Class: Rex::Proto::IPMI::Utils
- Inherits:
-
Object
- Object
- Rex::Proto::IPMI::Utils
- Defined in:
- lib/rex/proto/ipmi/utils.rb
Class Method Summary collapse
- .checksum(data) ⇒ Object
- .create_ipmi_getchannel_probe ⇒ Object
- .create_ipmi_rakp_1(bmc_session_id, console_random_id, username) ⇒ Object
-
.create_ipmi_session_open_cipher_zero_request(console_session_id) ⇒ Object
open rmcpplus_request with cipherzero.
-
.create_ipmi_session_open_request(console_session_id) ⇒ Object
open rmcpplus_request.
- .create_rakp_hmac_sha1_salt(con_sid, bmc_sid, con_rid, bmc_rid, bmc_gid, auth_level, username) ⇒ Object
- .verify_rakp_hmac_sha1(salt, hash, password) ⇒ Object
Class Method Details
.checksum(data) ⇒ Object
8 9 10 11 12 13 |
# File 'lib/rex/proto/ipmi/utils.rb', line 8 def self.checksum(data) sum = 0 data.unpack("C*").each {|c| sum += c } sum = ~sum + 1 sum & 0xff end |
.create_ipmi_getchannel_probe ⇒ Object
15 16 17 18 19 20 21 22 |
# File 'lib/rex/proto/ipmi/utils.rb', line 15 def self.create_ipmi_getchannel_probe [ # Get Channel Authentication Capabilities 0x06, 0x00, 0xff, 0x07, # RMCP Header 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09, 0x20, 0x18, 0xc8, 0x81, 0x00, 0x38, 0x8e, 0x04, 0xb5 ].pack("C*") end |
.create_ipmi_rakp_1(bmc_session_id, console_random_id, username) ⇒ Object
88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 |
# File 'lib/rex/proto/ipmi/utils.rb', line 88 def self.create_ipmi_rakp_1(bmc_session_id, console_random_id, username) head = [ 0x06, 0x00, 0xff, 0x07, # RMCP Header 0x06, # RMCP+ Authentication Type PAYLOAD_RAKP1, # Payload Type 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ].pack("C*") data = [0x00, 0x00, 0x00, 0x00].pack("C*") + bmc_session_id + console_random_id + [ 0x14, 0x00, 0x00, username.length ].pack("C*") + username head + [data.length].pack('v') + data end |
.create_ipmi_session_open_cipher_zero_request(console_session_id) ⇒ Object
open rmcpplus_request with cipherzero
57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
# File 'lib/rex/proto/ipmi/utils.rb', line 57 def self.create_ipmi_session_open_cipher_zero_request(console_session_id) head = [ 0x06, 0x00, 0xff, 0x07, # RMCP Header 0x06, # RMCP+ Authentication Type PAYLOAD_RMCPPLUSOPEN_REQ, # Payload Type 0x00, 0x00, 0x00, 0x00, # Session ID 0x00, 0x00, 0x00, 0x00 # Sequence Number ].pack("C*") data = [ # Maximum access 0x00, 0x00, # Reserved 0x00, 0x00 ].pack("C*") + console_session_id + [ 0x00, 0x00, 0x00, 0x08, # Cipher 0 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x08, # Cipher 0 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x08, # No Encryption 0x00, 0x00, 0x00, 0x00 ].pack("C*") head + [data.length].pack('v') + data end |
.create_ipmi_session_open_request(console_session_id) ⇒ Object
open rmcpplus_request
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/rex/proto/ipmi/utils.rb', line 25 def self.create_ipmi_session_open_request(console_session_id) head = [ 0x06, 0x00, 0xff, 0x07, # RMCP Header 0x06, # RMCP+ Authentication Type PAYLOAD_RMCPPLUSOPEN_REQ, # Payload Type 0x00, 0x00, 0x00, 0x00, # Session ID 0x00, 0x00, 0x00, 0x00 # Sequence Number ].pack("C*") data = [ # Maximum access 0x00, 0x00, # Reserved 0x00, 0x00 ].pack("C*") + console_session_id + [ 0x00, 0x00, 0x00, 0x08, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x08, # HMAC-SHA1 0x01, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x08, # AES Encryption 0x01, 0x00, 0x00, 0x00 ].pack("C*") head + [data.length].pack('v') + data end |
.create_rakp_hmac_sha1_salt(con_sid, bmc_sid, con_rid, bmc_rid, bmc_gid, auth_level, username) ⇒ Object
111 112 113 114 115 116 117 118 119 120 |
# File 'lib/rex/proto/ipmi/utils.rb', line 111 def self.create_rakp_hmac_sha1_salt(con_sid, bmc_sid, con_rid, bmc_rid, bmc_gid, auth_level, username) con_sid + bmc_sid + con_rid + bmc_rid + bmc_gid + [ auth_level ].pack("C") + [ username.length ].pack("C") + username end |
.verify_rakp_hmac_sha1(salt, hash, password) ⇒ Object
122 123 124 |
# File 'lib/rex/proto/ipmi/utils.rb', line 122 def self.verify_rakp_hmac_sha1(salt, hash, password) OpenSSL::HMAC.digest('sha1', password, salt) == hash end |