Jump to content

Welcome to Rune Tips, the first ever RuneScape help site. We aim to offer skill guides, quest guides, maps, calculators, informative databases, tips, and much more to help you get the most from the Massive Online Adventure Game, RuneScape, by Jagex Ltd © 2009.

Report Ad

Welcome to Forum.Tip.It
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

school network security challenge


  • Please log in to reply
40 replies to this topic

#21
Mil
[ Display Name History ]

Mil

    Skeleton Shield

  • Members
  • 1,138 posts
  • Gender:Not Telling
  • Location:11-November 05
  • Joined:15 November 2006
  • RuneScape Status:None
  • RSN:Mil
It'd be good to know a few things;

What browser is used on the school computers?

What Content Management System (if any) does the school website run? Try and find out which version too (vulnerabilities).

Is the BIOS password protected on the school computers?

--> Boot Ubuntu Live CD etc.

Try basic URLS; 192.168.*.*

Try find the IP of a currently logged in Teacher and change the port (Remote Desktop programs may be running on the network) --> 192.169.0.56:5800 etc.

Print a Printer data/information sheet, usually gives you a whole lot of information on the network and it's various IP addresses.

Try http://intranet/ (I managed to get the admin password to the School website from a Microsoft Access file as they had left the intranet open. (I did not take advantage of having a admin password - not a hacker & a stupid thing to do))

Brute force password on school website.





Of course, I don't recommend doing anything like this normally, hacking won't get you anywhere if you're wearing a black hat.

#22
aquariusman
[ Display Name History ]

aquariusman

    Demon Vanquisher

  • Members
  • 2,312 posts
  • Gender:Male
  • Location:Wrapped in comforters, sweatin' through sheets
  • Joined:21 January 2006
  • RuneScape Status:None

It'd be good to know a few things;

What browser is used on the school computers?

What Content Management System (if any) does the school website run? Try and find out which version too (vulnerabilities).

Is the BIOS password protected on the school computers?

--> Boot Ubuntu Live CD etc.

Try basic URLS; 192.168.*.*

Try find the IP of a currently logged in Teacher and change the port (Remote Desktop programs may be running on the network) --> 192.169.0.56:5800 etc.

Print a Printer data/information sheet, usually gives you a whole lot of information on the network and it's various IP addresses.

Try http://intranet/ (I managed to get the admin password to the School website from a Microsoft Access file as they had left the intranet open. (I did not take advantage of having a admin password - not a hacker & a stupid thing to do))

Brute force password on school website.





Of course, I don't recommend doing anything like this normally, hacking won't get you anywhere if you're wearing a black hat.

The Ubuntu Live CD is what I was thinking. Although I get the feeling that school computers would not be set to run straight off of the CD drive. That is easily circumvented if the option is available to change the boot settings at start-up. I've actually been meaning to try it sometime with my school computers and a USB thumb drive. Of course, using the Ubuntu Live CD would just let you get around the limitations on the computer, you'd still have to get into the network and school database.



This would be incredibly fun to do, although I'd hate for it to end with someone with no technical experience stumbling across one of the holes.

There's no such thing as regret. A regret means you are unhappy with the person you are now,
and if you're unhappy with the person you are, you change yourself. That
regret will no longer be a regret, because it will help to form the new,
better you. So really, a regret isn't a regret.
It's experience.


#23
Bloodredsword
[ Display Name History ]

Bloodredsword

    Ice Giant Melter

  • Members
  • 4,133 posts
  • Location:California Gender:Male
  • Joined:11 November 2005
  • RSN:Fox hunter8
Oh wow..the damage some of the people on this forum could inflict if they were allowed to try their hand at this :P
Posted Image

Listen to the mighty words of Bloodredsword.

Tip it MGC Xbox live leader board!

#24
eckered
[ Display Name History ]

eckered

    Skeleton Shield

  • Members
  • 1,226 posts
  • Location:in my happy place
  • Joined:9 May 2006
  • RSN:twistedideal
At my school, each student is supplied with a laptop with extremely restricted capabilities as a normal user, so in order to give us access to power user with command prompt access, we simply turn off the wi-fi while it is connecting to our account on the network.



