The 2018 Pwnie Nominee For Best Server-Side Bug

HP iLO and Dell iDRAC multiple RCEs

Credit: Matias Soler, Fabien Perigaud, Alexandre Gazet and Joffrey Czarny

Luckily, 2018 is the year of Linux on the Desktop, assuming your desktop is a high end server of some kind. HP and Dell include “Integrated Lights Out” Management, which in theory you connect only to a seperate management VLAN which you…somehow manage. This is great because it means once you are on one machine, you can use its iLO to touch every other iLO. Or, as in most cases, the management network will be on the same network, so you can just touch them directly, and since baseband management controllers are tiny embedded Unixes running web servers written by the lowest possible bidder, vulnerabilities abound, from sending lots of A’s to race conditions.These exploits have the benefit of “Working in the wild” on “lots of people’s Active Directory controllers”.

HP iLO and Dell iDRAC multiple RCEs

https://vimeo.com/261547570