Just looked a bit closer. The user ID is ADCDMST. If it's a legit system, the ADCDMST user id has SYS1, RACF special and could be the supplied default password was in use. Strongly suspect it's a bootleg system.
On Tue, Dec 10, 2013 at 6:05 AM, Wayne Bickerdike <[email protected]> wrote: > Almost certainly a bootleg z/OS 1.10 running on Hercules. ADCD > distribution. The ADCD build has a documented IBMUSER/password combination. > The IP address used is a clue too. Very amateurish.... > > Someone put an ADCD z/OS 1.10 on a torrent a few years ago so it's > probably a copy of that. > > > On Tue, Dec 10, 2013 at 5:55 AM, Phil Smith <[email protected]> wrote: > >> One of our folks sent me this YouTube video of a presentation from >> BayThreat. Metasploit allegedly used to compromise a z/OS machine. Looks >> like it uses ftp and a legit user credential to maybe escalate privileges, >> but not clear. No sound on the video (~ 3 mins). >> >> http://www.youtube.com/watch?v=hTfgFSbvkHU >> >> Thoughts? I suspect this is either BS or is based on a vanilla system >> with no ESM. >> >> ...phsiii >> >> ---------------------------------------------------------------------- >> For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to [email protected] with the message: INFO IBM-MAIN >> > > > > -- > Wayne V. Bickerdike > > -- Wayne V. Bickerdike ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
