Just digging into the IPMI controller of the Supermicros. It has some unexpected SSH login using a very arcane cli.
-> version ATEN SMASH CLP Shell Version 1.00 -> show logs1/log1 /system1/logs1/log1 Targets : none Properties : Verbs : cd show help version exit delete
- There have been many incidents where these modules had been hacked
- They were used for spamming
- SuperMicro isn’t generally fixing the issues (but they’re also not the maker of the BMC software. ATEN is, and also sells the stuff i.e. to Dell?)
- One has to change pw + disable the anonymous account via the gui and then also via ipmi
- A firewall & separate network is nothing you can do without.
But that’s all nothing compared to how ugly the protcol spec for the “SMASH Shell” is: