News Centre

Typing ‘A’ Key 29 Times Lets You Hack HPE iLO 4 Servers

Article by diogo@techpatrol.com.au
July 10, 2018

SHARE THIS POST:

Tech Patrol - Cyber Threat

No one thought it would be that easy in 2018 to hack a Howard Packard Enterprise (HPE) server but turns out it’s as simple as making a cURL request and then typing the letter “A” in capital, 29 time. That easy!

HP iLO devices are extremely popular among small and large enterprises across multiple industries. iLO cards can also be embedded into your regular computer so it’s incredibly dangerous that such a known and used technology developed by one of the biggest vendors in the world, can be hacked so easily. The vulnerability which affect these servers was originally found last year by a small group of three security researchers, who ended up detailing their findings in a research paper. According to the paper, the vulnerability can not only be executed onsite but it can also be done remotely.

This is what the hack looks like:

curl -H “Connection: AAAAAAAAAAAAAAAAAAAAAAAAAAAAA”

It doesn’t seem like much but according to the research paper findings, using this exploit someone could find cleartext user credentials, change the iLO firmware, or execute malicious code. This vulnerability detailed as CVE-2017-12542, rated 9.8 out of 10 making this extremely critical.

This exploit was originaly discovered  in early last year in which it was announced to have been patched by HPE. Admins can find the original HPE security bulletin detailing the patched vulnerability here. According to thsi bullentin, only HPE iLO 4 servers that were running fimware version 2.53 or earlier were affected.

“If they are not actively used, completely disabling the feature is a good practice,” the paper noted. “Otherwise, administrators should take great care to keep their systems up to date whenever possible. Network-level isolation should be put in place to ensure that iLO systems can only be accessed from dedicated administration VLANs.”

According to the paper you cannot just wipe and reinstal the host OS, that isn’t enough. At that point, it’s stated that, the hardware is now considered untrusted.

Big Take away for IT leaders:

  • If you are running HPE iLO please get your systems checked! if you don’t know any one that can do that please contact one of our team members for assistance.

Share your thoughts in the Comments section:

Subscribe For The Latest In Technology

Other Posts You May Like

TECH NEWS & UPDATES

Please enter your name.
Please enter a valid email address.
Something went wrong. Please check your entries and try again.

RECENT POSTS

Microsoft Azure

Introduction to Azure – A Core Cloud Service

Microsoft Responds to COVID-19

Microsoft Responds To COVID-19 By Offering E1 Licenses Free For The Next 6-Months

teams_video_calls_intelligent_workplace

Microsoft Teams vs Zoom. What is right for your business?

Microsoft Azure

Azure Firewall Manager now supports virtual networks.

White Paper

Enjoy this free eBook

Tech Patrol - Microsoft Office 365

White Paper (Why businesses Are Migrating to Cloud)

  • This field is for validation purposes and should be left unchanged.
typing-a-key-29-times-lets-you-hack-hpe-ilo-4-servers-tech-success
Scroll to Top