HP/UX, Passwords, and Rock 'n Roll.

From: Clint Wolff <vaxman_at_oldy.crwolff.com>
Date: Mon Sep 20 13:02:17 1999

Depending on the TYPE of drive, you could attach it to another system
and patch the sectors containing /etc/passwd to hold a dummy password
file. If it is SCSI, it is easy to attach to any system, not mount
the drive (the filesystem probably isn't compatible), and read/write
it through the raw device interface.

In my younger (more than the statute of limitations :) days, I hacked
the root account be reading the entire raw device (/dev/ra0a) and
tweaking someones user account to have no password and root privledges.
The /etc/passwd file showed up in three different places, so I assume
it was shadowed, but I patched the shadows as well...

IE:

joes:ASDFADSFASDFA:1020:1001:Joe J. Schmuck:/usr/home/joes:/bin/csh

is changed to:

joes::0:0:This is to make the leng the same:/usr/home/joes:/bin/csh

Or pasted in an encrypted password you already have... Reinstall
the disk into the HP and boot it up.

clint


On Sun, 19 Sep 1999 jeff.kaneko_at_juno.com wrote:

>
> Guys:
>
> I just scored a HP 9000/340 (I think), and the hard drive
> has HP/UX loaded on it. I don't know the root password,
> of course. Anybody know of a way to break into this, or
> should I wipe it and start over?
>
>
> Jeff
> ___________________________________________________________________
> Get the Internet just the way you want it.
> Free software, free e-mail, and free Internet access for a month!
> Try Juno Web: http://dl.www.juno.com/dynoget/tagj.
>
>
Received on Mon Sep 20 1999 - 13:02:17 BST

This archive was generated by hypermail 2.3.0 : Fri Oct 10 2014 - 23:32:37 BST