Also, in order to get administrative privileges, try re-formatting a flash drive to boot knopix, unscrew the harddrive, and it should automatically try and boot from a disc or external memory (your flash drive). After that, either grab the S.A.M files on the computer (where all the passwords are stored) or run rainbow tables, which should be easy if the passwords are short.



hopefully this will supply you with all the information you need ;)
wop wop

#25
Hobgoblinpie
[ Display Name History ]

Hobgoblinpie

    Ghost Cloak

  • Members
  • 1,824 posts
  • Gender:Male
  • Location:London, United Kingdom.
  • Joined:10 February 2008
  • RuneScape Status:P2P
  • RSN:Mansion
If they haven't password protected the BIOS, you can have a lot of fun destroying computers. My friend and I were bored one day and we decided to get to the BIOS Settings (Hold Delete at loading or something) and just changed everything. The computer pretty much got screwed. Then they added passwords to the BIOS on every computer.

#26
OldJoe
[ Display Name History ]

OldJoe

    Moss Giant Whipper

  • Members
  • 2,922 posts
  • Gender:Male
  • Location:Suecia
  • Joined:2 January 2007
  • RuneScape Status:P2P
  • RSN:Joedeby

If they haven't password protected the BIOS, you can have a lot of fun destroying computers. My friend and I were bored one day and we decided to get to the BIOS Settings (Hold Delete at loading or something) and just changed everything. The computer pretty much got screwed. Then they added passwords to the BIOS on every computer.


I've never understood why people do this. The taxpayers pay for the schools (your parents), and you go around screwing the computers up.

It's just really idiotic and immature to do something like that.

J'adore aussi le sexe et les snuff movies
Je trouve que ce sont des purs moments de vie
Je ne me reconnais plus dans les gens
Je suis juste un cas désespérant
Et comme personne ne viendra me réclamer
Je terminerai comme un objet retrouvé


#27
Nadril
[ Display Name History ]

Nadril

    Post Junkie

  • Members
  • 23,966 posts
  • Gender:Male
  • Location:Kansas
  • Joined:20 June 2004
  • RuneScape Status:Retired
It's not like resetting a bios is hard anyways. Still it's a childish thing to do and just wastes the IT's time.

#28
blade995
[ Display Name History ]

blade995

    Ghost Cloak

  • Members
  • 1,897 posts
  • Location:Massachusetts, USA
  • Joined:24 June 2004
If you can't connect to the wifi and it's an open connection (no password) it probably has a MAC filter. This would be pretty easy to connect onto though. Find out the MAC of a wireless host and spoof that MAC onto your computer and you can connect.



The router for a schools network is probably not a 192.168 address as that is usually too small for a school network (254 hosts maximum). Try 172.16.1.0 or something similar in the 172.16.x.x range. Or type in ipconfig into the command prompt to get your ip address and it's usually the first address on the address space. For example if your address is a 172.16.1.30 the router is probably 172.16.1.1.



The router may not be accessible by a web interface to begin with as it may only be accessible from a serial port depending on the network configuration.



BTW if you need to get the local admin password it is very easy to do. There are many utilities you can find on Google to tell you the password.



Soon as you get the local admin password you can then start to explore the network and see how it works. Check for simple security hole like if the system is patched with the latest windows updates and out of date versions of popular programs that can be exploited like Adobe Flash. If there's a simple security hole that's not patched on the network you can pretty easily take the hole thing down with a pre-made virus. Such as my school's network still doesn't have the hole patched that the Conficker worm uses.



If you need to open the command prompt when run is disabled. Open notepad, type in "cmd[Caution: Executable File]" and save the file with .bat at the end and run it. This is a batch file that can be very useful/deadly.



This is for educational purposes only, I am not responsible for any damage caused.
Posted Image

#29
Jaziek
[ Display Name History ]

Jaziek

    Ice Giant Melter

  • Members
  • 4,330 posts
  • Gender:Male
  • Location:York
  • Joined:31 May 2006
  • RuneScape Status:Retired
  • RSN:SGNT_Wraith
if any of this stuff actually WORKS, then you have the worst school security system ever made. And it sounds like your tech guy knows his stuff, so he'll be working against you the whole time.
Posted Image

#30
Salad
[ Display Name History ]

Salad

    Skeleton Shield

  • Members
  • 1,137 posts
  • Location:Behind you o.o
  • Joined:16 January 2007
  • RSN:Salad170
  • Clan:*noname yet* pk clan
If you can, try to make it that when you go on the website, a video of Rick Roll starts and when somebody opens a computer, everybody gets Rick Rolled. That would be sooo funny.
Posted Image

