Friday, March 27, 2015

IPMI and BMC Exploitation

A quick brain dump of resources/vulns/techniques for pwning IPMI devices:

Awesome work in this area by Rapid7, Dan Farmer, etc.

Educate yo-self



Exploits (MSF)

Other resources

 I will update with more coherence when I get more time....

Thursday, January 8, 2015

Password Hash Identifier

So I recently saw KoreLogic post a link to a password hash dump on pastebin located here:

It was not a typical hash dump as it was not cracked or uncracked hashes, but hash types followed by examples. When faced with a funky password hash, I typically call upon john the ripper to do identification for me, however I have been in multiple scenarios where it is either unclear or john cannot identify the hash(es) I have. This pastebin dump was the kick in the pants I needed to write a tool of my own that attempts to identify the hash type of a given hash.

If an exact match cannot be found, the script will give you "possible" matches. I have incorporated the hash types mentioned above as well as the list from the hashcat site here:

To use it you will need to download the python script and the associated hash list.

Once you have them, usage is simple:

python '[hash]'

An example can be seen below.