Bugs in your server

A2 | Wed 23 Jan | 4:45 p.m.–5:30 p.m.


Presented by

  • Joel Stanley
    @shenki
    https://jms.id.au

    Joel is a firmware and kernel hacker at IBM OzLabs. Based in Adelaide, he works on ensuring our low level bits and bytes are all upstream and up to date.

Abstract

´┐╝Service processor privilege isolation and getting caught with your pants down Modern servers contain a service processor - a Baseboard Management Controller (BMC) System On a Chip running a software stack that enables out-of-band monitoring and management of the server. Management and monitoring are necessary in cloud and dedicated server environments where machines are leased out, and a fundamental property of such a system is the separation of the management and workload security domains. BMC hardware designs and firmware have traditionally been hiding in the shadows, though recent research has begun to shine a light into the ecosystem. The bulk of the research has relied on exploiting software flaws in existing BMC firmware implementations. By contrast, this talk will demonstrate methods of gaining complete persistent control of the BMC using a variety of useful hardware features.