Jump to content

Recommended Posts

We have a lot, and I mean like shitloads (at least 100) old computers my high school, not to mention probably even more laptops (though they are often off, and are very cheap). Thought it'd be really fun to do something...anything to the network or computers  (like maybe a botnet) wouldn't wanna do anything too evil/illegal tho. Don't really care what, any cool ideas... I don't really know what I'm doing so just any ideas are cool as long as you explain what the methods are so I can research them. I don't really know where to start right now. I'll try and get the IT guy/the principals' permission of course. 

I'm somewhat a beginner, so if you could say the names of the things you are doing so I can research them, that would be great. I literally have 3 years to figure it out.

Most the network is wired, but laptops and phones connect to wireless, and the computers have trendmicro installed on them. Though I kind of have an advantage because I have access to like everywhere every day. for 3 years. All computers are windows 10. We have like 4 rooms with switches and stuff... lots and lots of cables in those rooms. I can probably get into them but I'll need the key (I know who has it)

I really want to do something/learn how to do something but I don't know what to learn. 

P.S. if I end up doing this illegally (which I totally won't) I'm not gonna change anyone's marks or access anything, personally I don't really care about the stupid school data and the last thing I need is a zero when someone finds out my marks were changed. I'll probably just screw with people. ...Maybe play a particular song full blast during an assembly... -----> or on every computer at once <---- Just an idea. (every computer has a speaker)

  • Like 1

Share this post


Link to post
Share on other sites

No.

 

 

  • Like 2

Share this post


Link to post
Share on other sites

Enter stage left, grumpy old man , MUPPET SHOW THEME PLAYING...

Young man...listen  up, and listen veeeery carefully. Since RKiver  gave you the short version,  and right now, you're wondering why, I'll  give it  a try.

Since you haven't  gotten permission, dont do anything to those machines. just bypassing  login restrictions, would be a crime.
Launching any kind of exploit, botnet, or malware is a crime.

Since you dont know what you're doing, its a real dissaster waiting to happen..period.

Go  do your learning  on a virtual lab, or private lab network, not on your schools gear. But you could try and ask the network staff if you can give them a hand, because you want to learn, and maybe someday be an admin yourself. Some of them might actually think it's cool, and start you in the right direction.

Exit stage right, grumpy old man

  • Like 2

Share this post


Link to post
Share on other sites
On 5/24/2019 at 2:29 AM, Kentj said:

Enter stage left, grumpy old man , MUPPET SHOW THEME PLAYING...

Young man...listen  up, and listen veeeery carefully. Since RKiver  gave you the short version,  and right now, you're wondering why, I'll  give it  a try.

Since you haven't  gotten permission, dont do anything to those machines. just bypassing  login restrictions, would be a crime.
Launching any kind of exploit, botnet, or malware is a crime.

Since you dont know what you're doing, its a real dissaster waiting to happen..period.

Go  do your learning  on a virtual lab, or private lab network, not on your schools gear. But you could try and ask the network staff if you can give them a hand, because you want to learn, and maybe someday be an admin yourself. Some of them might actually think it's cool, and start you in the right direction.

Exit stage right, grumpy old man

Thank you captain Statler ...

 

As RKiver put it subtly ... 'No'

 

Waldorff out

Share this post


Link to post
Share on other sites
Posted (edited)
On 5/22/2019 at 10:50 PM, epic_7000 said:

... We have like 4 rooms with switches and stuff... lots and lots of cables in those rooms. I can probably get into them but I'll need the key (I know who has it)

I really want to do something/learn how to do something but I don't know what to learn.

If you want something to learn I'd suggest reading up on Criminal Trespass (US) or whatever the similar laws are in your area.

Edited by aethernaut

Share this post


Link to post
Share on other sites

I sort of like these terrible questions because the answers are often ‘old person sits young person down on milk crate across from them and explains it how it is’. Yes, I know they won’t listen now but those words will stick and make sense later. Cudos old peoples of the forum.

