Not able to get vmware scan working

ala76nl · August 30, 2023, 9:11am

Hi,

I hope anyone with experience with VMware scanning with OpenVAS is willing to point me in the right direction.

I have added an ESXi host and added the root@host credential in the target.

I use full and fast scan and all IANA tcp and udp port list.

I see it detects vmware auth daemon on port 902/TCP

Summary

The remote host appears to be running VMware ESX or GSX Server. Description : According to its banner, the remote host appears to be running a VMWare server authentication daemon, which likely indicates the remote host is running VMware ESX or GSX Server.

Detection Result

A VMware Authentication Daemon in Version: 1.10 is running on this port

Detection Method

Details:	[VMware ESX/GSX Server detection OID: 1.3.6.1.4.1.25623.1.0.20301]
Version used:	2023-08-01T13:29:10Z

However it is not running any VMware related NVT’s.

Anyone an idea?

ala76nl · August 30, 2023, 12:52pm

I have similar to https://www.teimouri.net/virtual-environments-vulnerability-assessment-by-gsm-openvas-part-2/ but it does not logon with my esxi creds. I can manually log on with them using web or ssh.

ala76nl · August 30, 2023, 1:04pm

Could it be that my scanner is outdated and therefor functionality is not working as expected? I use ```
22.4.0

ala76nl · August 30, 2023, 7:40pm

Anyone an idea?

ala76nl · September 1, 2023, 8:26am

Never mind it seems that OpenVAS CE can not scan VMware anymore. I use Tenable Essentials for that now.

cfi · September 4, 2023, 1:32pm

To clarify:

ESXi / vSphere and similar enterprise-grade VMware products are only part of the Greenbone Enterprise Feed
The authentication is done via the HTTP web interface (usually port 443) and not via the VMware Authentication Daemon
More documentation on authenticated ESXi scanning is available via 10 Scanning a System — Greenbone Enterprise Appliance 22.04.14 documentation