Uncategorized

Subverting your server through it’s BMC: the HPE iLo4 case (presentation + toolbox)

https://github.com/airbus-seclab/airbus-seclab.github.io/blob/master/ilo/RECONBRX2018-Slides-Subverting_your_server_through_its_BMC_the_HPE_iLO4_case-perigaud-gazet-czarny.pdf

https://airbus-seclab.github.io/

https://github.com/airbus-seclab/ilo4_toolbox

Standard
Uncategorized

HPE seeks senior UEFI developer

Senior UEFI Development Engineer
Job ID 1023806

Strong knowledge in UEFI security or firmware security in general.
Strong knowledge in TPM, Secure Boot, TXT, and RSA.
Knowledge of industry standard technologies including ACPI, USB, SMBIOS, IPMI, Redfish, and PCI express.
8+ years’ experience in firmware or BIOS/UEFI development.
In-depth knowledge of UEFI architecture and development (focused on the EDK2 development environment).

https://careers.hpe.com/job/-/-/3545/7942722

Standard
Uncategorized

HP iLO ransomware?

https://www.bleepingcomputer.com/news/security/ransomware-hits-hpe-ilo-remote-management-interfaces/

Standard
Uncategorized

HP including expected PCR0 values in firmware releases

PCR0 (TPM 1.2, TXT disabled) = 3864B052A7A5E8D0D68C6B525CE7C264042FFD9C (SHA1)
PCR0 (TPM 1.2, TXT enabled) = A53040199863DE972A57CDCCBA5A1D595B8D622F (SHA1)
PCR0 (TPM 2.0 SHA256, TXT disabled) = 8F6FD3E49706E7EFDAFD56FB55FB8E02FC9766BE482C07D80D8AB2081CF5B196 (SHA256)
PCR0 (TPM 2.0 SHA256, TXT enabled) = B0D9EC8871DABC7D931A6EB0783CDFB3DAA2422F8999301CC4954D1FD2879E77 (SHA256)

https://support.hp.com/soar-attachment/567/col59842-wk-199952-1-wk-199952-1_sp82736_releasedoc.html

Standard
Uncategorized

HPE MSA firmware site created

 

Two suggestions: 1) use HTTPS not HTTP for web site. 2) Include a hash for the blobs.

Getting HPE MSA Storage firmware just got easier
HPEStorageGuy yesterday

Making things easier for customers is always a good idea. Kipp Glover from our HPE Storage Total Customer Experience & Quality team has been working to do that. Kipp wanted to make the process easy for HPE MSA Storage customers to get the latest firmware and related information like release notes and the firmware history for each of the last three generations of MSA models. Kipp and his team worked with our hpe.com people to create the website to make getting the latest MSA firmware easy. The website is hpe.com/storage/MSAFirmware. Kipp also created a short video that shows how to navigate the site so I wanted to share that with you.

https://community.hpe.com/t5/Around-the-Storage-Block/Getting-HPE-MSA-Storage-firmware-just-got-easier/ba-p/6996632

http://h41111.www4.hpe.com/storage/msafirmware.html

 

Standard
Uncategorized

iLo4_toolbox: Toolbox for HPE iLO4 analysis

Subverting your server through its BMC: the HPE iLO4 case
iLO is the server management solution embedded in almost every HP servers for more than 10 years. It provides every feature required by a system administrator to remotely manage a server without having to reach it physically. Such features include power management, remote system console, remote CD/DVD image mounting, as well as many monitoring indicators. We’ve performed a deep dive security study of HP iLO4 (known to be used on the family of servers HP ProLiant Gen8 and ProLiant Gen9 servers) and the results of this study were presented at the REcon conference held in Brussels (February 2 – 4, 2018, see [1]). iLO4 runs on a dedicated ARM processor embedded in the server, and is totally independent from the main processor. It has a dedicated flash chip to hold its firmware, a dedicated RAM chip and a dedicated network interface. On the software side, the operating system is the proprietary RTOS GreenHills Integrity [2].[…]

https://github.com/airbus-seclab/ilo4_toolbox

 

Standard