School security down

[sm.ith]

Hi this is my first post but I've been reading for a long long time

My school recently updated all the software and blah blah on the computer and I went in there for a class today and found nothing was locked except websites I can access anything on the computer

what fun things do you suggest I do?

I want to for sure make an admin account for when they do add security and such and for internet browsing

-Smith

[SomeoneE1se]

I would sugest you do nothing.... this could be to update and just preventing down time.. i.e. if you do somthing and the admin comes in to turn on securty and finds you have messed around... bye bye all computer usage... I'd say wait a few days (even a weekend or two to be safe) if it's still like that after then you might want to do somthing LEGAL...

[sm.ith]

it's been like this for a while actually they started it at the end of last year so it's been like this since school started on the 5th I just haven't had a class in there yet

plus they are retards at my school and don't know anything about computers

[armadaender]

NEVER underestimate anyone of authority, especially those who are in charge of your education. Don't play around with anything unless you have the permission to do so.

Lets say you managed to raise your user rights and an admin happened to noticed. He'll do some research and easily find out who it was and disicipline will occur. You'll probably be kicked off the computers for the entire semester, if the not the year and if the school board deems your breech a real security threat, they could exell you.

I would do absolutly nothing. But, that's just me brushing off the dust from my grey hat to brighten up the color a bit. :roll:

[sm.ith]

if I am kicked it off it wouldn't matter I only use them for typing up reports which I'd rather do at home on better programs

[manuel]

if I am kicked it off it wouldn't matter I only use them for typing up reports which I'd rather do at home on better programs

I think its been stated fairly clear here, but.....

as a sys admin of a school, simply dont do it. but if you are affraid of getting into trouble, write an intelligent letter to the sys admins explaining the problem.

[armadaender]

Just providing the necessary warning. I don't want anyone to get into trouble for being curious about user access, security and such. My advice, set up your own network at home and perform your own testing there. That's the best way to learn how to do anything... and it's legal.

[Darren Kitchen]

Hak5 does not encourage or condone illegal activities.

As for what I did on my school network? I'll plead the Hak5th.

[stingwray]

Well it sounds like only the local security isn't working at the moment and seeming they are probably running an Active Directory which you won't have access to you can't do anything fun.

Just read the other topics about school networks, you'll (hopefully) soon realise doing stuff like this at school is a fast way to ruining your chances in life.

[Guest]

I wouldnt say you cant do anything fun. If local security is down, you can use that to gain local admin rights and from local admin you can use that to take over active directory.

(If you have physical access to a computer security doesnt exist ;) )

[stingwray]

I wouldnt say you cant do anything fun. If local security is down, you can use that to gain local admin rights and from local admin you can use that to take over active directory.

Local admin won't be able to touch Active Directory, hence the name local. All that local admin would be able to do is screw up individual computers, which is not fun and easy to catch the offender.

[Guest]

Meh, i cant find the paper i was looking for that told you how to use local admin to gain admin rights on Active Directory. Someone might know the paper im talking about, it was using the screensaver at the windows login prompt to gain system rights and from there you could reset a few passwords and then gain control over active directorys. Ill see if i can find the paper tonight.

[Deveant]

Yay first post on Hak5 lol ^^

Well im gonna go out on a limb and persume sum things, first ur profile says ur location is Victoria, so ill be guessing u live in Aus, and i presume u have sum intelegance and that ur in High Skool, if im right then theres really not much u can actualy do the the skool PC's (not that i suggest that u do lol)

But DE&T's regulations are that all skools us Deep Freeze, ProgKill, Symantec, and Novell. With this ur not gonna be able to really do anythink to the system and as for the network Novell is rather strong, with out physical access to the servers ur not gonna be doing to much to them.

Though as for the box its self, Deep Freeze and Symantec wont allow u to virus them, so keyloggers and such are out. As for using Local Admin to gain NetAdmin rights, when it comes to Novell nothink will help u there.

What im trying to get at is that though security may not seem visible im sure that ur local Techs are watching lol, and having 'Fun' with government property is not very legal lol, though it is always fun to rotate the display just as u get off lol.

