Level1... Diagnostics?
Added 2017-10-18 01:27:56 +0000 UTCLevel1 Diagnostics -- this is a work in progress, but we will probably make it live tomorrow with more and adjusted broll.
Any information security folks out there? Let us know what you think.
So what we have here is a video about the utilities from AMD installation and configuration of NVME raid. It isn't about nvme raid -- but about the general weirdness of the drivers.
Install NVMe RAID and you get two apache web server processes installed and open to the network -- one running Xampp (yes, the very same Xampp that web developers use for local development) and one running some PHP scripts that execute the raid management software.
There appear to be serious software vulnerabilities in both the xampp installation and the PHP installation that runs the raid drivers, though we don't really get into the specifics of that.
The apache process is running with system level privileges, and no <Directory /> or openbasedir= restrictions as safeties in the config.
This will be updated with more broll tomorrow, or recut if y'all find it weird, confusing, or not an interesting trip down the rabbit hole.
Comments
Ah ok so they took the config out of xampp if I understand correctly... they should know how to configure that themselves :D
2017-10-22 19:28:03 +0000 UTCAt least it's not what Corsair did with their Corsair Link utility. Up to I don't remember which version, they put their shit on port 8080. It wasn't actual "service" either, they just registered it with the internal web server (managed through `netsh` http context). You wouldn't even notice it until try to register ssh tunnel socks proxy to port 8080 out of a habit.
Max
2017-10-19 13:49:12 +0000 UTCxampp is just a set of configurations for apache, mysql, php and perl. Except in the amd driver case mysql and perl are deleted. so its apache + php + other stuff
Level1 Techs
2017-10-18 23:06:57 +0000 UTC?
Level1 Techs
2017-10-18 23:06:22 +0000 UTCSo the apache part I get what it does, but I haven't really understood what exactly the XAMPP part does. The apache part is used for the frontend, ok fine. But what does the XAMPP part do? I mean XAMPP is also database (and PHP, which is used). Did they just take the tools and config from XAMPP or what. Didn't quite get the relation between both apache and XAMPP being there...
2017-10-18 19:39:06 +0000 UTCSo this was that AMD bug you were talking about X amount of streams ago. Interesting it is, show more as they say.
2017-10-18 07:47:11 +0000 UTCThis new segment ?, show is great i like the specific subject approach. Is a format like this useable for other things like: gpu, cpu, lan problems?
2017-10-18 07:31:29 +0000 UTCNot had a chance to watch it as of yet, but the subject seems very interesting even with any weirdness included.
2017-10-18 06:56:13 +0000 UTCman a web server to run your raid array....its iffy
Marten
2017-10-18 03:53:35 +0000 UTC