When reading the title I literally thought someone managed to break into asos.com (the clothing store) as the branding itself is also in capital letters and everything.
Or even find the /etc/shadow contents in the hexeditor and empty the root password field. Searching for "root:" usually gets you to the right place.
Most *nix systems are happy if you pad the left over bytes with newlines, so there's no need to mess with the filesystem metadata or anything like that. :D
The link for the option goes to a page that talks about editing /etc/default/boot, that's why I thought maybe it could be found with a hex editor on the disk image :)
It used to be a common thing to recompile, at least partially, the kernel image for your specific deployment, instead of having what some called "table-driven OS".
Ultimately I say I prefer today's modular linux, though ZFS module allowing editing of parameters after boot pushes it a bit further :D
I wonder how secure it would be to put some ancient super obscure system on the internet these days. Ideally with a CPU with an obscure instruction set.
All standard exploits would fail. Just make sure you don't have a shell escape, shell commands would work of course.
> Basically, you’re either dealing with Mossad or not-Mossad.
Applied here: your system would be quite secure because most attacks are just automated robots trying a known set of exploits. The moment someone actually takes a shine to you, you are doomed as the system will be absolutely rife with all sorts of secholes which can be figured out by obtaining a copy and running a modern fuzzer against it.
We follow the same train of thought, on SSE I suggested using a Sunfire machine to examine unknown USB sticks for similar reasons -- even if someone tries to espionage on a company, the chances of them creating a malicious stick which works an exploit on an ancient SPARC machine is extremely small https://security.stackexchange.com/a/103192/2429
Sunfire, DEC AlphaStation, SGI Fuel, iMac G3... the list is probably not endless because USB only appeared at the tail end of non-x86 desktop availability, still it's not a small list. Various routers as well...
Back when I worked with such things, THEOS was one of those ancient-ish obscure OSes. It was used to run a multi-user veterinary clinic management package.
I actually quite liked it - it had a feature mix reminiscent of VMS, DOS and UNIX.
/etc/shadow was a thing on SCO Unixen as far back as 1991, to the best of my memory (and maybe sooner -- but not Xenix, which was System 7 based and discontinued after 1991).
Interesting that the passwd file contains actual users; I wonder if that's actual users of the appliance, or developers who weren't pruned when they shipped the image.
