- VCF South West - June 14 - 16, Davidson-Gundy Alumni Center at University of Texas at Dallas
- VCF West - Aug 2 - 3, Computer History Museum, Mountain View, CA
- VCF Midwest - Sept 7 - 8 2024, Schaumburg, IL
- VCF SoCal - Mid February 2025, Location TBD, Southern CA
- VCF East - April 2025, Infoage Museum, Wall NJ
-
Please review our updated Terms and Rules here
Found an old Linux hard drive
- Thread starter Robbbert
- Start date
Robbbert
Experienced Member
- Joined
- Jan 10, 2019
- Messages
- 448
I needed to go back to that area of the cupboard, so I set this up again.
@Chuck(G)
The var folder is empty
ls -l boot shows grub, vmlinux, vmlinuz, system.map, and boot -> .
I learned about the /etc/passwd file (even though it doesn't contain passwords), and it has a whole bunch of system accounts, their home folders and the shell. The list of /home has a few of those same accounts. Most of the system accounts have their homes in the /var folder, even though it is empty.
@Caluser
Somehow I missed your post yesterday. As for how I got around the user login, it was 7 years ago, I didn't write it down, and I've lived my whole life with a really bad memory, I don't remember. All I can say is when faced with the problem I googled it, a page was found, I followed the instructions (I think bash was involved), and it worked. I was under the impression that unix-based systems were secure and I'd never get in, but for a person such as myself who knows nothing at all about it, the procedure was pretty easy. I just hope that the loophole has since been closed.
@Chuck(G)
The var folder is empty
ls -l boot shows grub, vmlinux, vmlinuz, system.map, and boot -> .
I learned about the /etc/passwd file (even though it doesn't contain passwords), and it has a whole bunch of system accounts, their home folders and the shell. The list of /home has a few of those same accounts. Most of the system accounts have their homes in the /var folder, even though it is empty.
@Caluser
Somehow I missed your post yesterday. As for how I got around the user login, it was 7 years ago, I didn't write it down, and I've lived my whole life with a really bad memory, I don't remember. All I can say is when faced with the problem I googled it, a page was found, I followed the instructions (I think bash was involved), and it worked. I was under the impression that unix-based systems were secure and I'd never get in, but for a person such as myself who knows nothing at all about it, the procedure was pretty easy. I just hope that the loophole has since been closed.
Caluser2000
Banned
Thank you. I know what you mean by not remembering things that happened years ago
Robbbert
Experienced Member
- Joined
- Jan 10, 2019
- Messages
- 448
The reason I had to go back to that cupboard is I wanted to get a spare HD so I could un-ghost an old windows 95 install. To do ghosting from back then you have to have a floppy disk. Under the floppy disks was some paper, and one of those papers has some stuff about unix. So this might be the procedure.
I won't spell it all out, as i assume that hacking isn't allowed here, but there's instructions for Red Hat, Fedora, and Ubuntu. Basically you need the boot menu, and from there you could place the system into 'single', and then you could reset the password of root. After rebooting, you're in. Fedora was a bit more complex, you had to add a shell to bash into the installation file.
Hopefully that makes sense to a unix expert such as yourselves. I figure you guys probably already know all that stuff anyway.
The other thing I found is when the PC-DOS is starting up, hitting Shift stops the autoexec from running. Looking into it, there's supposed to be a PC-DOS boot menu for different kinds of linux boot (they all use vmlinuz). The menu was supposed to be in C:\TOOLS, but that folder is missing, so it goes straight into the default. In all choices the linux file system is read-only, so I wouldn't have been able to set up a network anyway.
I won't spell it all out, as i assume that hacking isn't allowed here, but there's instructions for Red Hat, Fedora, and Ubuntu. Basically you need the boot menu, and from there you could place the system into 'single', and then you could reset the password of root. After rebooting, you're in. Fedora was a bit more complex, you had to add a shell to bash into the installation file.
Hopefully that makes sense to a unix expert such as yourselves. I figure you guys probably already know all that stuff anyway.
The other thing I found is when the PC-DOS is starting up, hitting Shift stops the autoexec from running. Looking into it, there's supposed to be a PC-DOS boot menu for different kinds of linux boot (they all use vmlinuz). The menu was supposed to be in C:\TOOLS, but that folder is missing, so it goes straight into the default. In all choices the linux file system is read-only, so I wouldn't have been able to set up a network anyway.
