HP iLO Password Cracking

Raxis CEO Mark Puckett shows how simple and fast it is for a hacker to crack a weak HP iLO password hash.

Categories: , ,

Posted on

By

Mark Puckett

HP iLO Password Cracking

One of my favorite parts of information security is cracking password hashes. I have a dual nVidia GPU rig that I use to run hashcat on and sometimes my research leads me to crack hashes. 

For those who don’t know, HP has a system for Integrated Lights Out, and it allows for remote management of systems. Usually these interfaces are located on a management network that is inaccessible unless you’re a systems admin.

Well, I got my hands on some hashes using the Metasploit module called IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval. There’s a few blogs that talk about how to do that, so I’ll let you refer to them on the how. What I thought was interesting though is that a lot of the systems I was working with were left to the default password – which is a random 8 digit number.  

With a dual GPU hashcat instance, that is fairly trivial.  I set a bruteforce attack using -a 3 ?d?d?d?d?d?d?d?d and the result below is what happened.

1416515636048

It took a mere 4 seconds to spin across 8 digits. If you’re a server admin, I hope you’re setting the administrator passwords on your iLO sessions to something other than digits. Also, and this goes without saying, keep your management network completely firewall off of the production network! There is no need to have the general user with any sort of access at all to these ports.  

Still, a very strong password is your last line of defense in the event a breach occurs.

Written by

Mark Puckett

Mark Puckett, the founder and CEO of Raxis, is a seasoned cybersecurity expert and entrepreneur with over 30 years of experience in the information security field. Born and raised in Georgia, Puckett established Raxis in 2011, driven by his vision to assemble an elite team of ethical hackers to challenge and assess corporate cybersecurity defenses. Under his leadership, Raxis has grown into a leading penetration testing company, serving clients across the United States and internationally while maintaining a culture of innovation and continuous learning.

Human Expertise Outsmarts AI in Pentesting

While AI tools offer speed in detecting known vulnerabilities, they fall short with 20-35% false positives and only 50-65% success on complex threats like business logic flaws, as per mainstream reports from Verizon and OWASP. Human penetration testers at Raxis deliver 85-90% detection rates, precise prioritization, and ethical adaptability, ensuring your organization stays ahead of real-world attacks.

Learn About AI Pentesting

Partner With Raxis

Partnering with Raxis empowers your business with elite penetration testing services, competitive reseller pricing, and recurring revenue opportunities, all backed by a proven track record of excellence and a commitment to staying ahead of evolving cybersecurity threats.

Learn About Raxis Partner

Expert-Led PTaaS

Continuous, expert-led PTaaS combined with advanced automation to uncover and address hidden vulnerabilities, ensuring your business stays ahead of evolving cyber threats while maintaining regulatory compliance.

Learn About PTaaS

Penetration Testing

Tailored, expert-led penetration testing services that uncovers hidden vulnerabilities using real-world hacker techniques, providing actionable insights to strengthen your defenses and protect against sophisticated cyber threats.

Learn About Pentesting

Like what you’ve learned from Raxis?

Contact us to receive an expert-led penetration test, and we’ll also show you step-by-step how to recreate our attack against your own systems.

Article Tags

Categories

, ,

Ready to See Raxis One In Action?

See how we transform traditional pen testing into interactive security intelligence that keeps you informed every step of the way. From real-time attack progression to detailed remediation guidance, Raxis One gives you unprecedented visibility into your security posture as it’s being tested.

Schedule a Demo

More From Raxis

  • PSE & Red Team Series: The Power of Grip to Enhance the Under-Door Tool

    PSE & Red Team Series: The Power of Grip to Enhance the Under-Door Tool
    By Brad Herring • August 12, 2025
    Read More
  • Microsoft Releases Security Patch for Actively Exploited On-Premises SharePoint Vulnerabilities

    Microsoft Releases Security Patch for Actively Exploited On-Premises SharePoint Vulnerabilities
    By Jason Taylor • July 22, 2025
    Read More
  • OWASP Top 10 for LLM Applications

    OWASP Top 10 for LLM Applications Penetration Testing
    By Jason Taylor • July 15, 2025
    Read More
  • Wireless Series: Using Wifite to Capture and Crack a WPA2 Pre-Shared Key

    Wireless Series: Using Wifite to Capture and Crack a WPA2 Pre-Shared Key for Penetration Testing
    By Scottie Cole • June 17, 2025
    Read More