brd ff:ff:ff:ff:ff:ff
    altname wlx58a0235cd85c
    inet 192.168.178.53/24 brd 192.168.178.255 scope global dynamic noprefixroute wlp0s20f3
       valid_lft 2366sec preferred_lft 2366sec
    inet6 2001:1c01:391a:6500:53a6:42df:5c4c:d597/64 scope global temporary dynamic 
       valid_lft 599968sec preferred_lft 81296sec
    inet6 2001:1c01:391a:6500:f3d0:8d18:9e0:73d7/64 scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 1209597sec preferred_lft 604797sec
    inet6 fe80::c3af:e204:d3f:b60b/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
4: vboxnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 0a:00:27:00:00:00 brd ff:ff:ff:ff:ff:ff
    altname enx0a0027000000
    inet 192.168.10.1/24 brd 192.168.10.255 scope global vboxnet0
       valid_lft forever preferred_lft forever
    inet6 fe80::800:27ff:fe00:0/64 scope link proto kernel_ll 
       valid_lft forever preferred_lft forever
bolke@hacky:~$

 

.

.

Launch provisioning with Ansible

 

  • launch the provision script (launch ansible with failover on errors)
cd ansible
export ANSIBLE_COMMAND="ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory"
export LAB="BARBHACK"
../scripts/provisionning.sh

.

bolke@hacky:~/NetExec-Lab/Barbhack-2025$ ls
ad  ansible  barbhack-2025.jpg  docs  graph.mmd  README.md  scripts  vagrant
bolke@hacky:~/NetExec-Lab/Barbhack-2025$ cd ansible/
bolke@hacky:~/NetExec-Lab/Barbhack-2025/ansible$ ls
ad-acl.yml   ad-gmsa.yml     ad-parent_domain.yml  ad-servers.yml  barbhack2025.yml  data.yml       main.yml       reboot.yml  security.yml  vulnerabilities.yml
ad-data.yml  ad-members.yml  ad-relations.yml      ansible.cfg     build.yml         inventory.yml  msqlsrv02.yml  roles       servers.yml
bolke@hacky:~/NetExec-Lab/Barbhack-2025/ansible$ export ANSIBLE_COMMAND="ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory"
export LAB="BARBHACK"
../scripts/provisionning.sh

[+] Current coordinates: /home/bolke/NetExec-Lab/Barbhack-2025/ansible
[+] Preparing to deploy the Pirate Fleet for: BARBHACK
[+] The navigation charts are ready with the command: ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory
[+] The Royal Navy is approaching. The fleet must be deployed before they catch us!
[+] Raising the Jolly Roger – initiating Pirate Fleet protocols!
[+] Voyage attempt: 0
[✓] The treasure is secured—the crew celebrates! Navigating the seas with a 30-minute voyage limit: ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory build.yml
[WARNING]: Unable to parse /home/bolke/NetExec-Lab/Barbhack-2025/ad/BARBHACK/providers/virtualbox/inventory as an inventory source
[WARNING]: Deprecation warnings can be disabled by setting `deprecation_warnings=False` in ansible.cfg.
[DEPRECATION WARNING]: community.windows.win_http_proxy has been deprecated. win_http_proxy will be removed in a future release of this collection. Use ansible.windows.win_http_proxy instead. This feature will be removed from collection 'community.windows' version 4.0.0.
[DEPRECATION WARNING]: community.windows.win_inet_proxy has been deprecated. win_inet_proxy will be removed in a future release of this collection. Use ansible.windows.win_inet_proxy instead. This feature will be removed from collection 'community.windows' version 4.0.0.

PLAY [build all] *****************************************************************************************************************************************************************************
 [started TASK: Gathering Facts on dc01]
 [started TASK: Gathering Facts on srv01]
 [started TASK: Gathering Facts on srv02]
 [started TASK: Gathering Facts on srv03]

TASK [Gathering Facts] ***********************************************************************************************************************************************************************
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname dc01: Temporary failure in name resolution
fatal: [dc01]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname dc01: Temporary failure in name resolution", "unreachable": true}
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv01: Temporary failure in name resolution
fatal: [srv01]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv01: Temporary failure in name resolution", "unreachable": true}
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv02: Temporary failure in name resolution
fatal: [srv02]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv02: Temporary failure in name resolution", "unreachable": true}
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv03: Temporary failure in name resolution
fatal: [srv03]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv03: Temporary failure in name resolution", "unreachable": true}

PLAY RECAP ***********************************************************************************************************************************************************************************
dc01                       : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
srv01                      : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
srv02                      : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
srv03                      : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   

[!] The Kraken has been released upon the Seven Seas! Navy ships jammed our signals! Retrying: ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory build.yml
[+] Voyage attempt: 1
[✓] The treasure is secured—the crew celebrates! Navigating the seas with a 30-minute voyage limit: ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory build.yml
[WARNING]: Unable to parse /home/bolke/NetExec-Lab/Barbhack-2025/ad/BARBHACK/providers/virtualbox/inventory as an inventory source
[WARNING]: Deprecation warnings can be disabled by setting `deprecation_warnings=False` in ansible.cfg.
[DEPRECATION WARNING]: community.windows.win_http_proxy has been deprecated. win_http_proxy will be removed in a future release of this collection. Use ansible.windows.win_http_proxy instead. This feature will be removed from collection 'community.windows' version 4.0.0.
[DEPRECATION WARNING]: community.windows.win_inet_proxy has been deprecated. win_inet_proxy will be removed in a future release of this collection. Use ansible.windows.win_inet_proxy instead. This feature will be removed from collection 'community.windows' version 4.0.0.

