Blog


How to re-enable flash to access legacy Cisco Integrated Management Controller (CIMC)

As we all know, Adobe disabled Flash in early 2021, this creates a big problem for certain admin platforms, such as the Cisco C220/C240 M3 servers, which only offer a flash based administrative interface. There are currently 2 workarounds to get KVM access.

Workaround 1

This workaround involves simply going directly to the KVM “.jnlp” java file without accessing the regular user interface. This is good enough if you just want to access the KVM and not the other diagnostic information on the web interface.

To download the .jnlp file go the the following URL in a browser:

https://(CIMC IP ADDRESS)/kvm.jnlp?cimcAddr=(CIMC IP ADDRESS)&tkn1=(CIMC Username)&tkn2=(CIMC Password)

If you typed everything correctly the jnlp file should download. If you have Java installed you can launch the file and it should bring you directly to the KVM.

Workaround 2

This workaround involves breaking the timebomb that Adobe installed on the latest versions of flash player, and using flash in a special browser called K-Meleon. K-meleon is a lightweight browser based on Firefox.

You can download K-Meleon here: http://kmeleonbrowser.org/

We will also need a hex editor, so we can manually edit a dll file to remove the timebomb. For this we will use HxD Hex Editor, you can download it here: https://mh-nexus.de/en/hxd/

Lastly, of course you will need the lastest version of Flash player installer, this can be a bit tricky to find. I recommend using the most recent version, which is 32.0.0.465. Be very careful when searching the internet for flash player downloads, it’s a classic way to get malware on your computer. The md5 hash of version 32.0.0.465 is 51a0107eef0903d22534f72c41b70239 which I strongly suggest you verify. I was able to find a safe copy at the following url: http://finalbuilds.com/flashplayer.htm

Once you have flash & HxD installed and K-meleon ready to go it’s time to break the flash timebomb. Launch HxD and open up C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll

Do a HEX search for: 00 00 40 46 3E 6F 77 42

Replace it with: 00 00 00 00 00 00 F8 7F

The last part to disable the timebomb is to stop the EOL uninstall warning, open up C:\Windows\SysWOW64\Macromed\Flash\mms.cfg in notepad.

Add the following to a new line at the end of the file: AutoUpdateDisable=1

Once these 2 steps are complete Flash player should work once again. At this point you should be able to launch K-Meleon and use CIMC like normal

Leave a Reply

Your email address will not be published. Required fields are marked *