audit, code, DARPA, data, fast track, ipmi, python, security, tech  Comments Off on ITAR
Feb 262013

Well, not really.  Actually I.tar.gz.  In the gzip’d tar there are 3 files; little IPMI/BMC configuration file sucker, a suggested set of security recommendations that could be checked, and an even smaller program to parse the first program’s output. Because… well, no good reason, actually, one is in python3 and the other in python2. I guess I’m testing your readiness. The programs are pretty heavily commented, especially, so […]

Darpa, redux, redux, reduxxx

 DARPA, embedded, fast track, government, ipmi, security, tech, work  Comments Off on Darpa, redux, redux, reduxxx
Feb 122013

I’d been asked about my 2nd CFT proposal… here it is, in all it’s wordy glory: darpa-reduxxx.   Thanks as always to the DARPAnians and Mudge for the opportunity. Thanks to my IPMI paper sucking my life away I’m behind schedule, but it was always an excuse to play with and understand the tech, not make money.  Well, it’s not like I’m a monk, I like money, but there […]


 code, hack, ipmi, python, security, tech  Comments Off on avctpasswd
Nov 112012

Since I didn’t find it anywhere else… Avocent, who makes a heck of a lot of BMCs, and at times (like with Dell’s iDRAC, at least version 6) keeps encrypted passwords in (well, quite possible/probable OEM dependent) “/flash/data0/etc/avctpasswd” (don’t be fooled by the /etc/passwd file) using SHA1 hashed passwords converted into Base64. I surmise this file is used to protect the real passwords that are stored in clear text […]

lsof lite (III/III)

 code, ipmi, security, tech  Comments Off on lsof lite (III/III)
Sep 252012

Finally one that looks at a process and tells you what ports its listening to. WPCM450 /tmp]$ ps |grep ssh  1263 root       4532 S   /sbin/sshd -g 60  9730 root       9412 S   sshd: root@pts/0     10571 root       3556 R   grep ssh [WPCM450 /tmp]$ ./ 1263 PID 1263 is listening on tcp6:22 PID 1263 is listening on tcp:22 […]

lsof lite (II/III)

 code, ipmi, security, tech  Comments Off on lsof lite (II/III)
Sep 252012

Here’s one that looks up processes that have a file open… well, actually, more like a file expression; “foo” would match “/bar/foo” and “/foo/bar” (by intent), so use full paths if you’re not feeling frisky. And yes… busybox really does have that many duplicate processes with that file open…. [WPCM450 /tmp]$ ./ NVRAM_PrivateStorage00.dat /bin/fullfw      /flash/data0/BMC_Data/NVRAM_PrivateStorage00.dat /bin/fullfw      /flash/data0/BMC_Data/NVRAM_PrivateStorage00.dat /bin/fullfw      /flash/data0/BMC_Data/NVRAM_PrivateStorage00.dat /bin/fullfw      /flash/data0/BMC_Data/NVRAM_PrivateStorage00.dat […]