YoVDO

Subverting Your Server Through Its BMC - The HPE iLO4 Case

Offered By: Recon Conference via YouTube

Tags

REcon Conference Courses Server Security Courses Attack Surface Analysis Courses

Course Description

Overview

Explore a deep dive security study of HP's iLO4 server management solution in this 49-minute conference talk from Recon Brussels 2018. Discover the intricacies of firmware unpacking, GreenHills OS Integrity internals, and vulnerability exploitation in HP ProLiant Gen8 and Gen9 servers. Learn about kernel object models, virtual memory, and process isolation. Examine the exposed attack surface through www and ssh protocols. Witness a demonstration of a novel exploitation technique that compromises the host server operating system via DMA. Gain insights from security researchers Alexandre Gazet, Joffrey Czarny, and Fabien Perigaud as they share their findings on subverting servers through the Baseboard Management Controller (BMC) in the HPE iLO4 case study.

Syllabus

Recon Brussels 2018 - Subverting your server through its BMC: the HPE iLO4 case


Taught by

Recon Conference

Related Courses

Harnessing Intel Processor Trace on Windows for Fuzz
Recon Conference via YouTube
Reverse Engineering Satellite Based IP Content Distribution
Recon Conference via YouTube
Reverse Engineering Windows Defender's JavaScript Engine
Recon Conference via YouTube
DIY ARM Debugger for Wi-Fi Chips
Recon Conference via YouTube
Visiting The Snake Nest
Recon Conference via YouTube