Skip to content

mattmillen15/VeeamThief

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 
VeeamThief.py
VeeamThief.py
 
 

Repository files navigation

VeeamThief

Rogue vSphere server for capturing Veeam Backup & Replication credentials.

Usage

sudo python3 VeeamThief.py [-p <port>]

In Veeam: Add Server → VMware vSphere → enter attacker IP:8443 → accept cert → choose creds to use from Veeam Credential Manager → capture plaintext creds on listener.

Output

▖▖         ▄▖▌ ▘  ▐▘
▌▌█▌█▌▀▌▛▛▌▐ ▛▌▌█▌▜▘
▚▘▙▖▙▖█▌▌▌▌▐ ▌▌▌▙▖▐ 

[*] Listening on port 8443

[*] Connection from 192.168.15.50

==================================================
 CREDENTIALS CAPTURED
==================================================
 Username : ecorp.locl\veeam-admin
 Password : B@ckupP@ssw0rd
==================================================

Credits

Based on research by @sadshade. Updated for Veeam v12+ which requires RetrieveInternalContent API responses.

About

Rogue vSphere server that captures credentials from Veeam Backup & Replication.

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages