On the hardware side, the iLO chip is directly integrated on the serversmotherboard (see figure 1). Power Management Remote system console Remote CD/DVD image mounting Several monitoring indicators ILO provides remote administration features such as: ILO has similar functionality to the Lights Out Management (LOM)technology offered by other vendors such as Sun/Oracles LOM port, DellDRAC, IBM Remote Supervisor Adapter and Cisco CIMC. The physical connection is an Ethernet port that canbe found on most Proliant servers and microservers of the 300 and aboveseries. Integrated Lights-Out, or iLO, is a proprietary embedded server man-agement technology by Hewlett-Packard which provides out-of-band man-agement facilities. BMCs have been embedded inmost of HP servers for more than 10 years. For example, IPMI provides a way to manage acomputer that may be powered off or otherwise unresponsive by using anetwork connection to the hardware rather than to an operating systemor login shell.Īn IPMI sub-system consists of a main controller, called the Base-board Management Controller (BMC) and other management controllersdistributed among different system modules. IPMI defines a set of interfaces used by system administrators forout-of-band management. The Intelligent Platform Management Interface (IPMI) is a suite of com-puter interface functions for an autonomous computer subsystem thatprovides management and monitoring capabilities independently of thehost systems CPU, firmware (BIOS or UEFI) and operating system.
#Hp ilo 4 2.54 update#
Still, one question remainsopen: are the iLO systems resilient against a long term compromise atfirmware level? For this reason, we focus on the update mechanism andhow a motivated attacker can achieve long term persistence on the system. One of the main outcome of our study was the discovery of a criticalvulnerability in the web server component allowing an authenticationbypass but also a remote code execution.
#Hp ilo 4 2.54 full#
We performed an initial deep dive security study of HP iLO4 and covered the following topics:įirmware unpacking and memory layout Embedded OS internals Vulnerability discovery and exploitation Full compromise of the host server operating system through DMA iLO4 (known to be used on the family of serversHP ProLiant Gen8 and ProLiant Gen9) runs on a dedicated ARM micro-processor embedded in the server, totally independent from the mainprocessor. It provides the features requiredby a system administrator to remotely manage a server without havingto physically reach it. iLO is the server management solution embedded in almostevery HP server since more than 10 years.
Subverting your server through its BMC: the HPEiLO4 caseįabien Prigaud1, Alexandre Gazet2, and Joffrey Synacktiv2 AirbusĪbstract.
0 kommentar(er)
