ipmi

dump supermicro stuff

 code, embedded, ipmi, python  Comments Off on dump supermicro stuff
Jan 252014
 

A trivial utility to dump password/account information from a special file found on a SM BMC (see this R7 post about the PSBlock file.) (Later edit – put a new version on github that fixes a bug) #!/usr/bin/env python # usage: $0 file # # (try to) Dump out passwords/accounts from a SM binary file; # usually this is in /conf or /vm on the BMC, and goes by […]

Linda and Doris rule the ‘net

 ipmi, security, tech, Uncategorized, web  Comments Off on Linda and Doris rule the ‘net
Jul 032013
 

Some misc ramblin’ notes/data on IPMI & SSL Certificates. So I used the SSL observatory software (oddly written, but still cool) to scan for certificates on a bit over 300K systems suspected of running IPMI (which in turn were had from HD Moore of Rapid 7 – thanks HD!) and who were on the net.  In case anyone else was interested in using the SSL Observatory stuff, it’s pretty simple once […]

shotgun scanning

 art, hack, ipmi, perl, philosophy  Comments Off on shotgun scanning
Jun 242013
 
shotgun scanning

UDP scanning has always been slow. Slower than slow, slower than molasses, really fucking slow. So when I started being interested in scanning for IPMI out in the wild, which runs on UDP 623, I first fired up trusty ol’ nmap… but bless it’s heart, it’s a cautious, robust scanner that is outrun by crippled snails on UDP scanning. So I thought… well, most scans don’t really need a request-response-follow-up… […]

ITAR

 audit, code, DARPA, data, fast track, ipmi, python, security, tech  Comments Off on ITAR
Feb 262013
 

Well, not really.  Actually I.tar.gz.  In the gzip’d tar there are 3 files; little IPMI/BMC configuration file sucker, a suggested set of security recommendations that could be checked, and an even smaller program to parse the first program’s output. Because… well, no good reason, actually, one is in python3 and the other in python2. I guess I’m testing your readiness. The programs are pretty heavily commented, especially ipmifreely.py, so […]

The infamous Daryl, er, Cipher Zero

 embedded, ipmi, security  Comments Off on The infamous Daryl, er, Cipher Zero
Feb 222013
 
The infamous Daryl, er, Cipher Zero

Now, a few words on looking for things. When you go looking for something specific, your chances of finding it are very bad. Because of all the things in the world, you’re only looking for one of them. When you go looking for anything at all, your chances of finding it are very good. Because of all the things in the world, you’re sure to find some of them. […]

© 2012 trouble Suffusion theme by Sayontan Sinha