PySharpSphere

Inspired by SharpSphere, just another python version.

Installation

python3 setup.py install

Features

Support control both Linux and Windows system of virtual machines
Execute commands, upload files and dump memory on target guest OS
Use NTLM token to execute commands on guest Windows system

SharpSphere Guide

PySharpSphere Usage

usage: pySharpSphere [-h] [-H HOST] [-P PORT] [-u USER] [-p PASSWORD]
                     [-c CERT] [-k KEY] [-d DOMAIN]
                     {list,execute,upload,dump} ...

positional arguments:
  {list,execute,upload,dump}
                        sub-command
    list                list virtual machines
    execute             execute command on target machine
    upload              upload file to target machine
    dump                dump memory of target machine

optional arguments:
  -h, --help            show this help message and exit
  -H HOST, --host HOST  vCenter Server host
  -P PORT, --port PORT  vCenter Server port
  -u USER, --username USER
                        vCenter Server username
  -p PASSWORD, --password PASSWORD
                        vCenter Server password

0. List virtual machines

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password list
[*] Retrieve virtual machines list ...
DataCenter    MoID     Name                           Power    OS                                         Tools         IP
------------  -------  -----------------------------  -------  -----------------------------------------  ------------  --------------
Datacenter    vm-1015  Windows Server 2012 (VC67)     Off      Microsoft Windows Server 2012 (64-bit)     Current
Datacenter    vm-1030  VMware vCenter Server 7.0U2b   On       Other 3.x or later Linux (64-bit)          Unmanaged     192.168.100.49
Datacenter    vm-1017  VMware vCenter Server 6.7U3l   Off      Other 3.x or later Linux (64-bit)          Unmanaged
Datacenter    vm-1020  Operation Machine (Windows 7)  On       Microsoft Windows 7 (64-bit)               Current       192.168.100.2

1. Execute commands on guest OS

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password execute -t vm-1020 --guest-user administrator --guest-pass guestpassword -c whoami
[*] Execute command on target virtual machine ...
[*] Retrieve virtual machines list ...
[*] Target OS is Windows, using C:\Windows\system32\cmd.exe to execute command ...
[+] Process start successfully with PID 1200
[*] Program exited, retrieving output ...
[*] Command output:
operation-machi\administrator

2. Upload file to target virtual machine

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password upload -t vm-1020 --guest-user administrator --guest-pass guestpassword --source /tmp/test.exe --dest C:\\c2.exe
[*] Retrieve virtual machines list ...
[*] Uploading file to VM 'vim.VirtualMachine:vm-1020' ...
[*] Sending file data ...
[+] Uploaded file to C:\c2.exe successfully

3. Dump memory of guest OS

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password dump -t vm-1020
[*] Retrieve virtual machines list ...
[*] Finding snapshot on target machine vm-1020
[+] Found exists snapshot!
[*] Finding snapshot files ...
[*] Downloading .vmsn file ...
[+] Downloaded successfully: Ubuntu-Snapshot1.vmsn
[*] Downloading .vmem file ...
[+] Downloaded successfully: Ubuntu-Snapshot1.vmem

4. Execute commands on guest OS using NTLM

$ pysharpsphere -H 192.168.100.49 -u [email protected] -p password execute -t vm-1015 --guest-user administrator --guest-ntlm ea41383fa39c20f186cbcdc0ac234417 -c whoami
[*] Execute command on target virtual machine ...
[*] Retrieve virtual machines list ...
[*] Target OS is Windows, using C:\Windows\system32\cmd.exe to execute command ...
[*] Starting NTLM authentication ...
[+] Process start successfully with PID 2624
[*] Program exited, retrieving output ...
[*] Command output:
win-i1el8084mf0\administrator

PySharpSphere - Inspired by SharpSphere, just another python version

Related tags

Overview

PySharpSphere

Installation

Features

SharpSphere Guide

PySharpSphere Usage

Owner

Ricter Zheng

User-friendly reference finder in IDA

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

CVE-2022-21907 - Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907

A simple password generator using Python Tkinter.

A python script to decrypt media files encrypted using the Android application 'Decrypting 'LOCKED Secret Calculator Vault''. Will identify PIN / pattern.

A Safer PoC for CVE-2022-22965 (Spring4Shell)

Blinder is a tool that will help you simplify the exploitation of blind SQL injection

Android Malware (Analysis | Scoring) System

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A tool to extract the IdP cert from vCenter backups and log in as Administrator

Simple yara rule manager

Let's you scan the entire internet in a couple of hours and identify all Minecraft servers on IPV4

dos-atack-tor script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor.

Log4j2 intranet scan

Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

A honeypot for the Log4Shell vulnerability (CVE-2021-44228)

This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

Small python script to look for common vulnerabilities on SMTP server.

Python bindings to LibreSSL library