Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/shmilylty/vhost_password_decrypt
vhost password decrypt
https://github.com/shmilylty/vhost_password_decrypt
Last synced: 1 day ago
JSON representation
vhost password decrypt
- Host: GitHub
- URL: https://github.com/shmilylty/vhost_password_decrypt
- Owner: shmilylty
- Created: 2021-12-13T09:47:36.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2022-10-25T10:40:23.000Z (about 2 years ago)
- Last Synced: 2024-08-05T17:44:34.767Z (4 months ago)
- Language: Python
- Size: 11.7 KB
- Stars: 227
- Watchers: 4
- Forks: 61
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - shmilylty/vhost_password_decrypt - vhost password decrypt (Python)
README
# vhost_password_decrypt
## Where is symkey.dat
Windows:C:\ProgramData\VMware\vCenterServer\cfg\vmware-vpx\ssl\symkey.datLinux:/etc/vmware-vpx/ssl/symkey.dat
## Where is postgres user password
Windows: C:\ProgramData\VMware\vCenterServer\cfg\vmware-vps\vcdb.propertiesLinux:
/etc/vmware-vpx/vcdb.properties
/etc/vmware/service-state/vpxd/vcdb.properties## Where is psql
Windows: C:\Program Files\VMware\vCenter Server\vPostgres\bin\psql.exeLinux: /opt/vmware/vpostgres/9.3/bin/psql
## export
psql -h 127.0.0.1 -p 5432 -U vc -d VCDB -c "select ip_address,user_name,password from vpx_host;" > password.enc## How to use
pip3 install pycryptodome
python3 decrypt.py symkey.dat password.enc password.txt
![image](https://user-images.githubusercontent.com/24275308/145789863-3911ce8b-b6e1-4114-b051-1cb0c4df5068.png)
# How this might help during a pentest / tutorial
see the end -> https://pentera.io/blog/information-disclosure-in-vmware-vcenter/