[barrytone]

My old high school's network was novell based... But they also ran IIS 5. Oh the fun :roll:

[Guest]

Dont assume school networks are so secure and are impossible to hack. Trust me there not

Like i said before as soon as you have PHYSICAL access to a computer all security is gone. An easy way to get around all the shit they have is with a liveCD. From the liveCD you have full controll over the local box. Which means you can crack the sam file. Now you have the administrator password, which means you can start/stop programs running on the local machine. From there just think outside the box to work out what to do next. Oh and if the computers dont allow you to execute from cd that doesnt have to stop you just take a look at this thread. http://neworder.box.sk/forum.php?did=multS...p;thread=250014 The system had deep freeze installed didnt allow you to boot from a CD but yet they where able to break the system and get into a linux box to furth the hack ;)

[Deveant]

yeah, though the only thing with deep freeze is that if the admin is wise enough, they would make the rooms image with a dummy account, IE one that has really no network access, then just ghost the labs with the same image, then by running Deep Freeze, even if u hack the Bios, or flash it <_< (yeah found a few that dont require passwords) then set to boot cds, then liveCD and on and on get the SAM file, but then ur left with a dummy admin account, gives u admin for the local, but reset and deep freeze kills all ur work, and cant kill deep freeze unless u know the pass (or the LiveCD work around), also who has slack teachers that dont notice this stuff? haha ive seen a kid get knocked of his chair by the teacher coz he accedently went into the bios, the teacher flatterned him ^^ (books were leaning on F12)

[Guest]

I could of done all that on my school networks. The admins and everything trusted me alone in one of the computer labs at lunch time, and before school, and after school. But hey, they new what i was actually doing on the network and new i wouldnt harm the network.

[armadaender]

I could of done all that on my school networks. The admins and everything trusted me alone in one of the computer labs at lunch time, and before school, and after school. But hey, they new what i was actually doing on the network and new i wouldnt harm the network.

A topic closely related to this was discussed not too long ago but I do remember someone mentioning that if you wish to mess around with school networks, simply set up a meeting with the admins and ask for permission to do so with their supervision. I'm sure manuel_l would agree with me here. Be professional about it and I'm sure they'll like the opportunity to see someone try to break their system so that they may make it stronger in the end.

You get to test your knowledge and skills, they get to tell their boss that they had a 'specialist' come in and approve of their network security precautions. Everyone wins.

[Guest]

Thats kind of what i done, except i didnt actually tell them i was breaking the security as such, i just used my programming as the excuse and said i was testing my programs out. But the admin didnt mind he got to see what i was doing and how i was getting around things so he could stop other students from doing it. All though he didnt really like it when i told everyone how to get around the filter system for the school internet.

[Swimfin131]

just on the quick topic of "fun" you can have on school computers,

I always leave a "present for the next user of the computer. Since I go to private school, every local comp is an emac. all you have to do is press ctrl+alt+cmd+8 and that inverts the colors. It is a very fun little thing to do and causes some serious anguish to the person that doesn't know whats going on!

[moonlit]

You can do the same on Windows, use Shift+Alt+PrntScr and set whatever colour scheme you like, an inverted black and white scheme with huge fonts maybe? ;)

[Darren Kitchen]

Wess and I used to have fun with NET SEND * but that was back before Windows XP. Crap did I just age myself?

I'm old *cries*

[moonlit]

/me casts Youth on Aardwolf.

Aardwolf lost 2 years.

You have 2 Youth remaining.

/me casts Youth on Aardwolf.

Aardwolf lost 2 years.

You have 1 Youth remaining.

/me casts Youth on Aardwolf.

Aardwolf lost 2 years.

You have 0 Youth remaining.

how's that? better? ;)

[VaKo]

I wonder what will happen if you looped that...

[Deveant]

haha yeah i use to use Net Send at my old skool as well, the PC's were to cheap that they couldnt handle SP2 so the admin left them unpatched, so we all just sent msgs around the room, till we started to use batch files to loop send out the msgs to cause the victoms computer to hang, though funny enough does the same trick to the attacker ^^

The great days of the old school yard.