Jump to content

Admin At School. What Next?


careless223

Recommended Posts

I have admin rights at my school as well. We've had lots of fun changing the homepage for the school to our favourite sites. ie. redcardgroup.com, hak5.org and of course twit.tv.

But, I agree with ethical motions and Darren, I suggest you tell them how you did it. But make sure you don't tell the admin, tell the principal, that way the admin doesn't hunt you down for breaking his network.

Link to comment
Share on other sites

  • Replies 53
  • Created
  • Last Reply

Top Posters In This Topic

reading this thread makes me think of security vs capabilities.

many, many school use thier time securing themselves from the outside world and literally ignore the users in thier own network.

this isn't done out of laziness or stupidity. usually it is done because they want the kids/teachers to have as much flexiblity as possible. they inheritly give a lagre amount of trust to the users on thier own network because they have signed some type of usage agreement.

on the other hand many schools and systems don't have the mony it takes to hire certified and knowledgeable people for each location. if your'e in a public school system this is usually the case. so if there is a part time tech person at the school that may not have professional training your not really proving much by sniffing around. on top of that if they do need to hire a more learned professional or an additional tech person for internal security that could keep an entire lab of computer from being replaced in the normal cycle.

they could always and simply lock down all but allowed programs and straighten out the sharing security but at a trade off of useablity.

try and think about how your hacking might effect the next generation.

Link to comment
Share on other sites

  • 2 months later...
Email the admins with details of how you were able to get admin access so that they can close the hole. It's the ethical hacker thing to do.
Lol i have the Admin password.... Only because they gave it to me when i was working for the schools IT department for the last two years.. lol
Link to comment
Share on other sites

  • 4 weeks later...

Its worrying how many people in here want to change SOMETHING, just because their in, files, urls, etc etc. The whole point is getting in, and understanding how you got in, and learning from that understanding.

and yes, you should tell your admin, (although do it anonymously for definate! no matter how well you get on with them!) i got suspended for a number of months, and then wasnt allowed to touch a computer in my college, or even bring an mp3 player / mobile with wifi / bluetooth into the building for the rest of the term (when i was allowed back)

And all this was for gaining access to a few servers, the webserver mainly, and the financials package DB. (Didnt change anything, didnt even install the EXE for looking at the financials DB files.) and yet the admin who i got on v well with took a turn for the evil! No-one at that college understood 'hacker', the only opinion was 'dangerous, trying to do as much evil as they can!'... ahh well.

But yes, be happy you got in, tell someone, search for something else :P

(Oh, and the question about settings the desktop background waaay back in page1... im pretty sure mspaint > file > Det as Desktop BG still works. And from what i remember theres no GPO to disable it :P)

Just my 10p... (wooow, thats 20p already today!)

TX

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...