Bugs in your server
A2 | Wed 23 Jan | 4:45 p.m.–5:30 p.m.
￼Service processor privilege isolation and getting caught with your pants down Modern servers contain a service processor - a Baseboard Management Controller (BMC) System On a Chip running a software stack that enables out-of-band monitoring and management of the server. Management and monitoring are necessary in cloud and dedicated server environments where machines are leased out, and a fundamental property of such a system is the separation of the management and workload security domains. BMC hardware designs and firmware have traditionally been hiding in the shadows, though recent research has begun to shine a light into the ecosystem. The bulk of the research has relied on exploiting software flaws in existing BMC firmware implementations. By contrast, this talk will demonstrate methods of gaining complete persistent control of the BMC using a variety of useful hardware features.