Home : Book details : Book description

Description of  VMwareTM hypervisor fingerprinting

In this book, we show how to determine hypervisor properties by running commands in the guest operating system, without any special privileges in the host machine running the hypervisor. This can be useful for penetration testing, information gathering, determining the best software configuration for virtualization-sensitive and virtualization-aware software. Finally, we present a reporting tool that unifies all the presented methods, by running them all in sequence and gathering the information in a useful report that can be run from any guest system. Some of the described methods can be used even if the VMware Tools are disabled or not installed, or if some of the methods are disabled by host configuration. Some of the methods require root privileges, while others do not need it. As we will see, host properties can be extracted from virtual hardware properties and from network services running in the host. These properties include: Virtualization Product and Version, CPU Reservation, Memory Reservation, Ballooning amount, as well as many others. The concept of Nested Virtualization is also analyzed. Finally, we present a reporting tool that unifies all the presented methods, by running them all in sequence and gathering the information in a useful report that can be run from any guest system.