Bugtraq mailing list archives

BoS: Magic password of some linux-box(Hardware..) (fwd)

From: sameer () c2 net (sameer)
Date: Thu, 21 Nov 1996 12:48:45 -0800


----- Forwarded message from Eugene Bradley -----
[. . .] Complex plan elided
----- End of forwarded message from Eugene Bradley -----

        That's not nearly necessary. All they need to do is embed a
secret key. The same secret key would work fine, I think, it isn't all
that high security. Then if someone wants to break the bios pw they
enter something like 'BreakPW' - then the BIOS spits out a random
string. User calls the 800 number, tells the 800 number the challenge
string. the 800 number then encrypts the challenge string with the
secret key and then theuser enters it.

        simple and effective. Not exportable though. =)

--
Sameer Parekh                                   Voice:   510-986-8770
President                                       FAX:     510-986-8777
C2Net
http://www.c2.net/                              sameer () c2 net

Current thread:

Re: BoS: Magic password of some linux-box(Hardware..) Brian F. Knoll (Nov 20)
- Re: BoS: Magic password of some linux-box(Hardware..) Roger Moar (Nov 21)
- BoS: Magic password of some linux-box(Hardware..) (fwd) sameer (Nov 21)
- SGI Security Advisory 19961102 - FLEXlm and LicenseManager SGI Security Coordinator (Nov 21)
- SGI Security Advisory 19961103 - Sendmail Daemon Mode SGI Security Coordinator (Nov 21)
- CERT Advisory CA-96.24 - Sendmail Daemon Mode Vulnerability CERT Advisory (Nov 21)
- L0pht Kerberos Advisory sameer (Nov 22)
- <Possible follow-ups>
- Re: BoS: Magic password of some linux-box(Hardware..) Eugene Bradley (Nov 20)