Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Nessus: users

feature request: detecting default passwords on Dell Remote Access Consoles (DRAC)

 

 

Nessus users RSS feed   Index | Next | Previous | View Threaded


Jason.Haar at trimble

Nov 17, 2008, 8:40 PM

Post #1 of 2 (1667 views)
Permalink
feature request: detecting default passwords on Dell Remote Access Consoles (DRAC)

Hi there

I just came across a couple of servers on our network where the
SysAdmins hadn't changed the default password. It occurred to me that
relying on humans to do the right thing all the time is a bit of an ask
- that's where Nessus kicks in!

So how about a plugin that detects DRAC Web interfaces, and attempts to
login using the default username/password pair, and declares a Security
Hole if it finds it? BTW, I know we have DRAC4 and DRAC5 cards on our
networks, and they have different Web server apps on them - so it would
need to cover those, and I'd guess that means there's a DRAC3 and even
older - although I haven't seen such things myself.

Thanks!

--
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

_______________________________________________
Nessus mailing list
Nessus [at] list
http://mail.nessus.org/mailman/listinfo/nessus


raleel at gmail

Nov 18, 2008, 5:47 AM

Post #2 of 2 (1567 views)
Permalink
Re: feature request: detecting default passwords on Dell Remote Access Consoles (DRAC) [In reply to]

well, some of those are regular web pages, so the regular web login stuff
should work. You can also try telnet, as that also works on some models. The
later ones (at least up to the point where I stopped looking) had a java
app, and I don't think it worked with the web login or the telnet login.
However, yes, this is a problem that has been seen before. IIRC, I didn't
have enough to warrant a full blown plugin on those that were java based,
and I wasn't sure how to proceed. Those that worked with the default
username and password were pretty easy to find.

IIRC, I scanned and pulled out all the webserver that matched correctly then
tried them by hand.

On Mon, Nov 17, 2008 at 8:40 PM, Jason Haar <Jason.Haar [at] trimble>wrote:

> Hi there
>
> I just came across a couple of servers on our network where the
> SysAdmins hadn't changed the default password. It occurred to me that
> relying on humans to do the right thing all the time is a bit of an ask
> - that's where Nessus kicks in!
>
> So how about a plugin that detects DRAC Web interfaces, and attempts to
> login using the default username/password pair, and declares a Security
> Hole if it finds it? BTW, I know we have DRAC4 and DRAC5 cards on our
> networks, and they have different Web server apps on them - so it would
> need to cover those, and I'd guess that means there's a DRAC3 and even
> older - although I haven't seen such things myself.
>
> Thanks!
>
> --
> Cheers
>
> Jason Haar
> Information Security Manager, Trimble Navigation Ltd.
> Phone: +64 3 9635 377 Fax: +64 3 9635 417
> PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
>
> _______________________________________________
> Nessus mailing list
> Nessus [at] list
> http://mail.nessus.org/mailman/listinfo/nessus
>



--
Doug Nordwall
Unix, Network, and Security Administrator
You mean the vision is subject to low subscription rates?!!? - Scott Stone,
on MMORPGs

Nessus users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.