ESXi - VM exploited with Python

by Andrea Cavallini

Exploit is the goal that an attacker has in order to compromise a system, a service or an infrastructure. Finding a vulnerability and trying to exploit it in a specific context or perimeter is one of the cyber criminal’s major activities, with various methodologies used to get a breach or a leak for a compromise. Controlling a compromised system and maintaining access to it after the breach is the dream for every attacker: GUI can be affected by buffer overflow, for example, web service can be vulnerable to remote command execution or SQL/XSS injections and, in general, an attacker can use these vectors manually, by scripting or program languages, such as Python.

Python is one of the most powerful programming languages used to build hacking frameworks. In addition to the modularity, its strength is the simplicity that allows, with the use of a large set of libraries, one to run low-level actions at the operating system level (for example, a module request is used to perform TCP calls, such as HTTP or HTTPS, like the curl command is usually done), manage file or string encryption (by module cryptography or something else) or execute particular and directed operating system commands (using module subprocess). Joining these modules together and writing custom code, it can be possible to exploit vulnerabilities evidenced, for example, in specific CVE (the Common Vulnerabilities and Exposures system used to....