SBN

ZeroNights 2018, Alexandre Gazet’s, Fabien (0xf4b) Perigaud’s & Joffrey (@_Sn0rkY) Czarny’s ‘Turning Your BMC Into A Revolving Door’

From The Video Description: “Unmonitored and unpatched BMC (remote administration hardware feature for servers) are an almost certain source of chaos. They have the potential to completely undermined the security of complex network infrastructures and data centers. Our on-going effort to analyze HPE iLO systems (4 and 5) resulted in the discovery of many vulnerabilities, the last one having the capacity to fully compromise the iLO chip from the host system itself. This talk will show how a combination of these vulnerabilities can turn an iLO BMC into a revolving door between an administration network and the production network.” – via Alexandre Gazet’s, Fabien (0xf4b) Perigaud’s & Joffrey (@_Sn0rkY) Czarny – ‘Turning Your BMC Into A Revolving Door’

H/T

*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://www.infosecurity.us/blog/2019/1/5/zeronights-2018-alexandre-gazets-fabien-0xf4b-perigauds-amp-joffrey-sn0rky-czarnys-turning-your-bmc-into-a-revolving-door