From: dropping science like galileo dropped the orange (gschmidt@mit.edu)
Date: 04/12/00-10:06:47 PM Z
> sean_k from #i-opener-linux has devolped a program to decrypt ANY qnx
> password
what incredible lameness -- the mind reels. I was just starting to
fall in love with QNX and its beautiful file/message passing/driver
architecture. but huge props to sean_k! how did you guys know that
QNX used a braindead crypt(), anyway? I suppose the passwords *are*
shadowed, but still.. if they're not encrypted, they should be stored
in plaintext to avoid giving the impression of security, are you with
me?
It's worth noting that while the root password (osiw$6.4) is a
variable pulled from the nvram partition on startup, the service
password (the one that decrypts to one2go) is a constant hard-coded in
/rc/startup. which is not to say they couldn't send an update to the
startup script.
i might as well add what everyone who's poked around with dsmod knows
already -- that for the initial network connection (from whence
updates and local phone numbers are downloaded, I assume) your IO
tries to open a PPP session to:
1-800-871-9306
with
username: smackee@netpliance
password: x3i0pen [note the zero for 'o']
note that 'smack' is a made-up technical term in one of their custom
protocols (I forget which at the moment.) and that they like the
'-ee' suffix for 'the object of something'; ie the pokee daemon
listens to events sent by the poke server.
g
_______________________________________________
iopener mailing list iopener@scsiboy.com
To change your mailing options, please go to http://snoopy.net/mailman/listinfo/iopener
Read the FAQ, please! http://fastolfe.net/misc/i-opener-faq.html