I wrote a small paper surveying the scene of IPMI in the wild – Sold Down the River – the title of which might give you some clue as to make on the situation. Used to be folks used guns to rob us… computers make everything so much easier!
Jun 052014
May 122014
I’ve long wanted a Get Channel Cipher Suite command w/o authentication, so I wrote a script to do so; those interested can get it here: https://github.com/zenfish/ipmi/blob/master/ipmi-get-ciphers.py Actually none of the various ipmi tools seem to have this option; I’ve found it useful to use when looking at systems; it emits output similar (if not identical) to ipmitool… spotting those running cipher 0 becomes very, very clear. I should have […]
Apr 272014
I find iptables to be a bit of a beast… so for posterity (or my own sanity, in case I lost this, I might recover from search engine caches!) this simply forwards a port (A) of a certain protocol from one host (B) to a second port (C) on a 2nd IP (D). Linux only, unless your OS happens to support iptables… no error checking, although it will echo […]
Apr 212014
… well, literally… or pseudo literally? To generate 128 bits of pseudo-randomness: dd if=/dev/urandom bs=16 count=1 2>/dev/null| hexdump |awk ‘{$1=""; printf("%s", $0)}’ | sed ‘s/ //g’ Block size 16 = 16 bytes… do that once (count=1); that’s 16 bytes * 8 bits/byte = 128 bits. I’ve been using this in scripts lately, like “foo=$(…)”.
Mar 112014
In conjunction with the openssl scripts… a little bit of python code to fire up an ssl server… lots of them out there, this one is mine. #!/usr/bin/env python # # fire up an HTTPS/ssl web server in the PWD (defaults to localhost:8081) # # optional – give a file name to serve up, like "$0 foofile.html" # If you use this option it’ll wait a few seconds and […]