School network? worth your time?

[SloPOS]

Ok, so i've bypassed syncronise, and got into admin, made my account an admin...but, the proxy server that i'm routed through has the whole control blocker. I've tried to bypass the proxy, and used many tools, but this one is good. I need some help. I've seriously tried almost every proxy switcher out there...with no success. What else can i do. thanx for your time...

[Duelus]

control blockers...proxy switchers adminroos? ROGER ROGER

[Sparda]

/me egnors all ethics

Do you know what software the server is running?

[Duelus]

why not install firefox and setup a linux server at home and use putty.exe to create and ssh tunnel?

[stingwray]

Check out the other topics about School networks on the forum.

[Sammael]

Dont do it, there are hundreds of stories going around about students who have done things like this, and got caught (= very bad for any computer based courses).

But, hypothetically, I would go with Duelus, firefox, then tunnel out.

[kickarse]

TOR?

[Darren Kitchen]

Don't listen to me, I don't claim to be a good rolemodel for would be hackers.

Do it. But don't get caught, and don't do anything malicious.

Hacking school networks will teach you more than an instructor in a class ever could.

[cooper]

Never *EVER* give your user admin rights. Once they find out something's out of whack, how long do you think it'll take before they find you?

Either create a new user and give that one admin rights, or grab some other user that's probably not being used and change its password, then come back next week and if the password is still what you changed it to/the account isn't locked out, add it to the admin group, and use that whenever you feel malicious.

[SloPOS]

ok...well...the whole firefox thing sounded nice, but i don't have an extra computer to run linux full time on, plus, isn't that a little dangerious.

with the username thing, it's a generic username (student) that is used in all the classes. I basically wanted somthing that i could just run, and get out b4 next class. The proxy thing takes too much time for just one period, and for some reason when i tried to change the proxy, everything is blocked. I'm not sure what there using, but it's somthing comperable to bess, or websence, but better. It even blocks locally stored pages(when connected to the network). i think i may have been beat, but i have this class for the next two years, so maybe somthing new will come up...thanx for all your help guys.

[Guest]

If the account is an admin like you say you made it, the filter system should be even easyer for you to get around. At least from my knowledgde of all the schools i went to the admin accounts didnt have to go through any filtering software when they surfed the net. As for running linux all the time being dangerious, where did you read/hear that?

And if you cant use linux to set up the tunnel use windows.

As for weather or not you should hack your school network, i say go for it, they are one of the easyest networks you will ever get a chance to fuck around with, and as a result it will teach you so much about "hacking" from doing this.

[SloPOS]

ah..there inlies the problem. It's not a local network. It's set up by the county, and even the teachers are blocked. I know it bugs the shit outta them, and i'd be a hero if i found a way around it.

[Duelus]

its the same setup at my school, SSH tunnel and FF... works like a charm, was using it all day.

[temperseed]

Ermm... you should do what i did on my college:

- Sit down, wait for a victim, spy on his usernamepassword. And use his account for auditing. what ever happends, ur name has nothing to do with it.

If ur a nice guy like me you could erase some logs ;) if not, then dont do nothing u wouldnt do on ur own account 8)

[armadaender]

Ermm... you should do what i did on my college:

- Sit down, wait for a victim, spy on his usernamepassword. And use his account for auditing. what ever happends, ur name has nothing to do with it.

If ur a nice guy like me you could erase some logs ;) if not, then dont do nothing u wouldnt do on ur own account 8)

Quite an aweful thing to do to a person. However, I'm sure you knew a few people that could use a suspension or two, I know I do.

[PoyBoy]

My network just uses kerberos and extensive privelage limits, and hope you dnt get around them

[BadPolizei]

Well I would need to get another log in for my schools network in order to feel right to look around. It would also be a good idea to get an pcmci card to get on the network as not to give them my laptops mac address.

[DLSS]

depending on the account security i would turn it off and install some keyloggers on some ppl's accounts ... and change my grades offcoarse ...(my french suxx)

[OtterFox]

Well for me to get a new account at school (high school) it goes like this:

When you start school you are given an account which goes

(year, single digit)(first letter of first name)(last name, up to 6 digits)

so eg. 2bjones

At the end of each year the passes are reset

So I just get the first+last names of some idiot one of my classes.

Next enter username and leave pass blank.

And there you are, you have some idiot's account after setting your own pass!

[Darren Kitchen]

in one of my colleges it was a simple first letter of first name, first 8 characters of last name, 4 digit incremental identifier (incase multiple first/last name pairs existed) with the password being the last 4 digits of the SSN.

For example my username was "dkitchen0001" with a 4 digit password. Obviously the first thing I did was change my password however for some stupid reason they limited passwords to 8 characters and did not support spaces. Lame.

[barrytone]

I did it the easy way... I knew the helpdesk staff and used to go in an help out between lessons... So I just made myself an account :roll:

[404]

Our school had an old school Novell network under DOS. It wasn't old school back then, though, since we're talking about '90 or so... We had three-letter logins, and knowing only 90% of the people showed up who were supposed to come to school, there were a lot of accounts of which the password remained the default "password".

We wrote a small scanner in Turbo Pascal (check it out here) which kept us busy scanning for accounts, and guessing their password by using the default password or the info that showed up with the scanner (first and last name, etc).

Good fun it was!

[SloPOS]

haha...that's a new record...the school blocked Hak5...took them only a week of me being on there...figures...now somthing must be done....we must bomb them!!!

<note to any federal agents that may be, and probably are, watching these fourms, the previous statement was said jokingly only, and is not ment to be taken seriously>

haha...

[DLSS]

in one of my colleges it was a simple first letter of first name, first 8 characters of last name, 4 digit incremental identifier (incase multiple first/last name pairs existed) with the password being the last 4 digits of the SSN.

For example my username was "dkitchen0001" with a 4 digit password. Obviously the first thing I did was change my password however for some stupid reason they limited passwords to 8 characters and did not support spaces. Lame.

our passes are like this :

<class>lln<persons number in class>

(me = 5kblln14)

passwords can be set to anything but b4 the accounts are activated all passes are azerty ...o and cashes dont get cleaned :P i could still check out the cookies etc of the one that had that account last year ...

[golfing22]

At my school, they use Websense and the easiest way to bypass is to create your own web-based proxy server at home.

If you already have a Linux server with Apache, and Perl just install some software called CGIProxy and when your at school just go to "https://yourip/nph-proxy.pl" then you can just type in the webpage you want to visit and then it takes you there and modifys all the links to use itself as a proxy.

It worked for me for a year until the Admin decieded to remotly watch me during class.:(