[1507] in bugtraq
Re: Pointer to a process's credential structure?
daemon@ATHENA.MIT.EDU (John F. Haugh II)
Sun Apr 16 19:48:02 1995
From: jfh@rpp386.cactus.org (John F. Haugh II)
To: fritchie@stolaf.edu (Scott Lystig Fritchie)
Date: Sun, 16 Apr 95 10:55:01 CDT
Cc: bugtraq@fc.net
In-Reply-To: <199504122245.RAA27504@nic.stolaf.edu>; from "Scott Lystig Fritchie" at Apr 12, 95 5:44 pm
> It's probably a good idea to enable the hardware password feature on
> our Solaris consoles anyway (or is it?), but if there's a program
> bundled with Solaris that will spit out that address, there's an added
> reason for doing so. :-)
You can do the same thing on almost any system with a kernel debugger
and a "console". On a RS/6000, put the keyswitch in "service" position
and press CTRL-\ on the async console. If you get a debugger prompt,
whammo, you're in.
The moral of the story is PROTECT YOUR HARDWARE, DAMNIT.
--
John F. Haugh II [ NRA-ILA ] [ Kill Barney ] !'s: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 251-2151 [GOP][DoF #17][PADI][ENTJ] @'s: jfh@rpp386.cactus.org
