This Metasploit module abuses a file exposure vulnerability accessible through the web interface on port 49152 of Supermicro Onboard IPMI controllers. The vulnerability allows an attacker to obtain detailed device information and download data files containing the clear-text usernames and passwords for the controller. In May of 2014, at least 30,000 unique IPs were exposed to the internet with this vulnerability.
1ca6be3bd1442f15e9c436c21eb3f55a0d2466eb4cc5defa624000e1a17d568bThis Metasploit module identifies IPMI 2.0-compatible systems and attempts to retrieve the HMAC-SHA1 password hashes of default usernames. The hashes can be stored in a file using the OUTPUT_FILE option and then cracked using hmac_sha1_crack.rb in the tools subdirectory as well hashcat (cpu) 0.46 or newer using type 7300.
8500cf1712e679811989409a7d9e020413fe28dd6b3f573d4069a4bbbf87d3d6This Metasploit module identifies IPMI 2.0-compatible systems that are vulnerable to an authentication bypass vulnerability through the use of cipher zero.
26e9ad81107fc09e95e82be07f34c04f0ca67ba5b75765817108fcc2774346dfTCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.
4c8e343453332bd1fdf0627f9b888e2a4f597e70b367f124cc7f2562558213a1TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.
40c43f9dd527192a2d17123c639020ca7431eb4a2af3dc31432c14373fcc0856TCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, Solaris, and SunOS. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.
e4438d2f382400b4536a7defbae70fd2a6c1e333051c013b1c5bebb0630a46cdTCT is a collection of tools which are geared towards gathering and analyzing forensic data UNIX system after a break-in. TCT features the grave-robber tool which captures information, the ils and mactime tools that display access patterns of files dead or alive, the unrm and lazarus tools that recover deleted files, and the keyfind tool that recovers cryptographic keys from a running process or from files. TCT is tested on Linux, BSD, and Solaris. For more information see the handouts from Dan Farmer and Wietse Venema's computer forensics analysis class.
fce955a06d118664ebcbb0d9360ef897a8c0150f57b63742153a2faa4d4d662bCops and Robbers.
caf47149c569124818a58fd9ed0e26c78ca1419aa2e179bf6d545d84ed239215
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed