25 Oct
2008
25 Oct
'08
8:12 p.m.
Totaly different machine, but I hacked a SGI Personal Iris I bought from Compaq this way:
Piped the drive out the serial port to a PC (boot rom feature)
found the /passwd dir
took the encrypted string and rinsed it thru a program, 'john the ripper'
with a dictionary kosdict
It came back in a day of crunching on a 2 Ghz Machine with the password
it was 'annamarie' but typed as if you moved your home keys up one.
John searches for stuff like this.
The SGI had the chicago source on it.
Fun
Randy
Date: Sat, 25 Oct 2008 22:56:15 -0400
From: keithvz at verizon.net
To:
Subject: Re: AT&T UNIX PC - Need to hack user/password for access
B Degnan wrote:
_________________________________________________________________
Store, manage and share up to 5GB with Windows Live SkyDrive.
http://skydrive.live.com/welcome.aspx?provision=1?ocid=TXT_TAGLM_WL_skydriv…
Hi
One of my students was able to repair an AT&T 7300 (67MB version) UNIX
PC powersupply. Now it boots up, but we don't have the username and
password. Any suggestions?
BillDeg
I don't know which exact version of OS you'd have on that, but I will
say that many many initial versions of unix had tons of default
username/pw combinations. There are lists to be found via google.
If it's a 3B1 running AT&T System V, then I'm almost positive there were
some very popular default accts that had to be removed -- most people
didn't and resulted in many machines being vulnerable.
Also, don't know anything about the file system, but if it's a common
one, you could potentially (and carefully) install the HD into a linux
box, mount it, retrieve /etc/passwd, and crack the sucker. With today's
machines you might be able to brute-force the keyspace, or worst case,
put a pretty good dictionary attack on it.
HTH
Keith