HP D2D / StorOnce Storage unit backdoors
lolware.netSome discussion from a few days ago: https://news.ycombinator.com/item?id=6024033
HP's security bulletin: https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/pu...
HP StoreVirtual products are storage appliances that use a custom operating system, LeftHand OS, which is not accessible to the end user. Limited access is available to the user via the HP StoreVirtual Command-Line Interface (CLiQ) however root access is blocked. However any privilege-escalation attacks would probably work.
The SHA-1 plaintext is badg3r5
The password can be easily found by googling the SHA1 hash.
And if no-one had posted the password it's easy enough to use any of the online "hash crackers" to get the password.