Path: utzoo!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!ucbvax!NRL3.ARPA!youngdale%v6550c.DECnet From: youngdale%v6550c.DECnet@NRL3.ARPA ("V6550C::YOUNGDALE") Newsgroups: comp.os.vms Subject: (none) Message-ID: <8806210458.AA24159@ucbvax.Berkeley.EDU> Date: 14 Jun 88 16:20:00 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 26 I remember that a week or two back people were interested in finding the privileged password for a terminal server. The consensus reached at the time was that there was no way to do this, and the only option was to reset the server to the factory defaults. I have discovered that when a server bugchecks, and dumps its memory to a VAX host, that the password is located in the second block in an ASCII form (at least for a Decserver 100), and is followed by the non-privileged password (I think), and the software name. These strings start with a 1 byte length,and are followed by the ASCII characters. The problem is that I do not know of a way to force a server to bugcheck and dump its memory to a VAX. I discovered this by looking at an old dump and I do not remember why it dumped. Perhaps someone else has an idea of how to force a dump. For your information, our server(and LAT) has the following version numbers: Decserver 100: V1.3 BL15B LAT protocol version: 5.1 Hardware version: B.B Microcode version: BL8 ------------------------------------------------------------------ Eric Youngdale YOUNGDALE%V6550C.DECNET@NRL.ARPA Code 6551 Naval Research Lab "Some user assembly required" Washington, DC 20375 (202) 767-3276 ------------------------------------------------------------------