GuestStealer allows for the stealing of VMware guests from vulnerable hosts base
GuestStealer allows for the stealing of VMware guests from vulnerable hosts based on the Directory Traversal Vulnerability detailed in CVE-2009-3373 and VMSA-2009-0015. GuestStealer was released at ShmooCon 2010 during Tony Flick's 'Stealing Guests...The VMware Way' presentation.More info and Download
Download Stealing Guests…The VMware Way PDF
http://fyrmassociates.com/tools/gueststealer-v1.pl
GuestStealer allows for the stealing of VMware guests from vulnerable hosts based on the Directory Traversal Vulnerability detailed in CVE-2009-3373 and VMSA-2009-0015. GuestStealer was released at ShmooCon 2010 during Tony Flick's 'Stealing Guests...The VMware Way' presentation.
Requirements
[*]Perl interpreter
[*]LWP::Simple perl module
[*]XML::Simple perl module
[*]Data::Dumper perl module
[*]Crypt::SSLeay perl module
Instructions
[*]perl gueststealer-v1.pl -h <Host> -p <Web Access UI Port> -s <SSL Web Access UI> -t <Server Type> -o <Output Directory>
[*]-h = The target host (IP Address or Host Name)
-p = Port for the Web Access UI (Defaults: ESX/ESXi = 80/443, Server = 8222/8333)
-s = Is the Web Access UI utilizing SSL (yes/no)
-t = Target type (server/esx/esxi)
-o = Output directory
[*]Example Usage:
perl gueststealer-v1.pl -h 192.168.1.2 -p 8333 -s yes -t server -o /tmp
页:
[1]