Professional Documents
Culture Documents
9x hp3
9x hp3
12
9x Datakit Network
FOR OFFICIAL USE ONLY
This is a 9x system, restricted to authorized persons and for
official 9x business only. Anyone using this system, network or data
is subject to being monitored at any time for system administration and
for identifying unauthorized users or system misuse. Anyone using this
system expressly consents to such monitoring and is advised that any
evidence of criminal activity revealed through such monitoring may be
provided to law enforcement for prosecution.
Author : OneThought
Subject: Hacking the HP3000/MPE Platform
There have been several write ups written in the past about the
MPE operating system and how to hack it. To me many of these are
out of date with the times or havent gone into certin aspects of
the MPE-iX OS. To start this off i am going to shatter the myth
right now that the MPE is a out of date operating system and is
"not worth hacking" a phrase i have heard more then once now a
days. The HP3000/MPE OS is still ideal for a small work place of
10-15 terminals, several of these servers networked together creates
a powerful accounting and work system , Infact the MPE OSes latest
version was released in 1995 (MPE-iX 5.0) and is already being picked
up by several companies. Right now you are asking yourself "Why should
i hack a HP3000?". Besides being a fun system to navigate around, in
many cases HP3000s have some very good information inside of them.
Credit Card #s, Employees personal information, Payroll files are
all kept on HP3000s.
#Finding a HP3000.#
When it comes down to finding a HP3000 your options are limited.
Your best luck will definetly be scanning business exchanges, However
you may also find a few inside the network information system of some
unix boxes on the net. You will know when you have found one by the
MPE XL: Prompt on older MPEs,MPE/iX, or MPE/V. If you are unsure of
one being a HP3000 simply type some random letters at the prompt and
press enter. If it is truely a HP3000 you will get the message
"EXPECTED HELLO COMMAND".
#Getting inside.#
If you are attempting to hack a unsecured HP3000 then factory
defauts will suffice most of the time. The following is a list
of default accounts and some password protected accounts.
ADVMAIL.HPOFFICE
MGR.HPDESK
MGR.ROBLLE
MGR.VESOFT
MGR.WORD
MGR.INTX3
MGR.CAROLIAN
MGR.XLSERVER
MGR.CONV
MGR.HPP187
MGR.HPP189
MGR.HPP189
MGR.HPP196
MGR.HPOFFICE
MGR.CCC
MGR.RJE
MGR.SYS
MGR.ITF3000
MGR.SECURITY
MGR.HPWORD
MGR.TELESUP
MGR.COGNOS
MGR.HPONLY
MGR.NETBASE
MGR.CNAS
MGR.REGO
MAIL.NETBASE
MAIL.MAIL
MAIL.TELESUP
MAIL.HPOFFICE
MAILMAN.HPOFFICE
OPERATOR.SUPPORT
OPERATOR.SYS
OPERATOR.COGNOS
OPERATOR.SYSTEM
OPERATOR.DISC
FIELD.HP
FIELD.HPUNSUP
FIELD.HPWORD
FIELD.SERVICE
FIELD.SUPPORT,PUB
FIELD.HPP187
MANAGER.SYS
MANAGER.COGNOS
MANAGER.HPOFFICE
MANAGER.ITF3000
MANAGER.SECURITY
MANAGER.TCH
SYS.TELESP
WP.HPOFFICE
SPOOLMAN.HPOFFICE
RSBCMON.SYS
PCUSER.SYS
HELLO
MGR
SYS
PUB
When trying account and user names sometimes you will get the
message "ACCOUNT EXISTS, USERNAME DOES NOT". This means that you
have enterd a valid account but not a valid user name. The same
goes for "ACCOUNT/USERNAME EXIST BUT NOT IN HOME GROUP". Here
you must include a valid group name with the login account name
PASSWORD: **
LOC ATTR: $00000000
SECURITY--READ
: ANY
WRITE : ANY
APPEND : ANY
LOCK
: ANY
EXECUTE : ANY
$0055A7BE $2C052855 $04A775F1
$00000000 $00000000 $00000000
Capeability.
SM
AM
AL
GL
DI
OP
NA
NM
SF
ND
UV
CV
CS
PS
LG
PH
DS
MR
PM
IA
BA
System Manager
Account Manager
Account Librarian
Group Librarian
Diagnostician
System Supervisor
Network Administrator
Node Manager
Permanent Files
Access to nonsharable I/O devices
Use Volumes
Create Volumes
Use Communications Subsystem
Programmatic Sessions
User Logging
Process Handling
Extra Data Segments
Multiple RINs
Privilaged mode
Interactive Access
Local Batch Access
Now compare the chart i have just included with what ever
account you have. This will dictate what privilaged commands
you may be able to execute as i will describe later in this file.
#Making yourself an account#
Making yourself an account requires SM or AM access. On some ocasions
you will not be able to make an account with AM access if the System
Manager has modified your account. You will be able to give your new
account equal access as the one you are on when making it.
Case in point:
:NEWUSER
*Delites a user
*Delites a group.
A
A
J
J
J
J
J
J
J
DISC
DISC
DISC
DISC
AVAIL
SPOOLED
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
UNAVAIL
AVAIL
SPOOLED
SPOOLED
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
OWNERSHIP
N/A
N/A
N/A
N/A
SPOOLER OUT
#S8886: 8 FILES
SPOOLER OUT
SPOOLER OUT
VOLID
DEN
ASSOCIATION
110
111
112
113
114
115
116
117
J
J
J
J
J
J
J
J
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
AVAIL
UNAVAIL
AVAIL
#S10041: 8 FILES
This will give you a reference for downloading which i will cover
later.
