Vitek & Alcyon Regulus info (early 68k UNIX)

Josh Dersch wrote: I've had a quick play with strings and ghex2 and I think I've come up with the password file for that machine: root:QvAAlS1A:0:0:/:/bin/sh irb1::1:3:/usr/ams/r1:/bin/irbtsh irb2::2:3:/usr/ams/r2:/bin/irbtsh arp:1vrorYSd:11:3:/usr:/bin/sh ams::12:3:/usr/ams:/bin/sh bactec::13:3:/usr/bactec:/bin/sh bacrd1::3:3:/usr/bactec:/bin/sh ims::14:3:/usr/ims/bin:/bin/sh vid::15:3:/usr/msd:/bin/sh vidas1::15:3:/usr/msd/bin:/bin/sh vidas2::15:3:/usr/msd/bin:/bin/sh vidas3::15:3:/usr/msd/bin:/bin/sh vidas4::15:3:/usr/msd/bin:/bin/sh bps::20:3:/usr/bps:/bin/sh show::94:3:/demo:/demo/bin/bsh demo::95:3:/demo:/demo/bin/bsh auto::99:3:/demo:/demo/bin/bsh I'd be tempted to try logging in as 'bps' or 'demo'; that might get you a shell (though those accounts look like they might be disabled). As for the root password, that's too short to be a DES hash. I don't know of any UNIX system that stored passwords unencrypted in /etc/passwd, nor can I find any evidence of a password hashing algorithm that produced an 8-byte base64 hash. There's also some evidence of a "password recovery" mode in the disk0 image. How to get into that mode is not explained... Interestingly the two disc images carry the text "Miniscribe 8051p" and "Miniscribe 8051d" in the first few bytes. I wonder if the machine originally came with drives of that type, which were later 'dd' copied Hmm... -- Phil. classiccmp at philpem.me.uk http://www.philpem.me.uk/