module
VMware vCenter Forge SAML Authentication Credentials
| Disclosed |
|---|
| Apr 20, 2022 |
Disclosed
Apr 20, 2022
Description
This module forges valid SAML credentials for vCenter server
using the vCenter SSO IdP certificate, IdP private key, and
VMCA certificates as input objects; you must also provide
the vCenter SSO domain name and vCenter FQDN. The module will
return a session cookie for the /ui path that grants access to
the SSO domain as a vSphere administrator. The IdP trusted
certificate chain can be retrieved using Metasploit post
exploitation modules or extracted manually from
/storage/db/vmware-vmdir/data.mdb using binwalk.
using the vCenter SSO IdP certificate, IdP private key, and
VMCA certificates as input objects; you must also provide
the vCenter SSO domain name and vCenter FQDN. The module will
return a session cookie for the /ui path that grants access to
the SSO domain as a vSphere administrator. The IdP trusted
certificate chain can be retrieved using Metasploit post
exploitation modules or extracted manually from
/storage/db/vmware-vmdir/data.mdb using binwalk.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.