Testing Many Suspected Root Passwords on Many vCenter Appliances
One of my customers ran into a situation where they had lost track of the root passwords for their vCenter and Platform Services Controller appliances. As they logged into devices with expired passwords, they changed them, but they had lost track of which devices had had their passwords changed and which password each device was using. Since there was a decent sized list of potential passwords and quite a few devices, I decided that we'd all be better served by writing a script to test them for us, rather than trying them all by hand. Aside from the boredom that would come from running the tests by hand, I was concerned about human error introducing false negatives to our results. Well, such a script is pretty trivial - I can just make an array of server names and an array of potential passwords, then nest a foreach inside of another foreach to try each password against each server. And that's true, but then I got to thinking about security. I really didn...