At my previous gig, I wrote a script that I could point at a SuperMicro IPMI and it would scrape out the ADMIN password (available by unauthenticated HTTP to a magic port), log in via the shitty CLI, get a serial console, login, and then return me a root shell. It worked really well and all I needed to give it was my local user password! It was dead handy for pre-provisioning servers.
ITT: IPMI still fucked.
At my previous gig, I wrote a script that I could point at a SuperMicro IPMI and it would scrape out the ADMIN password (available by unauthenticated HTTP to a magic port), log in via the shitty CLI, get a serial console, login, and then return me a root shell. It worked really well and all I needed to give it was my local user password! It was dead handy for pre-provisioning servers.
That’s kind of the problem..part of the reason these things are so dangerous is because they’re just so damned useful and good at what they do.