OT: HELP! I can't think of any way I can do this...

IJump

Diamond Member
Feb 12, 2001
4,640
11
76
I gave you a little response, and if your company or the lawyers want to fly me out there to give you a hand, I will see if I can get some time off of work. ;)
 

IJump

Diamond Member
Feb 12, 2001
4,640
11
76
I think your answer is in the other thread. Now, go get the bad guys..... :D
 

Shuxclams

Diamond Member
Oct 10, 1999
9,286
15
81
Well I was able to browse with "linux init=/bin/sh rw" and "seemingly" change the root password. My problem now is the guy was using it as an email spam relay and my GHOST image couldnt handle 25 million email addresses and directories... yes thats right, 25 million, or so thats what it said. Anyway, it goes through a normal bootup and then right as the login appears the screen goes dead and the keyboard and mouse turn off. VNCSERVER is installed in /etc/init.d and /etc/rc5.d so I assume that it boots and then is remotely controlled that way but all attempts at local intervention short of pulling the power are usesless. Any help re-enabling the Local input devices or how to find out which port (default is 5800) VNC is listening to would be greatly appreciated. OBTW, both of the W2K PC's we're cracked in less than an hour.. :p









SHUX
 

IJump

Diamond Member
Feb 12, 2001
4,640
11
76
I would go back to a linux boot floppy. That should give you the ability to mount a browse the hard drive and get all the info that you want. You may not be able to run all of the programs, but you should be able to get a good overview of what is on the drive.

You could probably also figure out what port VNC is using.


If you know what IP the system has (is it getting one from you dhcp server? look at the leases), you can get a port scanner to see what ports that machine has open.

LANguard Network Scanner: That should find the open ports on the machine.