ipmi

Darpa, redux, redux, reduxxx

 DARPA, embedded, fast track, government, ipmi, security, tech, work  Comments Off on Darpa, redux, redux, reduxxx
Feb 122013
 

I’d been asked about my 2nd CFT proposal… here it is, in all it’s wordy glory: darpa-reduxxx.   Thanks as always to the DARPAnians and Mudge for the opportunity. Thanks to my IPMI paper sucking my life away I’m behind schedule, but it was always an excuse to play with and understand the tech, not make money.  Well, it’s not like I’m a monk, I like money, but there […]

one packet auditing

 hack, ipmi, python, security  Comments Off on one packet auditing
Jan 262013
 

Not all packets are equal. If you send a single UDP packet to port 623 that contains an “Get Channel Authentication Capabilities” (see secion 22.13 of the IPMI v2 spec), you’ll get back a packet that has some interesting features. You can get this by parsing the output of “ipmitool -v -v -H 10.0.0.1 -U user -P password lan print”, but more systems have python than ipmitool, so I […]

avctpasswd

 code, hack, ipmi, python, security, tech  Comments Off on avctpasswd
Nov 112012
 

Since I didn’t find it anywhere else… Avocent, who makes a heck of a lot of BMCs, and at times (like with Dell’s iDRAC, at least version 6) keeps encrypted passwords in (well, quite possible/probable OEM dependent) “/flash/data0/etc/avctpasswd” (don’t be fooled by the /etc/passwd file) using SHA1 hashed passwords converted into Base64. I surmise this file is used to protect the real passwords that are stored in clear text […]

… passwords in shell scripts….

 code, ipmi, security  Comments Off on … passwords in shell scripts….
Nov 112012
 

Looking at a file (manuf_sign_cert.sh): # This script is run on every iDRAC at manufacturing time. # to create a certificate with a derived CN using the # service tag so it can be authenticated by a provisioning server # for zero touch deployment. # # Files used: # 1) d_h_ssl_manuf.cnf # 2) ROOTCAPK.PEM (loaded by mdiags via dynamic partition) […] ENCRYPTED_CA_PRIV_KEY=”/tmp/MFGDRV/ROOTCAPK.PEM” […] #decrypt the signing key if ! […]

 Posted by at 4:58 pm on November 11, 2012
 Older Entries  Newer Entries