preface

VMware vCenter Server is a VMware virtualization management platform widely used in enterprise private cloud networks. From the perspective of penetration testing tool development, we need to realize the interaction between vCenter Server and virtual machines through the command line.

This series of articles will compare various apis, introduce implementation details, open source code, and implement the following:

· Read the VM configuration

· View the VM file

· Delete the VM file

· Upload files to the VIRTUAL machine

· Download files from the VIRTUAL machine

· Run commands on the VM

Introduction to the

This article will introduce the following contents:

· Basic knowledge

· vSphere Automation API development details

· Open source code vsphereAutomationAPI_manage.py

1.VMware vSphere

VMware vSphere is the business name for the entire VMware suite, not a specific product or software.

The two core components of VMware vSphere are ESXi Server and vCenter Server.

2.ESXi

ESXi is hyperVsior, which allows you to create and run VMS and virtual devices.

3.vCenter Server

VCenter Server is used to manage multiple ESXi hosts and pool host resources connected to the network.

The vCenter Server can be installed on a Linux operating system by installing the vCenter Server Appliance(VCSA).

Vmware Integrated Management(VIM) can also be installed on a Windows operating system.

VSphere Automation API development details

To enable vCenter Server to interact with VMS using the command line, use the vSphere REST API in the vSphere Automation API.

VMware introduced the REST API in vSphere 6.0. Starting with vsphere7.0u2, VMware announced to deprecate the old REST API and use the new REST API.

In comparison, older REST apis (lower than Vsphere7.0u2) do not support the following operations:

· View the VM file

· Delete the VM file

· Upload files to the VIRTUAL machine

· Download files from the VIRTUAL machine

· Run commands on the VM

The new REST API can meet the requirements, so we need to determine the vCenter version before development. If it meets the requirements (no less than Vsphere7.0u2), then use the vSphere Automation API.

1. Existing open source code

The following is an example command for loading the script in Windows:

The following message is displayed when the script fails to execute:

Test Environment 2:192.168.1.2 (vCenter 7.0.2)

The following is an example command for loading the script in Windows:

The script is successfully executed.

After more testing, the vSphere Automation API in earlier versions (lower than vsphere7.0u2) cannot perform the following operations:

· View the VM file

· Delete the VM file

· Upload files to the VIRTUAL machine

· Download files from the VIRTUAL machine

· Run commands on the VM

2. Reference documents are implemented with raw packets

In terms of implementation, the user name and plaintext password need to be sent first to obtain the Session, and the Session can be used as the login credential for subsequent operations.

Specific implementation details are as follows:

(1) Determine the vCenter version

How to get a rough version:

Browser visit: https:// < server_hostname > / SDK/vimServiceVersions XML

The result is XML data and the exact version is not available.

Method of obtaining the version of the detail number:

Visit: https:// < server_hostname > / SDK /

The text is as follows:

Note:

The build attribute of the vSphere 7.0U2 pair is 17630552

(2)Create_Session

Add the Header:

DXNlcm5hbWU6cGFzc3dvcmQ indicates the Base64 encoding result of username:password.

Result format: Response code 201, in application/ JSON format.

(3)List_Guest_Processes

The request body requires DATA in JSON format as a credential for logging in to the VM.

Format example:

(4)vCenter transfers files with the VM

The official documentation is not detailed enough

Here are my conclusions from the test:

1. To send the file from the local computer to a VM, call Create_Temporary_Guest_Filesystem_Files to create a URI for the specified file

The format of the content sent is as follows;

Does not carry the size attribute.

After the file is successfully sent, the uri corresponding to the file is returned. The PUT method is used to access the URI. The data field is the content of the file to be sent.

2. Send the file from the VM to the local computer, that is, read the file from the VM. Call Create_Temporary_Guest_Filesystem_Files to create the URI for the specified file.

The format of the content sent is as follows;

Must have the size attribute.

After the file is successfully sent, the uri corresponding to the file is returned. Use the GET method to access the URI. When obtaining the file content, distinguish the text format from the binary format.

Open source code: vSphere 7.0U1+

Supports the following functions:

· Read the VM configuration

· View the VM file

· Delete the VM file

· Upload files to the VIRTUAL machine

· Download files from the VIRTUAL machine

· Run commands on the VM

Specific commands are as follows:

· ListVM

· GetVMConfig

· ListHost

· ListVMProcess

· CreateVMProcess

· KillVMProcess

· ListVMFolder

· DeleteVMFile

· DownloadFileFromVM

· UploadFileToVM

Vm operations can be performed on Windows or Linux operating systems

This paper introduces the method to realize the interaction between vCenter Server and virtual machine through vSphereAutomationAPI, and the open source implementation code vsphereautomationAPI_manage. py, and records the development details.

For the vSphere Automation API, some operations do not support earlier versions of vCenter(< vsphere7.0U2), resulting in insufficient versatility, so the next article will introduce a more general implementation method.