Jump to content


Photo
* * * * * 1 votes

Lanschool v7.2


  • Please log in to reply
146 replies to this topic

#141 TuX^

TuX^

    Hak5 Fan +

  • Active Members
  • PipPipPip
  • 56 posts
  • Gender:Male
  • Location:United Kingdom

Posted 13 May 2011 - 04:56 AM

Lyzon, that's awesome!

One of our clients at work is a training provider and need to keep control of students. They've just opened an IT academy so we need to tighten the network security a bit more.

We were testing LanSchool at work and my colleague just wouldn't stop bugging me with it. He used Psexec to install it on my machine, silently. I found the Student.exe at the root of my C: Drive and deleted it (bad idea, I would later find out) so I couldn't uninstall it. The only way I could get rid of it was to boot into safe mode and delete the folder it creates in Program Files. Messy, I know.

Thanks again,

TuX^
Support the movement - www.hackingisnotacrime.org

#142 Snuupy

Snuupy

    Hackling

  • Active Members
  • Pip
  • 15 posts

Posted 11 November 2011 - 10:58 PM

Hey guys.

I've been tinkering with my school comps for a year, and surprisingly, all my tech teachers are super interested (or they couldn't care less) in how I could fix this problem, since I'm not running around and crashing every computer I see. They run LanSchool 7.0.0.3, along with DeepFreeze, and they have a server which intercepts all traffic with the M86 Web Filter. Our firewall blocks off every open port except 80, 443 (SSL), and 796 (LanSchool). They have also disabled right clicking. (Bastards, I need to create a new folder.)

The DeepFreeze application is server sided, and so are our desktops and Windows XP profile settings. I found h2oh4x!'s LanSchool Killer application extremely useful, and unplugging the LAN cable from the computers useful in making LanSchool nonresponsive.

What I've found is that student.exe loads AFTER you log on the windows prompt. This means that the moment you log on, you can disconnect the LAN cable, making it a hard disk boot (instead of a defaulted network boot). I had to do this because they locked the BIOS so that you couldn't change the boot settings, so I had to force it to boot to Windows XP on the hard drive. However, you still can't access the lskdata.bin files (keylog files). The thing about this is that my school's LanSchool Teacher application is limited to viewing ONLY the classroom they're programmed on, and not anyone else. Because of the unplugging of the LAN cable, the computer boots from the default settings, including the default LanSchool settings. Although the student.exe is running, the teacher inside the class (or any other teacher account, for that matter), can't see you on the list of active computers. This also works if the teacher has limited USB drives, printing, web access, or any other restriction, as long as you pull out (the LAN cable, you gross bastards!) before the command to blank the screen/USB drives/printing is sent out by the teacher.

Just for safety, I always run h2oh4x!'s LSKiller ;)

Hope this helps someone out from a teacher abusing LanSchool.

Also, I'm looking for the LanSchool decrypter files. If /anyone/ has them, please message me or let me know. I'm really interested in learning more about how my school network is built and configured.

Thanks,
Snuupy

#143 Lavanoid

Lavanoid

    Hak5 Fan +

  • Active Members
  • PipPipPip
  • 52 posts
  • Gender:Male
  • Location:United Kingdom
  • Interests:Networks, WiFi, Raspberry PI, Android, Linux, ARP Spoofing, DS Game ROM dumping and editing game save data such as Pokemon (Doesn't apply to the Nintendo 3DS), Custom hardware, DDWRT on routers, Hacking AR drones with DD-WRT enabled routers that have telnet enabled, killing peoples internet connection, crashing websites and injecting custom code.

Posted 28 December 2012 - 04:13 PM

Hi!

I know I'm really late on the Lanschool topic but I decided to let one of my secrets out. I am one of the deadly hackers at my school. I have access to every ones files from my phone (Including the teachers) through the SMB server which can be accessed with SMB compatible file managers for Android. I also have the school wifi password so thats how I connect to their SMB share with my phone. Anyway, over a year ago, I was looking through the Administrators files and I found the LanSchool Utilities folder and it contained Windows executables that communicate with LanSchool. One of them was "SwitchToTeacher.exe" and this obviously switches you to a teacher. But, when the Administrator installs LanSchool, he selects install Student so there for, C:\Program Files\LanSchool\Teacher.exe does not exist. So since I have the full LanSchool 7.0.0.7 installation program as well (I don't have 7.2 :-/) I copied the Teacher.exe from my computer to my desktop folder. Then, I created a batch script that would execute SwitchToTeacher.exe then execute Teacher.exe. This way, you are now a Teacher. I had control over all the students in the class. Lol. And if you go on options then Network and select Multiple channels, you can have control of all the computers with LanSchool installed by entering all the channel numbers (1,2,3,4,5,6 etc). I compiled the batch file into a executable with the external files integrated. I named it ExStudent because you are not going to have the Student program running anymore. The download link to it is: **Link Removed** Let me know if it works for you. It certainly worked for me :)

Edited by Mr-Protocol, 28 December 2012 - 06:03 PM.
Unsafe link removed.


