Getting Started, Documentation, Tips & Tricks

Got an Indy!

A friend of mine is an IT director for a school, and handed me an Indy. I am told it has 256MB of RAM and an R5000 processor. The good news is that it boots! It went right to the login screen. It seems to be running Irix 5.2. The bad news is that all usernames and passwords have long been forgotten. So, my quesiton is: What can I do with this? I do not have any installation media. (Or a cd drive, for that matter) It does have an ethernet adapter.

I would prefer to install Irix 6.5, but if that is not possible, I have heard that there is a version of Gentoo that will work with it. I like the massive CRT that it came with.

Any suggestions?
One of these should be able to present you with a nice shiny root shell: http://www.exploit-db.com/platform/?p=irix :twisted:

_________________
Choosing stones, big enough to drag me down...
Most of those look like you need local access already. However, this one looks very promising: http://www.exploit-db.com/exploits/20149/ ... assuming it's running Telnetd, assuming you know its IP (or arp -a might be able to tell you).

It also looks like you can execute arbitrary commands on the box through in.lpd using http://www.exploit-db.com/exploits/10033/ (look at the socket code; you don't need Metasploit to actually do what it's doing), again with similar assumptions. :)

To crack into my own Indy, I ended up mounting the filesystem r/w and changing the password file from install media, but obviously you need install media for that.

Good luck! It sounds like a nice box!

_________________
smit happens.

:Fuel: bigred , 700MHz R16K, 2GB RAM, V12, 6.5.30
:Indy: indy , 150MHz R4400SC, 256MB RAM, XL24, 6.5.10
probably posted from Image bruce , 2x2x2.5GHz PowerPC 970MP, 8GB RAM, Mac OS X 10.4.11
plus IBM POWER6 p520 * Apple Network Server 500 * HP C8000 * BeBox * Solbourne S3000 * Commodore 128 * many more...
Correct me if I'm wrong, but wasn't root-password on single user mode required only for post 6.5?

_________________
:Octane: halo , oct ane
N.B.: I tend to talk out of my ass. Do not take it too seriously.
Rubber_Hamster wrote:
Any suggestions?

Put your location in your profile. For all we know, you're three blocks away from another SGI owner who would be happy to stick your Indy drive into their Fuel, blow away the passwords and hand it back to you.
duck wrote:
Correct me if I'm wrong, but wasn't root-password on single user mode required only for post 6.5?


I think 5.2 is new enough to require the password for single-user mode.

You can get a Linux distro that has EFS read-only support and SGI disklabel support, grab the password file, and run it through John. For 5.2 it's a basic passwd, so should be fast on any modern h/w.

Or then there's always the "I don't have anything that reads that" approach for UNIX machines. Open the disk on a hex editor, search for the string ":0:0:", then either snag the password to run through John or replace it with a known password (you need to have a compatible version, so don't use the password from your new UNIX box using Blowfish or whatever.

_________________
Damn the torpedoes, full speed ahead!

Systems available for remote access on request.

:Indigo: :Octane: :Indigo2: :Indigo2IMP: :Indy: :PI: :O3x0: :ChallengeL: :O2000R: (single-CM)
First things first: check if the guest account is active, and allows you access.

_________________
Torfinn
"Guest" "4Dgifts" and "EZSetup" are the most common unpassworded accounts, but if your friend's department is halfway competent and managed that particular Indy they won't be active.

If it really is a R5000 model it will be running no less than "5.3 for Indy Including R5000" or 6.2. In either case you'll probably find 6.5 a less frustrating experience (more software available in tardists, more people know their way around it, newer patches), so you might want to start looking for a copy.

_________________
Damn the torpedoes, full speed ahead!

Systems available for remote access on request.

:Indigo: :Octane: :Indigo2: :Indigo2IMP: :Indy: :PI: :O3x0: :ChallengeL: :O2000R: (single-CM)