Default password for Pick system on an AT?

Jay West jwest at classiccmp.org
Wed Jun 15 15:53:18 CDT 2005 

Richard wrote...
> I recently acquired an IBM PC-AT 5170, and it is running Pick.  When
> it boots up, there are some startup messages, then a banner:
Awesome... soon you'll be a Pick addict :) I've dealt with a *LOT* of 
different versions of BASIC, and IMHO I've never found a BASIC nearly as 
nice as Pick BASIC. Not even close.

> THE PICK SYSTEM
> PC-AT VER 2.1 of 26 Mar 87
>
> Then, there is a "Logon" prompt.  I have no idea what the correct
> login is, and I am not the original owner (nor is the person I got the
> system from).
The classic "superuser" account on all pick systems is SYSPROG try logging 
in with that. By default, there was no password. However, it was extremely 
common to password protect that even in tiny shops. If it's a late version 
of pick (doubtful), use DM (which should be just a Q-account to SYSPROG). 
Note, most Picks the login was typically all upper case.

> Is there some default login?  Google didn't seem to be of much
> help....  I tried obvious things like "pick", "login", "user", etc
> .... Even tried mixed-case, and all uppercase.... no joy :-(
>
> Thanks for any help in advance....
There was a way to break in the system. I'm going from foggy memory... as I 
recall, I would log on to an account that wasn't supposed to be logged in to 
(not from a security standpoint, there were some data repositories in pick 
that they typically set up as an account but weren't really valid accounts). 
However, you could log in to them. I seem to recall ERRMSG account, perhaps 
BLOCK-LETTERS. Once you logged in, since these weren't really "accounts" you 
had little or no valid master dictionary (ie. no commands). BUT... you could 
at least use the break key then to get into the system debugger. Once there, 
you could calculate the system base frame and start from there, tracking 
down to the SYSTEM file (where users were kept). The data bytes in a raw 
frame for the sysprog account were obvious :) On older systems, before they 
hashed passwords, you could see the password for SYSPROG in plain text. On 
newer systems, it was a hash. However, you could generate a known hash on a 
different machine and then just patch that hash in place of the current 
hash. Then log out from the debugger and log into SYSPROG.

I am quite sure the above is basically correct, however time may have made 
parts of the above fuzzy. If you have no success with any of the above, give 
me a shout and I'll dig up the necessary manuals and get you broken in.

Regards,

Jay West

More information about the cctalk mailing list