Ir al contenido principal

Hidden user with default password in P2000 MSA G3 storage

I was doing an emergency night intervention on a client storage, a HP P2000 G3 MSA just to find a surprise: Nobody knew the password for the administrator user, which happens to be called ‘manage’ on that storage unit, and the default password was changed.

Being late in the night, so no options for trying to find the technician who installed this machine, I tried to find a way for restoring or resetting it. Imagine my surprise when I found this: HP P2000 users, change the admin account password.

The admin user for a P2000 G3 is called ‘manage’, but, apparently, as a heritage from an older model (the G2), they left the old admin user in, which is called ‘admin’. And it also was left with its default password, ‘!admin’.

So I log in with this ‘admin’ user (it works!), and try to list users and find it:

# show user
Username             Roles                            User Type    User Locale            WBI   CLI   FTP   SMI-S SNMP  Authentication Type Privacy Type
  Password                         Privacy Password                 Trap Host Address
---------------------------------------------------------------------------------------------------------------------------------------------------------
ftp                  manage,monitor                   Standard     English                            x
  ********                         ********
manage               manage,monitor                   Standard     English                x     x     x     x
  ********                         ********
monitor              monitor                          Standard     English                x     x
  ********                         ********
---------------------------------------------------------------------------------------------------------------------------------------------------------
Success: Command completed successfully. (2012-11-27 09:31:56)

But it’s not in! So how did I log in, then? Then again, for my surprise, the user is hidden, so if you specifically look for it, then it will show the info:

# show user admin
Username             Roles                            User Type    User Locale            WBI   CLI   FTP   SMI-S SNMP  Authentication Type Privacy Type
  Password                         Privacy Password                 Trap Host Address
---------------------------------------------------------------------------------------------------------------------------------------------------------
admin                admin,manage,monitor             Advanced     English                x     x     x
  ********                         ********
---------------------------------------------------------------------------------------------------------------------------------------------------------
Success: Command completed successfully. (2012-11-27 09:32:15)

I don’t know if newer units will have this problem (this one was bought like a year and a half ago), but if you happen to have one similar model to this, please, check your admin user.