Caluser2000
Banned
It's not hacking Linux single mode is what I mentioned earlier.It is well documented. As is every other aspect off Linux You do similar in MacOS to reset the system.
The fire system can be accessed if you mount the hdd and change its attributes to read and write which can be done in Linux single mode. Again a well documented procedure...
The fire system can be accessed if you mount the hdd and change its attributes to read and write which can be done in Linux single mode. Again a well documented procedure...
Last edited:
Chuck(G)
25k Member
/var should at least contain a subdirectory called "log". Inside of that, there would be a text file, usually, called something like "messages" or "syslog"--and that shouldl tell you what your system is. The "mail" subdirectory might also give a hint.
Caluser2000
Banned
If the hdd had an OS I wasn't interested it would be wiped and the preferable one installed immediately like I've done on this HP Z230. The Win-virus is completely gone
Chuck(G)
25k Member
What we know so far about this Linux File System mystery:
Therefore, things that are immediately understandable to any Linux user will probably seem like gibberish to Robbb and any other non-Linux users reading this. I thought I'd explain some things as I go through what data has been given so far. At the very least it should help him to see what troubleshooting has been done and help get him to thinking about the problem.
uname prints out general details about the system it's run on, like CPU and OS version.
The -a is the option switch which makes uname list everything it knows how to detect. Other switches can be used to show only specific pieces of this data.
In this case:
Kernel Release (or OS version in DOS/Windows lingo): 2.4.19-4GB-SMP
Kernel Version (or OS build): #1 SMP Tue Apr 12 23:51:32 UTC 2005
Machine (or CPU Type): i686
The system is setup to interact with Netware and Appletalk LANs.
Single user mode is similar to Windows safe-mode in that it disables any other users from logging in and logs in to the system administrator's account through the monitor and keyboard. In Unix/Linux, the user of this account is normally called either the superuser or the root user. You have complete control over the system and can perform all maintenance tasks. Since you "forced your way in" to this account, you may have bypassed some of the standard setup routines that the system uses to set everything up correctly/normally.
This indicates that PC-DOS is being used to boot up the computer, possibly with DOS device drivers needed to use certain peripherals that Linux, at the time, might not have had drivers for and then boot into Linux so that it can use the loaded drivers.
This looks to be a basic path for maintenance mode. You should have access to the standard software at least. It also shows that the system should have the "X Windows" GUI installed.
The fact that Caldera shows up in the ifconfig report, doesn't necessarily mean this is a Caldera distro, but the kernel release is 2.4.19 or a 2.x kernel. The 2.4 kernel revison 19 to be exact.
grub is a standard boot loader used in Linux. It appears to be the one used for this HDD.
Having direct access to any Linux or Windows system makes it vulnerable. Security really only protects a system from outside attacks. If you can access the system's BIOS menu, you can change which drive the system boots from. Once that's possible, security is not that hard to bypass.
Again, single mode puts you in the root user account. Since you are the root user at that point, of course you can change/reset your (the root) password.
vmlinuz is like IBMBIO.COM & IBMDOS.COM or IO.SYS & MSDOS.SYS. It's the first piece of software that has to load before Linux starts any other processes.
Having the file system set to read-only in all choices really indicates that there should be another drive or partition accessible to Linux when it boots, or that what you're accessing is only for troubleshooting/maintenance. Linux has several directories used for editable files, logs, and temporary storage in its standard file system tree. If the file system is RO, then there is no place to store the changeable data and the system won't be able to function normally.
Unlike Windows, Linux doesn't separate partitions into different "drives" but instead links all partitions, no matter which physical device they are on, into one directory tree. The fact that a directory like /var is empty, for example, suggests that another partition is linked into the directory tree there. (This is called "mounting" and done with the mount command.) It could be that this file system was split into a static partition that is always read-only and a dynamic partition for files that need to have read/write access.
Since you are new to Linux, I'd first suggest installing this HDD as a secondary drive in a computer that you can boot up in Windows or DOS and run FDISK to see what partitions it has. If there are any "unknown" partitions they are probably the Linux partitions. But it's also possible that, this being an old 2.4 kernel installation, it was installed within a DOS partition as a subdirectory or a large file. In those cases you might be able to see all the Linux files using DOS/Windows to look into the subdirectory or you'll see one large file that stores the entire file system kind of like the way a zip file contains multiple files.
It's still quite possible you can use the Linux on this drive to set up a network, if you still want to. The file system being set to read-only doesn't prevent that since you can "splice in" a read/writable partition or change the access mode to read-write.
