Tutorial: Hacking your School

[~OddBall~]

Ok I'm feeling motivated once again so here's more tutorials. Feeling quite annoyed that there's no general tutorial section so I'll just put it in here.

I. Needed tools:

1. Any linux live distro
--Knoppix : KNOPPIX - Mirrors
--Ubuntu : Download Ubuntu | Ubuntu

2. LM Extractor + Cracker

Cain : oxid.it - Cain & Abel
Pwdump2 : http://www.openwall.com/passwords/dl/pwdump/pwdump2.zip
3. Data Transportation
Any of the following will do:
iPod : Yes, an iPod
USB Drive : Flash drive, memory stick, etc...
Floppy : You will need 2; due to the file size

II. Method:

1. First off try to bring your iPod or flash drive to class daily
at least a week before you actually attempt this, so nothing seems
out of the ordinary.

2. Alright, so here is the last day of the week, your bored, but you need admin on the school computers to install Steam and play CS. First off, choose a computer
where the screen isn't facing the teacher. Once you get to it, immediately pop the linux cd into the drive, and hold the power button down for 10seconds to do a force-shutdown.

3. When the live cd boots up login to linux and pull up a terminal.

4. Once in the terminal, plugin your iPod or USB drive (floppies, if
you use them will come later.)

5. Now, you will have to check 'fstab' and look for where your iPod or USB drive is and mount it. Make sure when you mount it, that you mount it with 'write' permissions otherwise you would get all kinds of errors.

6. Once it is mounted go into 'C:\windows\system32\config' and copy
the 'SAM' and 'SYSTEM' files onto your storage device. This is also the step
where if you are using floppies to put floppy in for each. WARNING:
depending on amount of users and other factors it may not fit on a
floppy drive.

7. Once saved, pull out the iPod and/or USB drive. Also don't
forget the LIVE cd you used. Then do another force-shutdown

III. Cracking:

1. By now I would've hoped you downloaded one of the LM hash crackers outlined above.

2. Using Cain & Abel from oxid.it, open it, click on 'Cracker'
select 'lm' and import the unnecessary files.

3. Have it start, once it has begun set your processor priority a notch
above what it is. DO NOT SET IT TO 'real-time' or 'high.'

4. Depending on the complexity of the password/hash it should be around
8-10 hours of cracking. My schools was something like '34gdfgDf4g5' and
I was finished within a nights rest.

IV. Getting in safely:

Chances are your school runs on windows xp and is using domain-login.
This is the most common way to monitor, and update a windows network as
large as a public school. So now that you have username/password of the
admin account for one computer in your lab there is a 95% chance it is the
same for all those other accounts. Unfortunately you come into one big problem
here.

### ALL ADMIN ACCOUNT LOGONS ON A DOMAIN ARE LOGGED. ###

Put simply, if you mess this part up, enjoy suspension/jail.

Walk up to the computer, getting to class early obviously, and unplug the
ethernet cord from the back of the computer. THIS IS ESSENTIAL FOR YOUR
SAFETY.

Now log on to the computer using your admin account. Quickly go in and add
another admin user, using the control panel 'Manage Users.'

TIP: Make sure the name/pass you create for a new admin, is totally random
thus leaving no 'bread crumb trails.'

Logout, then plug in the ethernet cord, and log in to your new admin account.

Cheers!


FootNotes:

To take this one step further, when you get to your Windows 2000/XP log on
screen look at the domain that you log into.

Resolve the host name and get the ip. Even without IP you can use remote desktop
client that comes on all the machines by default. Even if it is not in the menu
because your computer admin thinks he is smart open up 'run' or the address bar on top
of 'My Documents' and type 'mstsc.'

Once opened type in domain name and hit connect. If you see another login window you can
try the admin password you used.

### ALL ADMIN ACCOUNT LOGONS ON A DOMAIN ARE LOGGED. ###

So be careful, use a proxy, etc.

-Odd

[TheBluePanda]

holy shit stake, I kinda readed all this stuff AND I don't understand a shit!

Thought, awesome job, would +rape if it wasn't on CD xD

[~OddBall~]

you can download the iso and burn onto disc but whatevs....

[maclone]

Ophcrack Ophcrack
'nuff said

[samsta458]

lmao been looking for something like this for a freakishly long time. +rep x2

[unknown1234]

Heh, nice +rep

[joric]

shame that the school network in south east Queensland, Australia is all one network and the Ethernet cable is needed to plugged in to connect to the network (i think so anyway). I may as well try it anyway, got nothing to better to do when on computers cause my account got banned for playing and hosting a LAN game of cs. i hope the bios is set to boot from cd cause i cant change the bios settings on the school computers lol.

[fdfcool]

holy shit stake, I kinda readed all this stuff AND I don't understand a shit!

Thought, awesome job, would +rape if it wasn't on CD xD

Uh oh, not good :S Anyways, nice post, I did this at school, played in 3 weeks untill my teacher used that PC to login and check some stupid population in *****ia, and Steam login showed up xD

[Xronis]

you dident write this, i found this years ago as a script kiddie googling ways to haxor my school.

100% positive this is copy pasta

[crzymazy]

wow this is crazy i didnt think that was possible

[elitewaffle]

lol out schools cd drives dont work
my friend tried it at his school and was caught.

[Jens]

Ophcrack Ophcrack
'nuff said

+

Code:

http://www.pendrivelinux.com/2007/06/12/creating-a-bootable-usb-ophcrack/

then all you have to do is plug in the usb, go to to bios when booting and set usb boot on top of the others so it boots first, its THAT easy.
tested and working btw, had to crack my own laptop because i forgot the password :<

[trunken2001]

+Rep for thisWOW Imao XD

[tomoboi]

Ophcrack Ophcrack
'nuff said

lol off topic but the lightening last nite was bad, driving bk lol

[zachj95]

Lol i remember a post on HS of some guy saying this kid hacked his whole school and took down all the internet :\ it was funny as hell