Several organizations spending a lot of money buying IBM Blades in order to virtualizating their infrastructure reducing costs. But... Why do some organizations not protect their management consoles? Why do some organizations have not inbound tcp port 80 closed in their firewalls?

Well, we are going to take advantage of this...

First of all, we need to locate the IBM Blades Management console. For this, we are going to use Shodan. We need to search next query:

http://www.shodanhq.com/search?q=%2Fprivate%2Fmain.php




Now, we need to check one by one the default credentials.

The credentials are:
  • Username: USERID
  • Password: PASSW0RD (with 0 no O)



And... We're Welcome!!!



And what can we do with this console? We can just see the management console or we can access to the KVM of the virtual servers...



Or we can reboot the virtuals servers...



You can do whatever you can imagine that you can do with a console management... If this organization has a production environment hosted in IBM Blade, this organization is in risk...