Hyper-V

Hyper‑V is Microsoft’s built-in type‑1 hypervisor, allowing you to create and run multiple virtual machines (VMs) on Windows Server or supported Windows editions (Pro, Enterprise, Education) . It runs directly on hardware for strong isolation and efficient resource use. Each VM has virtual CPUs, memory, storage, and networking via virtual switches. Key features include snapshots, live migration, and dynamic memory. Hyper‑V is great for server consolidation, test environments, private clouds, and high‑availability setups.

Pre-requisites

  • More than 4GB of RAM

  • More than 1 core of CPU

  • CPU nested virtualization enabled

Installation

  1. Open Server Manager and click on "Add Roles and Features"

  2. Select "Role-based or Feature-based Installation"

  3. Select your server

  4. Mark "Hyper-V"

  5. Don't select your default network adapter, we will configure one later on

  6. Leave the rest by default and click install

  7. Restart the server

Configuration

Network adapter

Since we want our VM (which for example could be a domain-joined computer) to have direct connectivity with the Domain Controller, we need to create an internal adapter for this VM. In a realistic context, this would be the company's internal network.

Open a PowerShell console as admin and run the following commands. These will add a new NAT adapter named Switch01 with the address prefix 192.168.100.0/24 . 

New-VMSwitch -SwitchName "Switch01" -SwitchType Internal
New-NetIPAddress -IPAddress 192.168.100.1 -PrefixLength 24 -InterfaceAlias "vEthernet (Switch01)"
New-NetNAT -Name "NATNetwork" -InternalIPInterfaceAddressPrefix 192.168.100.0/24

If you want to forward port 80 (HTTP) of the internal VM (let's supose it has IIS or some web server running), you just have to add a network mapping. Note that the VM must have an static IP address which you can configure in Control panel (see how I configured the ethernet adapter for domain-joining previously).

Add-NetNatStaticMapping -NatName "NatNetwork" -Protocol TCP -ExternalIPAddress 0.0.0.0 -ExternalPort 80 -InternalIPAddress 192.168.100.2 -InternalPort 80

In this example our VM has IP 192.168.100.2 and the DC has 192.168.100.1.

Creating a new Virtual Machine

In this scenario we are configuring a VM from 0, so we only need to have the ISO file of the operating system we want. It doesn't matter if it's windows or linux, it works the same.

  1. Open Hyper-V manager and go to your server.

  1. In the actions panel in the right side, click "New > Virtual Machine". I'll name it "VM01" since I won't be actually using this VM. I like to store them in C:\Users\Administrator\Documents\VMs\ to avoid any unintendeds.

  1. The next step is important. If you plan on having nested virtualization (for example having Credential Guard), you will need to use the "Generation 2" box. However, some CPUs don't support this (for example, mine!) so it's worth a try before starting to build anything big.

  1. Depending on what you're building, you'll need more or less RAM. I highly recommend using Windows Server Core in the internal VMs of the DC, since if not it'd be too resource comnsuming. I'll assign 1GB of RAM.

  1. In the next step we only need to select the network adapter we've just created.

  1. Now we specify the size of the VM's disk. For HTB, I recommend 12GB max.

  1. Next, we only need to specify the ISO of the OS we want (in my case, Windows Server 2019).

That's all to create your first VM!

Installation is the same as always, but the only thing you need to take care off is to configure the DNS server to resolve to the DC. See DNS to see how to configure this in Linux using netplan or the network interfaces.

Importing a previously configured Virtual Machine

Let's say that you are building a chain AD box for HackTheBox. It consists in at least two boxes (DC01 and WS01) and you need to only supply one VM image to HTB. But you've already built WS01 and DC01 separately, and you need to import it to Hyper-V. The issue is that you can't directly import the .ovf or .ova file into Hyper-V, so you need to convert the .vmdk file VMWare creates into a .vhdx file that can be specified as a virutal disk in Hyper-V.

  1. Export the VM from VMWare into an .ovf file.

  2. Locate the .vmdk file and run the following command after installing qemu.

.\qemu-img.exe convert -f vmdk -O vhdx "C:\path\to\your\disk.vmdk" "C:\path\to\your\disk.vhdx"

  1. Move the new generated file into the main VM (in this case the DC) and create a new virtual machine, following the previously steps. The only difference is that instead of selecting "Create a new virtual hard disk", you need to select "Use an existing virtual hard disk" and select the one you've just generated.

The DNS configuration is the same as previously.

We have now two server VMs!

Written by ruycr4ft

PreviousWindows FirewallNextDNS

Last updated