SP Security - http://www.punkz.com 

I have been finding it quite easy to penatrate AppleShare IP servers from 
inside the network. Simply, you get past onguard on any computer in the 
network (usually a tech lab or classroom comptuer hooked up to the 
AppleShare IP server for internet), and then copy the User & Groups Data 
File from the system folder:preferences, and then decrypt it (go to 
www.securemac.com and look into the Mac OS algorithm). Usually there is 
one admin password for all the computers on the network, including the 
main computer (since they are all usually assimilated the same) and once 
you decrypt the user and groups file you should be able to have the admin 
pass or super user pass. Get past onguard again, and use the Chooser to 
connect to the main server (should take a while to find the right server 
on your network, depending on how big it is...) and then you should be 
able to acces the webpage, and all the shared folders/servers from there. 

Once somebody cracks the ASIP Mail passwords then you can acces all the 
mail too. Excellent. It took me about 3 days in all to do this at my 
school. I soon after notified the admin and are thinking about using the 
multiuser feature in mac os 9 instead of onguard. Any ideas or comments 
bout' it? 

see ya 

-izzy 
http://www.punkz.com