From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 21737 invoked from network); 18 Jan 2023 16:38:56 -0000 Received: from minnie.tuhs.org (50.116.15.146) by inbox.vuxu.org with ESMTPUTF8; 18 Jan 2023 16:38:56 -0000 Received: from minnie.tuhs.org (localhost [IPv6:::1]) by minnie.tuhs.org (Postfix) with ESMTP id 61815423C9; Thu, 19 Jan 2023 02:38:44 +1000 (AEST) Received: from mcvoy.com (mcvoy.com [192.169.23.250]) by minnie.tuhs.org (Postfix) with ESMTPS id CF4EE423C7 for ; Thu, 19 Jan 2023 02:38:40 +1000 (AEST) Received: by mcvoy.com (Postfix, from userid 3546) id 9763435E2F0; Wed, 18 Jan 2023 08:38:40 -0800 (PST) Date: Wed, 18 Jan 2023 08:38:40 -0800 From: Larry McVoy To: Ron Natalie Message-ID: <20230118163840.GF2964@mcvoy.com> References: <202301180943.30I9hrOw030485@freefriends.org> <202301181513.30IFDDUJ015224@freefriends.org> <20230118151446.GD2964@mcvoy.com> <20230118161959.GE2964@mcvoy.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) Message-ID-Hash: NEN2IJTZ4TMERID2GABIKZGLMVQPC2XK X-Message-ID-Hash: NEN2IJTZ4TMERID2GABIKZGLMVQPC2XK X-MailFrom: lm@mcvoy.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tuhs.tuhs.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: tuhs@tuhs.org X-Mailman-Version: 3.3.6b1 Precedence: list Subject: [TUHS] Re: Maintenance mode on AIX List-Id: The Unix Heritage Society mailing list Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Wed, Jan 18, 2023 at 04:27:50PM +0000, Ron Natalie wrote: > Occassionally, we???d get random other IBM hardware dropped on us. One day > an RS/6000 showed up. The problem was that they didn???t give us any > indication what the logins were (let alone the root password). Being the > long time security ???investigator??? that I was I started poking around at > the thing while waiting for IBM to call me back. The thing had a key > switch that switched you from power OFF to NORMAL ot a WRENCH icon > (maintenance mode). So I powered it up in the wrench mode. The thing > booted up Unix but rather than a shell gave some maintenance program. I > poked around at the options hoping for something that would be useful for me > without luck. One option was to view the documentation so I brought that > up and it displayed some text. The neat thing (for me) was that it used > ???more??? to paginate it. Sure enough, when I got to the end of the first > page, I could just hit ! at the prompt and get a root shell. It was then > pretty easy to get the machine set up to our liking. Someone once told me that if they had physical access to a Unix box, they would get root. That has been true forever and it's even more true today, pull the root disk, mount it on Linux, drop your ssh keys in there or add a no password root or setuid a shell, whatever, if you can put your hands on it, you can get in. -- --- Larry McVoy Retired to fishing http://www.mcvoy.com/lm/boat