Snuupy

Hey guys. I've been tinkering with my school comps for a year, and surprisingly, all my tech teachers are super interested (or they couldn't care less) in how I could fix this problem, since I'm not running around and crashing every computer I see. They run LanSchool 7.0.0.3, along with DeepFreeze, and they have a server which intercepts all traffic with the M86 Web Filter. Our firewall blocks off every open port except 80, 443 (SSL), and 796 (LanSchool). They have also disabled right clicking. (Bastards, I need to create a new folder.) The DeepFreeze application is server sided, and so are our desktops and Windows XP profile settings. I found h2oh4x!'s LanSchool Killer application extremely useful, and unplugging the LAN cable from the computers useful in making LanSchool nonresponsive. What I've found is that student.exe loads AFTER you log on the windows prompt. This means that the moment you log on, you can disconnect the LAN cable, making it a hard disk boot (instead of a defaulted network boot). I had to do this because they locked the BIOS so that you couldn't change the boot settings, so I had to force it to boot to Windows XP on the hard drive. However, you still can't access the lskdata.bin files (keylog files). The thing about this is that my school's LanSchool Teacher application is limited to viewing ONLY the classroom they're programmed on, and not anyone else. Because of the unplugging of the LAN cable, the computer boots from the default settings, including the default LanSchool settings. Although the student.exe is running, the teacher inside the class (or any other teacher account, for that matter), can't see you on the list of active computers. This also works if the teacher has limited USB drives, printing, web access, or any other restriction, as long as you pull out (the LAN cable, you gross bastards!) before the command to blank the screen/USB drives/printing is sent out by the teacher. Just for safety, I always run h2oh4x!'s LSKiller ;) Hope this helps someone out from a teacher abusing LanSchool. Also, I'm looking for the LanSchool decrypter files. If /anyone/ has them, please message me or let me know. I'm really interested in learning more about how my school network is built and configured. Thanks, Snuupy

I'm sorry to bump an old/dead thread, but I'm wondering if it would be possible for any of you to reupload the files posted in this thread. The decrypters would be especially helpful, and I'd love to see the source code behind it. I'm playing around with LanSchool with home computers, and I want to learn more about how this works. Thank you.

That's just awesome xD I actually read that already - but I can read it again. I don't remember, but the companies that sued him - how did they win?

I wasn't going to hack in it, I was planning to explore the network - not to cause trouble. What stuff were you not allowed to see? I mean, grades and information about people, but computer related stuff weren't you allowed? So I have to fuck my school network up before they'll let me fix it(or someone else)? I don't think my school's concerned with making money. If they had someone watch my back while I fixed it, what would be the problem?

Even if we offer to fix it for them? (it's as simple as upgrading to a new version of LanSchool) But my child isn't publicly accessible. If there was a sickness in my baby, I'd want whoever found it to tell me too, so I could bring it to a doc and let it get fixed. Same thing for what I'm thinking here. I see a sickness in the network. If it's left open, can't /anybody else/ find that hole too? So by making an example of the person that tries to help them find holes, they're kinda doing what Sony did of hackers to do things the PS3 couldn't do before? Suing them so that they'd make an "example" out of them, even when they made the console better? How does that make anything better or improved? I'm not breaking anything. At my school, they have a computers that just go back to normal EVEN if you could delete everything off of them. It's like their hard drives are frozen in one state. I'm not asking for the druggie to rob the store. It's like the druggie pointing out that the camera isn't monitoring a side of the wall, and that a simple move would fix that. No one (or me) is breaking anything or harming anything. That't not my goal.

--Double post, sorry--

But you weren't doing anything bad - so why would they be worrying? What's wrong with exploring the network if you don't harm it? Are they scared of the knowledge that someone else knows about stuff that only admins know? Okay, I get that, but why would they warn or discourage you from finding these holes? Shouldn't they WANT holes to be found so they can be as secure as possible? What if a black hat hacker comes around and hacks the shit out of them? The part I don't get is why I'm being told that administration doesn't want me to be finding weaknesses in the system. I mean, look at Apple. They block exploits every single time a new jailbreak is posted and made public. They update and fix holes every month or two. Shouldn't schools be doing that too? They're exposed to the public too. Edit: combined two posts to the first post

Wait, why would they ask you to "do no harm to the integrity of the network upon expulsion and full punishment of the law" if you weren't going to mess up their networks? Also, how is the information about the software private when the network names are listed out right in the open of the school and area, with their software and versions posted? VMWare and other virtualization tools are free, but nothing's going to be the same as the school software and its combination of restrictions. Okay, well using the Hotel example - Guests /are/ allowed to look around their rooms and find out everything they have in that room. If they go into specific rooms, they would be charged, just like if you went on admin accounts, you would be charged as well. I wasn't going on files on another machine, I was looking around at the network and its policies and software. I haven't modified anything, copied, or "hacked" anything, except testing the LanSchool program that I found, where my teacher saw what I was doing.

