Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

More TANDBERG Fail.
From: Bacon Zombie <baconzombie () gmail com>
Date: Tue, 7 Sep 2010 13:51:41 +0100

Hey,

The news checking in episode 208 on TANDBERG using static keys mad me laugh
since I found this gem in the /etc/rc.sysinit on a C20 {
http://www.tandberg.com/video-conferencing-integrators/tandberg-quick-set-c20.jsp}.


*# Create /etc/password file
# FIXME! root should have x in the password field as well, and
# the password should be set correctly later.
echo "root::0:0:root:/root:/bin/bash" > /etc/passwd
echo "root:x:0:root" > /etc/group

echo "selectsw::0:0:selectsw user:/root:/bin/selectswsh" >> /etc/passwd
echo "nobody:x:1:1:Nobody:/:/bin/false" >> /etc/passwd
echo "nobody:x:1:nobody" >> /etc/group

# Later password generation programs might need this.
mkdir -p /etc/group.d /etc/passwd.d
cp /etc/passwd /etc/passwd.d/os
cp /etc/group /etc/group.d/os

# As we don't have a nice way of setting ownership to root when
# creating a cpio archive, and we don't control how the kernel
# unpacks the cpio archive (not that we'd want to change that
# anyway), we have this rather crude solution here:  We simply
# chown /everything/ to root first.  All other home directories,
# log file directories, whatever are mounted later, so they
# aren't affected.  We need to do this before udev kicks off,
# because otherwise we might lose group ownerships there.
chown -R root.root / 2>/dev/null*


BaconZombie

*….all text in this mail is double-rot13 encrypted. ...*
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
  • More TANDBERG Fail. Bacon Zombie (Sep 07)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault