HP D2D / StorOnce Storage unit backdoors (opens in new tab)

(lolware.net)

11 pointsjfriedly12y ago4 comments

4 comments

Some discussion from a few days ago: https://news.ycombinator.com/item?id=6024033

HP's security bulletin: https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/pu...

HP StoreVirtual products are storage appliances that use a custom operating system, LeftHand OS, which is not accessible to the end user. Limited access is available to the user via the HP StoreVirtual Command-Line Interface (CLiQ) however root access is blocked. However any privilege-escalation attacks would probably work.

ianhawes12y ago

The SHA-1 plaintext is badg3r5

jfriedlyOP12y ago

The password can be easily found by googling the SHA1 hash.

DanBC12y ago

And if no-one had posted the password it's easy enough to use any of the online "hash crackers" to get the password.

j / k navigate · click thread line to collapse