vSphere Developer Guide 2 – vSphere Web Services API

  0x00 Preface

In the previous article “vSphere Development Guide 1 – vSphere Automation API”, the method of realizing the interaction between vCenter Server and virtual machine through vSphere Automation API, but some operations of vSphere Automation API do not support the lower version of vCenter (

  0x01 Introduction

This article will cover the following:

· vSphere Web Services API development details

· Analysis of the open source tool SharpSphere

· Open source code vSphereWebServicesAPI_Manage.py

0x02 vSphere Web Services API Development Details

Reference documentation:

https://code.vmware.com/apis/968

https://code.vmware.com/docs/11721/vmware-vsphere-web-services-sdk-programming-guide

References for Python implementation code:

https://github.com/vmware/pyvmomi-community-samples

In order to improve efficiency, here we implement it based on the Python SDK pyvmomi

The specific details are as follows:

(1) Login operation

Call SmartConnect, passing in the username and clear text password.

The specific details can be viewed from the file /lib/site-packages/pyVim/connect.py after installing pyvmomi.

(2) View the virtual machine configuration

Query by creating a ContainerView managed object.

Compared to the vSphere Automation API, the content obtained is more comprehensive.

For example, vsphere-automation-sdk-python does not support getting the UUID corresponding to each virtual machine, but it can be obtained through pyvmomi.

(3) Send files to the virtual machine

To use the method InitiateFileTransferToGuest, you need to pass in the following six parameters:

vm, specifies the virtual machine to operate

auth, the credentials to log into the virtual machine

· guestFilePath, the path to save the file sent to the virtual machine

fileAttributes, file attributes sent to the virtual machine

fileSize, file size

· overwrite, specify whether to overwrite

After the execution is successful, the uri corresponding to the file is returned.

Use the PUT method to access the uri, and the data field is the content of the file to be sent. The file content here needs to be sent in binary format.

The specific implementation code is as follows:

vSphere Developer Guide 2 – vSphere Web Services API

(4) Download files from the virtual machine

Using the method InitiateFileTransferFromGuest, the following three parameters must be passed in:

vm, specifies the virtual machine to operate

auth, the credentials to log into the virtual machine

· guestFilePath, the path of the virtual machine file to be downloaded

After successful execution, return the uri corresponding to the specified file.

Using the GET method to access uri, you need to distinguish between text format and binary format when getting the file content. The text format can be read by r.text, and the binary format can be read by r.content.

The specific implementation code is as follows:

vSphere Developer Guide 2 – vSphere Web Services API

0x03 Analysis of the open source tool SharpSphere

https://github.com/JamesCooteUK/SharpSphere

Developed in c#, compatible with Cobalt Strike.

The following features are supported:

· As a C2 server

· Code execution

· File Upload

· file download

· View virtual machine configuration

· Dump memory

Among them, the implementation process of Dump memory is as follows:

Get a snapshot of the virtual machine, if not create a snapshot file (.vmem)

· Download the snapshot locally and download it by creating a file uri

Parsing snapshot files via WinDbg and Mimikatz to export credentials in the lsass process

Currently, operations on Linux virtual machines are not supported.

During actual use, if you encounter the following errors:

vSphere Developer Guide 2 – vSphere Web Services API

You can try adding the following code to solve it:

vSphere Developer Guide 2 – vSphere Web Services API

  0x04 open source code

The complete open source code has been uploaded to github at the following address:

https://github.com/3gstudent/Homework-of-Python/blob/master/vSphereWebServicesAPI_Manage.py

Code Applicable Versions: Unlimited.

The following features are supported:

· Read the configuration of the virtual machine

· View virtual machine files

· Delete virtual machine files

· Upload files to the virtual machine

· Download files from the virtual machine

· Execute commands in a virtual machine

The specific commands are as follows:

· ListVM

· GetVMConfig

· ListHost

· ListVMProcess

· CreateVMProcess

· KillVMProcess

· ListVMFolder

· DeleteVMFile

· DownloadFileFromVM

· UploadFileToVM

Among them, for the operation of the virtual machine, Windows and Linux systems are supported.

  0x05 Summary

This article introduces the method of realizing the interaction between vCenter Server and virtual machines through the vSphere Web Services API. The open source implementation code vSphereWebServicesAPI_Manage.py records the development details.

For the vSphere Web Services API, it is more versatile, but due to the SDK-based development, the compiled tools are relatively large.

The Links:   FX050605DNCWAG04 LGM320240A-W3SNM24