prompt.
Common Accounts/Defaults:
MGR.TELESUP,PUB User: MGR Acct: HPONLY Grp: PUB
MGR.HPOFFICE,PUB unpassworded
MANAGER.ITF3000,PUB unpassworded
FIELD.SUPPORT,PUB user: FLD, others unpassworded
MAIL.TELESUP,PUB user: MAIL, others unpassworded
MGR.RJE unpassworded
FIELD.HPPl89 ,HPPl87,HPPl89,HPPl96 unpassworded
MGR.TELESUP,PUB,HPONLY,HP3 unpassworded
IRIS- IRIS stands for Interactive Real Time Information System. It orig-
inally ran on PDP-11’s, but now runs on many other minis. You can
spot an IRIS by the ‘Welcome to “IRIS” R9.1.4 Timesharing’ banner,
and the ACCOUNT ID? prompt. IRIS allows unlimited tries at hacking
in, and keeps no logs of bad attempts. I don’t know any default
passwords, so just try the common ones from the password database
below.
Common Accounts:
MANAGER
BOSS
SOFTWARE
DEMO
PDP8
PDP11
ACCOUNTING
VM/CMS- The VM/CMS operating system runs in International Business Machines
(IBM) mainframes. When you connect to one of these, you will get
message similar to ‘VM/370 ONLINE’, and then give you a ‘.’ prompt,
just like TOPS-10 does. To login, you type ‘LOGON ‘.
Common Accounts/Defaults are:
AUTOLOG1: AUTOLOG or AUTOLOG1
CMS: CMS
CMSBATCH: CMS or CMSBATCH
EREP: EREP
MAINT: MAINT or MAINTAIN
OPERATNS: OPERATNS or OPERATOR
OPERATOR: OPERATOR
RSCS: RSCS
SMART: SMART
SNA: SNA
VMTEST: VMTEST
VMUTIL: VMUTIL
VTAM: VTAM
NOS- NOS stands for Networking Operating System, and runs on the Cyber
computer made by Control Data Corporation. NOS identifies itself
quite readily, with a banner of ‘WELCOME TO THE NOS SOFTWARE
SYSTEM. COPYRIGHT CONTROL DATA 1978,1987′. The first prompt you
will get will be FAMILY:. Just hit return here. Then you’ll get
a USER NAME: prompt. Usernames are typically 7 alpha-numerics
characters long, and are *extremely* site dependent. Operator
accounts begin with a digit, such as 7ETPDOC.
Common Accounts/Defaults:
$SYSTEM unknown
SYSTEMV unknown
Decserver- This is not truly a computer system, but is a network server that
has many different machines available from it. A Decserver will
say ‘Enter Username>’ when you first connect. This can be anything,
it doesn’t matter, it’s just an identifier. Type ‘c’, as this is
the least conspicuous thing to enter. It will then present you
with a ‘Local>’ prompt. From here, you type ‘c ‘ to
connect to a system. To get a list of system names, type
’sh services’ or ’sh nodes’. If you have any problems, online
help is available with the ‘help’ command. Be sure and look for
services named ‘MODEM’ or ‘DIAL’ or something similar, these are
often outdial modems and can be useful!
GS/1- Another type of network server. Unlike a Decserver, you can’t
predict what prompt a GS/1 gateway is going to give you. The
default prompt it ‘GS/1>’, but this is redifinable by the
system administrator. To test for a GS/1, do a ’sh d’. If that
prints out a large list of defaults (terminal speed, prompt,
parity, etc…), you are on a GS/1. You connect in the same manner
as a Decserver, typing ‘c ‘. To find out what systems
are available, do a ’sh n’ or a ’sh c’. Another trick is to do a
’sh m’, which will sometimes show you a list of macros for logging
onto a system. If there is a macro named VAX, for instance, type
‘do VAX’.
The above are the main system types in use today. There are
hundreds of minor variants on the above, but this should be
enough to get you started.
Unresponsive Systems ~~~~~~~~~~~~~~~~~~~~
Occasionally you will connect to a system that will do nothing but sit there.
This is a frustrating feeling, but a methodical approach to the system will
yield a response if you take your time. The following list will usually make
*something* happen. 1) Change your parity, data length, and stop bits. A
system that won’t re-
spond at 8N1 may react at 7E1 or 8E2 or 7S2. If you don’t have a term
program that will let you set parity to EVEN, ODD, SPACE, MARK, and NONE,
with data length of 7 or 8, and 1 or 2 stop bits, go out and buy one.
While having a good term program isn’t absolutely necessary, it sure is
helpful. 2) Change baud rates. Again, if your term program will let you
choose odd
baud rates such as 600 or 1100, you will occasionally be able to penetrate
some very interesting systems, as most systems that depend on a strange
baud rate seem to think that this is all the security they need… 3) Send
a series of ’s. 4) Send a hard break followed by a . 5) Type a series
of .’s (periods). The Canadian network Datapac responds
to this. 6) If you’re getting garbage, hit an ‘i’. Tymnet responds to this,
as does
a MultiLink II. 7) Begin sending control characters, starting with ^A –>
^Z. 8) Change terminal emulations. What your vt100 emulation thinks is garbage
may all of a sudden become crystal clear using ADM-5 emulation. This also
relates to how good your term program is. 9) Type LOGIN, HELLO, LOG, ATTACH,
CONNECT, START, RUN, BEGIN, LOGON, GO,
JOIN, HELP, and anything else