School Network - wide open it seems
Ok, so I'm in total shock that my school has the CMD and PowerShell prompts available to even the guest user. I'm also able to right click and run CMD prompt as an administrator. yikes
Shutdown -i is able to execute cmds across the network/sometimes it says access denied..
I can access my computer settings and view the network mapping of both college campuses, seeing all sorts of device names.
I'm also able to remote connect to various desktops across the school as well. As long as the PC has this option enabled.
As you can see there are some security issues at risk here what are some other issues that I should probably check to help improve my schools security
Thanks
Scar0ptics wrote: to help improve my schools security
Well that's boring.
Write a script that will cause all the computers on your network to brute force all the routers passwords (good idea to try default user/pass combos) and then rewrite dns. Reroute sites like facebook.com, twitter.com, or any other popular sites to your own site that mirrors these sites, but include firefox/IE/chrome exploits so you can take over the computer of anyone who connects to the network (including all of the local school's computers). Presto! Your own botnet!
Honestly it sounds like you have pretty much free range to do whatever you want - really you're just limited by imagination.
Ok, im not trying to be destructive here, although that sounds fun. The command prompt gives me full access to just the machine I'm on itself but not the entire network, for example, I can't rename any server files. I am able to install anything I want on the machine and run/execute anything. The system is running windows 7 and I'm not sure what programming language to write a script with.
Any advice there? Perl? Python? What will the system be able to recognize and read it when I execute the script on a local machine?
All the computers get reset to how they want them to be after every restart. I believe the client computers are booting from an ISO file from a server, every time that way nothing gets saved on the system machines. It keeps the computers from getting plugged up and unusable with all the BS people download. I know they use some type of freeze method to do this, not sure if what I stated above is accurate though, as far as booting from an ISO image file from the clients local server on the network.
But I do know that file i save on the desktop will be gone after reboot.
Mordak wrote: I would use CMD and save a txt file to C: then restart the machine, just to test if the school are using deep freeze of some other kind of sandbox system.
I did that today and nothing got saved in the C:// drive after a restart.
Although I did do a port scan an a lot of 135, 139s' are open..some ips' have telnet port 23 open but the telnet.exe isn't even installed. thumb drive will come in handy, I don't get why they let people install anything because it defeats the purpose of disabling things like telnet.