Share this post


Link to post
Share on other sites

Q: We have a lot, and I mean like shitloads (at least 100) old computers my high school, not to mention probably even more laptops (though they are often off, and are very cheap). Thought it'd be really fun to do something...anything to the network or computers  (like maybe a botnet) wouldn't wanna do anything too evil/illegal tho. Don't really care what, any cool ideas... I don't really know what I'm doing so just any ideas are cool as long as you explain what the methods are so I can research them. I don't really know where to start right now. I'll try and get the IT guy/the principals' permission of course. 

 

A: If you try to get into the IT guy or Principal computer that is Illegal and you will probably go to jail.

 

Q: I'm somewhat a beginner, so if you could say the names of the things you are doing so I can research them, that would be great. I literally have 3 years to figure it out.

 

A: 3 Years? to figure out how to hack your school.. Use those 3 years to learn programming, computer, network, and security. Because why would you spend 3 years learning how to hack your school..and then month later you get caught.

 

Q: Most the network is wired, but laptops and phones connect to wireless, and the computers have trendmicro installed on them. Though I kind of have an advantage because I have access to like everywhere every day. for 3 years. All computers are windows 10. We have like 4 rooms with switches and stuff... lots and lots of cables in those rooms. I can probably get into them but I'll need the key (I know who has it)

 

A: You don't need a key learn to lock pick.. there are also lock-picking kits on ebay, amazon, and even walmart. Trendmirco is a good defense software the company I work for (Which is a MSP Company) has it installed.. You can still bypass trendmirco security filters though.

 

Q: I really want to do something/learn how to do something but I don't know what to learn. 

A: Computers, Network, Security, Microsoft, Linux, Etc ... 

 

Q: P.S. if I end up doing this illegally (which I totally won't) I'm not gonna change anyone's marks or access anything, personally I don't really care about the stupid school data and the last thing I need is a zero when someone finds out my marks were changed. I'll probably just screw with people. ...Maybe play a particular song full blast during an assembly... -----> or on every computer at once <---- Just an idea. (every computer has a speaker)

 

A: No offense man, or woman but this statement is dumb in so many ways.. you almost sound like a cop to be honest