#144 digip

digip

    -we're all just neophytes-

  • Active Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 7,653 posts
  • Gender:Male
  • Location:RnVjayBPZmYh 192.168.100.1

Posted 28 December 2012 - 04:37 PM

Hi!

I know I'm really late on the Lanschool topic but I decided to let one of my secrets out. I am one of the deadly hackers at my school. I have access to every ones files from my phone (Including the teachers) through the SMB server which can be accessed with SMB compatible file managers for Android. I also have the school wifi password so thats how I connect to their SMB share with my phone. Anyway, over a year ago, I was looking through the Administrators files and I found the LanSchool Utilities folder and it contained Windows executables that communicate with LanSchool. One of them was "SwitchToTeacher.exe" and this obviously switches you to a teacher. But, when the Administrator installs LanSchool, he selects install Student so there for, C:\Program Files\LanSchool\Teacher.exe does not exist. So since I have the full LanSchool 7.0.0.7 installation program as well (I don't have 7.2 :-/) I copied the Teacher.exe from my computer to my desktop folder. Then, I created a batch script that would execute SwitchToTeacher.exe then execute Teacher.exe. This way, you are now a Teacher. I had control over all the students in the class. Lol. And if you go on options then Network and select Multiple channels, you can have control of all the computers with LanSchool installed by entering all the channel numbers (1,2,3,4,5,6 etc). I compiled the batch file into a executable with the external files integrated. I named it ExStudent because you are not going to have the Student program running anymore. The download link to it is: **Link Removed** Let me know if it works for you. It certainly worked for me :)

Does it also try to call all your bat scripts to own someones computer too? https://www.google.c..._pw.r_qf.&cad=b



STRINGTABLE
LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL
{
65424, "BAT"
65425, "DATA"
65426, "FILES"
65427, "@shift"
65428, "This application created with Unregistered version of Quick Batch File Compiler. \nPlease register your copy to remove this window.\nVisit hxxp://www. abyssmedia. com for more info."
65429, "Demo Version"
65430, "cmd.exe /c "
65431, "command.com /c "
65432, "cmdln"
}

Edited by Mr-Protocol, 28 December 2012 - 06:04 PM.
Unsafe Link Removed

@xxdigipxx http://www.attack-scanner.com/ | I'm the resident dick around here, or so I am told. Don't take it personally, I just give a shit too much sometimes. respect to all, its the Internet, don't take it to heart.
"Staying quiet doesn't mean I have nothing to say, it means I don't think you're ready to hear my thoughts..."

#145 Pwnd2Pwnr

Pwnd2Pwnr

    Hak5 Ninja

  • Active Members
  • PipPipPipPipPipPipPip
  • 599 posts
  • Gender:Male
  • Location:Michigan
  • Interests:Arduino, Tech, Internet Policy, Development, Learning.

Posted 29 December 2012 - 07:15 AM

What was the link to? Is this calculated spam?

#146 digip

digip

    -we're all just neophytes-

  • Active Members
  • PipPipPipPipPipPipPipPipPipPipPipPip
  • 7,653 posts
  • Gender:Male
  • Location:RnVjayBPZmYh 192.168.100.1

Posted 29 December 2012 - 07:20 AM

What was the link to? Is this calculated spam?

It was a trojaned executable that backdoors a PC, most likely something he compiled himself.

https://www.virustot...a8879/analysis/

http://anubis.isecla...d5d51e66897a076

Edited by digip, 29 December 2012 - 07:38 AM.

@xxdigipxx http://www.attack-scanner.com/ | I'm the resident dick around here, or so I am told. Don't take it personally, I just give a shit too much sometimes. respect to all, its the Internet, don't take it to heart.
"Staying quiet doesn't mean I have nothing to say, it means I don't think you're ready to hear my thoughts..."

#147 GuardMoony

GuardMoony

    Hak5 Zombie

  • Active Members
  • PipPipPipPipPip
  • 185 posts

Posted 29 December 2012 - 09:53 AM

A first time poster with blank stuff posting a link to a executable on a hackers forum. hmmm what could that be?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users