Basic UNIX Hacking
UNIX is probably the most commonly used operating system on Telenet, and is
the easiest to hack since it doesn't record bad login attempts. You know you've
found a UNIX system when it gives you a "Login" prompt, and then a
"Password" prompt. To get in you should first try the default logins.(Listed
below.) If these don't work try some of the passwords listed in Section M. If
these don't work try to find backdoors. These are passwords that may have been
put in to allow the programmer (or someone else who could be in a position to
make a backdoor) to get access into the system. These are usually not known
about by anyone but the individual who made it. Try doing some research on the
programmer and other people who helped to make the system. And, if these don't
work, just try guessing them. The Login (usually the account holders name) has
1-8 characters and the Password is 6-8 characters. Both can be either letters
or numbers, or a combination of the two.
Once you get in, you should get a "$" prompt, or some other special
character like it. You should only use lower case letters when hacking UNIX,
this seems to be standard format. If you type "man [command]" at the
prompt, it should list all of the commands for that system. Anyway, here are
the default Logins and Passwords:
Login: Password:
root- root
root -system
sys -sys
sys -system
daemon -daemon
uucp- uucp
tty- tty
test- test
unix- unix
unix- test
bin -bin
adm- adm
adm- admin
admin- adm
admin- admin
sysman- sysman
sysman -sys
sysman- system
sysadmin- sysadmin
sysadmin- sys
sysadmin- system
sysadmin- admin
sysadmin- adm
who- who
learn- learn
uuhost- uuhost
guest- guest
host- host
nuucp- nuucp
rje- rje
games- games
games- player
sysop- sysop
root- sysop
demo- demo
Once you are in, the first thing that you need to do is save the password file
to your hard drive or to a disk. The password file contains the Logins and Passwords.
The passwords are encoded. To get the UNIX password file, depending on what
type of UNIX you are in, you can type one of the following things:
/etc/passwd
or
cat /etc/passwd
The first one is the standard command, but there are other commands as well, like the second one. Once you get the password file, it should look like this:
john:234abc56:9999:13:John Johnson:/home/dir/john:/bin/john
Broken down, this is what the above password file states:
Username: john
Encrypted Password: 234abc56
User Number: 9999
Group Number: 13
Other Information: John Johnson
Home Directory: /home/dir/john
Shell: /bin/john
If the password file does not show up under one of the above two commands, then
it is probably shadowed.
The following definition of password shadowing was taken from the alt.2600 hack
faq:
"Password shadowing is a security system where the encrypted password field
is replaced with a special token and the encrypted password is stored in a seperate
file which is not readable by normal system users."
If the password file is shadowed, you can find it in one of the following places,
depending on the type of UNIX you are using:
UNIX System Type: Path: Token:
AIX 3 /etc/security/passwd !
or /tcb/auth/files/<first letter of #
username>/<username>
A/UX 3.Os /tcb/files/auth/*
BSD4.3-Reno /etc/master.passwd *
ConvexOS 10 /etc/shadpw *
Convex0S 11 /etc/shadow *
DG/UX /etc/tcb/aa/user *
EP/IX /etc/shadow x
HP-UX /.secure/etc/passwd *
IRIX 5 /etc/shadow x
Linux 1.1 /etc/shadow *
OSF/1 /etc/passwd[.dir|.pag] *
SCO UNIX #.2.x /tcb/auth/files/<first letter of *
username>/<username>
SunOS 4.1+c2 /etc/security/passwd.adjunct ##
SunOS 5.0 /etc/shadow
System V 4.0 /etc/shadow x
System V 4.2 /etc/security/* database
Ultrix 4 /etc/auth[.dir|.pag] *
UNICOS /etc/udb *
Some passwords can only be used for a certain amount of time without having
to be changed, this is called password aging. In the password file example below,
the "C.a4" is the password aging data:
bob:123456,C.a4:6348:45:Bob Wilson:/home/dir/bob:/bin/bob
The characters in the password aging data stand for the following:
1. Maximum number of weeks a password can be used without changing.
2. Minimum number of weeks a password must be used before being changed.
3&4. Last time password was changed, in number of weeks since 1970.
The password aging data can be decoded using the chart below:
Character: Number:
.- 0
/ -1
0- 2
1- 3
2- 4
3- 5
4- 6
5- 7
6- 8
7- 9
8- 10
9- 11
A- 12
B- 13
C- 14
D- 15
E- 16
F- 17
G- 18
H- 19
I -20
J -21
K- 22
L- 23
M- 24
N- 25
O- 26
P- 27
Q- 28
R- 29
S- 30
T- 31
U- 32
V- 33
W- 34
X- 35
Y- 36
Z- 37
a -38
b- 39
c -40
d- 41
e -42
f -43
g -44
h -45
i -46
j -47
k- 48
l -49
m- 50
n -51
o- 52
p- 53
q- 54
r -55
s -56
t -57
u -58
v -59
w- 60
x -61
y -62
z -63
Now, explore the system freely, be careful, and have fun!