Were you looking at their network with their permission the whole time? That's pretty awesome, how did you convince them to let you do that? It's not my job, but I'd like to learn more about it if I can, and if it helps others on the way, all the better for me, and my school. Could you clarify on why you think that poking around the network - and not harming, touching, or breaking anything wouldn't be a good idea? It's like looking at someone else's car on the street while walking on the road, no police officer arrests you for that, unless you start vandalizing the car.

1. I think they are. 2. :o I didn't know that. The thing is, if we want to improve the school network to make it more secure, why aren't we allowed to poke around? I thought school was a place to learn and explore, so that you could learn more from it. Yes, we do have a "tech" class where you do almost nothing for half the time :S I hope my position about this is clear - I'm not trying to fuck stuff up, I just want to learn more about this, but if it's still suggested to not mess around with school networks, then I'll take that advice.

Hey everyone. This is my first thread post here at Hak5. I know that there's a lanschool thread somewhere else in this forum, but it's /really/ old, and I'm not sure if it's updated anymore. I'm just posting results that I've found, and everything that I've done from exploring the network at my school. I'm doing this because it's interesting and I've found that it's a lot more complicated than I thought it was. This isn't to fuck stuff up for others, or screw with other people for "shits and giggles", but rather, it was interesting for me to find out about. moving on to what I've found. Originally, when I first started looking around computer systems, I thought that little icon in the corner (we use windows XP)was tracking our every move and blocking web sites. I also saw that there were two school networks, one for admins, and one for students. The admin network was named "Network-A", and the student one, subsequently, was named "Network-S". Logging in with student credentials didn't work for the admin network. I'm not sure if this matters. I found that our school uses LanSchool 7.2.0.3, and it's not updated to the latest version, 7.6. This means that some programs created in the past /can/ exploit this program, and I've tested it on the school networks. I've been using ClassDoom (Google?) and it's just been destroying LanSchool. My school uses the program to monitor people while they're using the computer, and to keylog them. Not only do they use LanSchool, but they also use a web filter, called M86 (which I found today, after the school server which rerouted everything crashed and showed an error message). They've blocked all non standard ports, except when you crash LanSchool, and that opens up port 796 so you can run some sort of VNC server on it - if you really wanted to. Now the other half of the truth was that they were using M86 Web Filtering and blocking Youtube, Facebook, and a shitload of other sites, some useful, some not. I noticed that they block all proxy sites (if they can help it), but sometimes super new ones don't get blocked. They block all VPN connections, but not FTP. They block Glype and PHProxy scripts, but I'm not sure how or what formula they use to do that. They haven't blocked Zelune yet, and I tried it on a free host today, which worked. I'm not sure what's next for me to try and find out, but I really want to see how the network is set up so I can learn more about it. If you guys have any more ideas about this, I'd really like to hear them. I'm not really into the "GO HACK GRADES NAO GO GO GO", but I'd really like to see what I can do with my laptop (slow) and school computers (: Thanks, Snuupy

Hey, I'd like a reupload too, if possible =) I found that LanSchool is ONLY controlled by LAN connections, so if you guys have a wireless USB adapter, it might actually work! Or you can just crash it.

Oh damn. Is it ONLY powered by bananas?

I like the look of the Archos. I'd also add Dell Streak to the list. Also, check out the Samsung Galaxy Tab. By the way, make sure that there's at least 512 RAM on each device, and do your research making sure that companies update their Android OS. You don't wanna be the only one on OS1.6 when everyone's on 2.1! (Like some OTHER brands...)

Hey everyone. Favourite game: Starcraft. ONE. Favourite OS: XP/7 (MS Fanboy) Favourite console: N64 Nationality: CAN Accent: Canadian/American? Sex: Male Age: Over 9000. Race: Asian. Height: 1-2M. xD Status: Doing homework Build: Horrible :( Favourite band: Green Day Favourite book: Twilight (ZOMG D:) Favourite author: PDF files on my hard drive. Favourite movie: Iron Man Favourite director: Uh, N/A. Favourite TV Show: Glee. Whose Line Is It Anyway. Favourite actor: N/A Favourite actress: N/A Favourite Pinup: Err, what? Favourite Comedian: Homer Simpson. Other hobbies: Web dev, tennis, messing around with stuff - often leads to breaking then fixing xD Occupation: Student. Reason I'm here: Learning. Growth. Whatever.