New school system
Recently my school got a new system ( as all school networks in Queensland, Australia did) and its designed to be big brother. Its called MOE - Managed Operating Environment. The MOE techs can watch the activity of everyone in Queensland from their district offices.
I'm just curious if anyone knows how to get around the system or if they have the same problem!
Me and a few of my mates are looking into it and mucking around but everything seems too dangerous to do as of yet. Any ideas?
Yeah its a windows XP OS.
Things i have noticed it does so far is blocks access to pretty much everything. Logs of every application ran. When you log on your profile is stored on the server - So your profile is unique and everything. Its a government issued system so I'm guessing its gonna be hella difficult
Hm… Bypassing school filters is fun. Do you have access to the Task-Manager? I you have, and the loggers run as stand-alone processes, the you can simply kill them. I used to do this at my school, but then the sysadmin disabled taskmgr.exe :( You can also use the "at" command in cmd.exe to get SYSTEM rights. :D
- open cmd.exe
- kill the explorer.exe process
- in cmd.exe type "at XX:XX /interactive explorer.exe". Where XX:XX is the current time. Now you should be logged in as SYSTEM, witch means you can kill any process and do about anything you like :)
:D lol
I've had a similar system, I had to kill a process called dax64, not sure if it will be similar or not. Have you tried using the command prompt just to probe how far you can go? I also recommend looking for someone who doesn't log off their user to do this and if you find a not-logged-off admin, immediately make a new user so you can use it for pretty much any purposes and no one can trace it back to you.
LIkely they've disabled taskmanager or any functions like that. Best thing would be to get an admin account,but even those are likely logged OFF site. Best possible thing to do, unplug the ethernet, no info can leave your computer otherwise :p . Sure no internet or LAN connection, but you can play w/e games you want and trust your not gonna get in trouble. Not exactly what you wanna hear, but save surfing porn for when you get home. ;)
From personal experience, I'd recommend you go legit and continue your pursuit of pleasure in a more legal manner. I assume there are no rules against live disks.
If you can get a live cd or usb to boot from the bios, then you're free to do what you please on YOUR removable disk system.
I don't recommend a Backtrack distribution for this, but rather something like Ubuntu. It has to look as friendly as possible or they won't care whether you just booted a harmless live cd or installed a deadly rootkit on the network's security server.
Also whether you use a cd or usb disk is also important: -CD's are hidden but take longer to take out. -USB disks aren't hidden and usually flashing, but can be withdrawn in an instant. (Unless you put them in the back, but do you really want to be seen fondling with wires in the back of the computer?)
Now if this works, you have unrestricted access, but only to the desktop. The internet will still probably be monitored and limit your access. Now in my student handbook, hacking is described as gaining access to restricted files, folders, or web-pages. The latter may or may not violate the use of a proxy, but it is your best bet. First determine if your network allows you to surf via a configured proxy. IE: (41.210.252.11:8080) My schools security system doesn't allow this type of proxy. It instead forces a timeout. So if not, search really hard for a working php proxy. I know secure tunnel worked well for me until 2 weeks before school was out, and it provides a descent excuse for using it here. (Technically, using a php based proxy completely changes the url, so the web-page being accessed is actually different.)
If you just boot a live disk, and there is no rule against it, you should be fine. If someone questions you, DON'T LIE! This makes you the bad guy despite whether you were or not. Just explain what you were doing, how you did it, and why. This sort of thing is what gets you on IT's good side.
Now, in the previous paragraph I suggested that you tell them why. The truth may hurt but I don't think anyone trying to hack their school has a valid reason for doing so. Say you gained SYSTEM access to every computer on the network…. then what. OK, you did it, good job, but what do you get out of it? Not money, schools have no money worth getting caught for. You may look cool to your friends for a while, until one of your "friends" gets overheard by IT and its off to court for you. And if you are doing it just to fuck with them, you seriously need a life. The only two plausible excuses would be freedom and experience. If you want freedom you can wait the few hours it takes for school to end and you to be home. Besides, it's really not so bad working under the secured system, you'll get you to it. And if you're looking for experience, buy some old computer, setup a network, hack away. It's legal because you own them and you gain way more experience this way than trying to hack your school.
In conclusion, don't fuck with your school, it's definitely not worth it. You gain NOTHING in the end, but if you're caught, which is very likely, you loose so much.
~kvk ^_^
MoshBat wrote: [quote]Demons Halo wrote: [quote]Avlid wrote: Tough shit Moshbat. I got admin rights and changed a bit and such in my school. Now i got a job at the computer office :D
way to go dude =D
you > MoshBat
XD[/quote] Wrong. My School's Admins > His School's Admins. And I'm guessing that incident was a while back too.
But if you're stupid enough to do these kinda things, don't say I didn't warn you.[/quote]
From personal experience I agree with Moshbat. I told the school IT of various flaws they went bitching to the admins, the only thing that saved me was I had teachers on my side. As pathetic as school security is, just leave it. It is tempting but in the long run you will be thankful you listened should you choose to do so.
