home.social

#vmdk — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #vmdk, aggregated by home.social.

  1. ----------------

    🔧 Tool: VMkatz

    VMkatz is a compact forensic/offensive utility designed to extract Windows secrets directly from virtual machine artifacts without full-disk exfiltration. It targets memory snapshots and offline virtual disks to recover credential material typically harvested by in-guest tools such as mimikatz, but operates against VM files stored on NAS, hypervisors, or virtualization hosts.

    What it extracts (concise)
    • From memory snapshots (LSASS equivalents): NT/LM hashes (MSV1_0), plaintext where available (WDigest, TsPkg, SSP, LiveSSP), Kerberos keys and tickets (AES/RC4/DES), DPAPI master key cache entries, Credman entries and CloudAP tokens when present.
    • From virtual disks (offline): SAM hashes, LSA secrets, cached domain credentials (DCC2), and native NTDS.dit extraction from ESE databases on domain controller disks.

    Supported inputs and environment
    • Common snapshot/disk formats: VMware snapshots (.vmsn + .vmem), VMware virtual disks (.vmdk sparse/flat), VirtualBox saved states (.sav). Additional parsers listed include Hyper‑V and QEMU core dump variants (some untested).
    • The project is distributed as a single static binary (~2.5 MB) intended to be run on hosts that can access VM files (NAS, ESXi, Proxmox nodes), enabling credential recovery without transferring multi‑gigabyte images offsite.

    Technical notes and scope
    • Memory parsing implements provider-specific walks (AVL trees, linked lists, hash tables) and falls back to physical-scan strategies for paged entries where applicable.
    • NTDS.dit extraction reads the ESE database natively for AD hash recovery; no reliance on external tooling is required for that functionality.
    • Several input formats remain marked as untested; results may vary by hypervisor version and snapshot composition.

    Limitations and operational considerations
    • Effectiveness depends on the snapshot content and whether the relevant credential pages are present in the captured artifacts.
    • Some providers (e.g., CloudAP, LiveSSP) may be empty or absent on many systems.

    🔹 VMkatz #ntds.dit #dpapi #vmdk #forensics

    🔗 Source: github.com/nikaiw/VMkatz

  2. J'ai envie de tester trois solutions de virtualisation...
    #VirtualBox
    #VMware #Workstation
    #KVM (#libvirt #virtmanager)
    Ressources communes...
    - 8 vCPU ;
    - 8192 Mo de RAM ;
    - Stockage virtuel de 240 Go sur disque physique #SSD #SATA ;
    Stockage des solutions...
    - VirtualBox : #vdi cache E/S hôte ;
    - VMware Workstation : #vmdk cache write ;
    - KVM : #qcow2 cache writeback ;
    CPU des solutions...
    - KVM : host-passthrough
    Tâche à effectuer...
    Build (construction) de la distribution #Emmabuntüs ...

  3. J'ai envie de tester trois solutions de virtualisation...
    #VirtualBox
    #VMware #Workstation
    #KVM (#libvirt #virtmanager)
    Ressources communes...
    - 8 vCPU ;
    - 8192 Mo de RAM ;
    - Stockage virtuel de 240 Go sur disque physique #SSD #SATA ;
    Stockage des solutions...
    - VirtualBox : #vdi cache E/S hôte ;
    - VMware Workstation : #vmdk cache write ;
    - KVM : #qcow2 cache writeback ;
    CPU des solutions...
    - KVM : host-passthrough
    Tâche à effectuer...
    Build (construction) de la distribution #Emmabuntüs ...

  4. J'ai envie de tester trois solutions de virtualisation...
    #VirtualBox
    #VMware #Workstation
    #KVM (#libvirt #virtmanager)
    Ressources communes...
    - 8 vCPU ;
    - 8192 Mo de RAM ;
    - Stockage virtuel de 240 Go sur disque physique #SSD #SATA ;
    Stockage des solutions...
    - VirtualBox : #vdi cache E/S hôte ;
    - VMware Workstation : #vmdk cache write ;
    - KVM : #qcow2 cache writeback ;
    CPU des solutions...
    - KVM : host-passthrough
    Tâche à effectuer...
    Build (construction) de la distribution #Emmabuntüs ...

  5. J'ai envie de tester trois solutions de virtualisation...
    #VirtualBox
    #VMware #Workstation
    #KVM (#libvirt #virtmanager)
    Ressources communes...
    - 8 vCPU ;
    - 8192 Mo de RAM ;
    - Stockage virtuel de 240 Go sur disque physique #SSD #SATA ;
    Stockage des solutions...
    - VirtualBox : #vdi cache E/S hôte ;
    - VMware Workstation : #vmdk cache write ;
    - KVM : #qcow2 cache writeback ;
    CPU des solutions...
    - KVM : host-passthrough
    Tâche à effectuer...
    Build (construction) de la distribution #Emmabuntüs ...

  6. VMDK Abbilder mounten

    Mit guestmount lassen sich Dateien aus VMDK Images extrahieren oder Modifikationen durchführen.

    #VMDK #mounten #Linux

    gnulinux.ch/vmdk-abbilder-moun

  7. VMDK Abbilder mounten

    Mit guestmount lassen sich Dateien aus VMDK Images extrahieren oder Modifikationen durchführen.

    #VMDK #mounten #Linux

    gnulinux.ch/vmdk-abbilder-moun

  8. VMDK Abbilder mounten

    Mit guestmount lassen sich Dateien aus VMDK Images extrahieren oder Modifikationen durchführen.

    #VMDK #mounten #Linux

    gnulinux.ch/vmdk-abbilder-moun

  9. VMDK Abbilder mounten

    Mit guestmount lassen sich Dateien aus VMDK Images extrahieren oder Modifikationen durchführen.

    #VMDK #mounten #Linux

    gnulinux.ch/vmdk-abbilder-moun

  10. VMDK Abbilder mounten

    Mit guestmount lassen sich Dateien aus VMDK Images extrahieren oder Modifikationen durchführen.

    #VMDK #mounten #Linux

    gnulinux.ch/vmdk-abbilder-moun

  11. What a game 👏👏👏 #ARGFRA Tillykke til Messi og Argentina #vmdk

  12. -manager is an easy way of accessing your machines.

    Supporting , , and LXC, virt-manager allows for one to easily create and run many virtual machines at once.

    virt-manager supports raw image, qcow, , qed, , vpc, and disk files.

    virt-manager additionally allows for great tuning of a virtual machine's virtual hardware through an easy to use GUI.

    Website 🔗: virt-manager.org/

    apt 📦: virt-manager