3 Jan
2015
3 Jan
'15
1:49 a.m.
Never had to social engineer anything. I think we cracked the Gould booth systems using
the WIZ sendmail hack.
I remember another time IBM loaned me an RS6000 but didn’t send along the root password.
I left a message wanting to know if they knew the root password or should I just break in.
It took me about 20 minutes and I called back and told them I’d solved the problem (the
RS6000 had a MAINTENANCE mode on the keyswitch that booted up a maintenance program as
root which displayed documentation using more, which had a shell escape….).
I remember one day showing up at an office I had been working in the pentagon and I my
sponsor was on the phone and I asked if I should knock down the screen saver and he said
sure go at it. After he realized that I actually could do that he told the guy on the
phone that he needed to check on how I’d done that.
My old boss (Steve Wolff later of NSFNet and Cisco fame) volunteered me for the Army Tiger
Team. Mostly they were physical security guys so I was about the only computer guy with
them, but we had a lot of fun, some through breaking UNIX security and others just
physical games. I was down at White Sands Missile Range one time and had already pretty
much gotten into all the systems there when someone had noticed the physical security guys
wandering around and put a warning in MOTD (of course I let them know right away that they
were on to them). I heard years later that anytime a machine went down at WSMR they
still blamed me.