Skip to content

Shell script for testing the IPMI cipher type zero authentication bypass vulnerability (CVE-2013-4784)

License

Notifications You must be signed in to change notification settings

alexoslabs2/ipmitest

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 

Repository files navigation

ipmitest

Shell script for testing the IPMI cipher type zero authentication bypass vulnerability (CVE-2013-4784)

The IPMI is a standardized computer system interface used by system administrators for out-of-band management of computer systems and monitoring of their operation. It is a way to manage a computer that may be powered off or otherwise unresponsive by using a network connection to the hardware rather than to an operating system or login shell.

The vulnerability allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.

Usage:

bash ipmitest.sh [target]

Example:

alexos@cypher:~$ bash ipmitest.sh 192.168.0.1


IPMITest - (0.2)

by Alexandro Silva - Alexos (alexos.org)


[*] Testing dependencies...

[*] ipmitool version 1.8.11.dell19 installed...

[*] Analyzing IPMI on 192.168.0.1...

[*] Testing for Zero Cipher (CVE-2013-4784)...

privilege level : ADMINISTRATOR

console ip : 192.168.0.1

[*] done

About

Shell script for testing the IPMI cipher type zero authentication bypass vulnerability (CVE-2013-4784)

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%