[1786] in bugtraq
Re: password backdoors
daemon@ATHENA.MIT.EDU (Larry Kealey)
Thu May 11 13:35:01 1995
Date: Thu, 11 May 95 10:38:18 -0500
From: Larry Kealey <kealeyl@phibro.com>
To: Nathan Lawson <nlawson@statler.csc.calpoly.edu>
Cc: root@sentinet.demon.co.uk (System Admin), bugtraq@fc.net
> Can anyone enlighten me further into how this would be
> done and if such back doors exist in other operating
> systems.
Under NeXTStep, one needs only to hold down both command keys (on
Non-NeXT hardware it may be the Alt or other keys) and hit the tilda,
the mini-monitor appears, you can then halt the machine. Then boot
the machine in single user mode: bsd -s, and you are logged in as
root at the system console. After that, you need to start the netinfo
daemons, then you can reset the root password using passwd.
This will only work if the machine does not have a hardware password
set, if it does have a hardware password set, you can replace the ROM
chip with one from another machine to get in.
I have also heard that the hardware password (and all the other ROM
settings) will get wiped if you remove the battery for a while, but I
haven't tried it.(Haven't had the need... :>)
Does anyone know?
L Kealey
Phibro Energy USA, Inc.