Therefore, things that are immediately understandable to any Linux user will probably seem like gibberish to Robbb and any other non-Linux users reading this. I thought I'd explain some things as I go through what data has been given so far. At the very least it should help him to see what troubleshooting has been done and help get him to thinking about the problem.
uname prints out general details about the system it's run on, like CPU and OS version.
The -a is the option switch which makes uname list everything it knows how to detect. Other switches can be used to show only specific pieces of this data.
In this case:
Kernel Release (or OS version in DOS/Windows lingo): 2.4.19-4GB-SMP
Kernel Version (or OS build): #1 SMP Tue Apr 12 23:51:32 UTC 2005
Machine (or CPU Type): i686
The system is setup to interact with Netware and Appletalk LANs.
Single user mode is similar to Windows safe-mode in that it disables any other users from logging in and logs in to the system administrator's account through the monitor and keyboard. In Unix/Linux, the user of this account is normally called either the superuser or the root user. You have complete control over the system and can perform all maintenance tasks. Since you "forced your way in" to this account, you may have bypassed some of the standard setup routines that the system uses to set everything up correctly/normally.
This indicates that PC-DOS is being used to boot up the computer, possibly with DOS device drivers needed to use certain peripherals that Linux, at the time, might not have had drivers for and then boot into Linux so that it can use the loaded drivers.
This looks to be a basic path for maintenance mode. You should have access to the standard software at least. It also shows that the system should have the "X Windows" GUI installed.
The fact that Caldera shows up in the ifconfig report, doesn't necessarily mean this is a Caldera distro, but the kernel release is 2.4.19 or a 2.x kernel. The 2.4 kernel revison 19 to be exact.
grub is a standard boot loader used in Linux. It appears to be the one used for this HDD.
Having direct access to any Linux or Windows system makes it vulnerable. Security really only protects a system from outside attacks. If you can access the system's BIOS menu, you can change which drive the system boots from. Once that's possible, security is not that hard to bypass.
Again, single mode puts you in the root user account. Since you are the root user at that point, of course you can change/reset your (the root) password.
vmlinuz is like IBMBIO.COM & IBMDOS.COM or IO.SYS & MSDOS.SYS. It's the first piece of software that has to load before Linux starts any other processes.
Having the file system set to read-only in all choices really indicates that there should be another drive or partition accessible to Linux when it boots, or that what you're accessing is only for troubleshooting/maintenance. Linux has several directories used for editable files, logs, and temporary storage in its standard file system tree. If the file system is RO, then there is no place to store the changeable data and the system won't be able to function normally.
Unlike Windows, Linux doesn't separate partitions into different "drives" but instead links all partitions, no matter which physical device they are on, into one directory tree. The fact that a directory like /var is empty, for example, suggests that another partition is linked into the directory tree there. (This is called "mounting" and done with the mount command.) It could be that this file system was split into a static partition that is always read-only and a dynamic partition for files that need to have read/write access.
Since you are new to Linux, I'd first suggest installing this HDD as a secondary drive in a computer that you can boot up in Windows or DOS and run FDISK to see what partitions it has. If there are any "unknown" partitions they are probably the Linux partitions. But it's also possible that, this being an old 2.4 kernel installation, it was installed within a DOS partition as a subdirectory or a large file. In those cases you might be able to see all the Linux files using DOS/Windows to look into the subdirectory or you'll see one large file that stores the entire file system kind of like the way a zip file contains multiple files.
It's still quite possible you can use the Linux on this drive to set up a network, if you still want to. The file system being set to read-only doesn't prevent that since you can "splice in" a read/writable partition or change the access mode to read-write.
In case you're still interested in this, I noticed in the photo attached to this post that there are a number of partitions - to transcribe what I can see:
hda: [PTBL] [4865/255/63] hda1 hda2 hda3 < hda5 hda6 hda7I think that means hda3 is an extended partition (it contains hda5 and onward), meaning the actual partitions that might contain data are hda1, hda2, hda5, hda6 and hda7. Probably one is a Linux swap partition (not guaranteed to exist, but it's pretty typical to have one), one is a DOS partition (not that that's a given for a Linux system but from what you said there seems to be DOS installed on this system), one is the Linux filesystem you've looked at, and then there are probably at least two more, and since the entire output isn't visible, there might be a hda8 too. If you run
fdisk -l /dev/hda or /sbin/fdisk -l /dev/hda you might get a list of the partitions and their sizes and types (which hopefully hint at what filesystem is installed, but that isn't always the case).