How TO: Break into the system

Mike Smith_33 · ‎08-03-2006

Can someone direct me to the documention on how to break into an Hp-UX 11i system (with physical system access). I have searched the forums and the technical documentation with no sucess at this point.

Thanks in advance!

Patrick Wallek · ‎08-03-2006

And you want to know this because.......?

If you can describe your real problem, we can probably offer a solution. But just asking how to break into a system will probably not garner many answers.

How do we know you are not a hacke/cracker/whatever trying to mess with someone?

Steven E. Protter · ‎08-03-2006

Shalom Mike,

HP has a course on HP-UX security where they teach these skills as a means of defense.

I for one will post nothing to assist you not that I don't trust you. I don't trust others that will read this in the future.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

DCE · ‎08-03-2006

Are you looking for the ability to reset root? or ways to hack the system?

If it is the first, reboot the system, interupt the boot cycle during the 10 second window where it says press any key, issue the command bo pri, answer yes to interact with ISL, and enter hpux -is at the ISL prompt, and press enter. This will bring you up in single user mode, and give you the ability to reset roots password.

Mike Smith_33 · ‎08-03-2006

Please notice that I requested this as someone already having physical access to the box itself. If I already have physical access I think your degree of concern should decrease. I am not looking for general breakin information, specifically, someone having physical access.

Anyway, I just wanted to save a call to tech support and figured you guys would be faster. I am attempting to document how my boss or someone else could get in the system in case I got hit by a bus as I am the only one with the root password.

Mike Smith_33 · ‎08-03-2006

Thanks DCE, we are getting ready to go test this. I have broken in to VMS and Tru64 with physical access but I was not sure of the exact steps for hp-ux.

Thanks all!

Jaime Bolanos Rojas. · ‎08-03-2006

:-) :-) :-)

Mike, it all depents on what you want to do, but I notive you have ask plenty of questions in the forums, probably you are not a cracker but who knows...

If you forgot your root password, you can get into single user mode and change the password overthere, and you will have access to it, that's the fast and easy way with physical access to the server.

Notice: **** whatever is advice overhere is to fix machines and not to break anything in them, even thought some manage to do it all the time without fault****

Regards,

Jaime.

Work hard when the need comes out.

Torsten. · ‎08-03-2006

Why not write the password down, put in into an envelope and seal it. Now put it into the safe. This is as secure as your money is.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!

A. Clay Stephenson · ‎08-03-2006

Since, you have physical access, presumably you are allowed into the protected area where the console is housed. The exact process varies a bit depending upon the model and irmware level but the procedure is similar.

1) Crash the box (yank the power cord or equivalent).
2) Power the box back up, and interrupt the boot process when the console directs you to by hitting .
3) boot pri
4) Interact with ISL/IPL? Y
5) hpux -is

This will bring the box up in single-user mode and you will be logged in as root. You can mount any needed filesystems (which may first require an fsck because of the harsh manner in which the box was last shutdown) and do any needed maintenance. You can also set the root password at this time. You then shutdown and allow the box to boot normally.

You can also peruse the security bulletins for possible techniques but hopefully the legitimate and diligent sysadmin will have already applied the fixes to close those holes.

If it ain't broke, I can fix that.

Steven E. Protter · ‎08-03-2006

I think there was a misunderstaning due to your choice of subject.

This topic has in actuality come up many times with people providing a more appropriate title and enough detail to make their attentions clear.

Single user mode can be password protected. In that case you cand still boot off Core OS mount the root filesystem and null out the root password entry in /etc/passwd.

Please accept my apologies for my part in the misunderstanding. For some reason I'm a bit tense lately, Can't figure out why.

Good luck resolving your issue.

Steven

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Torsten. · ‎08-03-2006

Just in case you have some add-on software installed, that enables secure single user mode with root password protection, you need to boot from another source or put the disk into another server and mount your original bootdisk to be able to edit the appropriate files.
But think about the envelope ;-)

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!

Mike Smith_33 · ‎08-03-2006

Thanks for all the replies I am sure I can document this now. I had thought about the envelope idea. We have no safe so my boss wanted to keep it on him. I did attempt to search but I did not find anything.

I originally asked for a pointer to where this was in the documentation, thinking that if it were documented, it apparently wasn't a state secret. If I gave anyone any other ideas about my intentions for documented information to be used along with physical server access, please charge it to me as a misunderstanding. I will attempt to ask questions with better clarity in the future.

A. Clay Stephenson · ‎08-03-2006

Let me suggest a Plan B instead of the safe.
Keep the password in an encrypted file in an obscure location on the box but here's the trick: The plaintext file is encrypted (well, actually enciphered) twice by two different sets of people --- who don't even have to be IT guys. The idea is that it takes two different sets of people to encrypt and decrypt the passwords.

If it ain't broke, I can fix that.

Torsten. · ‎08-03-2006

Well, this plan follows the concept of the safe - one box, two keys (but electronic)

;-))

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!

doug hosking · ‎08-04-2006

> The idea is that it takes two different sets of people to encrypt and decrypt the passwords.

What happens if the sysadmin and one of these two people decide to go to lunch together some day when the bus driver is grumpy ? :-)

On a more serious note, you have a lot more to worry about than just what the root password is or how it can be bypassed. I would think it wise to consider the 'bus' scenario as part of the overall disaster recovery plan for your site. Even the most dedicated and ethical sysadmins too often carry a lot of other critical information only in their heads. Things as simple as the proper order to bring up interdependent servers after a power outage can be key to restoring operations in some reasonable amount of time. It's probably well worth thinking about how much of this needs to be more formally documented.

Torsten. · ‎08-04-2006

You always need passwords and other important information.

You need to store this information secured and need at least 2 people to get access to it (we call this four eyes) - but you can make it 6 if you want. There are some solutions already in place (not only the envelope ;-))

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!

Torsten. · ‎08-04-2006

btw, consider to re-open this thread.

and ... I know hp is offering a lot of dr solutions, just ask them about this topic.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!

A. Clay Stephenson · ‎08-04-2006

and will note that I said two different sets of people --- not just two people. At least two people should know each of the encrytion passwords --- but neither set of people knows what the other knows. The actual admins already know the root passwords so there is built-in redundancy --- and they have no need to know the encryption passwords.

If it ain't broke, I can fix that.

A. Clay Stephenson · ‎08-04-2006

and note that I said two different sets of people --- not just two people. At least two people should know each of the encrytion passwords --- but neither set of people knows what the other knows. The actual admins already know the root passwords so there is built-in redundancy --- and they have no need to know the encryption passwords.

If it ain't broke, I can fix that.

Yogeeraj_1 · ‎08-04-2006

how do we choose "two different sets of people"?

i would prefer to give the envelope to the Accountant in charge or the CEO to put in the safe! and inform all those whom can be allowed access to the password where they can get the "envelope"

my views.

No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

How TO: Break into the system

How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system

Re: How TO: Break into the system