Design And Implementation Of VMware Vulnerability Detection Model

Virtualization technology has been widely used in the enterprise, with its advantages of full use of host resources, rapid deployment and high availability. In recent years, with the continuous expansion of the scale of information technology, the scale of virtual server deployments is also expanding. Compared with the traditional enterprise IT solutions, cloud computing will migrate applications and databases to the server in a large data center, bringing a lot of security challenges. Since cloud computing was proposed, the cloud service providers have always been plagued with security issues. Therefore, focusing on cloud computing security and enhancing the security of cloud computing have become a matter of growing concern.The development of hardware technology, software technology and the popularity of network applications promote the development of virtualization software such as VMware, Xen, KVM and Hyper-V. In terms of market share, the share of VMware is larger. As a representative system of virtualization software, the vulnerabilities related to VMware are varied, including directory traversal vulnerability, weak password vulnerability and denial of service vulnerability. These vulnerabilities could result in the unauthorized disclosure of information, unauthorized modification of information and access to administrator privileges, etc. VMware has not provided source code, causing great difficulties to the vulnerability detection for VMware.This paper proposes VMware vulnerability detection model, including overall structure, business processes and architecture design, specifically, the design and implementation of VMware product directory traversal vulnerability detection model, weak password vulnerability detection model, format string vulnerability detection model and privilege escalation vulnerability. First, this article discusses the relevant background knowledge of the vulnerability, including the principles of vulnerability and vulnerability trigger conditions and gives the work process and design principle of vulnerability detection methods; In terms of VMware, this paper introduces the platform and job characteristics. Meanwhile, the paper describes the classification of virtualization technology, security threats and ways to deal with the threats of virtual environments. This paper analyzes the pros and cons of the existing vulnerability detection tools and gives the detection results of VMware vulnerability using these tools.This paper sets up the appropriate version of the server as a test environment, first, we scan open ports and services of the server, and then we construct the appropriate attack method to verify the directory traversal vulnerability. In the experiment, we focus on directory traversal vulnerability by constructing some special attacks, successfully acquire the virtual machine configuration file and restore the virtual machine locally to steal sensitive information. In addition, we also analyze and study the detection methods of VMware weak password vulnerability, format string vulnerability and privilege escalation vulnerability. The experiments achieve the desired effects, successfully reproducing the vulnerabilities related to VMware. The experiments show that these vulnerabilities related to VMware bring great security risks, require more attention and need to be repaired. Finally, we discuss preventive measures for security vulnerabilities related to VMware and the specific servers.