Search the Community
Showing results for tags 'vmware'.
-
During a recent engagement, I discovered a machine that is running VMware ESXi 6.7.0. Upon inspecting any known vulnerabilities associated with this version of the software, I identified it may be vulnerable to ESXi OpenSLP heap-overflow (CVE-2021–21974). Through googling, I found a blog post by Lucas Leong (@_wmliang_) of Trend Micro’s Zero Day Initiative, who is the security researcher that found this bug. Lucas wrote a brief overview on how to exploit the vulnerability but share no reference to a PoC. Since I couldn’t find any existing PoC on the internet, I thought it would be neat to develop an exploit based on Lucas’ approach. Before proceeding, I highly encourage fellow readers to review Lucas’ blog to get an overview of the bug and exploitation strategy from the founder’s perspective.
-
awesome vmware escape exploit Sharing some useful archives about vm and qemu escape exploit. I want to collect what I can find. Also be welcome to provide me with issues. In computer security, virtual machine escape is the process of breaking out of a virtual machine and interacting with the host operating system. VMware && Esxi Writeup and Exploit VMware Escape Exploit - CVE-2017-4901 A-bunch-of-Red-Pills-VMware-Escapes eu-17-Mandal-The-Great-Escapes-Of-Vmware-A-Retrospective-Case-Study-Of-Vmware-G2H-Escape-Vulnerabilities Vmware-exploit GitHub repositor Virtualbox Basic virtualbox technical background VirtualBox E1000 Guest-to-Host Escape Oracle VirtualBox < 5.1.30 / < 5.2-rc1 - GUest to Host Escape VirtualBox 5.2.6.r120293 -VM Escape Escaping VirtualBox 6.1 Qemu VM escape - QEMU Case Study Qemu - Escape - analysis - CVE-2015-7504 and CVE-2015-7512 Some Qemu escape exploit Docker Basic eu-15-Bettini-Vulnerability-Exploitation-In-Docker-Container-Environments CSW2016-Docker-Escape-Techonology escaping-docker-container-using-waitid-cve-2017-5123 Hyper-V awesome-hyper-v-exploitation Misc google group vmkernelnewbies(has some good basic intro) XEN D2T2-Shangcong-Luan-Xen-Hypervisor-VM-Escape vmware exploitation(list)
-
VMware și-a avertizat clienții cu privire la o vulnerabilitate critică prezentă în mai multe dintre produsele sale, inclusiv Workspace One Access și Identity Manager, care ar putea permite hackerilor să preia controlul mașinilor vulnerabile. Defecțiunea bazata pe "code execution", urmărită ca CVE-2020-4006 și evaluată cu 9,1 pe scara de severitate a amenințărilor CVSS, poate fi exploatată într-o serie de produse VMware, a avertizat compania. În prezent nu există niciun patch disponibil, deși firma a emis o soluție care poate fi aplicată în unele cazuri. De asemenea, nu se menționează dacă defectul este exploatat activ în natură sau nu. Hackerii înarmați cu acces la rețea la configuratorul administrativ de pe portul 8443 și o parolă validă pentru contul de administrator pot exploata eroarea pentru a executa comenzi cu privilegii nerestricționate pe sistemul de operare (OS) subiacent. Serviciile afectate sunt: - VMware Workspace - Cloud Foundation, - vRealize Suite Lifecycle Manager. - Workspace One Access Connector, - One Access, VMware Workspace One Access 20.10 (Linux) VMware Workspace One Access 20.01 (Linux) - Identity Manager, VMware Identity Manager 3.3.1 up to 3.3.3 (Linux) - Identity Manager Connector, VMware Identity Manager Connector 3.3.2, 3.3.1 (Linux) VMware Identity Manager Connector 3.3.3, 3.3.2, 3.3.1 (Windows) Vulnerabilitatea poate fi exploatată în unele produse găzduite pe Linux, dar nu și pe Windows dar și în alte sisteme de operare. Detaliile complete despre configurațiile software și OS afectate sunt prezentate în recomandările de securitate ale VMware. Până la lansarea unui patch, VMware a prezentat o soluție care poate fi aplicată unor linii de produse, dar nu tuturor. Clienții care utilizează Workspace One Access, VMware Identity Manager și VMware Identity Manager Connector pot urma pașii detaliați prezentați aici, pentru configuratorul găzduit pe portul 8443. Aceasta implică executarea unui set de comenzi pentru toate produsele afectate. Soluția de soluționare nu este compatibilă cu alte produse dincolo de cele trei care ar putea fi afectate, iar clienții vor trebui să stea cu ochii deschiși pentru orice noutati despre un patch la momentul lansării unuia. Știrile despre această vulnerabilitate au sosit la doar câteva zile după ce VMware a confirmat două defecte critice în produsele sale ESXi, Workstation, Fusion și Cloud Foundation. Use-after-free vulnerability in XHCI USB controller (CVE-2020-4004)
-
