vmware_enum_users
This module will log into the Web API of VMware and try to enumerate all the user accounts. If the VMware instance is connected to one or more domains, it will try to enumerate domain users as well.
msf > use auxiliary/scanner/vmware/vmware_enum_users msf auxiliary(vmware_enum_users) > show options Module options (auxiliary/scanner/vmware/vmware_enum_users): Name Current Setting Required Description ---- --------------- -------- ----------- PASSWORD password yes The password to Authenticate with. Proxies no A proxy chain of format type:host:port[,type:host:port][...] RHOSTS yes The target address range or CIDR identifier RPORT 443 yes The target port (TCP) SSL true no Negotiate SSL/TLS for outgoing connections THREADS 1 yes The number of concurrent threads USERNAME root yes The username to Authenticate with. VHOST no HTTP server virtual host msf auxiliary(vmware_enum_users) >
Running this module will output a nice list of all the groups and users on the server.
msf auxiliary(vmware_enum_users) > run [+] Groups for server 192.168.1.52 ============================== Name Description ---- ----------- daemon localadmin nfsnobody nobody root tty users vimuser [+] Users for server 192.168.1.52 ============================= Name Description ---- ----------- hacker hacker daemon daemon dcui DCUI User nfsnobody Anonymous NFS User nobody Nobody root Administrator vimuser vimuser [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed msf auxiliary(vmware_enum_users) >