#Navigating commands around groups and files#
LISTF @
Case in point:
:LISTF @
FILENAME
ABORTEST
ANSTOP
BACKUP
BRW
BRWD3000
BRWEXECO
BRWM000
BRWSTRM
CCMSGCAT
CDSTARTJ
CHRDEF04
CI
COB74XL
COBCAT
COBOLII
ACCTJOBS
ANUTIL
BDLABEL
BRWACCSD
BRWDL000
BRWF000
BRWSD
BRWXL
CDCAT
CDSTOPJ
CHRDEF06
CICAT
COB74XLG
COBCNTL
COBUDC
LISTF @.@
AIFKUF
ASOCTBL
BDLT
BRWAPPD
BRWDLIST
BRWGEND
BRWSDEXT
BUILDINT
CDMGR
CEUDCS
CHRDEF51
CICATERR
COB74XLK
COBEDIT
COMMA
ALOCATEJ
ATCUT000
BDMO
BRWC000
BRWDUSER
BRWJ000
BRWSETUP
BULDACCT
CDMGRSKT
CHRDEF01
CHRDEF56
CKINST
COB85XL
COBMAC
ANSTART
ATCUTIL
BDREPORT
BRWCOMP
BRWEMPTY
BRWL000
BRWSTART
CATALOG
CDSERVER
CHRDEF02
CHRDEF61
CLS1
COB85XLG
COBOL
ANSTAT
AUTOHIST
BDXM
BRWCONV
BRWEXEC
BRWLIST
BRWSTOA
CATTUTIL
CDSRVSKT
CHRDEF03
CHRDEF66
CMSTORE
COB85XLK
COBOL85
Runs a file.
GDEF
GDSCSERVER
GDSRSERVER
GDSLOCKPRINT
GDSRELAY
GFIX
GLTJ
GPRE
GRST
GSEC
GSTAT
ISCINSTALL
QLI
SETINTERBASE
RESETINTERBASE
PLISTF
FINDDIR
FINDFILE
LISTDIR
DISCUSE
SH
HPMPETOHFS
HPLISTFCLEANUP
HPPARSEFEQ
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
SYSTEM
FILESPACE-SECTORS
COUNT
LIMIT
0
**
0
**
CPU-SECONDS
COUNT
LIMIT
2
**
2
**
CONNECT-MINUTES
COUNT
LIMIT
2
**
2
**
10S LP
10S LP
302 302
221 221
10S LP
116 16
20 20
10S LP
117 117
213 213
202 202
214 214
211 211
1:11A
1:11A
1:19A
1:18A
1:11A
9:30P
10:20A
1:11A
1:45A
6:59A
12:53P
4:56P
7:39P
GLPOSTJ,MGR.HPFAS
ARPOSTJ,MGR.HPFAS
LDEV220,PRINT.SPI
LDEV221,FORM1.SPI
APPOSTJ,MGR.HPFAS
MGR.RJE
CONSOLE,OPERATOR.SYS
MAXSTART,MGR.HPFAS
SPIM1.SPI
MIS,MGR.HPFAS
PRINT1.SPI
MSPENCE.SPI
SUPV.SPI
13 JOBS:
0 INTRO
0 WAIT; INCL 0 DEFERRED
13 EXEC; INCL 9 SESSIONS
0 SUSP
JOBFENCE= 7; JLIMIT= 8; SLIMIT= 30
CURRENT: 6/28/96 21:44
JOBNUM STATE IPRI JIN JLIST
#J11607
#J11602
#J11603
#J11605
#J11608
#J11639
#J11642
#J11866
#J10694
#J11885
#J11886
#J11636
#J11892
#J10720
#J6568
#J11884
#J11889
#J11890
#J11891
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
SCHED
8
8
8
8
8
8
8
8
8
8
8
1
1
8
8
1
1
1
1
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
10S
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
LP
SCHEDULED-INTRO
6/28/96
6/28/96
6/28/96
6/28/96
6/29/96
6/29/96
6/29/96
6/29/96
6/29/96
6/29/96
6/29/96
6/30/96
6/30/96
7/ 1/96
7/ 1/96
7/ 1/96
7/ 1/96
7/ 1/96
7/ 5/96
22:15
23:27
23:30
23:35
0:30
5:00
7:00
16:00
17:00
18:00
19:30
4:00
4:00
0:00
6:30
17:15
20:00
20:10
20:15
JOB NAME
FOBACKUP,MGR.SPI
PSI0560J,MGR.SPI
CPMNT2AJ,MGR.SPI
PSI0560J,MGR.SPI
SPIOFF,MGR.SPI
PSI0890,MGR.SPI
SLHCHCKJ,MGR.SPI
UOMCHCKJ,MGR.SPI
CAPCHCKJ,MGR.SPI
NEWPRCEJ,MGR.SPI
ORDERSJ,MGR.SPI
VENDLIST,MGR.HPFAS
VENDLIST,MGR.HPFAS
WEEKINV,MGR.SPI
DOWNTBJ,MGR.SPI
BPOSTAR,MGR.HPFAS
BPOSTAP,MGR.HPFAS
BPOSTGL,MGR.HPFAS
AUDITRPJ,MGR.HPFAS
19 SCHEDULED JOB(S)
Commands that you wont want to use..
SHOWTIME
TELLOP <message>
Messages Operator.
SETMSG ON/OFF
porting of unix to MPE systems you should expect to see these systems
for a few more decades. Greets to Black IC for his VESOFT write up
and to The Underground Consortium for their Hewlet Packard support.