Skip to content

Instantly share code, notes, and snippets.

@OALabs

OALabs/boxstarter_oalabs_x86vm.ps1

Last active December 17, 2022 22:03
Show Gist options
  • Star 31 You must be signed in to star a gist
  • Fork 16 You must be signed in to fork a gist
  • Save OALabs/cad8d9489245f3f96d9669f56d2877f3 to your computer and use it in GitHub Desktop.
Save OALabs/cad8d9489245f3f96d9669f56d2877f3 to your computer and use it in GitHub Desktop.
Download ZIP
Boxstarter - One click malware analysis tools installer for 32bit VM
Raw
boxstarter_oalabs_x86vm.ps1
Set-ExecutionPolicy Unrestricted;
iex ((New-Object System.Net.WebClient).DownloadString('http://boxstarter.org/bootstrapper.ps1'));
get-boxstarter -Force;
Install-BoxstarterPackage -PackageName 'https://gist.githubusercontent.com/OALabs/afb619ce8778302c324373378abbaef5/raw/4006323180791f464ec0a8a838c7b681f42d238c/oalabs_x86vm.ps1';
@SecOnTheBeach
Copy link

Hi,
just wanted to throw this in, in case someone stumbles over the same Problem.

Make sure you use a up-to-date Powershell Version for this, i've been using my own Win7 .iso, which came with a horribly outdated PS Version.
After updating to PS 5.1+ i still had to manually edit the Script with

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

for it not to cause any SSL/TLS Errors upon fetching the files.

greetings and keep up the good work !

@GodspeedChloe
Copy link

Hi,
just wanted to throw this in, in case someone stumbles over the same Problem.

Make sure you use a up-to-date Powershell Version for this, i've been using my own Win7 .iso, which came with a horribly outdated PS Version.
After updating to PS 5.1+ i still had to manually edit the Script with

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

for it not to cause any SSL/TLS Errors upon fetching the files.

greetings and keep up the good work !

Thank you for this! For anyone who doesn't know what this looks like, the issue looks like this:
Capture

@GodspeedChloe
Copy link

GodspeedChloe commented Sep 16, 2020
edited

After further investigation, the script provided doesn't work. This issue is ran into:
Capture
Running the lordpe.flare install script itself, this is the result:
Capture
Now, this shouldn't necessarily be a hardcoded path that is being joined, but there is clearly an issue here.
This env variable needs to be set at some point to avoid failure.
So the variable needs to be set. This is also documented in flare-vm's notes here:

Starting with version 2.0, FLARE VM uses the following environment variables:

TOOL_LIST_DIR: The default value is set to %PROGRAMDATA%\Microsoft\Windows\Start Menu\Programs\FLARE.
TOOL_LIST_SHORTCUT: The default value is set to %USERPROFILE%\Desktop\FLARE.lnk.

The installer script sets those environment variables automatically. If there are issues during installation, please verify that those environment variables are set correctly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment