How to hack VMware vCenter server in 60 seconds - ERPScan

More documents

Recommendations

Info

CVE-2009-1523 • Directory traversal in Jetty web server • http://target:9084/vci/download/health.xml/%3f/../../../../FILE • Discovered by Claudio Criscione • But fixed in VMware Update Manager 4.1 update 1 :( • Who wants to pay me for 0-days? • A pen-tester is not a researcher? 6
Directory traversal… again? • Directory traversal in Jetty web server • http://target:9084/vci/download/.%5C..%5C..%5C..%5C..%5C..% 5C..%5C..%5C..\FILE.EXT • Discovered by Alexey Sintsov • Metasploit module vmware_update_manager_traversal.rb by sinn3r 7
Page 1 and 2: Invest in security to secure invest
Page 3 and 4: Target 3
Page 5: Target • VMware vCenter version 4
Page 9 and 10: Fixed? • Fixed in version 4.1 upd
Page 11 and 12: Attack • Administrators check the
Page 13 and 14: VMware vCenter Orchestrator • VMw
Page 15 and 16: We get in 15
Page 17 and 18: VMware vCenter Orchestrator • vCO
Page 19 and 20: Password encoding 006766e7964766a15
Page 21 and 22: Password decoder 21
Page 23 and 24: Example exploit 23
Page 25 and 26: Attack vectors • Directory traver
Page 27 and 28: Conclusion • Fixed bugs are not a

How to hack VMware vCenter server in 60 seconds - ERPScan

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?