Home > Virtualization > Run esxcli Command in a Web Browser: Another ESXi Hack

Run esxcli Command in a Web Browser: Another ESXi Hack

December 8th, 2013 Leave a comment Go to comments

In my recent consulting projects, I really got into a lot of scripting either command lines or Python with ESXi management. As I mentioned the hidden HTML formatter in esxcli command, you may have speculated what could the usage. The answer is simple: Web. But it’s not quite clear how it can be used. That’s where my curiosity started.

After a bit of researching, here is what I found out on how you can hack it. Like many other hacks, it’s not officially supported by VMware. Please do not call VMware for support or anything like that. The hack may also mess up your ESXi environment, so please take cautions if you decide to proceed. I would recommend you try out with a virtual ESXi or so called nested ESXi. To play even safer, take a snapshot before trying out the following hacks.

Time to learn how to "Google" and manage your VMware and clouds in a fast and secure


As you may recall the vm-support article I wrote a while back, I mentioned there are a few cgi files in the /usr/lib/vmware/hostd/cgi-bin directory as shown in the following:

~ # cd /usr/lib/vmware/hostd/cgi-bin/
/usr/lib/vmware/hostd/cgi-bin # ls
esxcfg-info.cgi  esxcli.cgi       vm-support.cgi

You can access both the esxcfg-info.cgi and vm-support.cgi from the Web with URLs as follows. You can provide many more options to the vm-support.cgi as described in my earlier article.

When calling the esxcli.cgi command directly, however, I got login prompt as normal. But after right user/password, it show an empty page. It seems the call to the esxcli.cgi got blocked silently. I was not sure if I typed wrong password so I tried multiple time including intentionally giving a wrong password.

It got me even more curious why esxcfg-info.cgi and vm-support.cgi are allowed but not the esxcli.cgi. There does not seem to be an easy answer. Searching through numerous configuration files resulted no clue. Checking the binary of hostd only got the esxcfg-info.cgi and vm-support.cgi. Interestingly, the hostd binary also has service.cgi and resource.cgi defined, but it’s not clear whether it has a white list or a blacklist. Copying esxcli.cgi to both does not make them accessible from the browser.

The only easy choice is to rename the esxcli.cgi as either esxcfg-info.cgi or the vm-support.cgi. As I think vm-support.cgi is more important than the esxcfg-info.cgi, I just rename esxcli.cgi to esxcfg-info.cgi. To reverse back later, I rename the esxcfg-info.cgi first.

/usr/lib/vmware/hostd/cgi-bin # mv esxcfg-info.cgi esxcfg-info.cgi.original
/usr/lib/vmware/hostd/cgi-bin # cp esxcli.cgi esxcfg-info.cgi
/usr/lib/vmware/hostd/cgi-bin # ls
esxcfg-info.cgi           esxcfg-info.cgi.original  esxcli.cgi                vm-support.cgi

When typing the following URL in a browser:

The page says, “Connect to localhost failed: Cannot complete login due to an incorrect user name or password.”

Here comes the second hack, open esxcfg-info.cgi and add one line with root (line 2) to the top as follows:

/sbin/esxcli.cgi "$@"

After this change, you would see a magic happens. A page would shows up as follows:

This web works just like other Web application. You can click on the link and try out all the esxcli commands. The URL pattern is like the following:

After the “=” you can type in any esxcli command with space replaced by “.”. Simple enough. Don’t get confused on the command though. You don’t need to include esxcli itself. The corresponding command for above is “esxcli esxcli command list.” Another sample may be easier:

With some commands, you may need to enter info, for example, set an advance setting as follows:

You can enter the enter the needed info and click on the “Invoke Method” button.

Again, it’s a hack that helps learn esxcli command. To clean up, you may just remove the esxcfg-info.cgi and rename the *.orginal back to esxcfg-info.cgi. I haven’t seen any problem by leaving the hack as it is except that you can no longer get the ESX configuration as it should before.

Categories: Virtualization Tags: , ,
  1. Dave Parsons
    December 11th, 2013 at 05:05 | #1


    Thanks for the hack to make this work. I had been trying to figure it out as could see the Python code for it, but no joy in getting anything back from hostd. Please let us know if you hear of a way to make this work without the hack.

  2. December 11th, 2013 at 14:54 | #2

    Thanks Dave, I think the control/filter is probably in the hostd which is a binary. William Lam pinged a few folks. Hopefully he will come back with a good tweak. I will for sure let you know of it.


  1. No trackbacks yet.