TSX-Plus Password Hacking & Other PDP-11 Issues

From: Rick Bensene <rickb_at_bensene.com>
Date: Wed May 7 18:32:00 2003

In response to problems that I'd mention regarding getting the RL11
controller
to happily co-exist with the RX11 Ethan Dicks said:

> One thing to identify is what else shares its BR level. ISTR most DEC
cards were either BR4 or > BR5. Remember that an interrupting device
breaks the grant chain for all peripherals to the
> rear of the bus. There's a small chance that the offending device is
at the same BR level as
> the RX211 and in *front* of it. If possible, try putting the RX211 at
the front, then test. No > reason to leave it there permenently - it
should be a robust enough device to go anywhere in the
> Unibus (which is not true of some cards on the Qbus, especially when
an RQDX1 is involved, but
> that's another story).

So, I followed this advice, and greatly so, everything worked fine.
However, I later found
that the position wasn't really the issue. The problem was that the BR
selection
header on the RX211 controller really squeezez the tolerance in terms
of inter-board
spacing. What was happening is that with the RX211 behind the RL11
controller, the
BR selection header on the RX211 was apparently shorting some
connections on the back
of the RL11 controller. So, *that's* what that fully looking piece of
semi-transparent
orangish-material that I found in the base of the cabinet when cleaning
things up...apparently
it was some kind of insulator placed on top of the header to prevent
just such shorts.
Fortunately, the shorts didn't cause any damage. When I swapped the
boards' positions,
the interference didn't exist anymore, and everything works like a
champ. The RL01 drive
works flawlessly, and both the RX02 drives also work great.

Here's another question for you DEC folks:

The system has the main backplane (closest to the front panel), then
there's the RK11
backplane, which is connected to the main bus by a bus jumper, and from
the last slot (A&B)
of the RK11 backplane, is another jumper which conncts to a 9-slot
expansion backplane.

Question is: Is this correct? Should the RK11 backplane (4 slots in
which the RK11
4-board RK11 controller plugs into) be situated BETWEEN the main bus and
the expansion
bus, or should it be located at the end?

Next question, back on the TSX-Plus password hacking part of the thread;
On one of the floppies I was given, I found a program called TSAUTH.SAV.
This program
runs from RT-11, and appears to be a tool to manage the ACCESS.TSX and
CREDIT.TSX files.
The CREDIT file appears to be a structured text file, which contains
PPN's, "user names", and privilege information for each account. The
ACCESS file appears to be where the
passwords are strored in some encrypted form.

The TSAUTH program has just gives the normal "*" prompt when run. I
tried all kinds of combinations of characters for commands, and found
that it responds to "A", "L", "P", "E", and "K". E exits the program.
The other commands result in a "PPN:" prompt. By looking
through the CREDIT.TSX file, I could find out PPN's, so I tried entering
one of the PPN's
listed in the CREDIT file after typing the "K" command (which I assumed
means "KILL"),
figuring that would wipe out the user's entry. It didn't. Using
BINCOM, I backup
copies of the CREDIT and ACCESS files with the actual files, and there
was no change.
If I moved the ACCESS.TSX and CHARGE.TSX files to different names and
ran the TSAUTH
program, it complained that it couldn't find the ACCESS file, so I know
the program is
somehow supposed to manipulate this stuff. DUMPing the TSAUTH.SAV file
results in
some text clues that make it clear that the program is an administrative
tool.
Messages such as one asking the user if they wish to make a new
authorization file,
and how many entries to reserve for users should be created. I tinkered
with the program
for quite a while, and couldn't get it to emit those messages no matter
what I did.
The "E" command is used to exit the program -- the only command that I
could really
tell that did anything. Does anyone have any TSX-Plus Version 5 manuals
that they could
look up this command and let me know how it works?

Many thanks to all,

Rick
Received on Wed May 07 2003 - 18:32:00 BST