@KvK if there tightening security so much i DOUBT they'll 1.) have BIOS set to boot live, and will probably have a pass on it to change it. and 2.) will probably filter/ban all proxies. . Thats what my school did and there IT department SUCKED! Those are the basic security measures on almost ANY public network (School,Library,Government etc) .
korg wrote: Everyone should know how I feel about these stupid "I want to hack my school threads". Half the shit listed here won't work, and personally If you fuck with your school i hope they kick your dumbass out so you can spend the rest of your life saying "Go ahead pump 9".
I read it more as a "Help Big Brother is watching me, how do I rebel?" thread.
While I have no sympathy for uneducated schlums who wish to haxx0r their school to, y'know, be like Zero Cool, I do encourage people to undermine noisy authority and downright unethical tapping practices.
I don't care about ethics, but reason means a lot.
I do +1 korg on the nothing ever works thread :p. Plus its not worth it, i gained advanced privelages and sshed to a box from school and was suspended for 3 weeks and could't touch a computer my WHOLE senior year(and they threatend to call cops, :P ). Fortunately enough i just said F*** You and dropped and got my GED. In college year and half b4 ev1 else in my class (enjoyed bragging a lil too much) .
Your lucking enough to get into a college with a GED. Most of the schools around here have a zero tolerance on this stuff, You fuck with it your out. I've gone into schools and colleges here and had to repair the whole system from kids being idiots and I have no problem finding which student and terminal did it.
My cousins mother got into Harvard Law with a GED ;) . And i got into the University i wanted no problem with one. In the USA it is equivelant. :) . I coulda went back to school but woulda had to retake the year over, so i'd of had to WRITE every report by hand my Junior and senior year, and couldn't participate in any of my computer courses (leaving mostly GERMAN,FRENCH etc left) Which i'd of failed in anywho (since i hate them and can't adapt to something i hate easily). So it was only REAL option. And worked out fine. Going for BS Information Systems Security/Network Security
S1L3NTKn1GhT wrote: 2.) will probably filter/ban all proxies. To do that would take alot of browsing for new/hidden proxies. When the last 4 php proxies i knew of got blocked. I made my own xD.
To get a good foothold on gaining access to school network, watch a teacher type there password. For me it gave access to registry etc. But i only really use there account to leak our reports and havent really started gaining more permissions. (Leaking the reports is basically all i want to do).
WightBoy wrote: [quote]S1L3NTKn1GhT wrote: 2.) will probably filter/ban all proxies. To do that would take alot of browsing for new/hidden proxies. When the last 4 php proxies i knew of got blocked. I made my own xD.
To get a good foothold on gaining access to school network, watch a teacher type there password. For me it gave access to registry etc. But i only really use there account to leak our reports and havent really started gaining more permissions. (Leaking the reports is basically all i want to do).[/quote]
Not really. They can just filter any external IP sources (not sure if thats how to word it :p). And getting admin/teacher privs don't even help sometimes as far as going to blocked content(internet service provider provides block(at least at my school) ). though can probably have fun with other stuff.
p4plus2 wrote: [quote]MoshBat wrote: [quote]Demons Halo wrote: [quote]Avlid wrote: Tough shit Moshbat. I got admin rights and changed a bit and such in my school. Now i got a job at the computer office :D
way to go dude =D
you > MoshBat
XD[/quote] Wrong. My School's Admins > His School's Admins. And I'm guessing that incident was a while back too. Btw, i´m from sweden to. Things work almost like that here.
But if you're stupid enough to do these kinda things, don't say I didn't warn you.[/quote]
From personal experience I agree with Moshbat. I told the school IT of various flaws they went bitching to the admins, the only thing that saved me was I had teachers on my side. As pathetic as school security is, just leave it. It is tempting but in the long run you will be thankful you listened should you choose to do so.[/quote]
Yeah Moshbats school's Admins > My school's Admins. They are completly idiots… And i´m not jokeing when i say that they don´t know what cmd is :D
MoshBat wrote: [quote]korg wrote: Your lucking enough to get into a college with a GED. Most of the schools around here have a zero tolerance on this stuff, You fuck with it your out. I've gone into schools and colleges here and had to repair the whole system from kids being idiots and I have no problem finding which student and terminal did it. I was 14 years old and stupid, to my defense.
Let me put it to you folks a different way.
Hacking your school's system is illegal. Simples. When you fuck with their system, you put them in danger of losing the Exam Board license, and they don't really like that, to the point where I got arrested. Need another reason not to just sit there and play games instead?[/quote]
I got arrested for the whole Hacking local college down the road a while back. Too there suprise i wasn't even a student there( but highschool). Fortunally wasn't that bad, then again i was a minor then so who knows what they'd do now.
S1L3NTKn1GhT Said a while back:
My cousins mother got into Harvard Law with a GED . And i got into the University i wanted no problem with one. In the USA it is equivelant
Yeah, I'm from the US also, PA. A good friend of mine got into a car accident and ending up getting a GED. When he went for college most of the ones he wanted declined him. Also if an employer see's a GED he's wondering why you didn't pass, I know I do. The usual answer is I was to lazy to do my work, If you told me I hacked my school and got kicked out, I would file your job app. in the trash as soon as you left. Something for kids to think about.;)
korg wrote: [quote]S1L3NTKn1GhT Said a while back:
My cousins mother got into Harvard Law with a GED . And i got into the University i wanted no problem with one. In the USA it is equivelant
Yeah, I'm from the US also, PA. A good friend of mine got into a car accident and ending up getting a GED. When he went for college most of the ones he wanted declined him. Also if an employer see's a GED he's wondering why you didn't pass, I know I do. The usual answer is I was to lazy to do my work, If you told me I hacked my school and got kicked out, I would file your job app. in the trash as soon as you left. Something for kids to think about.;)[/quote]
Havn't had any employers ask for information or anything at all about my GED. Once you show them proof of Degree and some certs they generally don't give a shizz about HOW you made it too college, as long as you were in and were taught wtf they think you need to know, :P . Sorry to hear about your friend. And i def wouldn't be honest about WHY i took GED instead. LoL
I'm on the fence for this argument. First of all, I vote kvk's post one of the best posts here for a while.
Second, I hacked my school system's website when I was 11 and had to explain how I did it to two reps who claimed they would fix it but actually didn't. Didn't get in trouble, but again, I was 11.
Third, I suggest you don't do more than 'mess around' with your system. Don't actually gain elevated privileges. Work in your own account and see what you can do from there. Get familiar with your rules and regulations.
Lastly, one of the best things you can do is just start complaining to your teachers and officials higher-up in your school. If you're in middle school or high school it's pretty easy to get higher up. Especially if you get a bunch of people to complain with you. You can get a petition going, you can ask what their reasons are for doing this, find important people who have said that freedom on the internet is important, try boycotting school lunches so the school gets hurt. Anything legal to make them regret their choice. That would be the best way to approach this. Of course, you can always just look around for stuff through the computers and ways to bypass filters, but don't do anything too extreme.
I vote. Do your research. Figure out everything how it works before trying anything. Try to setup something at home as close as possible to how they are running their system, then see what you can all get away with and the best way to go about it.
As for people saying, DO IT or DON'T DO IT. WTH? We should all damn well know by now that every case isn't the same. So while you may get in trouble, the next might not, and the next might. Just like breaking into a website or program, there are different variables when getting in trouble.
GED, Graduated High school, collage, or just certificates. Who cares. Just know your shit and if you can actually do what you say you can, have faith in yourself. If that big boss doesn't give you a job, start your own shit. How do you think other company's did it? Shit…
ranma wrote: [quote]Zenrith wrote: Just know your shit and if you can actually do what you say you can, have faith in yourself.
If that were the case he would not have posted. You pretty much said do what you will.:|[/quote]
I have to agree was a pretty pointless post. Had nothing to do with his question. One you complained about the people saying do it or don't. Then you spend like 5 more sentaces to say DO IT. He definately didn't ask if he should DO IT or NOT he asked how he could "DO IT". You just pissed at the off topic talkers than talked off topic. :p . 3 paragraphs and all that came from was a DO IT. ;)
ranma wrote: [quote]Zenrith wrote: Just know your shit and if you can actually do what you say you can, have faith in yourself.
If that were the case he would not have posted. You pretty much said do what you will.:|[/quote]
I have to agree was a pretty pointless post. Had nothing to do with his question. One you complained about the people saying do it or don't. Then you spend like 5 more sentaces to say DO IT. He definately didn't ask if he should DO IT or NOT he asked how he could "DO IT". You just pissed at the off topic talkers than talked off topic. :p . 3 paragraphs and all that came from was a DO IT. ;)
manc4life2k9 wrote: so if u should just try hacking the school and see what happens maybe it would work out best for you in the long run
-
Fuck being automatically logged off while you're writing a reply. GAH!
-
Do not, under any circumstances, take this advice. Chances of everything 'working out' are slim to none. Schools and other public organizations are very uptight about their security because if something goes wrong, it's their fault. They will blow everything out of proportion to keep themselves (and by association, you) safe. Is it really that hard to separate your school and regular lives? You can get back to fucking around with your computer on your own time when you get home. Try paying attention during class. As lame as it might sound, you may learn something.
-
Necro-ing sucks.
manc4life2k9 wrote: so if u should just try hacking the school and see what happens maybe it would work out best for you in the long run
Sure it may work out but the odds of that happening are very slim. If you take the chance of doing this, odds are your going to get arrested as Mosh did and get in serious shit. I would strongly suggest not taking this advice.