What is the bindery backdoor in Netware 4.x?
In developing Pandora, I discovered that the first user object in an NDS tree is a bindery object called Supervisor. This object gets its password set during install. To login, simply use the account name Supervisor. Early versions of DS.NLM do NOT assign a property to this object to even ALLOW you to set up Intruder Detection! Using the Intruder utility with Pandora v3.0, you can specifically attack this user account. Once logged in most administrative tools will not see it. An administrator cannot delete this account because an administrator cannot get to this account to delete it from NetAdmin or NwAdmin. Bindery context is not required to use this object. If an administrator creates a regular NDS account called Supervisor, this will defeat access to this object. For more information on this, check out http://www.nmrc.org/project/pandora/inside.html.