Proof of concept for CVE-2020-3952 This is a short piece of code that exploits of CVE-2020-3952, which is described in detail at the Guardicore Labs post over here. This vulnerability was published by VMware in April 2020 with a maximum CVSS score of 10.0. It allows an attacker with a network connection to take control of the vCenter Directory (and thus to the vSphere deployment). VMware released a fix for this bug in vCenter Server 6.7 Update 3f. Any unpatched vCenter 6.7 that has been upgraded from a previous version is vulnerable to this attack. (Clean installs of vCenter 6.7 are not affected.) We recommend reading the post to understand how this exploit works, but in short, it does three things: Attempts an ldap bind request to the vmdird process. This should fail with invalid credentials. Adds a new user with the requested username and password under the domain 'cn=NEW_USERNAME,cn=Users,dc=vsphere,dc=local'. Adds the new user to the 'cn=Administrators,cn=Builtin,dc=vsphere,dc=local' group. Requirements pip3 install python-ldap Usage python3 exploit.py <VCENTER_IP> <NEW_USERNAME> <NEW_PASSWORD> Download: vmware_vcenter_cve_2020_3952-master.zip git clone https://github.com/guardicore/vmware_vcenter_cve_2020_3952.git Source
-
- 1
-
- cve-2020-3952
- vmware
-
(and 1 more)
Tagged with:
-
Test Microsoft Edge and versions of IE6 through IE11 using free virtual machines you download and manage locally. https://dev.windows.com/en-us/microsoft-edge/tools/vms/ About Your Virtual Machine: Please note that these virtual machines expire after 90 days. We recommend setting a snapshot when you first install the virtual machine which you can roll back to later.
-
Freeze instalare vmWare "Relocating modules and starting up the kernel..."
Guest posted a topic in Tutoriale in romana
Majoritatea posesorilor de servere Dell CS24-SC/TY, ce vor sa instaleze Hypervisor-ul de la vmWare, vor intampina urmatoarea problema incepand cu versiunea 5.5: Dupa ce pornit install-ul si isi incarca toate dependintele, apare urmatorul mesaj "Relocating modules and starting up the kernel...", iar masina se blocheaza, fiind nevoie de un Cold Reboot pentru a raspunde din nou la input. Problema apare in momentul in care vmWare verifica daca sistemul ruleaza in modul HeadLess, iar cum in modelele CS24-SC nu exista o optiune din bios pentru a dezactiva/activa modul headless, va trebui sa pasam un argument de ignore catre kernel, in felul urmator: In timp ce serverul afiseaza screen-ul de Install al ESXi, apasam Shift+O (O, nu zero), ca in imaginea de mai jos Apoi, lasam spatiu si scriem ignoreHeadless="TRUE" Iar acum, installerul va continua fara probleme. Dupa ce totul s-a instalat, puteti activa SSH-ul si modifica aceasta configuratie pentru a fi permanenta, ruland in SSH urmatoarea comanda esxcfg-advcfg --set-kernel "TRUE" ignoreHeadless Gata. Problema rezolvata. Eventual puteti da un reboot pentru a va asigura ca totul este ok . Sursa: Freeze instalare vmWare "Relocating modules and starting up the kernel..." pe Dell CS24-SC -
Virtual Machine maker VMware has updated a slew of its offerings in order to address a critical information disclosure vulnerability in the Oracle’s Java runtime environment (JRE). The update essentially installs the latest version of JRE into VMware systems where the old version of JRE was affected by CVE-2014-6593. The newer JRE versions fix other bugs as well, but the Full Disclosure entry for VMware is only concerned with CVE-2014-6593, which could allow information disclosure inside certain VMware environments. VMware products operating on JRE 1.7 update 75 and newer and JRE 1.6 update 91 and newer are not impacted by this vulnerability. CVE-2014-6593 is also known as “SKIP” or “SKIP-TLS.” Affected VMware produicts include, Horizon View 6.x or 5.x, Horizon Workspace Portal Server 2.1 or 2.0, vCenter Operations Manager 5.8.x or 5.7.x, vCloud Automation Center 6.0.1, vSphere Replication prior to 5.8.0.2 or 5.6.0.3, vRealize Automation 6.2.x or 6.1.x, vRealize Code Stream 1.1 or 1.0, vRealize Hyperic 5.8.x, 5.7.x or 5.0.x, vSphere AppHA Prior to 1.1.x, vRealize Business Standard prior to 1.1.x or 1.0.x, NSX for Multi-Hypervisor prior to 4.2.4, vRealize Configuration Manager 5.7.x or 5.6.x and vRealize Infrastructure 5.8 or 5.7. The patch resolving this JRE issue is pending for a number of VMware products. You can find a list of mitigation options on the Full Disclosure mailing list. Source
-
- disclosure
- jre
-
(and 3 more)
Tagged with:
-
Launch the downloaded setup and wait till it loads Continue the setup with your own options and install vmware Right after the installation it will ask for a License key to activate full version Just copy a key from below and paste in the box there Click Enter ! That’s all launch VMware workstation 11 and see about ; its registered Serial Keys CV512-FAW91-085NP-DMXQX-QLHAF AA7DU-APW15-H848Q-P5ZGZ-PCRC2 VU1N2-6DE5N-M8DLQ-AEMEV-XA2Z4 UV3NR-AMZ17-08EZP-9YQQE-MZAY8 GC75U-21E50-M8D5Q-K6YQX-W28V8 Prima cheie am testato cateva minute in urma si merge perfect .
