Skip to content
/ veeam-creds Public

Collection of scripts to retrieve stored passwords from Veeam Backup

License

GPL-3.0 license
97 stars 28 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sadshade/veeam-creds

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
data
data
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Veeam-Get-Creds.ps1
Veeam-Get-Creds.ps1
 
 
VeeamGetCreds.yaml
VeeamGetCreds.yaml
 
 
veeampot.py
veeampot.py
 
 

Repository files navigation

Veeam Credential Recovery

This repository contains scripts for recovering passwords from the Veeam Backup and Replication credential manager.

Veeam-Get-Creds.ps1

A PowerShell script for getting and decrypting accounts directly from the Veeam's database.

Usage

  1. Run as administrator (elevated) in PowerShell on a host in a Veeam server.

VeeamGetCreds.yaml

PowerShell Empire module with adapted Veeam-Get-Creds.ps1 script.

Usage

  1. copy VeeamGetCreds.yaml to empire/server/modules/powershell/credentials/ folder
  2. Run Empire server and client
  3. Use as usual Empire module by name /powershell/credentials/VeeamGetCreds

veampot.py

Python script to emulate vSphere responses to retrieve stored credentials from Veeam.

Usage

  1. Run the script ./veeampot.py
  2. Start the VMware vSphere Server Add Wizard from the Infrastructure section
  3. Enter the address and port (default 8443) of the host on which the script is running
  4. Select an account and connect (ignore the message about the invalid certificate)
  5. The script will print the credentials sent by Veeam

Warning

The script is written for educational purposes. Use only if you have permission to disclose credentials.

About

Collection of scripts to retrieve stored passwords from Veeam Backup

Resources

Readme

License

GPL-3.0 license
Activity

Stars

97 stars

Watchers

3 watching

Forks

28 forks
Report repository

Languages