Re: password backdoors

[long-morrow () CS Yale EDU (H Morrow Long)]

> From: System Admin <root () sentinet demon co uk>
> Message-Id: <199505102016.AA03896 () sentinet demon co uk>
> To: bugtraq () fc net
> Subject: password backdoors
> Date: Wed, 10 May 95 21:15:59 +0100
>
> Dear all,
>
> On the subject of back doors. I have an old Apollo box
> running Domain 10.4.1
> and lost the password for root, the only account. I could
> not get back in and in the end had to re-install as I could
> not break in. A short time later I told this story to the
> HP service engineer who said that I should have given him a ring
> as they have a way to get in ! He would not tell me anything
> about how this would be done.
>
> Can anyone enlighten me further into how this would be
> done and if such back doors exist in other operating
> systems.
>
> Thanks.
>
> Lyndon

I know that on older Apollos (but I thought that this was only with those
running Domain/OS or Aegis SR9 and before) that you could disconnect them
from the ring network and if they didn't have contact with the ring
registry and weren't running one of the ring registries (a local registry
-- sort of a cache -- was okay) that you could usually login as user.none.

You could also shutdown the node from the login prompt by typing in
shutdown.

You could also get into the PROM monitor and boot programs that allowed
you to do some mid level disk doctoring of files, etc so you could probably
move a few system files around.  These may be the back door (standalone
programs meant for diagnostic purposes which could be used to initialize
the regy or password files back to the initial installation state ).

- Morrow