module
Supermicro Onboard IPMI Static SSL Certificate Scanner
Disclosed | Created |
---|---|
Nov 6, 2013 | May 30, 2018 |
Disclosed
Nov 6, 2013
Created
May 30, 2018
Description
This module checks for a static SSL certificate shipped with Supermicro Onboard IPMI
controllers. An attacker with access to the publicly-available firmware can perform
man-in-the-middle attacks and offline decryption of communication to the controller.
This module has been on a Supermicro Onboard IPMI (X9SCL/X9SCM) with firmware
version SMT_X9_214.
controllers. An attacker with access to the publicly-available firmware can perform
man-in-the-middle attacks and offline decryption of communication to the controller.
This module has been on a Supermicro Onboard IPMI (X9SCL/X9SCM) with firmware
version SMT_X9_214.
Authors
hdm x@hdm.io
juan
juan
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.