School router needs hackin'

So, my school has little security (its an alternative school), and I figured as my first hack, Id get complete access to the network, and all that. I dont plan on doing anything crazy (changing grades, viruses, or anything like that. Just bragging rights, and knowledge. ). Ive got all the passwords for all the computers and stuff, wasnt hard but its pretty awesome.

So, about two days ago I started on the router. Ipconfig /all, default gateway: 10.101.10.1, woo! Easy part's over. I tried getting in through IE, no luck. Googled some stuff. DUH! Telnet. So, I opened up the terminal (I was on a mac, eww! 2nd period has Windows, wewt.), telnetted it up. I tried putting in the admin password and that didnt work, so I tried a bunch of other stuff, no more luck. Theyre running Kerberos (an authentication protocol), so all I need to figure out is how to sniff the password out, or bruteforce it.

And on Friday, one of the hard drives pretty much exploded. I was absent, and I alittle convinced they might blame it on me. shrug

Any ideas, or advice?

ARP Poisoning a good idea?

-bonk

http://web.mit.edu/Kerberos/advisories/

Specifically: http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-001-telnetd.txt

See if any of the stuff on the MIT site works.

I really don't know enough about Kerberos to know if ARP poisoning is a good idea/will be successful, but I'd say that even if it were, you would have to wait for forever for someone to log into the gateway, and even if they did it would be after the school day was out.

Oh, and I wonder why your admins always suspect you. Maybe because you hack to brag, then brag about hacking (two of the stupidest things you could do on a computer)? Regardless, if you managed to blow up a hard drive from miles away… I suppose you do deserve to be able to brag. Just don't be suprised whhen you get caught.

I agree with you deathrape. The best hackers are unknown…

In my opinion you should be hacking to learn how somthing works not to go to your mates "oh look how cool i am, blah blah." not right in my mined. But as long as you learn somthing i supose it doesnt matter too much :)

Peace out.

Relentless.

I dropped out. >.>

And its not exactly for bragging rights. I do it for the challenge and because it gives me something to do in that class. By saying I do it for bragging rights, I meant that I was doing it just to do it.

im not positive but i think the only thing arp poisoning is good for is pissing people off…

correction, arp poisoning gets you passwds. and seriously, you need to learn to cover your tracks, and especially not brag.

cant you sniff password packets w.o slowing everything down as ARP does?

by writing your own sniffer or using a well written one lol

mr noob wrote: correction, arp poisoning gets you passwds. and seriously, you need to learn to cover your tracks, and especially not brag.

If youre going to criticize make sure you know what youre talking about. :D

b0nk wrote: [quote]mr noob wrote: correction, arp poisoning gets you passwds. and seriously, you need to learn to cover your tracks, and especially not brag.

If youre going to criticize make sure you know what youre talking about. :D [/quote]

Actually mr. noob is right. He is giving you "Constructive Criticism" Its meant to help you. Covering your tracks is by far the most important thing you can do when you hack something. You will never get away with it if they can see it was you. You dropped out? Why are you still going to that school to hack the network? If you are doing it remotely, then I hope you are using a proxy. You should really try to learn all about the network before you do anything else. Thats the type of stuff that gives hackers a bad name. Don't be hasty, advance with caution.

@b0nk, im no flamer, im giving you good advice here or at least trying. and yes packet sniffing is the most powerful tool against networks, it will get you anything you want if you can use it correctly :)