Jump to content

To shut every one up about "hacking" their school.


Guest TehHacks
 Share

Recommended Posts

Guest TehHacks

Alright im not sure if i can post this, the rules did to make it clear to me, so if this is againts the rules please remove it.,

i have been on this forums for only i day, and just browsing through the posts i have seena  few people ask "how can i hack my school network?", "Hack my school for a prank?" and i have also seen alot of people say things like "STFU n00b" or other insults in replie to these post.

To stop the arguing i did a little digging, and found i post on www.hackerthreads.org that linked to this post.

http://bothack.wordpress.com/2006/07/07/ha...g-into-college/

This article will teach anyone who wants to know, some fundimentals about so common vulnerabilities on alot of school networks, and provide some basic tips for those who want it about having fun on their school network.

hopefully this will stop any further posts asking for help on this subject, and will also stop the dispute over this subject.

Link to comment
Share on other sites

mml, thats crazy someone would write that.

Maybe not sticky materal thought, don't want a bunch of noobs bruteforcing there teachers e-mails from there computers during class, getting caught and confirming the term 'hacker' as a bad thing again and again and again.

Link to comment
Share on other sites

Guest TehHacks
mml, thats crazy someone would write that.

Maybe not sticky materal thought, don't want a bunch of noobs bruteforcing there teachers e-mails from there computers during class, getting caught and confirming the term 'hacker' as a bad thing again and again and again.

I Know exactly what you mean, thats why i put "hacking" in quote marks.

Anyway most of the techniques discribed in the article wont work unless the sysadmin of the network is inexperienced or lazy.

Link to comment
Share on other sites

Now a cool thing we could do with this link is keep it hidden until someone asks about hax0ring teh skool, find out what school there at, and email it to the sysadmins/teachers.

But I like it, and it is worth stickying. Most of the retards who ask that question would find the article beyond them, so I think we're on safe grounds. They're all looking for a exe they can run which will grant them god like powers so typing something would be akin to being told to self-circumcise with a cigar cutter.

Link to comment
Share on other sites

Did school admins actually get retarded to the point that *ANY* of those 'methods' actually work?

And jeez, pinging a server to get the ip and then accessing it using its IP doesn't work with shared hosting (which a huge amount of sites employ).

Would be nice if they expanded on the "When you get caught" (not if, WHEN!) section. If you employ these methods, I'm pretty sure you're going to need it.

Link to comment
Share on other sites

It was back before this stuff was as important, but when I was at school I had full run of everything and the admins knew about it. But at university it was a bit more up tempo, faking MAC addresses and so forth. Still had read access to a bunch of stuff I shouldn't have. So the field is wide, I bet most admins at under funded schools with aging systems (the ones that got IT grants in the 90's or early 2000's but nothing since then) won't have time to enforce proactive sercurity measures when simply keeping it running is a priority. Yeah, most people trying this shit will get caught, and in that event there is little you can do beyond some form of praying. The important thing to realize is that if you have access to stuff, you don't always have to do things with it/to it. If your interested in how it runs you should probally try and get in with the IT staff (not teachers, the actual sys-admins). Talk to them, and ask questions. If you spot a weakness, tell them about it, don't brag that you pwn'd them, just quietly mention that you found something/overheard someone mention it and you thought you'd give them a heads up.

Just don't be stupid, a sys-admin wronged is a vengeful bastard.

Link to comment
Share on other sites

Guest TehHacks
It was back before this stuff was as important, but when I was at school I had full run of everything and the admins knew about it. But at university it was a bit more up tempo, faking MAC addresses and so forth. Still had read access to a bunch of stuff I shouldn't have. So the field is wide, I bet most admins at under funded schools with aging systems (the ones that got IT grants in the 90's or early 2000's but nothing since then) won't have time to enforce proactive sercurity measures when simply keeping it running is a priority. Yeah, most people trying this shit will get caught, and in that event there is little you can do beyond some form of praying. The important thing to realize is that if you have access to stuff, you don't always have to do things with it/to it. If your interested in how it runs you should probally try and get in with the IT staff (not teachers, the actual sys-admins). Talk to them, and ask questions. If you spot a weakness, tell them about it, don't brag that you pwn'd them, just quietly mention that you found something/overheard someone mention it and you thought you'd give them a heads up.

