Thread subject: Security Override :: [Hacking]School Computers

Posted by mourato on 02/18/2014 16:22:23
#1

Hi guys..

Me and my friend managed to hack the school computers admin password by changing the sticky keys to cmd and simply playing with the admin power we have after we login..
We have discovered that it affects each computer individually, so if we change the admin password it is only for that computer.

later on the day I talked to a friend of mine and he said the school computers use an online DOMAIN for storage. basicly each student has one account with 100mb's space.

We have set up remote control with hamachi and we can now log in from home at any time of the day when the PC's are on.

My question here is, how can we take advantage of this admin power to gather the most information. or can we access the domain trough the school computers ? how can we discover any more relevant info in this massive quest ?

Thanks!

Posted by ledmatrix on 02/18/2014 18:45:16
#2

At the risk of sounding like a killjoy, I'd check to make sure you're not committing a crime first. But fwiw, I'd recommend undoing anything you've already done and if you absolutely MUST keep doing it, I'd refrain from announcing it.

You may want to check out U.S. Code Title 18: Crimes and Criminal Procedure Part 1: Crimes: Chapter 47: Fraud and False Statements: Section 1030 and U.S. Code Sections 2510 and 2701.

Edited by ledmatrix on 02/18/2014 19:33:40

Posted by Abhinav2107 on 02/19/2014 02:50:21
#3

Kindly keep the discussions hypothetical and like ledmatrix said this might be a crime. Take proper permission to test your school's security before proceeding.

Anyhow, gathering information will depend a lot on how the domain is set up and what privileges does the administrator account have. (I mean there's gonna be little info on the particular system you have access to.)

Posted by mourato on 02/21/2014 06:46:58
#4

It's alright guys, we aren't any major hackers, we aren't going to harm the place nor steal bank accounts ;) just exploring a bit!

Posted by jepeeps1 on 04/28/2014 08:02:05
#5

You don't have to harm people in order to get sentenced to prison for internet crimes. If you'd break into some company's servers, or google if you could ever, but not steal any data and just announce to google that "hey here's the bug!" you still could get sued. It's basically like robbery: if you break into someone's house but not steal anything ... it's the same ;) be wary...

Posted by PythonB on 04/29/2014 10:39:46
#6

Bro i did too, and you know what? I did it the same way! Now I made myself admiin and have more control over the network then the security system analysis admin... so let's talk. PM meB)