Share this post


Link to post
Share on other sites

18 U.S. Code § 1030. Fraud and related activity in connection with computers

 
(a)Whoever—
(1)
having knowingly accessed a computer without authorization or exceeding authorized access, and by means of such conduct having obtained information that has been determined by the United StatesGovernment pursuant to an Executive order or statute to require protection against unauthorized disclosure for reasons of national defense or foreign relations, or any restricted data, as defined in paragraph y. of section 11 of the Atomic Energy Act of 1954, with reason to believe that such information so obtained could be used to the injury of the United States, or to the advantage of any foreign nation willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit or cause to be communicated, delivered, or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it to the officer or employee of the United Statesentitled to receive it;
(2)intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains—
(A)
information contained in a financial record of a financial institution, or of a card issuer as defined insection 1602(n)[1] of title 15, or contained in a file of a consumer reporting agency on a consumer, as such terms are defined in the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.);
(B)
information from any department or agency of the United States; or
(C)
information from any protected computer;
(3)
intentionally, without authorization to access any nonpublic computer of a department or agency of the United States, accesses such a computer of that department or agency that is exclusively for the use of the Government of the United States or, in the case of a computer not exclusively for such use, is used by or for the Government of the United States and such conduct affects that use by or for the Government of the United States;
(4)
knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value,unless the object of the fraud and the thing obtained consists only of the use of the computer and the valueof such use is not more than $5,000 in any 1-year period;
(5)
(A)
knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(B)
intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or
(C)
intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage and loss.[2]
(6)knowingly and with intent to defraud traffics (as defined in section 1029) in any password or similar information through which a computer may be accessed without authorization, if—
(A)
such trafficking affects interstate or foreign commerce; or
(B)
such computer is used by or for the Government of the United States;[3]
(7)with intent to extort from any person any money or other thing of value, transmits in interstate orforeign commerce any communication containing any—
(A)
threat to cause damage to a protected computer;
(B)
threat to obtain information from a protected computer without authorization or in excess of authorization or to impair the confidentiality of information obtained from a protected computer without authorization or by exceeding authorized access; or
(C)
demand or request for money or other thing of value in relation to damage to a protected computer, where such damage was caused to facilitate the extortion;
shall be punished as provided in subsection (c) of this section.
(b)
Whoever conspires to commit or attempts to commit an offense under subsection (a) of this section shall be punished as provided in subsection (c) of this section.
(c)The punishment for an offense under subsection (a) or (b) of this section is—
(1)
(A)
a fine under this title or imprisonment for not more than ten years, or both, in the case of an offenseunder subsection (a)(1) of this section which does not occur after a conviction for another offense under this section, or an attempt to commit an offense punishable under this subparagraph; and
(B)
a fine under this title or imprisonment for not more than twenty years, or both, in the case of anoffense under subsection (a)(1) of this section which occurs after a conviction for another offense under this section, or an attempt to commit an offense punishable under this subparagraph;
(2)
(A)
except as provided in subparagraph (B), a fine under this title or imprisonment for not more than one year, or both, in the case of an offense under subsection (a)(2), (a)(3), or (a)(6) of this section which does not occur after a conviction for another offense under this section, or an attempt to commit anoffense punishable under this subparagraph;
(B)a fine under this title or imprisonment for not more than 5 years, or both, in the case of an offenseunder subsection (a)(2), or an attempt to commit an offense punishable under this subparagraph, if—
(i)
the offense was committed for purposes of commercial advantage or private financial gain;
(ii)
the offense was committed in furtherance of any criminal or tortious act in violation of the Constitution or laws of the United States or of any State; or
(iii)
the value of the information obtained exceeds $5,000; and
(C)
a fine under this title or imprisonment for not more than ten years, or both, in the case of an offenseunder subsection (a)(2), (a)(3) or (a)(6) of this section which occurs after a conviction for anotheroffense under this section, or an attempt to commit an offense punishable under this subparagraph;
(3)
(A)
a fine under this title or imprisonment for not more than five years, or both, in the case of an offenseunder subsection (a)(4) or (a)(7) of this section which does not occur after a conviction for anotheroffense under this section, or an attempt to commit an offense punishable under this subparagraph; and
