Follow us on Twitter!
Don't judge the unknown - Grindordie
Thursday, May 07, 2015
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 15
Guests Online: 15
TeamSpeak Online : 5 Members Online: 0

Registered Members: 88208
Newest Member: Neoshaman
Latest Articles
View Thread

HellBound Hackers | Computer General | Networking

Author

School Network - wide open it seems

Scar0ptics
Member



Posts: 19
Location:
Joined: 19.11.13
Rank:
Moderate
Posted on 21-11-13 20:32
Ok, so I'm in total shock that my school has the CMD and PowerShell prompts available to even the guest user. I'm also able to right click and run CMD prompt as an administrator. yikes

Shutdown -i is able to execute cmds across the network/sometimes it says access denied..

I can access my computer settings and view the network mapping of both college campuses, seeing all sorts of device names.

I'm also able to remote connect to various desktops across the school as well. As long as the PC has this option enabled.

As you can see there are some security issues at risk here what are some other issues that I should probably check to help improve my schools security


Thanks
Author

RE: School Network - wide open it seems

lolly
Member



Posts: 24
Location:
Joined: 02.08.12
Rank:
Wiseman
Warn Level: 30
Posted on 22-11-13 00:36
Scar0ptics wrote:
to help improve my schools security


Well that's boring.

Write a script that will cause all the computers on your network to brute force all the routers passwords (good idea to try default user/pass combos) and then rewrite dns. Reroute sites like facebook.com, twitter.com, or any other popular sites to your own site that mirrors these sites, but include firefox/IE/chrome exploits so you can take over the computer of anyone who connects to the network (including all of the local school's computers). Presto! Your own botnet!

Honestly it sounds like you have pretty much free range to do whatever you want - really you're just limited by imagination.
Author

RE: School Network - wide open it seems

Scar0ptics
Member



Posts: 19
Location:
Joined: 19.11.13
Rank:
Moderate
Posted on 22-11-13 20:26
Ok, im not trying to be destructive here, although that sounds fun. The command prompt gives me full access to just the machine I'm on itself but not the entire network, for example, I can't rename any server files. I am able to install anything I want on the machine and run/execute anything.
The system is running windows 7 and I'm not sure what programming language to write a script with.

Any advice there? Perl? Python? What will the system be able to recognize and read it when I execute the script on a local machine?
Author

RE: School Network - wide open it seems

Mordak
Evil Sorcerer



Posts: 605
Location: England
Joined: 01.01.70
Rank:
God
Posted on 23-11-13 13:05
I would use CMD and save a txt file to C: then restart the machine, just to test if the school are using deep freeze of some other kind of sandbox system.
http://developers.hellboundhackers.org
Author

RE: School Network - wide open it seems

Scar0ptics
Member



Posts: 19
Location:
Joined: 19.11.13
Rank:
Moderate
Posted on 23-11-13 22:00
All the computers get reset to how they want them to be after every restart. I believe the client computers are booting from an ISO file from a server, every time that way nothing gets saved on the system machines. It keeps the computers from getting plugged up and unusable with all the BS people download. I know they use some type of freeze method to do this, not sure if what I stated above is accurate though, as far as booting from an ISO image file from the clients local server on the network.

But I do know that file i save on the desktop will be gone after reboot.
Author

RE: School Network - wide open it seems

Scar0ptics
Member



Posts: 19
Location:
Joined: 19.11.13
Rank:
Moderate
Posted on 26-11-13 00:54
Mordak wrote:
I would use CMD and save a txt file to C: then restart the machine, just to test if the school are using deep freeze of some other kind of sandbox system.



I did that today and nothing got saved in the C:// drive after a restart.

Although I did do a port scan an a lot of 135, 139s' are open..some ips' have telnet port 23 open but the telnet.exe isn't even installed. thumb drive will come in handy, I don't get why they let people install anything because it defeats the purpose of disabling things like telnet.