If you’ve a HP server in your company, most probably you will have to check if the iLO version installed is an old version which might be vulnerable to the CVE-2017-12542 exploit. iLO 4 versions below 2.53 are all vulnerable
How to check if your server is vulnerable to this vulnerability,
Manually:
Python3 iloCheck.py –t IP — This will check the server if vulnerable where IP is the IP you want to check
Python3 iloCheck.py –e IP -u AdminUser –p Pass —- This will create a new admin user so you can logon to iLO and control the server, where AdminUser and Pass are the new usernames and passwords you want to create.
Batch IP Scanner (Tested on Ubuntu):
NOTE : The iloCheck.py file must be in the same directory as the batch-ilo BASH file
1- You need first to add the IP addresses you want to check by adding them in batch-ilo file as shown below
2- Execute the following command : bash batch-ilo
This will generate logs file for each IP separately inside the same directory for you to check later, the logs will be compressed into a file called ilologs.zip (make sure zip is installed, if not the logs will not be saved. Use apt install zip to install it)
Download Link : iLOChecker (459 downloads)
One thought on “CVE-2017-12542 Vulnerability Checker”