MRGRIM Posted March 8, 2009 Posted March 8, 2009 If you whip your own laptop out etc or are fiddling on a system while I’m trying to teach or something it’s kind of rude, distracting and very annoying. If you don’t want to take part in the class / lab then why show up? If your teacher is as much of an ass as you say, then I think you've done the right thing by informing other teachers. Quote
shonen Posted March 8, 2009 Author Posted March 8, 2009 If you whip your own laptop out etc or are fiddling on a system while I’m trying to teach or something it’s kind of rude, distracting and very annoying. If you don’t want to take part in the class / lab then why show up? If your teach is as much of an ass as you say, then I think you've done the right thing by informing other teachers. As much as I dislike the IBM iseries class I would have instantly stopped what I was doing if he was holding a lecture or if we were doing our hands on stuff. But the class was comming back from a smoke-o break and I was just showing some friends my new laptop, seriously wtf and can we say ANAL much? I am all for this software to a degree but some Teachers need to chillax a lil more, all my other Teachers don't even bother to use it. I will admit though as a teaching aid it is very useful. Quote
Lyzon Posted March 10, 2009 Posted March 10, 2009 Well i better make my first post an interesting one. Im Maximillion's friend at college, the same one that helped crack lanschool. Anywhoo ill cut to the chase Today i created a program that crashes LanSchool without VPC, APT or any of our old methods. The exe is 1.3mb (how can i reduce filesize?) in size, it kills all unprotected Student.exe processes, scans for protected ones and sends a crash command to it. The exe was compiled in Dev C++ Word of warning, if your gonna use it, rename the exe to something inconspicuous like calculator so they wont get suspicious when they check your app logs. edit: uploaded it to media fire http://www.mediafire.com/?b0z4zm3zwu4 Edit: it seems the crasher only works if the student.exe process is protected. Quote
Lyzon Posted March 10, 2009 Posted March 10, 2009 Update: the new version of LS Crasher.exe can kill the process, not just crash it. This is done by aqquiring the SeDebugPrivilage process access level. The displayed log is also alot more informative. http://www.mediafire.com/?hqj03tzzogy Quote
shonen Posted March 11, 2009 Author Posted March 11, 2009 Intersting work Lyzon and I love the fact you expanded on the original concept I posted (I tip my hate to you). Still it seems like a lot of work to remove LANschool student seeing as you can uninstall it with the setup file but hey I am sure you learnt a ton from this little exercise. I will download this at give it a whirl when I am back at school tomorrow. Thanks for the post and hard work. Quote
Lyzon Posted March 11, 2009 Posted March 11, 2009 At my college you need admin privilages to run the setup file :P Next i gota make it a pretty gui :) Quote
shonen Posted March 11, 2009 Author Posted March 11, 2009 Damn your collage is pretty hard ass then, we don't have that restriction...... YET! Oi I was wondering what are you studying at collage exactly? Quote
Lyzon Posted March 11, 2009 Posted March 11, 2009 im doin a BTEC national diploma in computing (UK), its basically lessons on C#, maths, information systems, hci (human computer interface), php development, html css js and some other boring shit -_- I say boring shit because i have been developing php for almost 7 years and html and css for longer. Javascript about 6 years. Maths i find boring cos i suck at it =], c# i find boring because A, our colleges group policies stop any file interation with the JIT compiler, meaning you cant output to file like in c. B, our teacher takes half an hour to explain something even tho he gave us handouts explaining everything :P What do you do? ps, i have almost finished a gui for the lanschool crasher :D Quote
shonen Posted March 11, 2009 Author Posted March 11, 2009 Ah nice I figured it was from some sort of programing area, I feel your pain on the math's part and boring subjects. We have a fair amount of B.S subjects that are a complete waste of time, such as Project management, Ethics and another that is so boring I can't even recall the name of it. Most of our Teachers except two are nothing but glorified spastics who are out of date, can't teach for the life of em or have either lost interest in their subject matter. I am doing my advanced diplome in network security however I fail to understand the advanced and security aspect of the course. I am in my second year and so far all we have covered is basic network fundamentals and just started cisco shit. The only security related stuff covered so far is Denial of service and configuring Access Control List's as of last week. Recently our school admins have blocked downloading on student accounts and have also gone a bit mental on the content filtering, so alot of people have really cracked a shit fit over it because you do have to download legit shit or browse certain content for class work. I never really noticed seeing as I always VPN my ass out of there. Well done my man, you have gotta love a purdy GUI interface. XD Quote
