Bugtraq mailing list archives
HPUX sam_exec
From: bogus () command com inter net (bogus technician)
Date: Thu, 18 Jul 1996 17:50:45 +0000
The sam_exec password is "x7vpa5jh". I sniffed the thing, and it doesn't look like the password is used at all during any of the transactions -- a .rhosts file gets installed in the sam_exec home dir, and r* methods are used. The password does exist in the clear, though, in the same place it's always been. strings through the shared library and it'll be right after the word 'None'; 9.x you'll see 'None' and then 'Yosemite' on the next line, 10.x you'll see 'None' and then 'x7vpa5jh' on the next line. (The remote access shared library is at /usr/sam/lib/ra/ra.sl, and it looks to be world readable by default.) Moo
Current thread:
- HPUX sam_exec bogus technician (Jul 18)
- <Possible follow-ups>
- Re: HPUX sam_exec Matthew G. Harrigan (Jul 18)
- Re: HPUX sam_exec Kent Hamilton (Jul 19)
- quotas? maybe you're not seeing all of it Brett L. Hawn (Jul 21)
- whoops.. addendum Brett L. Hawn (Jul 21)
- ping Brian Mitchell (Jul 21)
- ping Brian Mitchell (Jul 21)