Path: utzoo!mnetor!uunet!lll-winken!lll-tis!ames!pasteur!ucbvax!ucdavis!deneb.ucdavis.edu!ecs140w020
From: ecs140w020@deneb.ucdavis.edu (0000;0000005648;4000;250;215;ecs140w)
Newsgroups: sci.crypt
Subject: VMS password hacker
Message-ID: <1315@ucdavis.ucdavis.edu>
Date: 6 Mar 88 12:06:58 GMT
Sender: uucp@ucdavis.ucdavis.edu
Lines: 18

Bunkersoft of Mountain View has a VMS password hacker
available for $30 (source code) from

Bunkersoft
PO Box 4436
Mountain View CA
94040-4436

The method used is a brute force attack. However, because of the
nature of the VMS password file, SYSPRV or CMKRNL is required for
a short window of time before running. I ran this program on my
installation at work; it found 35% of all passwords. 

Since HPWD is a proprietary DEC code, a batch file is given to
extract this information from LOGINOUT.EXE. I believe this program
is aimed at security managers etc.

ecs140w020@deneb.ucdavis.edu
ucdavis!deneb!ecs140w020