Subject:   What's Hacking VAX Special - 2
From:      David Lightman (Level 30) [A dude who wanted access]
To:        ALL
Sent:      3/1/90 at 2:49 pm



        WHAT DOES A VAX LOOK LIKE:   (quickly)
        =========================

           When you log into a VAX, you will see something similar to the
        following:

        :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
                                     WELCOME

                                     TO THE

                             AT&T MICROVAX II SYSTEM

        Username: (username here)
        Password: (password here... does not echo)

        $  (<-- this is your prompt)
        :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

           You  will  know if you have a VAX type system if you  get  the
        "Username:" and "Password:" prompts.  Anything is just extra that
        helps you guess passwords.

        GETTING IN A VAX BY ERROR:
        =========================

           I  will only tell you one thing here.  VMS 4.X and  especially
        VMS4.4  are  goldmines.  I am not going to go into this  at  all,
        because it is a lengthy explanation that doesn't fit in the scope
        of  this  message.  You can find this discussion on  ARPANET  and
        USENET.   You  can  also  get  this  information  on   CompuServe
        Information  Service,  BYTE  Information  Exchange,  and  Digital
        Electronics Corporation's VAX BBS.   There is also a big  problem
        with VMS 5.1, but that doesn't involve getting in.  If there  are
        enough  requests, I will cover this information in  another  mes-
        sage.

        GETTING IN A VAX BY DEFAULT:
        ===========================

           There  are  several default accounts that were put in  by  DEC
        when  testing and installing the VAX.  These accounts have  pass-
        words which don't change from system to system.  The SYSOP should
        have  removed these accounts or changed the passwords, but it  is
        not done a lot of times.  Below, I have listed several defaults:

                       USERNAME              PASSWORD
                       --------              --------
                       DECNET                DECNET
                  *    SYSTEST               UETP
                                             SYSTEST
                       SYSTEM                SYSTEM
                       DEFAULT               DEFAULT
                  *    FIELD                 FIELD
                       OPERATIONS            OPERATIONS
                  *    SUPPORT               SUPPORT
                                             DEC
                       SYSTEST_CLIG          CLIG
                                             SYSTEST
                                             TEST

           Where  I have listed several passwords, I have found  the  re-
        spective  usernames  passworded that way as much as  the  default
        password.   The accounts with asterisks beside them are  powerful
        accounts by default.