-
Salutari. Care ave?i idee cum as putea sa virtualizez componentele unui PC, si sa bag sistemul de operare in VMware? Eu am f?cut asa: am folosit "disk2vhd" pentru a creea copia unei parti?ii cu sistemul de operare WINDOWS XP. Rezultând un fi?ier .VHD . Pentru a il putea pune in VMware l-am convertit cu "StarWind V2V Image Converter" in .VMDK . Bun pana aici totul ok. Dupa montare în VMware ?i pornirea sistemului de operare virtual, nu î?i p?streaz? aceea?i configura?ie ca PC-ul original (acela?i CPU, acela?i HDD, etc), ?i î?i ia configura?ia noului PC. Iar eu încerc sa rulez un program MS-DOS care recunoa?te imediat ca s-a schimbat configura?ia PC-ului si nu mai ruleaz?. Ce e de facut ?
-
Keys for VMware Workstation 10.0.1-1379776 VMware Workstation 10 delivers best-in-class Windows 8 support, and innovative new features that transform the way technical professionals work with virtual machines, whether they reside on their PCs or on private enterprise clouds. *New Operating System Support Support has been added for: -Windows 8.1 -Windows 8.1 Enterprise -Windows Server 2012 R2 -Ubuntu 13.10 As well as for the latest Fedora, CentOS, Red Hat and OpenSUSE releases. *VMware Hardware Version 10 This version of VMware Workstation includes VMware hardware Version 10 and is compatible with vSphere 5.5. Hardware versions introduce new virtual hardware functionality and new features while enabling VMware to run legacy operating systems in our virtual machines. New features included in this hardware version: *16 vCPUs Virtual machines can now run with up to 16 virtual CPUs. This enables very processor intensive applications to be run in a virtual machine. Note: Running virtual machines with 16 vCPUs requires that both your host and guest operating system support 16 logical processors. Your physical machine must have at least 8 cores with hyper-threading enabled to power on a virtual machine with this configuration. *8 Terabyte Disks Virtual machines can now include virtual disks greater than 2 Terabytes. Given the limitations of most operating systems to boot from disks greater than 2 Terabytes, These large disks are most useful as secondary drives for file storage. Note: To use a disk greater than 2TB for a boot disk, your guest operating system would need to boot using EFI in order to read a GPT formatted disk which is required to access all of the sectors on a disk of this size. Additionally, the Buslogic controller is not capable of supporting a disk greater than 2TB. Extra murphy78 note: To enable EFI boot mode, edit the .VMX file and add: firmware = "efi" Alternatively, to set it back to bios (legacy) boot, change to: firmware = "bios" *Virtual SATA Disk Controller A SATA I/O controller can now be selected during the creation of a custom virtual machine in addition to an IDE and SCSI controller. This enables use of in-box SATA drivers that are shipped with operation systems. *USB Improvements USB 3 Streams have been implemented to enable high speed transfer of files from USB 3 external storage devices that support this technology. For customers running Workstation 10 on laptops with small hard disks, large data files, video files etc., can be stored on an external USB 3 storage device and accessed quickly from within the virtual machine. VMware has also addressed issues Intel, NEC, AMD, TI and Linux Kernel host xHCI drivers to improve overall USB 3 compatibility and performance. *More VMnets Due to demand, VMware has doubled the number of VMnets in Workstation 10 to twenty! This provides you with more virtual networks to dedicate to specific uses, and it enables more complex networked virtual environments to be built. *SSD Pass-through Windows 8 is capable of detecting when it is being run from a solid state drive (SSD) and optimizes itself for this hardware. In Workstation 10, the guest operating system will be able to detect when the virtual machine Disk file is being stored on an SSD drive and the operating system can make the same optimizations when it is running in a virtual machine. Many additional changes have been made to this Hardware Version including some performance improvements, power savings, and compatibility with new processors. We have also made significant improvements in the startup time of VMware Workstation and in Windows boot time when running Windows virtual machines. *Expiring Virtual Machines VMware has enhanced the capabilities of Restricted Virtual Machines to include the ability to expire a virtual machine on a specified date