>From: System Admin <root@sentinet.demon.co.uk> >Message-Id: <199505102016.AA03896@sentinet.demon.co.uk> >To: bugtraq@fc.net >Subject: password backdoors >Date: Wed, 10 May 95 21:15:59 +0100 > >Dear all, > >On the subject of back doors. I have an old Apollo box >running Domain 10.4.1 >and lost the password for root, the only account. I could >not get back in and in the end had to re-install as I could >not break in. A short time later I told this story to the >HP service engineer who said that I should have given him a ring >as they have a way to get in ! He would not tell me anything >about how this would be done. > >Can anyone enlighten me further into how this would be >done and if such back doors exist in other operating >systems. > >Thanks. > >Lyndon I know that on older Apollos (but I thought that this was only with those running Domain/OS or Aegis SR9 and before) that you could disconnect them from the ring network and if they didn't have contact with the ring registry and weren't running one of the ring registries (a local registry -- sort of a cache -- was okay) that you could usually login as user.none. You could also shutdown the node from the login prompt by typing in shutdown. You could also get into the PROM monitor and boot programs that allowed you to do some mid level disk doctoring of files, etc so you could probably move a few system files around. These may be the back door (standalone programs meant for diagnostic purposes which could be used to initialize the regy or password files back to the initial installation state ). - Morrow