PLAY [build all] *****************************************************************************************************************************************************************************
 [started TASK: Gathering Facts on dc01]
 [started TASK: Gathering Facts on srv01]
 [started TASK: Gathering Facts on srv02]
 [started TASK: Gathering Facts on srv03]

TASK [Gathering Facts] ***********************************************************************************************************************************************************************
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname dc01: Temporary failure in name resolution
fatal: [dc01]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname dc01: Temporary failure in name resolution", "unreachable": true}
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv01: Temporary failure in name resolution
fatal: [srv01]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv01: Temporary failure in name resolution", "unreachable": true}
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv02: Temporary failure in name resolution
fatal: [srv02]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv02: Temporary failure in name resolution", "unreachable": true}
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv03: Temporary failure in name resolution
fatal: [srv03]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv03: Temporary failure in name resolution", "unreachable": true}

PLAY RECAP ***********************************************************************************************************************************************************************************
dc01                       : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
srv01                      : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
srv02                      : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
srv03                      : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   

[!] The Kraken has been released upon the Seven Seas! Navy ships jammed our signals! Retrying: ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory build.yml
[+] Voyage attempt: 2
[✓] The treasure is secured—the crew celebrates! Navigating the seas with a 30-minute voyage limit: ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory build.yml
[WARNING]: Unable to parse /home/bolke/NetExec-Lab/Barbhack-2025/ad/BARBHACK/providers/virtualbox/inventory as an inventory source
[WARNING]: Deprecation warnings can be disabled by setting `deprecation_warnings=False` in ansible.cfg.
[DEPRECATION WARNING]: community.windows.win_http_proxy has been deprecated. win_http_proxy will be removed in a future release of this collection. Use ansible.windows.win_http_proxy instead. This feature will be removed from collection 'community.windows' version 4.0.0.
[DEPRECATION WARNING]: community.windows.win_inet_proxy has been deprecated. win_inet_proxy will be removed in a future release of this collection. Use ansible.windows.win_inet_proxy instead. This feature will be removed from collection 'community.windows' version 4.0.0.

PLAY [build all] *****************************************************************************************************************************************************************************
 [started TASK: Gathering Facts on dc01]
 [started TASK: Gathering Facts on srv01]
 [started TASK: Gathering Facts on srv02]
 [started TASK: Gathering Facts on srv03]

TASK [Gathering Facts] ***********************************************************************************************************************************************************************
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname dc01: Temporary failure in name resolution
fatal: [dc01]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname dc01: Temporary failure in name resolution", "unreachable": true}
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv01: Temporary failure in name resolution
fatal: [srv01]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv01: Temporary failure in name resolution", "unreachable": true}
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv02: Temporary failure in name resolution
fatal: [srv02]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv02: Temporary failure in name resolution", "unreachable": true}
[ERROR]: Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv03: Temporary failure in name resolution
fatal: [srv03]: UNREACHABLE! => {"changed": false, "msg": "Task failed: Failed to connect to the host via ssh: ssh: Could not resolve hostname srv03: Temporary failure in name resolution", "unreachable": true}

PLAY RECAP ***********************************************************************************************************************************************************************************
dc01                       : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
srv01                      : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
srv02                      : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
srv03                      : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   

[!] The Kraken has been released upon the Seven Seas! Navy ships jammed our signals! Retrying: ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory build.yml
[!] The Kraken has been released upon the Seven Seas! The fleet has sunk after 3 failed attempts! Davy Jones claims his prize!
bolke@hacky:~/NetExec-Lab/Barbhack-2025/ansible$

.

tried

bolke@hacky:~/NetExec-Lab/Barbhack-2025/ansible$ ansible-playbook -i ../ad/BARBHACK/data/inventory -i ../ad/BARBHACK/providers/virtualbox/inventory main.yml
[WARNING]: Unable to parse /home/bolke/NetExec-Lab/Barbhack-2025/ad/BARBHACK/providers/virtualbox/inventory as an inventory source
[WARNING]: Deprecation warnings can be disabled by setting `deprecation_warnings=False` in ansible.cfg.
[DEPRECATION WARNING]: community.windows.win_http_proxy has been deprecated. win_http_proxy will be removed in a future release of this collection. Use ansible.windows.win_http_proxy instead. This feature will be removed from collection 'community.windows' version 4.0.0.
[DEPRECATION WARNING]: community.windows.win_inet_proxy has been deprecated. win_inet_proxy will be removed in a future release of this collection. Use ansible.windows.win_inet_proxy instead. This feature will be removed from collection 'community.windows' version 4.0.0.
[ERROR]: The 'ansible.windows.win_domain' module has been removed. Use microsoft.ad.domain instead. This feature was removed from collection 'ansible.windows' version 3.0.0.
Origin: /home/bolke/NetExec-Lab/Barbhack-2025/ansible/roles/domain_controller/tasks/main.yml:10:3

 8   when: two_adapters == "yes"
 9
10 - name: Ensure that domain exists
     ^ column 3

bolke@hacky:~/NetExec-Lab/Barbhack-2025/ansible$

 

.

 

.