############################################################################# #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ############################################################################# # Hacking NT Based School Networks # # # # By, AcidMeister # # # # http://www.vol.com/~ameister # # # ############################################################################# #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ############################################################################# Index. 1. Foreword 2. Reading Files With any Word Processor. 3. Bypassing Standard Windows Security. 4. Networking Foreword. 5. Network Implementation within School Systems. 6. Hacking NT Foreword. 7. Hacking NT. 1. Foreword. Well sometimes you just sit there in your computer class on some little crappy computer that is running win 95/98 and is possibly hooked up to some sort of NT server. As a UNIX hacker my only objective in hacking Windows's is for fun and profit J Well anyway here are a few tricks I have picked up, you see windows is easy to hack because you're not really running programs under your user privileges, and so if you can trick the computer into letting you run programs you are allowed to run and then run another program from within that program, and well that's your basic windows hack. 2. Reading Files With any Word Processor. Fire up any word processor you are privileged to use just use notepad as an example. Choose file then open in the filename field type in c:\ The full contents of the c drive should now appear, now just open any file you want to read. Say you can run calculator but you cant run command.com (this gives you a DOS prompt) well open up command.com in your word processor as explained above then save it as any file your are privileged to use for example calculator.exe . The next time you open calculator.exe a DOS prompts pops up and there you go, a DOS prompt! 3. Bypassing Standard Windows Security. Sometimes you teachers or whoever will be using a program such as policy editor (comes on the windows 95/98 CD)this little program blocks your access to certain aspects of the computer through the registry, well there are several ways of getting around this. One, put a copy of policy editor on a disk and run it from a word processor as explained above, well actually run it any way you can, then simply edit your privileges. Another real good way to bypass any security program that runs within the the F8 key a couple of times right after you see the "Now starting Windows 95" Soon after you do this you should see a screen pop-up with several choices on it, simply arrow down to safe mode and hit enter. When windows finally boots up (it will take a little longer than usual) the screen will not look all cool!, you will have no sound, but the main thing is that no security programs are running, this means No Restriction for you. Now you can temporarily disable the security programs and boot windows up into it's normal state. However don't forget to put everything back to the way you found it after all the challenge of hacking is not gaining access, but rather keeping it. 4. Networking Foreword. As you should now be able to at least have full access on your school computer, I shall move on to the networking of school networks and how to hack NT. 5. Network Implementation within School Systems. Generally schools will have a MAN (Metropolitan Area Network) They will have a network which spreads from the elementary school to the high school, these networks are the most fun to explore and use the most common IP address setups. For example, if you are computer 13 in a classroom you will probably have an IP address something to the likes of 10.3.0.13. When breaking this IP address down we discover the following… The 10 is recommended in the networking part of the Microsoft documentation under networking, the 3 is probably the school which you are located at this number varies with your schools analyst/administrator, 0 is just taking up space because of the class of IP address this is, however in densely populated areas this may be used to even dive the room in which you are located, the 13 is simply the computer number you are located at, this number also varies according to your school's admin. In the following scenario the school more than likely has a gateway, and a DSN server, the gateway will probably be located at your school so it normally has the first address 10.3.0.1 (following the above examples) Since the whole school system is a MAN the DNS server is shared between every school in the area, and is probably connected to a fractional T1 or maybe even a T3, so it more than likely would have an IP address to the likes of 10.0.0.1. Depending on your school the network setup could be very different, another setup with I have had experience with is the application server. In some schools there exists a main server which has say Office 97 on it, and every computer in the school uses the network to run this program, this can quite easily be done with Citrix and NT terminal Server. This one server will also have Internet access, and will basically allow anybody on it access tot he whole network. Now, say that you could run Word and successfully crash it and the server boots you into an NT desktop… Well, yours truly has sat on a Windows 3.11 computer running Citrix and has been an NT administrator on NT desktop for two periods a day. The process of doing this is not complicated at all, simply run any major Micro$hit application (in my case anything from Micro$hit Office) now go to open file, one the open file window pops up right clock anywhere between the files (be sure not to actually click a file) one the little right click menu pops up, click explore. Well there you go an instant NT desktop. 6. Hacking NT Foreword. Now you should know a couple of tricks using NT, now it's time to get down to some nitty gritty NT Hacking. In the next section I will simply list some places for you to find NT hacking documents, because there are just too many way to hack NT than I can list. 7. Hacking NT. Well you could start by searching in search engines such as http://www.altavista.com or yahoo.com or whatever. Also check out some of the regular hacking sites such as l0pht.com and rhino9.org , well as for me I am heading back to my UNIX machine to try and learn python, laterz….. Hope you enjoyed the text…. ############################################################################# #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ #############################################################################