and time. This feature enables our customers to create virtual machines to be shared with employees, students, customers, contractors, etc. The restricted virtual machine will run until their contract terminates, demo runs out, or course ends. The expiring capability establishes a secure connection to a web server to validate the current date and time and prevent users from rolling back their system clock to circumvent the logic. The ability to set the synchronization frequency has been added to allow customers to balance the need for timely expiration and the load on their network. Expiring virtual machines also include the ability to display a custom message for virtual machines about to expire and after a virtual machine has expired. Finally, a lease period can be defined to allow users to run offline for plane trips and remote work. *Virtual Tablet Sensors Workstation runs very well on the new tablet and convertible PCs. Last year VMware enabled touch screen input to be passed through to the virtual machine. Workstation 10 introduces a virtual Accelerometer, Gyroscope, Compass and Ambient Light sensor. Customers who run Workstation 10 on a Windows 8 tablet and install Windows 8 in a VM, will be able to shake, twirl, tilt, and spin their tablet and sensor aware applications running in a virtual machine will respond accordingly. *User Interface Enhancements There are many user interface improvements that we have included in the Workstation 10 release. The highlights include: *Windows 8 Unity Mode Support We are continuing to improve how the Workstation Unity user-interface works with Microsoft's "Modern UI" or the "Microsoft Design Language" (The new tile interface in Windows 8 formerly known as Metro). Microsoft Store applications are now available in the Unity menu and can be launched directly from it. *Multiple Monitor Navigation When running with 2, 3, 4 or more monitors it has been frustrating to use the full screen mode in Workstation and toggle through each combination of monitors to get to the one you want. The full screen toolbar now has an option to choose your configuration from a menu and jump to it immediately. *Power Off Suspended Virtual Machines Workstation 10 lets you simply power off a suspended Virtual Machine in order to make changes to the configuration without powering it on and then off first. Powering off a suspended virtual machine will lose any information stored in memory, but will not lose anything saved to the virtual disk. *Remote Hardware Upgrade When working with virtual machines running remotely on vSphere or on another instance of Workstation, you can now remotely upgrade the virtual hardware version. *Localized into Simplified Chinese The Workstation user interface and online help has been translated into Simplified Chinese. *New Converter This release includes the latest version of the VMware Standalone Converter. The Converter enables users to turn a physical machine into a virtual machine. This version of the Converter includes the ability to convert machines running Windows 8, Windows Server 2012, and RHEL 6 operating systems. It supports virtual and physical machines with Unified Extensible Firmware Interfaces (UEFI) and EXT4 file systems as well as GUID Partition Table (GPT) disks. *OVFTool The Open Virtual Machine Format (OVF) is a virtual machine distribution format that supports sharing virtual machines between products and organizations. The VMware OVF Tool is a command-line utility that enables a user to import and export OVF packages to and from a wide variety of VMware products. The latest release of the OVFTool is included with VMware Workstation 10 and is used to upload and download virtual machines to and from vSphere. The OVFTool is also used to import an .OVF file which may come in handy when importing virtual machines created using desktop virtualization software developed by Oracle. *VMRun Enhancements The VMRun command line utility has been enhanced with two new options getGuestIPAddress and checkToolsState to retrieve the IP address of the guest operating system and determine the state of VMware Tools in a guest. *Cloud Management Tools The VMware Workstation team has been making enhancements and working with partners to enable cloud management tools to be used with virtual machines running in VMware Workstation 10. *We would like to thank Mitchell Hashimoto at Vagrant for his development of the Vagrant VMware Provider. See VMware Vagrant Environments - Vagrant for more information. *VMware would also like to thank Christian Hammond for the development of a Chef knife plug-in for VMware Workstation. See https://github.com/chipx86/knife-wsfusion for more information. *Embedded 