Anonymous have made an announcement today that they have somehow obtained a copy of a earlier version of the VMware ESX server kernel. > VMware ESX is an enterprise-level computer virtualization product offered by VMware, Inc. ESX is a component of VMware’s larger offering, VMware Infrastructure, and adds management and reliability services to the core server product. VMware is replacing the original ESX with ESXi.[3] source: wiki
The leak has been getting announced, retweeted and re-announce over and over on social media and has already made its way into some of the main media. The data has been uploaded to another well known torrent site 1337x.org and is in the format of a compressed file in tar.gz format. In the compressed file is the below contents. Release message:
Good evening, Security World. Allow me first to apologize for this interruption. I do, like many of you, appreciate the comforts of every day routine- the security of the familiar, specially ones to be used in every days products. Which VMware has succeed to ignore and continue producing on same level like it’s buddy Symantec did. Bullshitting people and selling crap. But it’s time for Anonymous finally to deliver. Ofc VMware will try to make like this Kernel is old and isn’t used in its recent products. But thanks god, there is still such as thing as reverse engineering that will prove it’s true destiny. Little sidenote about this release, it is the VMKernel from between 1998 and 2004, but as we all know, kernels don’t change that much in programs, they get extended or adapted but some core functionality still stays the same. Voilà! In view, a humble vaudevillian veteran, cast vicariously as both victim and villain by the vicissitudes of Fate. This visage, no mere veneer of vanity, is a vestige of the vox populi, now vacant, vanished. However, this valorous visitation of a by-gone vexation, stands vivified and has vowed to vanquish these venal and virulent vermin vanguarding vice and vouchsafing the violently vicious and voracious violation of volition.
The leak description also contains a message for main media that one of the anonymous hacktivist has been making false claims and for them to ignore this person. This information is coming from reputable sources and should be taken in.
P.s. While we got attention from media. Please stop spreading bullshit about @AnonymousOwn3r and its tango down / hacking actions. Because there is not such a thing, he is using simple global uptime/timeout’s or routing node issues to get his name cranked up. But its shameful someone needs to point main stream media into the right direction, as no researches are being made.
As noted in the release message the source is from sometime between 1998-2004 and most likely like other Kernels not much would of changed over this time. Leaks like this although its older kernel source can be used to find exploits, back doors or other issues which could give a hacker an advantage over the end users. leak source