Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Detect Dell iDRAC9

By kannthu

Informative
Vidoc logoVidoc Module
#tech#dell
Description

What is "Detect Dell iDRAC9?"

The "Detect Dell iDRAC9" module is designed to detect the presence of the Integrated Dell Remote Access Controller (iDRAC) on Dell EMC PowerEdge servers. The iDRAC is a secure management solution that allows IT administrators to deploy, update, and monitor servers both locally and remotely. This module focuses on identifying misconfigurations or vulnerabilities related to the iDRAC9 software.

Severity: Informative

Author: kophjager007

Impact

This module does not have a direct impact on the target system. It is used to identify potential issues or vulnerabilities related to the iDRAC9 software, which could impact the overall security and management of the Dell EMC PowerEdge servers.

How the module works?

The "Detect Dell iDRAC9" module utilizes HTTP request templates and matching conditions to identify the presence of iDRAC9 on the target system. It sends a GET request to the "/sysmgmt/2015/bmc/info" endpoint and checks for specific response conditions.

Example HTTP request:

GET /sysmgmt/2015/bmc/info

The module uses the following matching conditions:

- Status: The response status code must be 200. - Keywords: The response body must contain the words "BuildVersion" and "SystemModelName".

If all matching conditions are met, the module reports a successful detection of iDRAC9 on the target system.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/sysmgmt/2015/bmc/in...
Matching conditions
status: 200and
word: BuildVersion, SystemModelName
Passive global matcher
No matching conditions.
On match action
Report vulnerability