[ kaitensushi ] [ lounge / arcade / kawaii / kitchen / tunes / culture / silicon ] [ otaku ] [ yakuza ] [ hell ] [ ? / chat ] [ lewd / uboa ] [ x ]

/silicon/ - technology

from the trenches
Password (For file deletion.)

• Files Supported: webm, swf, flv, mkv, mp4, torrent, 7z, zip, pdf, epub, & mobi.
• Embeds Supported: youtube, vimeo, dailymotion, metacafe, & vocaroo.
• Max. post size is 10MB / 4 files.

Remember to keep it cozy!

Captchas didn't work. Sticking to janitors while we try to think of something else.

File: 1479894822539.jpg (78.36 KB, 1280x959, photo_2016-11-23_09-52-18.jpg)


Have you ever messed with your school's wifi?


Nah, someone hacked the university library during finals to make every computer play some internet meme on loop once though.


I can't even manage to get a stable connection with certificate and proper login. Sudoing everything was a mistake. (´A`)ノミ口


My school didn't even have Wifi.


seriously? Was it near a major city?


No, but I don't think other schools had Wifi, either, and as far as I know, this hasn't changed much. "It's a distraction from learning", so it's just not a thing here.


I forgot they said that at school


WiFi or even capable devices weren't a very common thing when I was in high school.


Same here.
I graduated in '02 so WiFi wasnt that big yet.


No but I once booted a linux iso on a school computer.
The next day my IT teacher came up to me and knew what I did. No idea how he found out. He didnt have a go at me because we were mates but the next time I went on the computers they all had BIOS passwords on them.


My high school had port blocking; it only allowed a few ports through. I set my personal server to host SSH on the HTTPS port so I could tunnel through that and do whatever I wanted.


I did the same thing, but my tech teacher was so incompetent/couldn't care that he didn't even notice I deleted all the windows files afterwards.

I'm guessing that that pc will never boot, since no one actually cares enough to fix it.


It all started in grade 9 when i made a funny script which pressed keys on the keyboard to automatically create accounts based off a random name list on a plagiarism checking site that our teacher gave us the sign up key/pass to. I left it running on a old school library computer that no one ever used for a week. By then it had created over one hundred million different student accounts under our class! it was really funny because it caused the site to be shutdown for maintnance for a long time after.

thats when i decided it would be more fun to aim for a larger goal of taking over all the school computers.

Once i had cracked the admin pass by extracting the hash from the SAM hive and throwing it through a cracking website paying using my parents paypal.
It was all easy from there…

With newly gained admin priviledges I setup keyloggers and trojans on all the public school computers which I set to specifically capture email/social website accounts and passwords and sent them to an email account i created using a proxy. by end of 3 days i had around 250 unique user/pass combos by the end of the week i had 3 times as many! Pretty much the population of the entire school. I ended up leaking account passwords to people who hated each other all over the school! i also threw things about jews that i found on /pol/ on many other peoples facebook accounts. After about a week there were large lineups at the office and student counseling during lunch. One person even got into a serious fight with someone else in the hall.

Then I gained access through ssh, vnc, and shit to local schools teachers computers, routers/firewall, administrative computers and even computers at other schools in the same district since they all shared the same password. I had direct administrative access to multiple priniciple's and district chairmen's computers and I was able to gain access to private banking and other personal information and account passwords. I dumped this all into one large file. mfw i could modify anyones grades and fire any teacher!

I then changed the admin password for all of the networked computer effectively locking the sys admins out. I started giving my friends A's assignment by assignment. I disabled the firewall and locked the admins out several times so now catching people browsing porn sites was a regular occurance. I often read through the administrative district emails that contained sensitive and private information on my spare time.

I dont know what the sys admins had been doing all this time but it obviously wasnt their job. Eventually there were police sent in to investigate and a reward offered to anyone who could catch me! every day i was checking my back and still trying to act as normal as possible. There was always talk of the mysterious "hacker" in the hallways. But i obviously wasnt a master of covering up my footsteps so me getting caught was inevitable. One day there was a call for me to come down to the office during class. My paranoia had paid off! After I had got up and calmly left the class room I fled the school and ran into the forest behind it. I ran faster when i saw the police cars in the back parking lot. A police officer noticed me sprinting out of the school and a chase ensued after i was out of viewing distance i hid behind a tree they passed right by me for a second but the police dog found me out.

