介紹
SharpSphere使红队人员能够轻松地与vCenter管理的虚拟机的客人操作系统进行交互。它使用 vSphere Web Services API,并公开了以下功能。
命令与控制--结合F-Secure的C3,SharpSphere可以使用VMware Tools向虚拟机提供C&C,而无需与目标虚拟机直接进行网络连接。
SharpSphere支持通过Cobalt Strike的execute-assembly执行。
如果你自己编译,你需要使用ILMerge来组合SharpSphere.exe和CommandLine.dll在发布文件夹中。
现有模块:
SharpSphere.exe help
list List all VMs managed by this vCenter 列出此 vCenter 管理的所有虚拟机
execute Execute given command in target VM 在目标虚拟机中执行指定的命令c2 Run C2 using C3's VMwareShareFile module 使用C3的VMwareShareFile模块运行C2
upload Upload file to target VM 上传文件到目标虚拟机
download Download file from target VM 下载 从目标虚拟机下载文件
help Display more information on a specific command help 显示特定命令的更多信息
version Display version information 版本 显示版本信息
举例VM:
SharpSphere.exe list --help
--url Required. vCenter SDK URL, i.e. https://127.0.0.1/sdk
--username Required. vCenter username, i.e. administrator@vsphere.local
--password Required. vCenter password
控制:
SharpSphere.exe c2 --help
--url Required. vCenter SDK URL, i.e. https://127.0.0.1/sdk
--username Required. vCenter username, i.e. administrator@vsphere.local
--password Required. vCenter password
--ip Required. Target VM IP address
--guestusername Required. Username used to authenticate to the guest OS
--guestpassword Required. Password used to authenticate to the guest OS
--localdir Required. Full path to the C3 directory on this machine
--guestdir Required. Full path to the C3 directory on the guest OS
--inputid Required. Input ID configured for the C3 relay running on this machine
--outputid Required. Output ID configured for the C3 relay running on this machine
文件上传:
SharpSphere.exe upload --help
--url Required. vCenter SDK URL, i.e. https://127.0.0.1/sdk
--username Required. vCenter username, i.e. administrator@vsphere.local
--password Required. vCenter password
--ip Required. Target VM IP address
--guestusername Required. Username used to authenticate to the guest OS
--guestpassword Required. Password used to authenticate to the guest OS
--source Required. Full path to local file to upload
--destination Required. Full path to location where file should be uploaded
文件下载:
SharpSphere.exe download --help
--url Required. vCenter SDK URL, i.e. https://127.0.0.1/sdk
--username Required. vCenter username, i.e. administrator@vsphere.local
--password Required. vCenter password
--ip Required. Target VM IP address
--guestusername Required. Username used to authenticate to the guest OS
--guestpassword Required. Password used to authenticate to the guest OS
--source Required. Full path in the guest to the file to upload
--destination Required. Full path to the local directory where the file should be downloaded
下版本新增:
项目地址:
https://github.com/JamesCooteUK/SharpSphere