SuperMicro IPMI security unfeatures

Just digging into the IPMI controller of the Supermicros. It has some unexpected SSH login using a very arcane cli.

-> version
ATEN SMASH CLP Shell Version 1.00 
-> show logs1/log1

  Targets :

  Properties :

  Verbs :



  1. There have been many incidents where these modules had been hacked
  2. They were used for spamming
  3. SuperMicro isn’t generally fixing the issues (but they’re also not the maker of the BMC software. ATEN is, and also sells the stuff i.e. to Dell?)
  4. One has to change pw + disable the anonymous account via the gui and then also via ipmi
  5. A firewall & separate network is nothing you can do without.

But that’s all nothing compared to how ugly the protcol spec for the “SMASH Shell” is:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s