Lyzon Posted March 13, 2009 Posted March 13, 2009 Woo i finished the gui :P It works perfectly on my college comps (i made the gui in lesson :P) but fails to work on my home comp, probably need to install the .net framework. Anyway its very simple, load it and once the green bar is 100% full, lanschool is crashed, works on any version. Hold down the help button to read the help. Kahraman is my new "hacker" :P name. Im now learning assembly to re create the program in that with a much lower filesize :D Well enjoy lol,shonen test it out at your college see if it works on ur lanschool :D http://www.mediafire.com/?nmdzzxxbgzt Quote
shonen Posted March 14, 2009 Author Posted March 14, 2009 Will do mate, I forgot to d/l the beta version before heading out to class. Some pin head accidently sleeped in. XD I will let ya know how it went once I give it a whirl. Quote
Lyzon Posted March 15, 2009 Posted March 15, 2009 I have now finished the final version of the lanschool crasher which i have renamed LanSchool Manager. It allows you to manage both the student.exe and teacher.exe process in an easy to use gui. Screens: Download Link: http://www.mediafire.com/?bgpmhzwr24t File Info: Size: 919kb Dependancies: None (older versions of gui required .net 3.5 framework) Enjoy, and use wisely :P Quote
Destro Posted March 16, 2009 Posted March 16, 2009 Lyzon is your gui only for lanschool? Does your college use lanschool? It looks good from the pictures! cheers, Destro Quote
Lyzon Posted March 16, 2009 Posted March 16, 2009 Lol thx. Yea my college uses lan school. Version 7.1.0.3 to be exact but this has been tested on 7.0.0.7, 7.1.0.3, 7.2.1.0 and 7.2.1.1 and works on all. It exploits a message handling bug in Student.exe which crashes when it gets the message. The process is still there but its non responsive. Youll see this when you run LanSchool Manager. Click "Crash" and the text changes from Running to Not Responding. If the process is not protected you can close it after by clicking close. In my college Student.exe is a protected process which is why only the crash button will work there but under normal circumstances it would close it aswell. The program monitors any process named Student.exe and Teacher.exe, while not limited to lanschool (i think netops uses the same process names?) it was designed to be used for lanschool. Quote
soulbleed Posted March 16, 2009 Posted March 16, 2009 A friend of mine in college wrote an application exactly like that one, but in VBScript for a final project. Quote
Lurker1 Posted March 18, 2009 Posted March 18, 2009 As nice as the LANSchool Uninstaller is, they have a program to detect it. In there FAQ it says: It is very rare that a student uses an authorized console, unless you've given them access to the console program. However if you suspect that someone has the Teacher Console, there is a utility on the utilities directory called security.exe. This program logs all LanSchool activity and can help you quickly identify unauthorized consoles. Once students know that this tool is in use, unathorized activity stops quickly. In LanSchool v7.2 you can watch the same security messages in the status window. Source: http://www.lanschool.com/support/faq It also watchs for Installs and Uninstalls of LANSchool. If this is not enough, there is a Security Monitor application available in the security folder on the LanSchool CDROM. This application runs on any machine and will capture a log of ALL LanSchool activity, including the installation or un-installation of any LanSchool program. With this utility, many schools have quickly been able to identify students who are abusing the “appropriate use policy”of their computer lab. There is a Security.pdf file in the same folder which describes this utility in detail. http://www.msmiami.com/custom/downloads/La..._User_Guide.pdf Just letting you know if they catch on to people using the installer they can watch it. Quote
Lyzon Posted March 18, 2009 Posted March 18, 2009 Thats all well and good but the thing is my program does not uninstall lanschool. It crashes it. A side effect i have found is it corrupts all program logs and keystrokes of that computer aswell. So no1 can find out what program was used before Quote
VaKo Posted March 18, 2009 Posted March 18, 2009 What do people think about moving this topic to a newly created Active Projects section of Sercurity and hacking? Quote
shonen Posted March 18, 2009 Author Posted March 18, 2009 What do people think about moving this topic to a newly created Active Projects section of Sercurity and hacking? I say your the boss Vako and you can do whatever you want. XD Actually its a very good suggestion but that would be up to the people who actually have the program skills unlike myself. Thanks for the reminder to others on that Lukar, yeap the secure version does have some of those feature's and I did briefly touch on them in a previous posting (just not in as much detail). In any case this is not really an issue for me seeing as my school are to tight to purchase the secure version of LAN school. Oh and Lyzon sorry I have been a slack arse and am still yet to test that crasher you so generously created (been bussy configuring cisco routers/switches for a class test coming up). I will get around to doing it sometime this week and post. lol Oi what are the chances of getting snubs doing a demo on the Vmware work around and Lyzon's app in a future episode or is that wishful thinking XD P.S Thanks again to all who contribute on this and really ran with the inital posting, you guys are FREAKING awesome. Quote
