I had this experience with a Tadpole N40, running AIX 3. I simply DD'ed the drive, took the image... $ strings aix-machine.img | grep root: ...to get the password line.
Dump that into a passwd file and run john (the password cracker utility) on it for a couple days. I don't think Linux can mount the early AIX filesystems directly. On Thu, Feb 1, 2018 at 8:24 PM, r.stricklin via cctalk < [email protected]> wrote: > > On Feb 1, 2018, at 7:28 PM, Tapley, Mark via cctech wrote: > > >> Image the hard drive off to a raw file using a linux host with a SCSI > HBA? > >> > >> Once that is done, it might be possible to run a hex editor against the > hard drive (one that doesn't copy the contents into RAM) and then search > for the password file. From there you can copy the des hash and use rainbow > tables / wordfiles to crack it or replace it with a known DES hash? > > You don't need to do any of these things. > > > Update, I did locate a CD saying “AIX V4.2.1 for 5765-C34” and this URL: > > All you need is this disk. You can boot it, and use it to start a > maintenance shell, from which you can mount the root filesystem and edit > the password file(s) directly. The procedure you found will get you there, > easily. > > ok > bear. > > > -- > until further notice > > -- Ian Finder (206) 395-MIPS [email protected]
