Get Device ID (moar IPMI… yawn….)

 code, dinosaurs, embedded, ipmi, python, security, tech  Comments Off on Get Device ID (moar IPMI… yawn….)
Oct 122014
Get Device ID (moar IPMI... yawn....)

I’d had this sitting around for awhile and thought I’d take another look at it; in this I simply toss out an IPMI Get Device ID command and see what happens. This is an interesting one; the GUID is a Vendor Specific ID – the specification says that it’s “a unique number per device”, and that “a Device GUID should never change over the lifetime of the device”, which makes […]

https server

 code, crypto, python, security  Comments Off on https server
Mar 112014

In conjunction with the openssl scripts… a little bit of python code to fire up an ssl server… lots of them out there, this one is mine. #!/usr/bin/env python # # fire up an HTTPS/ssl web server in the PWD (defaults to localhost:8081) # # optional – give a file name to serve up, like "$0 foofile.html" # If you use this option it’ll wait a few seconds and […]

dump supermicro stuff

 code, embedded, ipmi, python  Comments Off on dump supermicro stuff
Jan 252014

A trivial utility to dump password/account information from a special file found on a SM BMC (see this R7 post about the PSBlock file.) (Later edit – put a new version on github that fixes a bug) #!/usr/bin/env python # usage: $0 file # # (try to) Dump out passwords/accounts from a SM binary file; # usually this is in /conf or /vm on the BMC, and goes by […]

 Posted by at 2:32 pm on January 25, 2014


 audit, code, DARPA, data, fast track, ipmi, python, security, tech  Comments Off on ITAR
Feb 262013

Well, not really.  Actually I.tar.gz.  In the gzip’d tar there are 3 files; little IPMI/BMC configuration file sucker, a suggested set of security recommendations that could be checked, and an even smaller program to parse the first program’s output. Because… well, no good reason, actually, one is in python3 and the other in python2. I guess I’m testing your readiness. The programs are pretty heavily commented, especially, so […]

one packet auditing

 hack, ipmi, python, security  Comments Off on one packet auditing
Jan 262013

Not all packets are equal. If you send a single UDP packet to port 623 that contains an “Get Channel Authentication Capabilities” (see secion 22.13 of the IPMI v2 spec), you’ll get back a packet that has some interesting features. You can get this by parsing the output of “ipmitool -v -v -H -U user -P password lan print”, but more systems have python than ipmitool, so I […]