Tag: bmc
-
Remotely Access Live Supermicro Firmware+
TLDR; a vendor supported/supplied utility allows download of live BMC1 firmware/configuration on (at least) some SuperMicro BMCs. It’s hard to tell who might be affected, but the utility used was written by ATEN Technology, ASRock ASPEED, and others all seem to be connected in various ways in not only SuperMicro firmware but the rest of…
-
ITAR
Well, not really. Actually I.tar.gz. In the gzip’d tar there are 3 files; little IPMI/BMC configuration file sucker, a suggested set of security recommendations that could be checked, and an even smaller program to parse the first program’s output. Because… well, no good reason, actually, one is in python3 and the other in python2. I…
-
avctpasswd
Since I didn’t find it anywhere else… Avocent, who makes a heck of a lot of BMCs, and at times (like with Dell’s iDRAC, at least version 6) keeps encrypted passwords in (well, quite possible/probable OEM dependent) “/flash/data0/etc/avctpasswd” (don’t be fooled by the /etc/passwd file) using SHA1 hashed passwords converted into Base64. I surmise this…
-
lsof lite (III/III)
Finally one that looks at a process and tells you what ports its listening to. WPCM450 /tmp]$ ps |grep ssh 1263 root 4532 S /sbin/sshd -g 60 9730 root 9412 S sshd: root@pts/0 10571 root 3556 R grep ssh [WPCM450 /tmp]$…
-
lsof lite (II/III)
Here’s one that looks up processes that have a file open… well, actually, more like a file expression; “foo” would match “/bar/foo” and “/foo/bar” (by intent), so use full paths if you’re not feeling frisky. And yes… busybox really does have that many duplicate processes with that file open…. [WPCM450 /tmp]$ ./lsof-pid-on-file.sh NVRAM_PrivateStorage00.dat /bin/fullfw …