(B)
a fine under this title or imprisonment for not more than ten years, or both, in the case of an offenseunder subsection (a)(4),[4] or (a)(7) of this section which occurs after a conviction for another offenseunder this section, or an attempt to commit an offense punishable under this subparagraph;
(4)
(A)except as provided in subparagraphs (E) and (F), a fine under this title, imprisonment for not more than 5 years, or both, in the case of—
(i)an offense under subsection (a)(5)(B), which does not occur after a conviction for another offenseunder this section, if the offense caused (or, in the case of an attempted offense, would, if completed, have caused)—
(I)
loss to 1 or more persons during any 1-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting 1 or more other protected computers) aggregating at least $5,000 invalue;
(II)
the modification or impairment, or potential modification or impairment, of the medical examination, diagnosis, treatment, or care of 1 or more individuals;
(III)
physical injury to any person;
(IV)
a threat to public health or safety;
(V)
damage affecting a computer used by or for an entity of the United States Government in furtherance of the administration of justice, national defense, or national security; or
(VI)
damage affecting 10 or more protected computers during any 1-year period; or
(ii)
an attempt to commit an offense punishable under this subparagraph;
(B)except as provided in subparagraphs (E) and (F), a fine under this title, imprisonment for not more than 10 years, or both, in the case of—
(i)
an offense under subsection (a)(5)(A), which does not occur after a conviction for another offenseunder this section, if the offense caused (or, in the case of an attempted offense, would, if completed, have caused) a harm provided in subclauses (I) through (VI) of subparagraph (A)(i); or
(ii)
an attempt to commit an offense punishable under this subparagraph;
(C)except as provided in subparagraphs (E) and (F), a fine under this title, imprisonment for not more than 20 years, or both, in the case of—
(i)
an offense or an attempt to commit an offense under subparagraphs (A) or (B) of subsection (a)(5) that occurs after a conviction for another offense under this section; or
(ii)
an attempt to commit an offense punishable under this subparagraph;
(D)a fine under this title, imprisonment for not more than 10 years, or both, in the case of—
(i)
an offense or an attempt to commit an offense under subsection (a)(5)(C) that occurs after aconviction for another offense under this section; or
(ii)
an attempt to commit an offense punishable under this subparagraph;
(E)
if the offender attempts to cause or knowingly or recklessly causes serious bodily injury from conduct in violation of subsection (a)(5)(A), a fine under this title, imprisonment for not more than 20 years, or both;
(F)
if the offender attempts to cause or knowingly or recklessly causes death from conduct in violation of subsection (a)(5)(A), a fine under this title, imprisonment for any term of years or for life, or both; or
(G)a fine under this title, imprisonment for not more than 1 year, or both, for—
(i)
any other offense under subsection (a)(5); or
(ii)
an attempt to commit an offense punishable under this subparagraph.
(d)
(1)
The United States Secret Service shall, in addition to any other agency having such authority, have the authority to investigate offenses under this section.
(2)
The Federal Bureau of Investigation shall have primary authority to investigate offenses under subsection (a)(1) for any cases involving espionage, foreign counterintelligence, information protected against unauthorized disclosure for reasons of national defense or foreign relations, or Restricted Data (as that term is defined in section 11y of the Atomic Energy Act of 1954 (42 U.S.C. 2014(y)), except for offensesaffecting the duties of the United States Secret Service pursuant to section 3056(a) of this title.
(3)
Such authority shall be exercised in accordance with an agreement which shall be entered into by the Secretary of the Treasury and the Attorney General.
(e)As used in this section—
(1)
the term “computer” means an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device, but such term does not include an automated typewriter or typesetter, a portable hand held calculator, or other similar device;
(2)the term “protected computer” means a computer—
(A)
exclusively for the use of a financial institution or the United States Government, or, in the case of acomputer not exclusively for such use, used by or for a financial institution or the United StatesGovernment and the conduct constituting the offense affects that use by or for the financial institution or the Government; or
(B)
which is used in or affecting interstate or foreign commerce or communication, including a computerlocated outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States;
(3)
the term “State” includes the District of Columbia, the Commonwealth of Puerto Rico, and any other commonwealth, possession or territory of the United States;
(4)the term “financial institution” means—
(A)
an institution, with deposits insured by the Federal Deposit Insurance Corporation;
(B)
the Federal Reserve or a member of the Federal Reserve including any Federal Reserve Bank;
(C)
a credit union with accounts insured by the National Credit Union Administration;
(D)
a member of the Federal home loan bank system and any home loan bank;
(E)
any institution of the Farm Credit System under the Farm Credit Act of 1971;
(F)
a broker-dealer registered with the Securities and Exchange Commission pursuant to section 15 of theSecurities Exchange Act of 1934;
