[pingywon]

Login: 3comcso
Password:  RIP000

...remember it!


I looove 3com SuperStack II switches. Yes they are only 10 megs, but you can get them off ebay so cheap it isnt even funny. I buy them and use them alot for when I do DVR security cam installs. The cams are only 10 meg and the Superstack has a 100 meg uplink ..... plus it is a cool looking piece of equpiment.


...so the story goes .. I got my most recent SuperStack II Switch 1100 off of ebay, Couldnt get it working and I thought I got beat for my $ , but thats another story.

So I console in to this thing via Null modem cable and go to log in.

I always have a problem getting in as the password is never defaulted (these normally come out of working environments).

Most people change the Admin accnt and pass, but they normally forget about the "security" user (which is sctually a higher user then the admin ...but we wont go into that either.

So the u/n and p/w security normally get me in to reset the admin accnt.

well this time it didnt work .....so I google for 3com passwords and of course GSO is at the top of the google list :)

SEE FOR YOURSELF

Well that link didnt tell me too much I didnt already know about 3com SS II passwords. I did a little more digging and found this one

Login: 3comcso
Password:  RIP000

..not a login persay - but actually one better - this is a master switch reset accnt!!

you use this user name and pass and all the switch asks you is

Do you want to re-initialize this device (y/n) [n]: y

so you say yes and your back to the day you bought it .......just thought that was pretty simple and amazing lil hole in 3com Super Stacks that I wasn't aware of before

GSO should add that u/n and p/w to thier archive ;)

[packet]

A few different devices out there have this backdoor reset, in Netscreen firewalls if you put in the serial number as both username and password it will reset the box. Although you can disable the backdoor account as a hidden option in the command line.

Thanks for the user/pw though, if I ever come across a 3com superstack II and for some odd reason actually decide to use it instead of chucking it in the trash it'll come in handy. Keep in mind that I have a Cisco 5500 as a coffee table at work. :)

--P>G>>

[pingywon]

If the device could be reset by only using that devices serial - then unless you obviously have physical access - you could call that "secure"

but the fact that there is a actually master pass for a seres of switches ...that is kind of scarry - excpecially in its day


On 3coms site - they said you need to ship it to them to have factory settings reset - HA



And just for the record - I get to play with all kinds of cool stuff at work too - when it comes to the home -thats where my budget is a lil tight.

its not that they are the greatest piece of equpiment out there - but if you actually look at the prices they sell for on ebay - it just down right silly.

...make no mistake I much rather have a 2950 ;)

[SteveW]

Packet, wish I had your coffee table. LOL. I avoid 3com gear like the plague, but I appreciate the information. You never know when a little tidbit like that will come in handy.

[0X86F4]

Did you try to use the users security/security or monitor/monitor?

Unless password recovery is explicitly disabled on the device you can always reset the admin pass. Just type user recover pass recover and unplug the device.