From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from minnie.tuhs.org (minnie.tuhs.org [45.79.103.53]) by inbox.vuxu.org (OpenSMTPD) with ESMTP id 0bb526ad for ; Tue, 8 Oct 2019 21:22:33 +0000 (UTC) Received: by minnie.tuhs.org (Postfix, from userid 112) id 108BF9BC9A; Wed, 9 Oct 2019 07:22:32 +1000 (AEST) Received: from minnie.tuhs.org (localhost [127.0.0.1]) by minnie.tuhs.org (Postfix) with ESMTP id BCDA69BC02; Wed, 9 Oct 2019 07:22:21 +1000 (AEST) Authentication-Results: minnie.tuhs.org; dkim=pass (1024-bit key; unprotected) header.d=kilonet.net header.i=@kilonet.net header.b="as2ndWUo"; dkim-atps=neutral Received: by minnie.tuhs.org (Postfix, from userid 112) id AB63D9B9B4; Wed, 9 Oct 2019 07:22:20 +1000 (AEST) Received: from p3plsmtpa09-02.prod.phx3.secureserver.net (p3plsmtpa09-02.prod.phx3.secureserver.net [173.201.193.231]) by minnie.tuhs.org (Postfix) with ESMTPS id EB0BC9BC02 for ; Wed, 9 Oct 2019 07:22:09 +1000 (AEST) Received: from medusa.kilonet.net ([72.69.223.115]) by :SMTPAUTH: with ESMTPA id Hwvoi7tuSMkfcHwvpilogJ; Tue, 08 Oct 2019 14:22:09 -0700 Received: from [199.89.231.101] (ender.kilonet.net [199.89.231.101]) by medusa.kilonet.net (8.14.8/8.15.1) with ESMTP id x98LM8hI021693 for ; Tue, 8 Oct 2019 17:22:08 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kilonet.net; s=default; t=1570569728; bh=O/nVSzvtvhRrq1hnI7OZEfDboJb5chy9cySyW/V4hZQ=; h=Subject:To:References:From:Date:In-Reply-To; b=as2ndWUo4xdi2DHybT+u9gxPMrzlDuyZqEIj2tPplcJKv1B0ZntcoPyBMW/i3t7fl U9juSe1WCAWBJG+sMTCfYsgCp7PeEj5mcNXzvhD3h1jefui38tU4iZvPiLCTE2kDeb xj5JMAttWhFKls5lRnA87jHXgL8pGQFq0iszPwZk= To: tuhs@minnie.tuhs.org References: <1570559927.29337.for-standards-violators@oclsc.org> <2e6e1005-3bbf-5dcc-3fcc-099864c752dc@kilonet.net> From: Arthur Krewat Message-ID: <8088e5bd-3530-d3e1-8066-db6ea9389dea@kilonet.net> Date: Tue, 8 Oct 2019 17:22:03 -0400 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-CMAE-Envelope: MS4wfFN3jBwPxDda+cD+kFJ/uxjLHlx1XzbsM4CFmkYarkiSBr6giDRFdg9yEVrF5bFWvkj2IsAj4ZMCdJXLgOP2FOEkFiKv+WPYGJKQPujYSIWWJ01Z2VXl CjmGcVHpnOvSbRwq98S2brXCI8+Daqqi61wXr+DlzUrs6L6IoR71e/GunvRgC8VBsV0xdawQB4IEGw== Subject: Re: [TUHS] Recovered /etc/passwd files X-BeenThere: tuhs@minnie.tuhs.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: The Unix Heritage Society mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tuhs-bounces@minnie.tuhs.org Sender: "TUHS" On 10/8/2019 5:02 PM, Dave Horsfall wrote: > On Tue, 8 Oct 2019, Arthur Krewat wrote: > >> Slightly off-topic, but still UUCP related. If a SunOS box NFS >> exported /, and I could mount /, even without root NFS access, using >> the uucp user, I could overwrite uucico because it was owned by uucp. >> The entry in inetd.conf would automatically run uucico as root. >> Telnet to the box on that port, and it would happily run whatever I >> put in the uucico file. >> >> Bad joo-joo. > > *Cough cough* I remember that *cough cough*... cough cough back at you, sir ;) > > Unix systems in those days were broken in subtle ways; we once broke > into a Gould (marketed as the most secure box on the planet[*]) by > social-engineering a marketoid (we tricked him into running a custom > "ls" or something).  "Thank you Sir, and we've just broken into your > Gould; there's the root prompt". I was able to social-engineer an operator a few times on TOPS-10 systems back in the day to reset passwords, or mount disks. "Can you give me a list of disks you have ready to mount?" - "blah blah blah" - "OK, mount pack BLARG". But then, one time, I was talking to an "operator" for a while before I realized it was an ELIZA-like program that kept going back around in a loop. Trying to be suave, I started it by asking how they were doing, and got all sorts of weird responses. At some point, realizing I was talking to a bot, I said: "I feel bad" - and it replied something to the effect of "Can you explain why you feel bad?". Typical ELIZA response ;) Someone at that university had a sense of humor, that's for sure. Broke into it anyway guessing passwords. ak