Instead of going to the police station for some reason they hancuffed me and led me right back into the office. Where they continued to interrogate me. Me being in grade 9 i could only take the interrogation for a few minutes before I broke out in tears. They said stuff like my friends had ratted me out, i would be expelled from the district, we will take you away from your family and put you in a juvenile detention center, etc. I kept repeating that i didnt know anything over and over again in between sobs even when they really yelled at me. I had eventually stopped listening to what they were saying this went on for about 2 hours. Eventually out of nowhere the principle suddenly took sympathy for me intervened and told the police to stop interrogating me and took them into the back room. I heard bits of the conversation like that she would take responsibilty for my punishment instead and thanked them for their work. I was then sent home where i spent the next two weeks suspended in school and forced to go to a psychologist twice. I was shunned by my parents for the entire time. I was deemed okay by the psychologist and they let me back into school.

I was expecting to be looked upon as cool and infamous when got back into school but in reality it was the opposite. Even my previous "friends" left me since they served detention for 3 months after my suspension for simply not ratting me out sooner. For the next two years in high school i ate my lunch alone.


Well this is the best post I have read in a while. All my exploits seems trivial in comparison sushi.


It is a fun story, but it's really sad that you were alone for two years!


The life of a hacker is a lonely one. Have you done anything since then or are you afraid of getting caught again?




>Have you done anything since then or are you afraid of getting caught again?
after the incident I was kinda perma-banned from ever touching a computer in the school again
so for the two years I started producing electronic music on a laptop I bought instead and eventually got kinda decent
heres some stuff I made a month or two ago https://p.fuwafuwa.moe/kadyoq.wav


>grade 9
Damn, this was a modern version of old hacker novice tales I've heard. It's a shame your story ended so poorly and you got a cop interrogation instead of getting recognition from school sysadmins.

My pre-college schooling didn't let the students touch computers at all outside of the classes that taught Office usage. Community college was pretty supervised since some of the professors would do sysadmin shit and I went to a research university. At least you got to have "fun", if you can call it that because of the results.


I did and I went to a public school so security was a joke.


File: 1482417800001.jpg (47.98 KB, 550x700, 1481731711375.jpg)

when i was 12 yrs old i hacked a girls email adress, then with that i used the recover password on her facebook account and started shitposting about mens dick being huge and tasty.
best part is actually i didnt do any hacking i just simply guessed her security question and thats how i got into her email.
Somehow people found out and to this very day everyone thinks i am some super cool hacker, bullies literally step out of my way and i earned a crap ton of attention.
i also got a bunch of fake friends.
im 18 now on last year of school so if anyone can run me through on how to screw up the computers in my school i'll gladly do it.
keep into accoutn im not a l33t HaX0r or some shit


File: 1482418001664.png (160.49 KB, 540x540, 1479589371052.png)

btw i totally forgot to mention this girl was an Stacy, she was very popular.


schools didnt have wifi back then


Do student accounts have admin rights (I assume they use Win 7 or higher)? I only know some petty tricks, but they all require admin rights.



if your schools computers use windows 7 enterprise
theres this skiddie trick i discovered on my own no exploits required
it will require around 50 minutes unsupervised

turn on the machine and then quickly shut it off once it gets to the boot splash screen
turn it on again select repair computer it will be the first option on a screen that kindof looks like the screen when you normally press f8 on startup except it will have way less options
i think this only works if you have a windows repair partition on the target computer
often admins dont know to remove this
you will know if theres no partition if it says something like insert install disc and select repair

the repairing time will take a long time around 30 minutes
after a while a screen will pop up saying unable to find problems or something
click continue to search for additional problems or something
it will take around another 15 min until it presents you with another screen
click the show details dropdown on the window it will show you a bunch of text
scroll down to the very bottom and you will see a blue somethinglog.txt link
click it and it opens notepad

on notepad click file->open and it will open a mini file manager
browse to C:/Windows/system32
create a new folder copy both cmd.exe and sethc.exe to the folder
create another folder inside that one and drag cmd.exe into it
rename cmd.exe to sethc.exe
right click and copy the now renamed cmd.exe
now go back to C:/Windows/system32 and delete the original sethc.exe and replace it with your own renamed cmd.exe
if you have a flash drive it might be useful to plug it in and copy the SAM hive

exit notepad and reboot
now once at the login screen press shift five times and a SYSTEM privledged prompt will appear on the login screen now you can make pretty much any changes you like to the system

Extra info:
you can do the same with a bootable linux flash drive
just boot from flash drive and access the file manager and switch the files in step 3
if theres a BIOS password just lookup documentation for the computers mobo
theres often a password reset jumper
just open the computer while no ones looking and remove the jumper
then you will be able to access the BIOS and redo the boot order so your flash drive boots first


>senior year of high school was in a brand new building
>school is touting connectivity/technology as part of an image makeover
>students soon figure out how to access WiFi
>classroom speakers use bluetooth
>kids go around hallways catching speaker connections and playing music to unsuspecting rooms


>password reset jumper
You could also just pop out the CMOS battery and put it back in.


doesnt work on newer mobos with flash memory


Well that's disapointing.


