metasploit-framework/modules/auxiliary/scanner/vmware/vmware_enum_vms.rb

83 lines
2.9 KiB
Ruby
Raw Normal View History

##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
2016-03-08 13:02:44 +00:00
class MetasploitModule < Msf::Auxiliary
2013-08-30 21:28:54 +00:00
include Msf::Exploit::Remote::HttpClient
include Msf::Auxiliary::Report
include Msf::Exploit::Remote::VIMSoap
include Msf::Auxiliary::Scanner
2013-08-30 21:28:54 +00:00
def initialize
super(
'Name' => 'VMWare Enumerate Virtual Machines',
'Description' => %Q{
This module attempts to discover virtual machines on any VMWare instance
running the web interface. This would include ESX/ESXi and VMWare Server.
},
'Author' => ['theLightCosine'],
2016-01-22 08:54:52 +00:00
'License' => MSF_LICENSE,
'DefaultOptions' => { 'SSL' => true }
2013-08-30 21:28:54 +00:00
)
2013-08-30 21:28:54 +00:00
register_options(
[
Opt::RPORT(443),
OptString.new('USERNAME', [ true, "The username to Authenticate with.", 'root' ]),
OptString.new('PASSWORD', [ true, "The password to Authenticate with.", 'password' ]),
OptBool.new('SCREENSHOT', [true, "Wheter or not to try to take a screenshot", true])
], self.class)
end
2013-08-30 21:28:54 +00:00
def run_host(ip)
2013-08-30 21:28:54 +00:00
if vim_do_login(datastore['USERNAME'], datastore['PASSWORD']) == :success
virtual_machines = vim_get_vms
virtual_machines.each do |vm|
print_good YAML.dump(vm)
report_note(
:host => rhost,
:type => "vmware.esx.vm",
:data => vm,
:port => rport,
:proto => 'tcp',
:update => :unique_data
)
next unless datastore['SCREENSHOT'] and vm['runtime']['powerState'] == 'poweredOn'
print_status "Attempting to take screenshot of #{vm['name']}...."
screenshot = vim_take_screenshot(vm, datastore['USERNAME'], datastore['PASSWORD'] )
case screenshot
when :error
print_error "Screenshot failed"
next
when :expired
vim_do_login(datastore['USERNAME'], datastore['PASSWORD'])
retry_result = vim_take_screenshot(vm, datastore['USERNAME'], datastore['PASSWORD'] )
if retry_result == :error or retry_result == :expired
print_error "Screenshot failed"
else
ss_path = store_loot("host.vmware.screenshot", "image/png", datastore['RHOST'], retry_result, "#{vm['name']}_screenshot.png", "Screenshot of VM #{vm['name']}")
print_good "Screenshot Saved to #{ss_path}"
end
else
ss_path = store_loot("host.vmware.screenshot", "image/png", datastore['RHOST'], screenshot, "screenshot.png", "Screenshot of VM #{vm['name']}")
print_good "Screenshot Saved to #{ss_path}"
end
end
2013-08-30 21:28:54 +00:00
f = store_loot('host.vmware.vms', "text/plain", datastore['RHOST'], YAML.dump(virtual_machines) , "#{datastore['RHOST']}_esx_vms.txt", "VMWare ESX Virtual Machines")
vprint_status("VM info stored in: #{f}")
else
print_error "Login Failure on #{ip}"
return
end
end
end