search

guardicore / vmware_vcenter_cve_2020_3952

Exploit for CVE-2020-3952 in vCenter 6.7
https://www.guardicore.com/2020/04/pwning-vmware-vcenter-cve-2020-3952/
BSD 3-Clause "New" or "Revised" License
271 stars 60 forks source link

ERROR LDAP SERVER DOWN #1

Open grglzrv opened 4 years ago

grglzrv commented 4 years ago

Hi I got this error msg

ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server", 'errno': 107, 'info': 'Transport endpoint is not connected'} I use python version 3.6 command - python3 vmware_vcenter_cve_2020_3952.py my_subdomain.domain_name.com youhacked test123

note! the ssl cert of my domain is expired but I put this option into python script ldap.set_option( ldap.OPT_X_TLS_ALLOW, ldap.OPT_X_TLS_NEVER ) , but again without success

i have installed these python packages below

docopt==0.6.2 gpg==1.10.0 ldap3==2.6.1 pyasn1==0.4.8 pyasn1-modules==0.2.8 pyldap==3.0.0.post1 python-ldap==3.2.0 python3-ldap==0.9.8.4 rpm==4.14.2 ssh-ldap-pubkey==1.3.2

bedenko commented 4 years ago

Can you ping vCenter server?

grglzrv commented 4 years ago

Nope, I got timeout

Request timeout for icmp_seq 0 .. 1 .. 2 etc

but I can open it via web browser without any problem

bedenko commented 4 years ago

and URL in web browser is the same as the address that is being pinged?

Cause it looks like DNS problem.

grglzrv commented 4 years ago

Yeah the same domain, I use domain name, i am testing it with public subdomain for example: esxi.example.com, also I use reverse proxy to forward the traffic to the internal VMware IP and port. is it may be the cause?

bedenko commented 4 years ago

probably. Try to execute the script from internal network (behind proxy)