Just don't be stupid, a sys-admin wronged is a vengeful bastard.

At my school, get get huge grants for equipment and facilitys the goverment (UK) becuase the goverment wants more kids that go to state school going into vocational jobs, or vocational frther education. so our network is pretty up to date plus our schools are no wear near as big as the ones in the US.

our sysadmins are good as well, sure they are microsoft trained, yahoo users, but they definatly know what they are talking about when it comes to networking. some of them are pretty cool as well, my friend is designing my school website so he Talks to them quite a bit, to get FTP and MySQL passwords and stuff. Once i messioned setting up a seeding box server in my house and the sysadmin said he would help me set it up.

I think all these kids wanting "Hack" their school networks is just a geek version of teenage rebelion. let them have their fun, and if and/or when they get court, thats their problem, they know the risks, and they know its illigal.

Link to comment
Share on other sites

I think all these kids wanting "Hack" their school networks is just a geek version of teenage rebellion. Let them have their fun, and if and/or when they get court, thats their problem, they know the risks, and they know its illegal.

Yeah, the trouble is that the rebelling teenager may see what he is doing as important and somehow meaningful. But to anyone who is older its just annoying as hell.

Link to comment
Share on other sites

hmm cant talk for US, but how many schools actualy use Windows Networks?

lol i can see problems with this thread though lol, arnt ppl gonna come and say, "ahh~ i tried to BF my skools admin password, but it keeps coming up with user does not exist", or "using proxies arnt working, what can i try next".

Though hopefuly ppl can goto that link and umm... not return...

Link to comment
Share on other sites

Guest TehHacks
hmm cant talk for US, but how many schools actualy use Windows Networks?

lol i can see problems with this thread though lol, arnt ppl gonna come and say, "ahh~ i tried to BF my skools admin password, but it keeps coming up with user does not exist", or "using proxies arnt working, what can i try next".

Though hopefuly ppl can goto that link and umm... not return...

In the UK almost all schools are windows networks, i ant talk for the US either.

hopefull people will ask any questions on the site that i linked to, rather than here.

Link to comment
Share on other sites

Guest TehHacks
This is amazing, thank you! at least some1 had the guts to post this. and Kudos to Vako for stickying

absolutly no problem, althought you should know, like i said in my first post, these are some very basic techniques, and are not likely to work on a good network, with a good sysadmin, these are just some fudementals. However if you are interested in this topic from an educational point of view, i suggest you learn a programming language (prefrebly perl, or C) and check our some of the links in the "where to begin" thread (http://www.hak5.org/forums/viewtopic.php?t=913)

Link to comment
Share on other sites

check our some of the links in the "where to begin" thread (http://www.hak5.org/forums/viewtopic.php?t=913)

A better resource is probably the Hak.5 Wiki page on Hacking. It summarizes everything in that thread up to page 5 (unless someone else kept it up to date). Same information, but better organisation. Or at least, that was its intention.

Link to comment
Share on other sites

The point really is what is there really to do with school networks.

I'm currently a 17 year old high school Junior.

Last year I worked with the sys-admin (who was retiring at the end of the year.) She was totally mac obsessed (She had a vanity license plate of Mac User), but it has given me an insight to being a sys-admin at a school.

It was a friend and I and of course we were responsible to know her passwords.... of course the password for the macs half the school knew, and the password for the novell based PC's were the most secure because she at least changed those every 90 days... of course she would freely give the passwords to any teacher needing assistance.

