Calling All Hackers

10 posts / 0 new
Last post
Offline
Last seen: 19 years 10 months ago
Joined: Aug 11 2004 - 16:58
Posts: 1
Calling All Hackers

Can Anybody tell me why it is so easy to change the admin password, All you have to do on Mac OS X is
1. Shut down your computer
2. Start Up Holding Command+S Until You get a Unix Prompt :mac:
3. Type "/sbin/fsck -y"
4. Type "/sbin/mount -uw /"
5. Type "/sbin/systemstarter" :macos:
6. Type "passwd [Username]" ( [Username] means the username you want to change the password for)
7. You Will be asked for the new password 2 times
8. last Type "reboot" Blum 3

Eudimorphodon's picture
Offline
Last seen: 1 week 2 days ago
Joined: Dec 21 2003 - 14:14
Posts: 1207
There is no security...

without physical security. If someone can get to your machine to reboot while holding down a key, they can probably compromise it no matter what OS it's running.

Some other UNIXoids require that you know the root password to get in when booted to single user mode. (Most modern Linux distributions and recent Solaris versions, for instance.) But of course, in those cases someone could just force the machine to, say, boot from a CD-ROM, mount the "/" partition on the disk, chroot to it, and modify the password of their choice. Windows can be broken by booting a floppy with a password database munger... etc, etc.

Simple rule of thumb: Don't let people you don't trust touch your machine. And if you're really paranoid, encrypt your filesystem.

--Peace

eeun's picture
Offline
Last seen: 1 year 8 months ago
Joined: Dec 19 2003 - 17:34
Posts: 1895
Also keep in mind that OS X i

Also keep in mind that OS X intended for both business and home users. It would be poor marketing to sell an OS that people are inevitably going to lock themselves out of without having a back door that tech support or their IT can walk them through over the phone (unless you're Dogbert ;))

You could do similar with At Ease back in the early 90s. Figuring this stuff out is half the fun.

Offline
Last seen: 2 years 11 months ago
Joined: Dec 20 2003 - 10:38
Posts: 234
Re: There is no security...

But of course, in those cases someone could just force the machine to, say, boot from a CD-ROM, mount the "/" partition on the disk, chroot to it, and modify the password of their choice.
--Peace

I can say that I have done that to every Major Unix OS except Tru64.

I remember back in 98 or so I talked a guy down $100 on a SGI Indy because he did not have the root password. I borrowed a set of Irix discs and was in under 5 min. The hardest one I ever did that on was a HP PA-Risc machine with HP-UX. Took me a month to figure out how to boot the thing from a CD. I can't remember what exactly the difficulty was in doing it but I think I ended up having to boot from tape or something.

Kurenai's picture
Offline
Last seen: 17 years 11 months ago
Joined: May 28 2004 - 18:19
Posts: 82
Well duh..

Any password to anything can be craked or changed, its just a matter of time/effort to do it. this seems easy even to me, and i know almost nothing about unix! my solution to this problem? don't let your laptop out of your sight, and put your destop system somewhere(I.E. bedroom) where most people wont be able to jsut sit down and mess with it without you noticing. best security mesures i can think of...

Eudimorphodon's picture
Offline
Last seen: 1 week 2 days ago
Joined: Dec 21 2003 - 14:14
Posts: 1207
Re: There is no security...

I remember back in 98 or so I talked a guy down $100 on a SGI Indy because he did not have the root password. I borrowed a set of Irix discs and was in under 5 min.

I "rooted" my (free) Indy by compiling the XFS filesystem patches to the kernel on a Linux machine and hanging the drive from the Indy on its SCSI controller. (At the time I had neither Irix CDs or a bootable CD-ROM drive for the system.)

Admittedly, steps like that are a bit more invasive then changing a password on OS X, but a motivated data thief could to it in 10 minutes alone with the machine. Which just emphasizes the point.

--Peace

performaman's picture
Offline
Last seen: 18 years 4 months ago
Joined: Dec 20 2003 - 10:38
Posts: 209
BIOS Boot Password

And if your BIOS allows you to have a password to boot the machine, USE IT! It's in BIOS and probably more difficult to crack than an OS password.

Eudimorphodon's picture
Offline
Last seen: 1 week 2 days ago
Joined: Dec 21 2003 - 14:14
Posts: 1207
Re: BIOS Boot Password

And if your BIOS allows you to have a password to boot the machine, USE IT! It's in BIOS and probably more difficult to crack than an OS password.

Not really, unless you have an IBM Thinkpad. (Most BIOS passwords can be cleared by resetting the CMOS.)

And if you do have a Thinkpad, you'll seriously regret setting a BIOS password after you forget it. (And have to pay IBM for a new motherboard.)

--Peace

eeun's picture
Offline
Last seen: 1 year 8 months ago
Joined: Dec 19 2003 - 17:34
Posts: 1895
I had a Fujitsu E-series in a

I had a Fujitsu E-series in a bulk lot of lappies I'd purchased that was bios password protected. Fujitsu recommends shipping the laptop off to Cypress or Singapore or some darn place, and they'll re-flash the bios and send it back. Supposedly very secure, those Fujitsus.

Alternatively, I spent five minutes on google and found a dos program that'll reset the bios from a floppy.

Jon
Jon's picture
Offline
Last seen: 13 years 6 months ago
Joined: Dec 20 2003 - 10:38
Posts: 2804
IIRC my first laptop, a Packa

IIRC my first laptop, a Packard Bell Statesman, had a horrid BIOS password setup. When you typed in the password it would register an incorrect attempt at the first incorrect key that was typed. You just started at 'a' and kept following the alphabet until it accepted the first key without error. Then you did it again 'first-key'-'a', etc. until it let you in. Way, way, way too easy. I've hated PBs ever since and fully regret spending the $500 (new) on the POS. Of course security that crappy can only come during the days after the release of Win 95, one reason I got the lappy so cheap as everything still running 3.x (the PB had 3.11) was being cleared from stock.

Log in or register to post comments