Lyzon Posted March 18, 2009 Posted March 18, 2009 Lol, that would be a fun episode :P I still got one more version of my lanschool manager to do. With some extra features. One feature is a list view of student processes because once a student.exe is crashed, you can run another one so there is 2 processes of it. Another feature is to check the process is actually lanschool student and not some random exe called student. Maybe some otehr ways of crashing it such as port blocking and ima try to find out the exact unload codes of student.exe. There was something strange i found in student.exe using reshacker: A hidden dialog to close student i see :D me thinks to use this code for some stuffs >.< @vako, sounds like a good idea i think Quote
shonen Posted March 18, 2009 Author Posted March 18, 2009 EDIT Good luck on the port blocker venture I tried this already with a number off them in earlier posts and could't stop the bloody thing. I believe they mention that you can't do this on the website seeing as this was an issue with students working around it in previous versions. lol a hidden dialog to close students, thats a nice find indeed. Hey I wonder if it is at all possible to make something that listens and allows LANschool teacher to connect to it so you can do some funky stuff with the techers desktop or some shit. I doubt this is possible, form what I remember about Lanschool when I put it to a sniffer the student constantly broadcasts and all the teacher does is listen in on that broadcast. I will have to take a look and see if it is possible to get the teachers desktop IP number from this, if you can maybe you could add a port flooder of some kind or some standard annoying windows shit like net send or what have you. On the other hand if you could be arsed you could turn that app in to every students swiss army knife for class by adding shit like a packet sniffer, XB browser or what ever else tickels your fancy (just an idea). I would love to help working on this but unforunitly I specialize in netwroks not programming (however it is on the to learn list). Quote
Lyzon Posted March 19, 2009 Posted March 19, 2009 Well, if your no good a programming, how good are you packet logging programs using wireshark or an equivelent? I ask this because i would like to packet log the teacher program hack using virtual pc. I can log it but cant make heads nor tails of the logs -_- The swiss army nknife thing sounds good :D What other features could i include? Quote
shonen Posted March 19, 2009 Author Posted March 19, 2009 Lyzon I tried your app today and it wouldn't launch the .exe file, not that its your fault but more so the fact my school don't have the .net framwork installed. I suspect I may need a couple of .dll's to get it to load but as to which ones I have no idea. lol I feel your pain with packet logging its easier if you create a custom filter that gets rid of the ARP and other assorted rubbish so you are only looking at lanschool packets also you can can select a packet of interest and follow tcp/ip stream to get the ascii output (in case you didn't know), Anyways I maybe able to fudge my way through it and if not I will make it a class project out of it and see what me and the boys can come up over a lunch break or two for ya. Also it may pay to capture/upload the wireshark log's and the teacher program hack for posting on here so anyone else interested can have a crack sifting through it. MMMM good question, I was pondering over this today and I couldn't think of what else would be helpful........ maybe synergy, *shrugs*. In any case I am sure some of the hak5 higher ups and regulars will have some great suggestions. This could be a useful device for students to carry around on a thumb drive. XD You thought of a name for it yet other than the crasher and teacher hack? If you go the student swiss army knife route may I suggest Lyzon's LAN tooled. Its a spin off from the older LAN school hack called LAN Schooled. Think of the slogan don't be a fucking tool use one Lyzon's you got LAN tooled =P Edit due to that once a year brain wave I have a cunning plan me lord! Now I can only speak from my own experience's but using a school network is a shit, how many times have you been working on an assignment and had your word document/computer crash or the stupid admins fire up their AV scans not after hours while you saving a word .doc and due to low resources your file gets corrupted/fucked (so far I am up to the 5th time in 3 months...... feel the rage!). Also you do a fair amount of google research during class and sometimes you neglect to copy and paste the url of some website that has really good info on something and when you get home to try and find it you can't. The answer lies within, Lyzon's LAN tooled (I am calling it that for now, until you name it officially) with built in key logging feature to record assignments you are working on and visited websites. Anyways thats just an idea, not sure if other students have the same problem but if you ever lost work or a good website for referencing you would WANT this feature. Only issue is this feature would be picked up by most AV's even though it has no malicious use intended (sucks). Quote
Lyzon Posted March 19, 2009 Posted March 19, 2009 Lol the irony wont be lost on my for creating a keylogger -_-. I made lanschool manager to stop IT keylogging me hehe. Keep that name till its officially named. Ima go try to create a key logger. VISUAL STUDIO HERE I COME!!!111 Quote
shonen Posted March 20, 2009 Author Posted March 20, 2009 lol very true, but thats life for ya filled with those ironic momments. XD I am sure you would much rather trust a keylogger you scripted yourself opposed to the 2nd option. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.