#31
Nero
[ Display Name History ]

Nero

    Dragon Slayer

  • Members
  • 5,283 posts
  • Gender:Male
  • Joined:23 April 2006
  • RuneScape Status:Retired

If you can, try to make it that when you go on the website, a video of Rick Roll starts and when somebody opens a computer, everybody gets Rick Rolled. That would be sooo funny.




ha ha... :|

#32
Smapla
[ Display Name History ]

Smapla

    Demon Vanquisher

  • Members
  • 2,498 posts
  • Joined:12 July 2005

If you can, try to make it that when you go on the website, a video of Rick Roll starts and when somebody opens a computer, everybody gets Rick Rolled. That would be sooo funny.




the video is not called "Rick roll" it is called never gonna give you up. rick roll is the term used when you trick someone into viewing / listening to the video / song.



bob rickrolled suzy

bob wants to rickroll suzy

bob was rickrolled by suzy


bob likes rickroll by rick astley
Posted Image

#33
aspokaspofkjsopfkapo
[ Display Name History ]

aspokaspofkjsopfkapo

    Varrock Guard

  • Members
  • 1,486 posts
  • Gender:Male
  • Joined:7 March 2007
  • RuneScape Status:None

If you can, try to make it that when you go on the website, a video of Rick Roll starts and when somebody opens a computer, everybody gets Rick Rolled. That would be sooo funny.




the video is not called "Rick roll" it is called never gonna give you up. rick roll is the term used when you trick someone into viewing / listening to the video / song.



bob rickrolled suzy

bob wants to rickroll suzy

bob was rickrolled by suzy


bob likes rickroll by rick astley


win

#34
knight10071
[ Display Name History ]

knight10071

    Bear Fur

  • Members
  • 410 posts
  • Gender:Male
  • Location:Location doesn't matter, destination does!
  • Joined:8 January 2006
  • RuneScape Status:P2P
  • RSN:Aurei Animus
I don't know anything about the actual security, but recovery questions are a great way to get into accounts. (One of our teachers actually has "Red" and "Ferrari" as answers to favourite colour and car.
Posted Image

#35
Furah
[ Display Name History ]

Furah

    Dragon Slayer

  • Members
  • 5,081 posts
  • Gender:Male
  • Location:Australia, mining some Australium.
  • Joined:31 May 2007
  • RuneScape Status:P2P
  • RSN:Emp Midget
  • Clan:Reddit

I don't know anything about the actual security, but recovery questions are a great way to get into accounts. (One of our teachers actually has "Red" and "Ferrari" as answers to favourite colour and car.


I wonder what he would like as a present from someone....not a gray Holden, obviously

Steam | PM me for BBM PIN

 

Nine naked men is a technological achievement. Quote of 2013.

 

PCGamingWiki - Let's fix PC gaming!


#36
AndyPandy
[ Display Name History ]

AndyPandy

    Ghost Cloak

  • Members
  • 1,932 posts
  • Gender:Male
  • Location:London
  • Joined:30 January 2008
  • RuneScape Status:Retired
  • RSN:Booyo5
Are your school computers RM by any chance?



Rm is an education-only brand, and interestingly, their computers are set to boot from a USB over the HDD. So, in theory you could get a portable linux distro, and run that, and do anything you want.

So don't let anyone tell you you're not worth the earth,

These streets are your streets, this turf is your turf,
Don't let anyone tell you that you've got to give in,
Cos you can make a difference, you can change everything,
Just let your dreams be your pilot, your imagination your fuel,
Tear up the book and write your own damn rules,
Use all that heart, hope and soul that you've got,

And the love and the rage that you feel in your gut,
And realise that the other world that you're always looking for,
Lies right here in front of us, just outside this door,
And it's up to you to go out there and paint the canvas,
After all, you were put on the earth to do this,
So shine your light so bright that all can see,
Take pride in being whoever the [bleep] you want to be.


#37
noble_aloof
[ Display Name History ]

noble_aloof

    Varrock Guard

  • Members
  • 1,326 posts
  • Gender:Not Telling
  • Location:Dunder mifflin
  • Joined:27 January 2008
  • RuneScape Status:P2P
  • RSN:Noble Aloof
  • Clan:Fenghahe's Elite Investing Guild
hey everybody, sorry i haven't updated in weeks. the "challenge" is now over, two older kids cracked the admins password and thus could do anything they wanted. WE did manage to do something though



i choose to work with a friend, he was the leader of our two person group, so he would have to write the paper.



heres what we did:

came in with PSP's to detect wireless connection, then went to 127.0.0.1 or something like that. it needed a password, however there was some problem with the page where it said "smith" -named protected for privacy. smith is our computer admins last name. (as i stated before)- the wireless router only sent out a certain type of signal, which my ipod touch could not pick up. if my ipod DID connect, i could have used iNet to portscan and see what was on the network.



i tried many passwords and then remembered something from the beginning of the year.



my last name has an apostrophe in it, and i couldn't log in to the school computers. so at the beginning of the year, mr. smith had to log on and change my information. i remembered that his username was simply "smith". and on his username, from any computer, he could do anything he wanted (including modify usernames and such)



i tried many passwords, but to no avail. i knew i would have to do something different.



i started looking all around the schools website for example (www.school.net) and saw that some pages were viewed through directories.

for example, to view the school calendar- www.school.net/PRINCIPAL/calendar.

so, i decided to go to www.school.net/principal.

access was denied. this was interesting.



next i found a very useful directory. www.school.net/MainFeatures/

i browsed this directory and found a lot of useful documents

through this directory, i went to another directory www.school.net/mainfeatures/johnson (another one of our administrators)



i went home that night and thought about what to do next. the next morning (saturday) i went to the /johnson directory where i found a folder called "troubleshoot" . it required a password to view. after several failed combinations i had my friend come over. we continued to try until we found that johnson's first name was the password. now we were getting somewere.



inside this folder we found many different useful pages. we found a folder titled "08 server switch"- this was when our computers were updated over thanksgiving break in 08. inside this folder there was a folder titled "principal"

there were several old files there, but we finally found a useful one, titled "login"



this was an html file which was sent to our principal from johnson. it said "hello, patrick. incase you are having problems logging in upon returning to school, please use this form to log in to your home page"



it had username, password and then a button to login. for some reason, the button was un-clickable (disabled)

stupidly, we thought we had to be in school to do this. the next day in homeroom we tried it but the button was still disabled.



when i went home that night i decided i would use firebug, and to my suprise, i could enable the button!

i had alot of work that night so the next day i had my friend over.

we went to the directory, enabled the button and entered our login information. upon clicking it we were redirected to www.school.net/principal with plenty of options! success!



we decided not to tamper with anything so we submitted our paper on what we could do and such. the admin was pleased, and we were both placed in advanced computer science!
Staking: 4+ mil
Current Status: Training defense

#38
Denismage
[ Display Name History ]

Denismage

    Skeleton Shield

  • Members
  • 1,040 posts
  • Joined:27 March 2005
Only if my school board allowed this.

#39
Chaise
[ Display Name History ]

Chaise

    Goblin Armour

  • Members
  • 126 posts
  • Location:somewhere over the rainbow
  • Joined:26 August 2007
  • RSN:Chaise91
Noble, once you got to the principal's "page", what were some of the things you could've done?
~~Chaise91~~

#40
noble_aloof
[ Display Name History ]

noble_aloof

    Varrock Guard

  • Members
  • 1,326 posts
  • Gender:Not Telling
  • Location:Dunder mifflin
  • Joined:27 January 2008
  • RuneScape Status:P2P
  • RSN:Noble Aloof
  • Clan:Fenghahe's Elite Investing Guild
it seemed to have a thing where i could send a message to every teachers email adress

i could write a school bulliton

i could edit the calendar

i could edit the school cafeteria survey/menu

a tab said "admissions"

another tab said "athletics"- i'm guessing i could edit the athletic ticker and athletic pages

another tab said "dean of students"-i could view the JUG lists, disciplinary records, fundraiser, class trip, and special even information, funds, messages, etc- this seemed to be viewable by all teachers

another thing that seemed viewable by all was the "teacher center". the principal probably had administrative privilages there.

i didn't look into it, but there was a link to "final exams"

there was also a link to "grading" :ohnoes: :ohnoes:







i'm sure there was more.. i should have seen what else i could have done. hehehe
Staking: 4+ mil
Current Status: Training defense




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users