well, some of those are regular web pages, so the regular web login stuff should work. You can also try telnet, as that also works on some models. The later ones (at least up to the point where I stopped looking) had a java app, and I don't think it worked with the web login or the telnet login. However, yes, this is a problem that has been seen before. IIRC, I didn't have enough to warrant a full blown plugin on those that were java based, and I wasn't sure how to proceed. Those that worked with the default username and password were pretty easy to find.
IIRC, I scanned and pulled out all the webserver that matched correctly then tried them by hand. On Mon, Nov 17, 2008 at 8:40 PM, Jason Haar <[EMAIL PROTECTED]>wrote: > Hi there > > I just came across a couple of servers on our network where the > SysAdmins hadn't changed the default password. It occurred to me that > relying on humans to do the right thing all the time is a bit of an ask > - that's where Nessus kicks in! > > So how about a plugin that detects DRAC Web interfaces, and attempts to > login using the default username/password pair, and declares a Security > Hole if it finds it? BTW, I know we have DRAC4 and DRAC5 cards on our > networks, and they have different Web server apps on them - so it would > need to cover those, and I'd guess that means there's a DRAC3 and even > older - although I haven't seen such things myself. > > Thanks! > > -- > Cheers > > Jason Haar > Information Security Manager, Trimble Navigation Ltd. > Phone: +64 3 9635 377 Fax: +64 3 9635 417 > PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus > -- Doug Nordwall Unix, Network, and Security Administrator You mean the vision is subject to low subscription rates?!!? - Scott Stone, on MMORPGs
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
