"Hacking" School computers
#####[Before you read: Please take into account that I am a white hat, and that my teacher (and admin of computers) knows what I am doing, so before telling me that im going to get caught, please read the whole thing]#####
So, I was just playing around with the school computers today, looking for interesting crap, trying to find out the admins password, stuff like that.And then it hit me. I suck at this stuff. I figured out how to bypass the filter that was blocking cmd prompt from me, but without admin privileges, you cant do much with that. So, heres my question(s):
1.What are some good ways to get admin access, if any. I good with batch files and stuff like that. I was just wondering.
- What are some good sites for learning this stuff. I can't keep coming back to you guys for help.
Thanks for all your help, and any answer is greatly appreciated. Unless its about how NEWB i am.
Nintendo309
Well you fail, that's HBH's official stance however you can always learn. Here is my basic privilege escalation tutorial for computers.
http://www.hellboundhackers.org/articles/articlecomments.php?article_id=805
you will receive a number of comments with just the word 'google' in them
w3school is a good website to start on
and if your teacher is the computer admin, then ask him.
My college tutor isn't a network administrator but he has taught us allot about how the networks work and shown us basic DDOS attack on our server and stuff like that.
so if its true that he is the computer admin and your teacher and he knows your doing this, ask him to share his knowledge…
Since you have physical access, there are a ton of ways. You probably just want to look for flaws in the account structure. You could plug a laptop into an ethernet jack, explore. this is a pretty vague question.
google enumeration. CEH is kinda stantard, they have a site + tutorials. many sister sites.
Moshbat is right , what Operating system is it ?
Was the computer , on its own tower or part of a network .
Do you know who set up the computers ?
If so learning more about them may divulge what the password may be ! Or atleast give you a better idea what to guess , but not always .
Depending on how the admin configured the computer (and if you are on windows xp op. sys.) you may be able to try something i have done before . I had forgotten my password to login to the internet on my computer . Witch of course had also caused me to be blocked out of control panel and few other folders as well . But luckly i didnt know about "msconfig" when i was going through & setting up passwords for things . I went to > start /run /msconfig / BOOT.INI / check the box /SAFEBOOT/ Apply / Ok / Restart . Doing this logged me in as Administrator in safe mode . I was able to disable the password from there .
Also pressing f8 during boot up works to get in safe mode for Windows .
Theres two ways that involve using cd during boot (For windows only) .
#1 : NTAccess
markuphttp://www.mirider.com/ntaccess.html
#2 : Austrumi
markuphttp://cyti.latgola.lv/ruuni/
Boot the iso on machine start-up . Once the disc loads and the start screen comes up , type nt_pass (quickly or it will go to Linux setup) and then the program will guide you through it . It will give you a menu of the different acounts active on the computer , just follow the instructions .
The more you know about the system your on the more we can help and the more you can help yourself . Google is only as helpfull as your search query is . I had this problem a few years back and learned alot of good search querys but one in perticular gets good results , type in " gaining admin privileges in xp " or what ever OS your on .
Hopefully this helps you or gives you enough to work on your own !
tóg go bog é , Neqtan
well… I agree with statement that says it's easier when you have physical access….
you can just put hacker oriented linux live CD and run hash cracker from there…. such as "trinity rescue kit" and "ophcrack", i personally love using ophcrack… i think it's one of greatest tool for any hackers….
you can even do key logger… :P
or just do buffer overflow…. I think it's the easiest and safest if you know how…..
there are many many exploits out there you can juggle with….
i agree. Safe Mode is usually open on most Windows running computers. There's no telling how many times i've cracked a password file by booting SM. Also, when you're in as admin, if you're in a lab, goto cmd and type "net user". Grab the pass, logout, and only logon when you have to. Don't change anything. That's all i can come up with.