vmware_enum_users

This module will log into the Web API of VMware and try to enumerate all the user accounts. If the VMware instance is connected to one or more domains, it will try to enumerate domain users as well.

msf > use auxiliary/scanner/vmware/vmware_enum_users
msf  auxiliary(vmware_enum_users) > show options

Module options (auxiliary/scanner/vmware/vmware_enum_users):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   PASSWORD  password         yes       The password to Authenticate with.
   Proxies                    no        A proxy chain of format type:host:port[,type:host:port][...]
   RHOSTS                     yes       The target address range or CIDR identifier
   RPORT     443              yes       The target port (TCP)
   SSL       true             no        Negotiate SSL/TLS for outgoing connections
   THREADS   1                yes       The number of concurrent threads
   USERNAME  root             yes       The username to Authenticate with.
   VHOST                      no        HTTP server virtual host

msf  auxiliary(vmware_enum_users) > 

Running this module will output a nice list of all the groups and users on the server.

msf  auxiliary(vmware_enum_users) > run

[+] Groups for server 192.168.1.52
==============================

 Name        Description
 ----        -----------
 daemon      
 localadmin  
 nfsnobody   
 nobody      
 root        
 tty         
 users       
 vimuser     

[+] Users for server 192.168.1.52
=============================

 Name        Description
 ----        -----------
 hacker      hacker
 daemon      daemon
 dcui        DCUI User
 nfsnobody   Anonymous NFS User
 nobody      Nobody
 root        Administrator
 vimuser     vimuser

[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf  auxiliary(vmware_enum_users) > 
Menu
X Close

 

Certified Pentesting
Professional

OSCP
course starting at
$800 USD

Take Penetration Testing with Kali Linux to gain invaluable penetration testing skills and earn your OSCP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCP

Certified Pentesting
Expert

OSCE
course starting at
$1200 USD

Take Cracking the Perimeter to take your penetration testing skills to expert levels and earn your OSCE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCE

 

Certified Pentesting
Web Expert

OSWE
course starting at
$1400 USD

Take Advanced Web Attacks and Exploitation, to deep dive into web apps to earn your OSWE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWE

Certified Pentesting
Wireless Professional

OSWP
course starting at
$450 USD

Take Offensive Security Wireless Attacks to acquire knowledge about Wi-Fi attacks and earn your OSWP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWP

Certified Exploitation
Expert

OSEE
course starting at
See
Live Schedule

Take Advanced Windows Exploitation to develop exploits for Windows systems and earn your OSEE.

  • Live training course
  • Includes certification exam fee
  • Maximum instructor interaction
  • Highly challenging
  • Become an OSEE