Re: password backdoors

[rick () hq af mil (Rick Weldon)]

Excerpts from Bugtraq: 11-May-95 Re: password backdoors Paul
Szabo () maths su oz.a (994)


> I am sure your HP engineer was just boasting, I am sure there are no
'password backdoors' in Domain/OS. 


I don't know about Domain/OS, but some years ago I came across an
intentional backdoor left in the OS on a Unisys 5000/80. This was back
in 1988. We inherited one of these big ugly things and managed to get it
up into multiuser mode as delivered. Of course no one knew the root
password. I was able to log in as guest with no password, but back then
I didn't really know how to take advantage of any misconfigurations. One
of the CE's for Unisys happen to be there and I told him the problem. He
walked up to the logged in terminal and:

$ ilp -z
#

He told me it was there for just this occasion.

The ilp command was some add on thingy for the International Line
Printer, or so said the man page, although I don't know of anyone who
ever used it. The "-z" option was not documented in the man page of
course. This is not likely to work anymore on any Unisys system unless
you have one with a really old release of the software. I think the
release numbers were 3.2. At the time he showed me this Unisys was
forcing their customers to upgrade to the next release.

-----------------------------------------------------------------------------
| Rick Weldon  I-NET Inc.       | 'It is difficult to see a black cat in a   |
| E-mail: rick () hq af mil(MIME)  | dark room, especially when it's not there' |
| Phone:  703-695-0264          |                    --- Chinese Saying --   |
-----------------------------------------------------------------------------