>I started giving my friends A's assignment by assignment
>I obviously wasnt a master of covering up my footsteps


I ain't been up to no h4x0r soy, but I have a school computer related story.

I was in unsupervised music lesson on the computers. Obviously no one was working, they're just watching youtube videos (mostly talk show clips for some reason). Suddenly everyone receives an alert from the technician saying 'Do your work'. Idiots are taken aback by the fact they're being monitored. A open work related window, but most just carry on and kept reviving alerts. I suggest everyone opens full screen strobe lights, the whole class apart from me does it. No one gets any more alerts.

Tfw I gave the technician a seizure and am the only one who didn't get punished.


File: 1487353270316-0.jpg (4.67 KB, 480x360, hqdefault.jpg)

File: 1487353270316-1.jpg (44.21 KB, 600x401, pedro_infante_musica-movil.jpg)

I didn't have wifi in my school when I was a kid but I did mess up with the computers at the library.
I was 15 and I'd skip classes at the school library making dumb games with Game Maker. It was really fun and all that. I had a friend with me doing the same thing.
Once we came up with a hoax: we made an executable that'd go fullscreen, filled it with windows icons, particularly the animation from which [pic #1] is a frame, I'm sure you've all seen it. It also had a progress bar and a bunch of random file paths (C:\Users\blah\blah) in rapid succession printed above it. And a big message "Fatal error: virus detected. Deleting all system files" or something.
To make it even more convincing, we took a screencap of Internet Explorer and had it display briefly before the "virus" screen. The screencap had the start page everybody (including the PCs at the library) used at that time, an news site (msn news), and that day it displayed a huge picture of mexican singer Pedro Infante [pic 2 is the same pic we had]. We therefore called our ruse "The Pedro Infante". We then set the icon for the .exe to be that of IE, we replaced the IE link in the desktop with our executable, and there you had it: Any unsuspecting soul who'd want to use "The Internet" would click the IE icon, have a screencap of IE (with Pedro Infante laughing), and suddenly a message saying that a virus was found and the system was being wiped, with very convincing windows icons.
We also disabled all keys, so the only way to close it was Alt-F4 (doesn't take a genius to try that), but the program had a trigger on exit to launch itself 20 more times. Being Game Maker (DirectX) this would freeze the system.
Next day we went to the library to find that one computer was "out of service" then it was two computers. The library only had 4 computers and soon they were all closed, we asked why and they said "They all have a virus". We were like "no they don't" "yes they do" they replied. So our little prank came back to bite us.
Even worse, we used the computer lab to make our shitty games now, but I accidentally left mine open once (a pedo Barney (the dinosaur) game) and we got caught because of that and almost got expelled. Luckily we were in finals so the principal took mercy on us.
Pedro Infante is one of my fondest computer memories.


i saw the defcon talk about this still a cool trick though


this is actually pretty funny.


Nothing special, but I there was a set of computers that we used to play shitty flash games on. I changed the boot device on one of them so other people couldn't get on it. Good times.


My school used a custom-written program to display student schedules and lesson plans. It allowed for students to set their own homework reminders, and the shitty editor software they used allowed file uploads. The site was written in PHP and the incompetent administrator hadn't thought to disable uploads of PHP files. I uploaded a php file which allowed me to run any command remotely, but I couldn't think of anything funny to do and so I just reported it to the administrator in person to see his reaction.

Another bug, in the same shitty website, was that students could upload comments to teachers' lesson plans (nobody used this feature). The administrator had disabled <script> tags, but allowed <img> tags. So I just put <img onload='Insert Javascript Here'> and theoretically I could steal everybody's passwords by creating a fake login screen, etc. (XSS vuln).

All of these vulnerabilities could be exploited by people with accounts and by people without accounts (i.e. random hackers). After the XSS exploit I stopped bothering with trying to find bugs, but I'm pretty sure that I could have found some more. PHP is a language prone to insecure practices.