30-day Trial Workstation 10 can now be evaluated for 30-days by simply entering your email address the first time you run the application. This change is intended to make it much easier for our customers to learn about the latest release of VMware Workstation without their license keys being trapped by spam filters. *VMware KVM Many of our customers have asked for a way to run a virtual machine so that their users do not realize they are running in a virtual machine. VMware Workstation 10 includes a new executable (on Windows only for now) called VMware KVM. Run vmware-kvm.exe vmx-file.vmx from the command line and your virtual machine will launch in full screen with no toolbar or any other indicator that you are running a VM. You can use Ctrl-Alt to ungrab from the virtual machine and the Pause/Break key to toggle between multiple virtual machines running under VMware KVM, or between a virtual machine and the host system. The user experience should be just like that of using a KVM switch - hence the name. If you simply type vmware-kvm.exe from the command line you will get some options that can be used in this format: vmware-kvm.exe [OPTIONS] vmx-file.vmx If you run vmware-kvm.exe --preferences you will presented with an interface that allows you to configure certain behaviors such as the key used to cycle between virtual machines. This is the latest generation of an executable previously called VMware-fullscreen.exe that previously shipped with Workstation 8 with a major upgrade in display handling. *WSX 1.1 Try out the latest version of WSX which can be found on the VMware Communities page at: https://communities.vmware.com/community/vmtn/wsx. Resolved Issues The following issues are resolved in this release of VMware Workstation. *Easy Install supports RTM versions of Windows 8.1 and Windows Server 2012 R2 Easy Install now supports RTM versions of Windows 8.1 and Windows Server 2012 R2. *Workstation or Player on Windows freezes if another application is frozen. Other stuck Windows applications could cause Workstation or Player to freeze while waiting for the application to respond. *Virtual machine hangs when powering off Rarely, virtual machines will cease functioning (hang) while powering off, particularly if the guest OS was in the middle of a BSOD or kernel panic. *Improved compatibility with some AMD CPUs Updated masking to match capabilities of certain AMD PileDriver CPUs. *Virtual machines displayed incorrectly on a multi-monitor Windows host when the displays have differing pixel density (DPI.) *Boot from CD/DVD when Legacy Floppy is disabled Known Issues Known issues from prior releases of VMware Workstation 10 also might apply to VMware Workstation 10.0.1. *Workstation UI may crash when creating full clones of very large virtual machines Workstation for Windows may run out of memory creating a full clone of a virtual machine with virtual disks many terabytes in size. Workaround: Copy the virtual machine outside VMware Workstation or use VMware Workstation for Linux. *Cannot launch Workstation in Red Hat Enterprise Linux 6.4 If you cannot launch Workstation on a Red Hat Enterprise Linux 6.4 host, you may not have sudo access in gksu. Workaround: Change your gksu settings in /etc/vmware/config, using gksu.rootMethod. Set gksu.rootMethod to sudo or su. *Hot-plug operations involving SATA virtual disks do not work VMware Workstation allows you to add virtual disks connected to the SATA adapter while the virtual machine is powered on. When you do this, Workstation shows the operation was successfully completed, but disks are not visible to the operating system installed in the virtual machine. Workaround: Power off the virtual machine, connect the disk, then power the virtual machine back on. *ODBC driver creation shuts down when shared folders are enabled on a Windows 2008 guest When creating an ODBC driver for use in mapping a drive, the ODBC dialog disappears during the step when you select a Workbook and choose a folder and Workstation crashes. Workaround: Do not map any VMware shared folders as drive letters. Use the Universal Naming Convention (UNC) paths instead, for example: \\vmware-host\Shared Folders\ *VMware Tools changes cause black screen in virtual machine After VMware Tools are uninstalled or automatically upgraded for a Windows 8.0 virtual machine, the virtual machine may display as a black screen for two minutes. Workaround: Install Windows 8.0 update KB2836988 or upgrade to Windows 8.1. Do not shut down the virtual machine when it is in black screen. Source: Keys: MG48D-6Q38K-AZKX8-AV9N2-3ACHD NC2F3-DFH97-3Z2N8-9T054-92N4D 4U2MU-D2J4J-KZT79-YK0XK-9AYHE 1F68L-AF3DN-LZTF0-793X6-CC7QW HZ4W9-A32D6-KZFJ9-H98EM-ACQ5J