[rescue] $219 Octanes
Shawn Wallbridge
swallbridge at franticfilms.com
Thu Aug 22 22:25:07 CDT 2002
Dan Sikorski wrote:
>On Thu, 2002-08-22 at 20:14, Shawn Wallbridge wrote:
>
>
>>Actually it is even easier. IRIX 6.5 (at least this install) doesn't use
>>shadow passwords. Of course I spent an hour looking for an exploit. It
>>took 10:54 minutes to break it.
>>
>>
>
>Yup, that's how i got into my indigo2 and my o2 (and likely soon my
>Onyx, i just got the power cable today!*). usually, the lp account has
>no password. once i logged in as lp, i copied the encryped password
>over to another machine, and used john the ripper (a password cracking
>utility) to get the actual password. It took my 650mhz athlon five
>minutes to crack the password for the indigo2, and a couple of days to
>crack the password for the o2.
>
> -Dan Sikorski
>
>* i got them from Quail Electronics (www.quail.com) i emailed and asked
>about them, and they sent me two for free! along with a catalog,
>marketing fluff, coaster, and pen. (i'm pretty sure that they got the
>impression that i might be interested in more). If anyone can swing
>some buisness their way, i'd encourage them to.
>_______________________________________________
>rescue list - http://www.sunhelp.org/mailman/listinfo/rescue
>
>
Wow, why such a big difference in time? Was it password length? The
Octane is running 6.5.10m and it only used DES. Do the newer versions
run something stronger?
just curious.
shawn
More information about the rescue
mailing list