VMInjector - Tool For Bypassing Windows/Ubuntu/MacOSX Login Authentication Screen

VMInjector

VMInjector is an amazing tool that can bypass OS login authentication screens of major operating systems (Windows, Ubuntu, and Mac OSX) running on VMware Workstation/Player, by using direct memory manipulation. It supports both x86 and x64 bit architectures.

How It Works

VMInjector basically allows an attacker to manipulate the memory of VMware guests in order to bypass the operation system authentication screen. It injects a DLL library into the VMWare process to gain access to the mapped resources. The DLL library works by parsing memory space owned by the VMware process and locating the memory-mapped RAM file, which corresponds to the guest's RAM image. By manipulating the allocated RAM file and patching the function in charge of the authentication, an attacker gains unauthorized access to the underlying virtual host.

Note: The in-memory patching is non-persistent, and rebooting the guest virtual machine will restore the normal password functionality. 

Requirements:
  • Windows machine (with administrative access)
  • VMware workstation or player edition
  • A locked guest VM

How To Use VMInjector

In order to run this tool, execute the VMInjector (32 or 64) executable provided from the command line.

VMInjector Running on the system

Since VMWare runs each guest in a different process, VMInjector needs to be pointed to the process running the guest which requires bypass. Once the user chooses a process, it will inject the DLL into the chosen target. Once the DLL is injected, the user will need to specify the OS, so that the memory patching can be accomplished.

VMInjector Choose the operating system



Comments