infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

vmauthd_version

bug/bundler_fix
h00die 2017-05-11 21:04:10 -04:00
parent 69755f6ac3
commit f0e3a1f9da
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
documentation/modules/auxiliary/scanner/vmware/vmauthd_version.md Normal file
View File

@ -0,0 +1,28 @@
## Vulnerable Application
`vmauthd` is the VMWare authentication daemon that is included wiht many VMWare products, including ESX(i), player, and workstation.
**Warning:** There is a known condition where this module utilizes `SSLv3`, however this is disabled in Kali.
Changing to `SSLv23` will work on a default Kali install. This change was made for documenting this module.
Please see [#7225](https://github.com/rapid7/metasploit-framework/issues/7225#issuecomment-294413253) for additional details and the fix.
## Verification Steps
1. Start msfconsole
2. Do: `use auxiliary/scanner/vmware/vmauthd_version`
3. Do: `set rhosts`
4. Do: `run`
## Scenarios
A run against ESXi 6.0.0 Update 2 (Build 4600944)
```
msf > use auxiliary/scanner/vmware/vmauthd_version
msf auxiliary(vmauthd_version) > set rhosts 10.1.2.5
rhosts => 10.1.2.5
msf auxiliary(vmauthd_version) > run
[*] 10.1.2.5:902 - 10.1.2.5:902 Switching to SSL connection...
[*] 10.1.2.5:902 - 10.1.2.5:902 Banner: 220 VMware Authentication Daemon Version 1.10: SSL Required, ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , VMXARGS supported, NFCSSL supported/t Certificate:/C=US/ST=California/L=Palo Alto/O=VMware, Inc/OU=VMware ESX Server Default Certificate/emailAddress=ssl-certificates@vmware.com/CN=localhost.localdomain/unstructuredName=1328954372,564d7761726520496e632e
```