Home page logo

bugtraq logo Bugtraq mailing list archives

Re: password backdoors
From: long-morrow () CS Yale EDU (H Morrow Long)
Date: Thu, 11 May 1995 13:36:25 -0400

From: System Admin <root () sentinet demon co uk>
Message-Id: <199505102016.AA03896 () sentinet demon co uk>
To: bugtraq () fc net
Subject: password backdoors
Date: Wed, 10 May 95 21:15:59 +0100

Dear all,

On the subject of back doors. I have an old Apollo box
running Domain 10.4.1
and lost the password for root, the only account. I could
not get back in and in the end had to re-install as I could
not break in. A short time later I told this story to the
HP service engineer who said that I should have given him a ring
as they have a way to get in ! He would not tell me anything
about how this would be done.

Can anyone enlighten me further into how this would be
done and if such back doors exist in other operating



I know that on older Apollos (but I thought that this was only with those
running Domain/OS or Aegis SR9 and before) that you could disconnect them
from the ring network and if they didn't have contact with the ring
registry and weren't running one of the ring registries (a local registry
-- sort of a cache -- was okay) that you could usually login as user.none.

You could also shutdown the node from the login prompt by typing in

You could also get into the PROM monitor and boot programs that allowed
you to do some mid level disk doctoring of files, etc so you could probably
move a few system files around.  These may be the back door (standalone
programs meant for diagnostic purposes which could be used to initialize
the regy or password files back to the initial installation state ).

- Morrow

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]