In my year of working with her (it's an art school so it was just me and a friend in cyber-core that was really called "Advanced Studies Computers" because a class with only 2 kids causes something weird with the no child left behind garbage of today....

I learned that our school district upgrades the technology of the school every 4 years (that year we got a bunch of lovely dells) replacing a bunch of windows 98 computers with an insane amount of spyware

===

Anyways this was an arts school, (I wasn't able to get into the computer magnet school because they keep lowering the standards so all you need now is like a C average.... no essays, no test scores, and of course only taking a certain % of each skin color... but that's a diffrent rant)

Most of the things that happened with the computers is games.... kids like to play games in there free time and of course this brings alot of Trojans, other than that we set up networks, (couldn't do wireless of course so imagine Ethernet cables hidden in a drop ceiling)

Really the issue wasn't hacking (in 7th grade I found that if you went through SOCKS or Gopher proxy instead of normal HTTP proxy everything would be bypassed (a switch they forgot to flip apparently), of course this when I was a wee little n00b, I was all into telling everyone (I mean I was so egotistical I told the Sys-admins son -_-) I merely got RPC'd for one day (my parents were proud of what I did, but not what I did with it...)

but more of kids want the computers at school to be as free as there home computers to do whatever they want however some stuff is not in the best intrest (kazaa, trojan ridden games etc)...

Ok so this turned more into a rant than a useful post, but oh well I typed it...

Link to comment
Share on other sites

I can't speak for all the school systems here in the US but Indianapolis Public Schools as of late 2006 use Novell (very very gay) for their network management system as well as email (including Groupwise). Although my school uses regular Windows Networks b/c of it's charter school status.

Link to comment
Share on other sites

Well, just wanted to point out the system we use in Norway.

We actualle don't have any important or files we would want on the schools network.

And the teachers network haven't any important information on it either.

Since almost all of the information goes through internet servers with fucked up firewalls and other almost impossible stuff.

If we have a paper to deliver, we have to log on a website and uploade it there.

If we want to check how much absence you have, it's a total other webpage.

Which we also have to use to register if we are sick or have dental appointments or similar excuses.

The system we use to get in to the schools we desire are a total other and even more impossible to hack webpages and sytem.

And even if we managed to get in to a school without the proper education, the still find out when you show up when schools starts, since the different systems "talk" to each other to get our information about our grade, former schools and other stuff.

But even so, if it had been possible to get into schools withput the correct former education, I doubt we would take advantage of it.

Thats probably why my class now gets a fiber dls line to set up our own network and internet connection, since thats what we now are learning and education our self in to.

If you want to check the security on the webpages we use, just ask, but please don't fuck up my chance to get into school next year. Don't want someone to ping the server to death as I fill out my application. :p

Jµnior

Link to comment
Share on other sites

  • 2 weeks later...

Hey

First post woo :P

anyway I would reccomend that people didnt try to "hack" the school computers cos i had a simple MD5 decoder on my account and they suspended my account lol.. i guess bringing knoppix into school didnt help (he thought that was a hack tool aswell :S) .. yea but they called a MD5 decoder a potential "hacking tool" (this is probably because my admin isnt that smart and well he based his findings on norton a/v or mcafee) but meh im back on the school systems now ..

my school does use a windows network, mainly Windows server 2003 Enterprise Edit.

Nath042

Link to comment
Share on other sites

  • 3 weeks later...
Now a cool thing we could do with this link is keep it hidden until someone asks about hax0ring teh skool, find out what school there at, and email it to the sysadmins/teachers.

But I like it, and it is worth stickying. Most of the retards who ask that question would find the article beyond them, so I think we're on safe grounds. They're all looking for a exe they can run which will grant them god like powers so typing something would be akin to being told to self-circumcise with a cigar cutter.

i agree completely next time somebody in irc or the fourms wants someone to hack into there school just tell them that you can hack it but first you need the sysadmin's e-mail

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...