File: 1526268146952.jpg (60.99 KB, 571x540, shrugs.jpg)

I ssh home through an ephemeral port from school, but I haven't done anything else since I have to use a locked down chromebook (dev mode is unfortunately disabled ;_;) and I'm not clever enough to know how to hack it from the hardware side.
I'm not sure I'm n33t enough to any hacking network wise since the all their ports are either filtered or closed.
In middle school I used to open up a terminal on the macs in the library and 'cat /dev/urandom', then set them to full screen, but I never heard anyone complain about those so I'm assuming the terminal emulators just crashed before anyone noticed them.


I once made a program in the seventh grade that was able to access any students account by entering their username. Friends and I used it to transfer files quickly without the need for usb drives. Eventually the program got leaked and made its rounds throughout the school.

>tfw entire IT staff fired for ignoring problem, which they knew existed well before the program was made

>tfw never caught
>tfw went back for reunion and the program is still on school computers


You should leave some cryptic notes lying around to pass it on to the current students.


I have a sibling there who already knows ;)


if it wouldn't be too identifying, would you mind telling us what security hole they left?


In middle school we found out the password of our teacher, because he typed it in the username field when we were watching and didn't change it afterwards.

It was fun to troll classmates with master eye, a program to observe and take over pool computers.


Not messing with the wifi but in 5th grade I knew Batch and made a script that would spam open Internet Explorer and say "Your being hacked!" in the terminal. I named it Coolmath4kids and put it on the school server that all computers could access.

Despite the icon and file extension shown, kids still clicked on it. I came to the library the next morning and saw a kid clicked on it, only for the assistant librarian to come over and say "[head librarian's name] THERES BEEN ANOTHER ATTACK!". I laughed my ass off and was caught. School almost sued me but they called my dad and he explained what I did and there wasnt any lasting effects. Got a Saturday detention out of it and couldn't use computers for the rest of the year though.


bad to the bone


Also not messing with the wifi. But when I was in primary school, one day I learned batch scripts and I used it to write a "virus", the only task of which was to hijack the google chrome shortcut, copy itself to all USB sticks and rename itself to "GAMES" so people would click on it. I don't think it was too successful though, it didn't even receive any attention from the administrators.


I never really did anything, but remember one time a teacher must have forgotten to log out of the admin account so this one kid had access to it, and of all the things he could have done all he did was install planetside 2. There were some wannabe skiddies in other classes which I heard rumor of but I don't think anything ever happened that was particularly entertaining.


Kinda. For some unknown reason, the admins had it set up so that the first user to login to a machine after boot was able to run programs as admin. You could not run them normally, same as when you where logged in when ever, only as admin, which was very odd.

That spread, friends telling friends I got called in to the Headmasters office about 4 months after the initial find. Got praised for being such a 1337 ][4x0r. Moved on with life.

Later on, about a year later, the whole BT network for the northeast schools and libraries, and other public funded things of that nature went down (TOTALLY NOTHING TO DO WITH ME I SWEAR ON ME MUM RITE FOR LEGAL REASONS) for 2 days. I was dragged in because they thought my stupid admin bug was to blame, it was not. Even after that, it was not fixed for another 6 months or so. Making it a grand total of 1.5 years to change one setting.

10/10 best admins Wel and Mar**. Weather it was replacing projector remote batteries, or unblocking sites for food, they where your niggas.


They only blocked account > account access attemts that came directly from the filesystem. Because every account that logged into a computer was downloaded onto said computers hard drive permanently (a really poor decision imo) the files were still avalible localy. However there was a bug by which I could proxy the local file/directory URL's through another program (internet explorer in my case) and bypass the admin prompt. That way I could copy to and from the users filesystem (but not delete or modify existing files) and it would update to the server on the next logout.


Wow. It takes some serious retardation to decide to block stuff only in the file explorer, not actually by user account.


I have access to the network room on occasion at hs, last year i put a pi zero with 3 wifi cards on it and de-authed everything on the wifi. Long story short i tucked that little cocksucker behind the 2001 mainframe in there so it took em a few days to find.

[Return][Go to top] [Catalog] [Post a Reply]
Delete Post [ ]
[ kaitensushi ] [ lounge / arcade / kawaii / kitchen / tunes / culture / silicon ] [ otaku ] [ yakuza ] [ hell ] [ ? / chat ] [ lewd / uboa ] [ x ]