Cheap Home Server for bug bounting. HP Proliant blade BL460C Gen7 @ Home. Without Chassis. DIY.
Hi. As i said in a earlier post, my name is Leonid, and i’m security researcher and bounty hunter. Today i have a two-parted story, how to run at home this server and how to install esx 6.7 into it!
Sometimes it’s very difficult do a bounty research, and use fat programs for windows, which need much RAM and CPU at laptop or vds.
I tried to find cheap vds with 32–64gb ram…but i got failed. Toooo expensive…..
So the decision comes with a small searching in a used-servers online shop.
Server Proliant bl460c gen7 with 2 CPU and 32gb Ram cost 102,81$.
But it is a blade server: What does it mean:
Blade server needs a chassis:for example c7000 cost:20000$.
In chassis are power supply, cdroms, lan ports(lan adapter integrated in server, but port is outside)
It is not interesting:)
First Part: Starting up the server
Blade server took inside: motherboard,raid for 2 hdd, 2xXeon E5645, 32Gb Ram up to 400gb..
So for me all clear. Need power supply, and usb port for usb-lan adapter.
So i bought a server
VGA-COM-USB adapter for blade servers
And i bought a coldwatt power supply for server… but it does not matter,
any power supply will drives well!
______________________________________________________________________
Everything is simple: 12v, plus wire and minus wire connects to RED and BLACK at the back side =)
Inside the server — there are two block of switches(maintenance switches are close to rear)
For Starting server we need to switch 1 and 3 switch on switch-blocks in on position.
This dip-switches allow server start without chassis.
All other dip switchs must be in off position.
It’s undocummented feature, it isn’t in manual.(Tester on bl460c Gen7! in gen6 — other dip switch must be on)
So, we connect 12v, Connect vga-com-usb adapter, turn on the power supply, and led in center must be orange. Then push that button with orange led. Server must turn-on.
There are two block of switches(maintenance switches are closer to back side of server, we need them!)
For Starting server we need to switch 1 and 3 switch on maintenance switch-blocks in on position.
This dip-switches allow server start without chassis.
All other dip switchs must be in off position.
It’s undocummented feature, it isn’t in manual.(Tester on bl460c Gen7! in gen6 — other dip switch must be on)
So, we connect 12v, Connect vga-com-usb adapter, turn on the power supply, and led in center must be orange. Then push that button with orange led. Server must turn-on.
Connecting vga-com-usb adapter is simple:
With my funny english you can look at youtube: Watch on youtube!
Second Part is installing ESX 6.7
Prerequests:D-Link DUB-1312 or usb-lan card with chip ax88179!
Now it’s time to install ESX 6.7
VMware-VMvisor-Installer-6.7.0–8169922.x86_64.iso
I use rufus to make bootable usb stick.
I install ESX on SDCard inserted into Server.
Boot-And-Installing ESX…
Installation process is easiest part of all.
After first boot we need to make availible our usb-lan NIC.
###########
#IMPORTANT#
###########
Correct work of ESX6.7 was tested with lan-usb chip ax88179,
because ESX do not support usb-lan devices, and this is a custom driver.
##############
VERY IMPORTANT
##############
With my bl460c Gen7, i got strange situation:
D-Link DUB-1312 is USB3.0 device, and it is not seeing by server at all.
lsusb gives to me empty list.
I connect it through old usb-hub 2.0 capable, and server correctly detect NIC.
##############
::Installing drivers
Step 1 — Install the VIB by running the following ESXCLI command to install:
download https://s3.amazonaws.com/virtuallyghetto-download/vghetto-ax88179-esxi65.vib
and put to any availible place. I install ESX 6.7 into sdcard, so i put it on sdcard.
#Get shell in esx
To enable the ESXi Shell in the direct console
1. At the direct console of the ESXi host, press F2 and provide credentials when prompted.
2. Scroll to Troubleshooting Options and press Enter.
3. Choose Enable ESXi Shell and press Enter.
On the left, Enable ESXi Shell changes to Disable ESXi Shell. On the right, ESXi Shell is Disabled changes to ESXi Shell is Enabled.
4. Press Esc until you return to the main direct console screen.
#Run Shell
To use the local ESXi Shell
1. At the main direct console screen, press Alt-F1 to open a virtual console window to the host.
2. Provide credentials when prompted.
Run command in shell:
esxcli software vib install -v /tmp/vghetto-ax88179-esxi65.vib -f
(path need from root)
Step 2 — Next, you will need to disable the USB native driver to be able
to use this driver. To do so, run the following command:
esxcli system module set -m=vmkusb -e=FALSE
#Reboot
rebootvmware -vl
#Show ethernet controllers in system
esxcli network nic list
Step 3 — Enable adapter in ESX configuration
Log in to the VMware ESXi Server.
Access the System Customization dialog and select Configure Management Network.
Choose your adapter.
In my situation, after reboot mark in adapter label dissapeared, and server does not goes online.
I put into /etc/rc.local.d/local.sh (vi /etc/rc.local.d/local.sh)
next text:
###START###
#!/bin/sh
# local configuration options
# Note: modify at your own risk! If you do/use anything in this
# script that is not part of a stable API (relying on files to be in
# specific places, specific tools, specific output, etc) there is a
# possibility you will end up with a broken system after patching or
# upgrading. Changes are not supported unless under direction of
# VMware support.
# Note: This script will not be run when UEFI secure boot is enabled.
# Wait for the interfaces to come up
status=esxcli network nic get -n vusb0 | grep Link\ Status | awk ‘{print $NF}’
cnt=0;
while [ “$status” != “Up” ]; do
cnt=$((cnt+1))
if [ “$cnt” -eq 20 ]; then
break
fi
sleep 10
done
# If interface is up, use USB interfaces
if [ “$status” = “Up” ]; then
# Add uplinks to vswitches
esxcli network vswitch standard uplink add -u vusb0 -v vSwitch0
esxcli network vswitch standard uplink add -u vusb1 -v vSwitch2
# Activate uplinks in portgroups (from unused to active)
esxcli network vswitch standard portgroup policy failover set -p “Management Network” -a vusb0
esxcli network vswitch standard portgroup policy failover set -p “VM Network” -a vusb0
esxcli network vswitch standard portgroup policy failover set -p “VM Private” -a vusb1
fi
exit 0
####FIN####
##UPDATED##
With stress test i got bad situation with usb nic.
Without heavy load — it works ok, when i start scanner… Lan connection dies. at all… only help is a reconnect usb adapter.
So solution comes to me:
Main usb-lan stay for maintenance only…
And add another(any) usb-lan adapter - and add a USB Passthrough Device to a Virtual Machine. Directly. It cannot be used with other VM, but it works great. so for using 3 vm — you need 3 usb-lan adapters… +1 if you need 24/7 access to esx host.
##UPDATED##
And after it — all works good!
Thx. Have fun. Leo.
