Scanner VMWare Auxiliary Modules

a11y.text Scanner VMWare Auxiliary Modules

This module will log into the Web API of VMware and try to enumerate all the user accounts. If the VMware instance is connected to one or more domains, it will try to enumerate domain users as well.

msf > use auxiliary/scanner/vmware/vmware_enum_users
msf  auxiliary(vmware_enum_users) > show options

Module options (auxiliary/scanner/vmware/vmware_enum_users):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   PASSWORD  password         yes       The password to Authenticate with.
   Proxies                    no        A proxy chain of format type:host:port[,type:host:port][...]
   RHOSTS                     yes       The target address range or CIDR identifier
   RPORT     443              yes       The target port (TCP)
   SSL       true             no        Negotiate SSL/TLS for outgoing connections
   THREADS   1                yes       The number of concurrent threads
   USERNAME  root             yes       The username to Authenticate with.
   VHOST                      no        HTTP server virtual host

msf  auxiliary(vmware_enum_users) >

Running this module will output a nice list of all the groups and users on the server.

msf  auxiliary(vmware_enum_users) > run

[+] Groups for server 192.168.1.52
==============================

 Name        Description
 ----        -----------
 daemon
 localadmin
 nfsnobody
 nobody
 root
 tty
 users
 vimuser

[+] Users for server 192.168.1.52
=============================

 Name        Description
 ----        -----------
 hacker      hacker
 daemon      daemon
 dcui        DCUI User
 nfsnobody   Anonymous NFS User
 nobody      Nobody
 root        Administrator
 vimuser     vimuser

[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf  auxiliary(vmware_enum_users) >
Next
Scanner VNC Auxiliary Modules
Prev
Scanner TFTP Auxiliary Modules