Xref: utzoo rec.humor:18755 rec.humor.d:1608 comp.misc:5037
Path: utzoo!utgpu!utstat!jarvis.csri.toronto.edu!mailrus!csd4.milw.wisc.edu!leah!rpi!pawl23.pawl.rpi.edu!jefu
From: jefu@pawl.rpi.edu (Jeffrey Putnam)
Newsgroups: rec.humor,rec.humor.d,comp.misc
Subject: Re: Looking for Computer Folklore
Keywords: Obtaining Passwords...
Message-ID: <557@rpi.edu>
Date: 10 Feb 89 13:32:59 GMT
References: <7143@pyr.gatech.EDU> <4744@sfsup.UUCP> <2887@sybase.sybase.com> <1912I78BC@CUNYVM> <1036@tutor.tut.fi> <6761@pogo.GPID.TEK.COM>
Sender: usenet@rpi.edu
Organization: Rensselaer Polytechnic Institute, Troy, NY
Lines: 26

In article <6761@pogo.GPID.TEK.COM> curtc@pogo.GPID.TEK.COM (Curtis Charles) writes:
>Back in the good ol' days of card readers, a game we discussed was how
>to obtain passwords.  ...

Reminds me of the Univac 1100 series machine i used in grad school.  Accounts
were tight (student accounts always seem to be tight.) so getting borrowed
accounts was a prime activity (it was considered illegal, but when you
could blow your entire student computing account in a single run, what else
could you do?).  

I discovered that when you asked for memory (or was it disk, or both?) what
you got was not zeroed out.  This meant that you could just keep asking for,
then freeing memory and looking through it for the spots where people had
entered their accounting information.  Since every job started with
a card that looked something like "@run xxx,username,passwd" (or something
similar), it was easy enough just to run through memory looking for 
strings that looked like "@run", then save them and eventually print them
out.  

By the time i figured this out though, i was a TA with essentially unlimited
accounts.  I did try it for amusement sake and in a fifteen minute run managed
to collect somewhere in the neighborhood of a hundred different run cards.


jeff putnam        --  "You never learn anything...
jefu@pawl.rpi.edu  --   ... You just get used to it."