Great, now I am looking at hardware firewalls on ebay for a side project to do
-
I'm in... First order of business would be to image the drive I guess
-
And this is why we keep old shit laying around
-
Moved the motherboard onboard VGA to disable, and viola
-
oh snap - we can make this a dual xeon board
-
So I set the cmos date to 2024, and then got the no-vga beep code...
After finding that the CMOS reset jumper was never installed, I got the CMOS back to default
Booted an opnsense iso .. nope
-
oh fuck, 32bit xeon.... wow
-
also, 1GB of DDR2 400
let me check my stash
-
Okay, now we are getting something
Found a stash of 2gb pc2 reg ecc
Got the date up to 2024
The old CMOS battery was cooked
-
omg, i can finally take an image
turns out, when using bad ssds that still test "okay" from a NAS... are actually bad.
who knew
-
A minor annoyance, all screws are stainless. My magnetic driver has no effect. Nice build quality I guess.
I just want to boot an OS so I can see WTF the dataplane board shows up as in LSPCI
-
I seem to be ignoring the obvious... replacing the motherboard with something not 3000 years old.
-
I got an X11 generation motherboard installed with some minor chassis modification. With the ASIC card installed, the server wont post. no beeps, no vga, no anything.
Going to stop fucking around with the hardware, and start to disassemble the disk image i took,
-
$1$hwrbwjlu$/Tr8NgIA4oKuqpC.1pnk3.:aaaaaaaaaa
-
Ryan Castellucci :nonbinary_flag:replied to kajer last edited by
@kajer why is it so fabulous?
-
Ryan Castellucci :nonbinary_flag:replied to kajer last edited by
@kajer that's a password an idiot would use on their luggage
-
kajerreplied to Ryan Castellucci :nonbinary_flag: last edited by
@ryanc
// changePassword is used by Local User Databa/Users and Administrators
// its main purpose is to replace UI 'password' field with <phash>
// It assumes that UI is responsible for sending password when appropirate
// If password is not changed from UI, <password> must NOT be sent, instead
// original <phash> (if available) must be sent back
static function changePassword(&$jsonArgs) {
if ($jsonArgs) {
if (!is_array($jsonArgs)) {
$jsonArgs = Util::objectToArray($jsonArgs);
}
}
$doc = new DOMDocument();
$doc->preserveWhiteSpace = false;
$editing = is_object($jsonArgs);
$id = $jsonArgs['id'];
// <password> is not part of schema we need to trim it out of final xml data
// to do that, load data, then trim
if (!$jsonArgs['set']) {
$doc->loadXML($jsonArgs['data']);
} else {
// new record: Add wrapper <entry> data..</entry> for loading DOMDocument
$doc->loadXML('<entry>' . $jsonArgs['data'] . '</entry>');
}$domData = $doc->documentElement;
$password = $doc->getElementsByTagName('password')->item(0);
$passChange = false;
$passwordValue = '';
// Debug::log("Raw data " . __LINE__ . ' ' . $jsonArgs['data']);if ($password) {
$foundPhash = false;
$passwordValue = $password->nodeValue;
// NOTE: this routine expecting phash is always sent for password change
$phash = $doc->getElementsByTagName('phash')->item(0);
// hash new password
$template = $jsonArgs['template'];
$tplPart = isset($template) ? "<templatename>$template</templatename>": "";
$opCmd = "<request><password-hash><password>" . Xml::escape($password->nodeValue) . "</password><username>" . Xml::escape($jsonArgs["id"]) . "</username>$tplPart</password-hash></request>";
$phashResult = Direct::noLog("Direct::runOpCommand", array($opCmd));
//<response status="success"><result><phash>$1$hwrbwjlu$/Tr8NgIA4oKuqpC.1pnk3.</phash></result></response>
if ($phashResult["@status"] !== "success") {
$exceptionMessage = "";
if (is_array($phashResult["msg"]["line"])) {
$exceptionMessage = join("\n", $phashResult["msg"]["line"]);
}
else if (is_array($phashResult["msg"])) {
$exceptionMessage = join("\n", $phashResult["msg"]);
} else {
$exceptionMessage = $phashResult["msg"]["line"];
}
$exceptionMessage = str_replace("request -> password-hash ->", "-", $exceptionMessage);
throw new Exception (Xml::escape($exceptionMessage));
}
// trim password
$domData->removeChild($password);
if ($phash) {
$phash->nodeValue = Xml::escape($phashResult['result']['phash']);
$foundPhash = true;
}
// LIBXML_NOXMLDECL does not work
//$jsonArgs->data = $doc->saveXML(null, LIBXML_NOXMLDECL);
$xml = $doc->saveXML();
// Debug::log("Line" . __LINE__ . " xml=" . $xml . ' foundHash=' . $foundPhash);
// need to set start to after XML decl <?xml version="1.0"
$xml = substr_replace($xml, '', 0, strlen('<?xml version="1.0"?>'));
// add new object
$phashXML = '<phash>' . Xml::escape($phashResult['result']['phash']) . '</phash>';
if ($jsonArgs['set']) {
// strip off <entry> and </entry> for 'set' command
$start = strpos($xml, "<entry>");
$xml = substr_replace($xml, '', $start, strlen('<entry>'));
$start = strrpos($xml, "</entry>");
$xml = substr_replace($xml, '', $start, strlen('</entry>'));
if ($foundPhash)
$jsonArgs['data'] = $xml;
else
$jsonArgs['data'] = $xml . $phashXML;
} else { //editing object
if ($foundPhash)
$jsonArgs['data'] = $xml;
else
$jsonArgs['data'] = substr_replace($xml, $phashXML, strrpos($xml, "</entry>"), 0);
}
//Debug::log("Line" . __LINE__ . " data=" . $jsonArgs['data']);
$passChange = true;
$jsonArgs['password'] = $passwordValue;
$jsonArgs['phash'] = $phashResult['result']['phash'];
}
return $passChange;
} -
I was unsuccessful in getting a different OS on the existing motherboard.
PXEboot results in continuous beeping just after trying to get the pxelinux.0 file
Booting FreeBSD11 results in a partial load of the kernel until something beeps and the boot hangs.
Booting various i386 linux is the same, something causes a short beep and the boot process hangs.
I swapped the X6 motherboard with a X11, but with the ASIC installed, the MB won't post.
-
I dug in to the OS a little bit last night after doing hardware stuff. The OS is based on RHEL but can't quite tell which version.
I am thinking I clone the HDD back to another disk, but inject a root password in to the shadow file so I can login to the underlying OS before PanOS takes over getty.
-
kajerreplied to Ryan Castellucci :nonbinary_flag: last edited by
@ryanc My guess is: It's a custom bios that supports some sort of additional PCIe expander.
Given the issue that the ASIC card won't let me POST on another newer motherboard, but that is just a guess.
