[1807] in bugtraq
Re: password backdoors
daemon@ATHENA.MIT.EDU (Virantha Mendis)
Fri May 12 13:46:41 1995
Date: Fri, 12 May 1995 17:31:28 +0100 (BST)
From: Virantha Mendis <vmendis@london.micrognosis.com>
To: Larry Kealey <kealeyl@phibro.com>
Cc: bugtraq@fc.net
In-Reply-To: <9505111538.AA03241@admn0162>
On Thu, 11 May 1995, Larry Kealey wrote:
>
> > Can anyone enlighten me further into how this would be
> > done and if such back doors exist in other operating
> > systems.
>
> Under NeXTStep, one needs only to hold down both command keys (on
> Non-NeXT hardware it may be the Alt or other keys) and hit the tilda,
> the mini-monitor appears, you can then halt the machine. Then boot
> the machine in single user mode: bsd -s, and you are logged in as
> root at the system console. After that, you need to start the netinfo
> daemons, then you can reset the root password using passwd.
>
> This will only work if the machine does not have a hardware password
> set, if it does have a hardware password set, you can replace the ROM
> chip with one from another machine to get in.
>
> I have also heard that the hardware password (and all the other ROM
> settings) will get wiped if you remove the battery for a while, but I
> haven't tried it.(Haven't had the need... :>)
> Does anyone know?
Ya, it works. That's what i did when i forgot the hardware password.
>
> L Kealey
> Phibro Energy USA, Inc.
>
