Even more IPMI, woohoo!

 BMC, crypto, embedded, ipmi, tech, work  Comments Off on Even more IPMI, woohoo!
Jun 052014
Even more IPMI, woohoo!

I wrote a small paper surveying the scene of IPMI in the wild – Sold Down the River – the title of which might give you some clue as to make on the situation. Used to be folks used guns to rob us… computers make everything so much easier!

more IPMI than you can shake a stick at….

 code, embedded, ipmi, security  Comments Off on more IPMI than you can shake a stick at….
May 122014

I’ve long wanted a Get Channel Cipher Suite command w/o authentication, so I wrote a script to do so; those interested can get it here: https://github.com/zenfish/ipmi/blob/master/ipmi-get-ciphers.py Actually none of the various ipmi tools seem to have this option; I’ve found it useful to use when looking at systems; it emits output similar (if not identical) to ipmitool… spotting those running cipher 0 becomes very, very clear. I should have […]

From A on B to C on D

 code, hack, security, tech  Comments Off on From A on B to C on D
Apr 272014

I find iptables to be a bit of a beast… so for posterity (or my own sanity, in case I lost this, I might recover from search engine caches!) this simply forwards a port (A) of a certain protocol from one host (B) to a second port (C) on a 2nd IP (D). Linux only, unless your OS happens to support iptables… no error checking, although it will echo […]

Random bits

 crypto, dinosaurs, security, tech  Comments Off on Random bits
Apr 212014

… well, literally… or pseudo literally? To generate 128 bits of pseudo-randomness: dd if=/dev/urandom bs=16 count=1 2>/dev/null| hexdump |awk ‘{$1=""; printf("%s", $0)}’ | sed ‘s/ //g’ Block size 16 = 16 bytes… do that once (count=1); that’s 16 bytes * 8 bits/byte = 128 bits. I’ve been using this in scripts lately, like “foo=$(…)”.

https server

 code, crypto, python, security  Comments Off on https server
Mar 112014

In conjunction with the openssl scripts… a little bit of python code to fire up an ssl server… lots of them out there, this one is mine. #!/usr/bin/env python # # fire up an HTTPS/ssl web server in the PWD (defaults to localhost:8081) # # optional – give a file name to serve up, like "$0 foofile.html" # If you use this option it’ll wait a few seconds and […]