Trouble.org

You're in trouble now

Category: hack

  • unpacking Dell’s iDRAC schtuff

    I hadn’t look at Dell’s iDRAC stuff in forever… and it appeared they’d changed some of the formatting of the iDRAC updates/etc. since then. I didn’t see anything out there, so here’s what I used. First, grab an update – for instance, at – https://www.dell.com/support/home/en-us/drivers/driversdetails?driverid=wn31m – I grabbed “iDRAC-with-Lifecycle-Controller_Firmware_WN31M_LN64_7.20.30.50_A00.BIN” On the windows EXE file at…

  • stupid docker tricks #239192

    1) Limit max processes on container; unfortunately docker seems intent on me not doing docker stupid tricks, so this is actually a bit of a pain on some systems… but if you figure out/etc/security/limits.conf, or can use prlimit (or write your own; use RLIMIT_NPROC instead of RLIMIT_NOFILE), you can do “prlimit –pid 666 –nproc=3:3” to limit the processes…

  • d3ck, d3ck, goose

    A bit over 2 years ago I started on a journey that has become a bit surreal; I had what seemed like a modest goal, simply create something that would facilitate confidential (e.g. encrypted) sharing of information in an easy way. Then snowden came along, and things started become even more… interesting, in the Chinese…

  • From A on B to C on D

    I find iptables to be a bit of a beast… so for posterity (or my own sanity, in case I lost this, I might recover from search engine caches!) this simply forwards a port (A) of a certain protocol from one host (B) to a second port (C) on a 2nd IP (D). Linux only,…

  • shotgun scanning

    UDP scanning has always been slow. Slower than slow, slower than molasses, really fucking slow. So when I started being interested in scanning for IPMI out in the wild, which runs on UDP 623, I first fired up trusty ol’ nmap… but bless it’s heart, it’s a cautious, robust scanner that is outrun by crippled…

  • one packet auditing

    Not all packets are equal. If you send a single UDP packet to port 623 that contains an “Get Channel Authentication Capabilities” (see secion 22.13 of the IPMI v2 spec), you’ll get back a packet that has some interesting features. You can get this by parsing the output of “ipmitool -v -v -H 10.0.0.1 -U…