Ghost in the Wires_ My Adventures as the World's Most Wanted Hacker - Kevin Mitnick [166]
It worked just as I had expected. The root password was “OMGna!” Oh my God—no dictionary words, and with the exclamation mark thrown in to make guessing it that much more difficult.
The same root password worked on every other server I tried it on. Having that password was like having the keys to the kingdom, at least for Intermetrics’ internal network.
At this point, I logged in to “inmet.com,” which was the company’s domain used for receiving email from the outside world. I downloaded a copy of the master password file (which also contained the password hashes) so I could attempt to crack all the passwords offline.
Now I was in position to search emails looking for people who had been in contact with Motorola. My first lead was an email to an Intermetrics engineer named Marty Stolz, who had received a message from someone at Motorola explaining a problem they were having with the compiler. I hacked into Stolz’s workstation and examined his “shell history,” which showed a list of commands he had previously typed. He had run a particular program, a “shell script” called “makeprod,” which he had used to build compiler products that the company developed. In this case, I wanted the 68HC11 compiler so I could compile the Motorola source code for the MicroTAC Ultra Lite.
The engineer who wrote the script had also included detailed comments in his source code that led me to the location where the software developers kept the production releases of the Motorola chip compiler for various operating system platforms.
Along the way, I found that Intermetrics was producing this compiler in versions for several different OS platforms, including Apollo, SunOS, VMS, and Unix. Yet when I examined the server where all these compiler versions were supposed to be, not one of them was there. I spent hours searching other file servers and developer workstations, but the compilers weren’t there, either—not the source code, nor the binaries. Strange.
I checked the “aliases” file, which listed where incoming emails for particular individuals and workgroups were to be forwarded. By examining that file, I was able to identify which employees were associated with which departments, and found the name of a company employee in Washington, David Burton.
Time for a little social engineering. I called Marty Stolz, introduced myself with David’s name, and said, “I have a major customer demo tomorrow morning, and I can’t find the compiler for the 68HC11 on the server that stores product releases. I’ve got an old version, but I need the latest version.”
He asked me a few questions—what department I was in, my location, the name of my manager, and so on. Then he said, “Listen, I’m going to tell you something, but you have to keep it a secret.”
What could he be talking about?
“I won’t tell anybody,”
In a half whisper, he said, “The FBI called us and told us there’s a guy who will probably be targeting us—a superhacker who broke into Motorola and stole their source code. They think this guy is gonna want a compiler for the Motorola code, and he’s gonna target us next!”
So the Feds had figured out I’d want the compiler, and they’d called Intermetrics to head me off? Hey, I had to give them some credit: that was good thinking.
“He broke into the CIA and got Level Three access,” Marty was telling me. “Nobody can stop this guy! He’s always one step ahead of the FBI.”
“Unbelievable—you’re putting me on! Sounds like that kid in WarGames.”
“Listen, the FBI told us we better take those compilers offline, or he’ll get to them for sure.”
I blinked. After I got the Motorola code, it had taken me a few days even to come