如何加载VMware Workstation v8.0.1的加密虚拟磁盘文件?
创建一个任意的虚拟机,然后“编辑虚拟机设置”→“选项”,可以看到一个“加密”,上面写着:“本虚拟机未加密。您可以使用密码来保护虚拟机的数据和配置。
旁边有一个“加密按钮”。如果你点击它,你将被要求输入你的密码,然后你将开始加密。他会对所有的虚拟机配置文件和整个虚拟磁盘进行重新编码和加密,而且是不可逆的高强度加密。如果你没有钥匙,你就不能恢复它。
让我们看看它的配置文件发生了什么变化。
主要文件有:
Windows XP Professional.vmdk //虚拟磁盘文件
用于存储密钥的Windows XP Professional.vmsd //文件。
Windows XP Professional.vmx //虚拟机整体配置文件。
Windows XP Professional.vmxf //某种配置文件。
加密前:
Windows XP Professional.vmdk //普通。
Windows XP Professional.vmsd //空白
Windows XP Professional.vmx //明文的配置内容。
Windows XP Professional.vmxf //明文的配置内容。
Windows XP Professional.vmx的内容如下所示:
。编码= "GBK "
config.version = "8 "
virtualHW.version = "8 "
scsi0.present = "TRUE "
memsize = "512 "
ide1:0.present = "TRUE "
ide1:0.autodetect = "TRUE "
ide 1:0 . device type = " cdrom-raw "
ide 1:1 . present = " TRUE "
ide 1:1 . filename = " E:\ b \ 1 \ Windows XP professional . vmdk "
floppy0.startConnected = "FALSE "
floppy0.fileName = " "
floppy0.autodetect = "TRUE "
usb.present = "TRUE "
ehci.present = "TRUE "
sound.present = "TRUE "
sound.fileName = "-1 "
sound.autodetect = "TRUE "
mks.enable3d = "TRUE "
serial0.present = "TRUE "
serial0.fileType = "thinprint "
pciBridge0.present = "TRUE "
pciBridge4.present = "TRUE "
PCI bridge 4 . virtual dev = " pcieRootPort "
pciBridge4.functions = "8 "
pciBridge5.present = "TRUE "
PCI bridge 5 . virtual dev = " pcieRootPort "
pciBridge5.functions = "8 "
pciBridge6.present = "TRUE "
PCI bridge 6 . virtual dev = " pcieRootPort "
pciBridge6.functions = "8 "
pciBridge7.present = "TRUE "
PCI bridge 7 . virtual dev = " pcieRootPort "
pciBridge7.functions = "8 "
vmci0.present = "TRUE "
hpet0.present = "TRUE "
USB . vbluetooth . start connected = " TRUE "
display name = " Windows XP Professional "
guestOS = "winxppro "
NVRAM = " Windows XP professional . NVRAM "
virtual HW . product compatibility = " hosted "
powerType.powerOff = "hard "
powerType.powerOn = "hard "
powerType.suspend = "hard "
powerType.reset = "hard "
extendedConfigFile = " Windows XP professional . vmxf "
可以看到第一行指定了代码,下面是虚拟机的参数。
加密后:
Windows XP Professional.vmdk //的文件数据已经完全改变。
Windows XP Professional.vmsd //有内容。
Windows XP Professional.vmx //加密的配置内容
Windows XP Professional.vmxf //未更改。
Windows XP Professional.vmsd的内容是:
。编码= "GBK "
encryption . key safe = " VMware:key/list/(pair/(null/% 3c VMware % 2d empty string % 3e,HMAC%2dSHA%2d1,tvdbb % 2 bzvghooh 8 VW 4 NP 2 l 4 jqz 6 wtl 5 swhxlavne 2 TLD v9 v % 2 b 7 seyexsitq % 2 frjfm % 2 bprhuxn 6 HLD uf 0 SV 2 M7 kk % 2 fdkj 2 JK 51 ur 97 cxw pw
encryption . data = " jzmk 85 kb 33 c+zvvcdkf 9 ctmlxd 7 huewezcy 2p 3/Fv zerl 1 trvql+GD 65 kyqsk 4 ws+NKrQ = = "
第一行指定编码格式,第二行是安全密钥(Url编码的密钥信息+Base64编码的密钥),第三行是Base64编码的加密数据。
Windows XP Professional.vmx的内容是:
。编码= "GBK "
display name = " Windows XP Professional "
encryption . key safe = " VMware:key/list/(pair/(phrase/q 8 qrfgi 6 v0m % 3d/pass 2 key % 3d pbk df 2% 2d hmac % 2d sha % 2d 1% 3a cipher % 3d AES % 2d 256% 3 arounds % 3d 1000% 3 salt % 3d oiu 7 kvvixtv % 2b 5a 0 rbmb 4 va % 253d % 253d,HMAC%2dSHA%2d1,mwIz
encryption . data = " flic v2 arjpafymdnvdapuacsdrw 0 gv 8 SVR wq+D 5d 8y 8 NV 2 ua 8+j 3 hbqlk 2 uw 42 HVS 7m 14 ijz 25 gxnx 8t 4 aigzaatojbx 0 js 71x HB 6 xxzauwuz T2 JD bb 5 ykup scidekrrmakenhtr 6 qmbeusyt 2 LTI 0 wdrnxqpad 80 ern 4+swab 5 ivsd 7y 3 oysvu 3 a 3
格式和上面类似。实际上,“encryption.data”是加密的明文配置信息。
经过两段加密的Url解码。key safe www.2cto.com公司发现:
VMware:key/list/(pair/q 8 qrfgi 6 v0 m =/pass 2 key = pbk df 2-HMAC-SHA-1:cipher = AES-256:rounds = 1000:salt = oiu 7 kvvixtv+5a 0 RBM B4 va = =,HMAC-SHA-1,mwiz 3 u 9k 2 VD V8 kw5 zgvcukmp 8 swbb+gbak 5 ibypuqxohgpsd q
VMware:key/list/(pair/(null/& lt;VMWARE-empty string & gt;、HMAC-SHA-1、TVD bb+zvghooh 8 VW 4 NP 2 l 4 jqz 6 wtl 5 swhxlavne 2 TLD v9 v+7 seyeexsitq/rJfM+prhuxn 6 hlduf 0 SV 2 M7 kk/dkj 2 jkquetk 51 ur 97 cxwpgza 1 H9 wf 6k+VDI ik/8 mpcjjtb 2 edzkyjjwxw 69 bu pw 965448
简要说明了关键信息。加密算法为HMAC-SHA-1,PBKDF2-HMAC-SHA-1,密钥长度为AES-256,加盐!
通过之前的观察,我们发现发生变化的文件有:
Windows XP Professional.vmdk //虚拟磁盘文件
用于存储密钥的Windows XP Professional.vmsd //文件。
Windows XP Professional.vmx //虚拟机整体配置文件。
这三个文件是关键,那么如果创建一个新的虚拟机,想要加载之前加密的虚拟磁盘文件,应该怎么做呢?
首先,创建一个配置与之前系统相同的新虚拟机,然后找到保存配置的目录,复制。vmsd和。vmx过去覆盖(或替换其中的关键信息),然后打开虚拟机(不是启动!),删除之前的盘,加载加密盘就可以直接使用了。