(G)
the Securities Investor Protection Corporation;
(H)
a branch or agency of a foreign bank (as such terms are defined in paragraphs (1) and (3) of section 1(b) of the International Banking Act of 1978); and
(I)
an organization operating under section 25 or section 25(a) 1 of the Federal Reserve Act;
(5)
the term “financial record” means information derived from any record held by a financial institutionpertaining to a customer’s relationship with the financial institution;
(6)
the term “exceeds authorized access” means to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter;
(7)
the term “department of the United States” means the legislative or judicial branch of the Government or one of the executive departments enumerated in section 101 of title 5;
(8)
the term “damage” means any impairment to the integrity or availability of data, a program, a system, or information;
(9)
the term “government entity” includes the Government of the United States, any State or political subdivision of the United States, any foreign country, and any state, province, municipality, or other political subdivision of a foreign country;
(10)
the term “conviction” shall include a conviction under the law of any State for a crime punishable by imprisonment for more than 1 year, an element of which is unauthorized access, or exceeding authorized access, to a computer;
(11)
the term “loss” means any reasonable cost to any victim, including the cost of responding to anoffense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service; and
(12)
the term “person” means any individual, firm, corporation, educational institution, financial institution, governmental entity, or legal or other entity.
(f)
This section does not prohibit any lawfully authorized investigative, protective, or intelligence activity of a law enforcement agency of the United States, a State, or a political subdivision of a State, or of an intelligenceagency of the United States.
(g)
Any person who suffers damage or loss by reason of a violation of this section may maintain a civil action against the violator to obtain compensatory damages and injunctive relief or other equitable relief. A civil action for a violation of this section may be brought only if the conduct involves 1 of the factors set forth in subclauses [5] (I), (II), (III), (IV), or (V) of subsection (c)(4)(A)(i). Damages for a violation involving only conduct described in subsection (c)(4)(A)(i)(I) are limited to economic damages. No action may be brought under this subsection unless such action is begun within 2 years of the date of the act complained of or the date of the discovery of the damage. No action may be brought under this subsection for the negligent design or manufacture of computer hardware, computer software, or firmware.
(h)
The Attorney General and the Secretary of the Treasury shall report to the Congress annually, during the first 3 years following the date of the enactment of this subsection, concerning investigations and prosecutions under subsection (a)(5).
(i)
(1)The court, in imposing sentence on any person convicted of a violation of this section, or convicted of conspiracy to violate this section, shall order, in addition to any other sentence imposed and irrespective of any provision of State law, that such person forfeit to the United States—
(A)
such person’s interest in any personal property that was used or intended to be used to commit or to facilitate the commission of such violation; and
(B)
any property, real or personal, constituting or derived from, any proceeds that such person obtained, directly or indirectly, as a result of such violation.
(2)
The criminal forfeiture of property under this subsection, any seizure and disposition thereof, and any judicial proceeding in relation thereto, shall be governed by the provisions of section 413 of theComprehensive Drug Abuse Prevention and Control Act of 1970 (21 U.S.C. 853), except subsection (d) of that section.
(j)For purposes of subsection (i), the following shall be subject to forfeiture to the United States and no property right shall exist in them:
(1)
Any personal property used or intended to be used to commit or to facilitate the commission of any violation of this section, or a conspiracy to violate this section.
(2)
Any property, real or personal, which constitutes or is derived from proceeds traceable to any violation of this section, or a conspiracy to violate this section [6]
(Added Pub. L. 98–473, title II, § 2102(a), Oct. 12, 1984, 98 Stat. 2190; amended Pub. L. 99–474, § 2, Oct. 16, 1986, 100 Stat. 1213; Pub. L. 100–690, title VII, § 7065, Nov. 18, 1988, 102 Stat. 4404; Pub. L. 101–73, title IX, § 962(a)(5), Aug. 9, 1989, 103 Stat. 502; Pub. L. 101–647, title XII, § 1205(e), title XXV, § 2597(j), title XXXV, § 3533, Nov. 29, 1990, 104 Stat. 4831, 4910, 4925; Pub. L. 103–322, title XXIX, § 290001(b)–(f), Sept. 13, 1994, 108 Stat. 2097–2099; Pub. L. 104–294, title II, § 201, title VI, § 604(b)(36), Oct. 11, 1996, 110 Stat. 3491, 3508; Pub. L. 107–56, title V, § 506(a), title VIII, § 814(a)–(e), Oct. 26, 2001, 115 Stat. 366, 382–384; Pub. L. 107–273, div. B, title IV, §§ 4002(b)(1), (12), 4005(a)(3), (d)(3), Nov. 2, 2002, 116 Stat. 1807, 1808, 1812, 1813; Pub. L. 107–296, title XXII, § 2207(g), formerly title II, § 225(g), Nov. 25, 2002, 116 Stat. 2158, renumbered § 2207(g), Pub. L. 115–278, § 2(g)(2)(I), Nov. 16, 2018, 132 Stat. 4178; Pub. L. 110–326, title II, §§ 203, 204(a), 205–208, Sept. 26, 2008, 122 Stat. 3561, 3563.)
 
  • Like 1

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...