Well, we are going to take advantage of this...
First of all, we need to locate the IBM Blades Management console. For this, we are going to use Shodan. We need to search next query:
http://www.shodanhq.com/search?q=%2Fprivate%2Fmain.php
Now, we need to check one by one the default credentials.
The credentials are:
- Username: USERID
- Password: PASSW0RD (with 0 no O)
And... We're Welcome!!!
And what can we do with this console? We can just see the management console or we can access to the KVM of the virtual servers...
Or we can reboot the virtuals servers...
You can do whatever you can imagine that you can do with a console management... If this organization has a production environment hosted in IBM Blade, this organization is in risk...
0 comments:
Post a Comment