Jump to content


Photo
- - - - -

Bypassing SonicWALL? New school network


  • Please log in to reply
66 replies to this topic

#1 Apoc

Apoc

    SUP3R 31337 P1MP

  • Members
  • 250 posts

Posted 22 August 2005 - 11:10 AM

Alright, I got to school this year with the assumption that everything would be like in years past and I would be able to go anywhere or do anything on the school networks. Thats not the case! They changed all the usernames and passwords, got an entire new server and cracked down with the firewall. Now I dont have access to any of the shared drives for teachers and I can't get to any of the websites that I could last year. I would say 90% of the sites I used to surf are now blocked.

Is there a way that I can bypass the SonicWALL? I tried using the IP address for the sites I want to go to but as soon as I try to log-in, it blocks me. I tried www2.ebay.com and it was blocked as well (smart thinking on the IT guys part).

I googled "anonymous proxy" and everything but this site was blocked http://www.samair.ru/proxy/. Now that there is a list I can look at, how do I go about setting it up? Oh, I can get a proxy list at home or DL any programs from home and transfer them onto these machines if I have to.

I think I can mess around with proxies because they still havent locked down the computers that much I just dont know how to go about it.

Any help is much appreciated....HELP!


...I tried using some of the proxys from the list but when I got them to work (so I could go to website and have them load) the SonicWALL still was filtering them out. I have no idea what to do...ugh :pissed:

Edited by Apoc, 22 August 2005 - 11:25 AM.

  • Ceciletafalkalay likes this

#2 asn

asn

    SUP3R 31337 P1MP

  • Members
  • 298 posts
  • Location:Toronto

Posted 22 August 2005 - 12:14 PM

Use Knoppix is my first answer. Are you allowed to bring removable hard drives? If so, use Tor + Privoxy, it works great. Another option is to use software like Remotley Anywhere and remote to home, I use it and it works like a charm. Remote Desktop is also available. I do not know if you can bypass the firewall but its there to serve its purpose :)

#3 Apoc

Apoc

    SUP3R 31337 P1MP

  • Members
  • 250 posts

Posted 22 August 2005 - 01:59 PM

Thanks for the advice...Knoppix takes too long to boot up and one of the librarians would say something and ask questions before it could boot all the way up. I mean its possible but its not worth the hassle if I can get something else to work. I use a Linksys RV082 and I want to know if there is a way I can duplicate the firewall blocking sites at my house so I can mess around with it and not have to be at school....thanks again!

#4 asn

asn

    SUP3R 31337 P1MP

  • Members
  • 298 posts
  • Location:Toronto

Posted 22 August 2005 - 05:55 PM

I dont think you can duplicate it 100%. Try and block the IP of one site and try to get around it. That might work :)

#5 natas

natas

    De La Natas

  • Agents of the Revolution
  • 4,273 posts
  • Gender:Male
  • Location:The Old Skool

Posted 22 August 2005 - 06:04 PM

you could try using TOR or JAP for proxies

#6 phyburn

phyburn

    Gibson Hacker

  • Members
  • 88 posts

Posted 22 August 2005 - 06:49 PM

Your best bet would to go find a Web site like https://proxify.com/ But you will have to find a Web Browser proxy that does not have the word proxy in it becuase if it does SonicWALL will just block it. Also if you need to find one at school just google web browser P R O X Y. Put spaces in there it will not catch you =p

#7 fate

fate

    DDP Fan club member

  • Members
  • 41 posts
  • Location:South-Western-New Hampshire, USA

Posted 22 August 2005 - 07:42 PM

My school also has SonicWall. I have found that if you goto google and type in the name of the website then click on the cached link it will bring you to the page but with no pictures. And when you type the name remove the .com or whatever (eg. binrev.com you would type in binrev)
Hope this helps

#8 Apoc

Apoc

    SUP3R 31337 P1MP

  • Members
  • 250 posts

Posted 22 August 2005 - 08:09 PM

Ok, now, I already did the cached google pages thing but it wont let me log-in to any of my accounts or go to any links. Most of the things I want to get to are either Video Game related (blocked because of games) or Message Boards (blocked because of usenet groups). I can seach google just fine but once I click on the links from google, thats where I get blocked to P R O X Y wouldn't work. And, I tried proxify and that one was quite obviously blocked.

I havent tried to duplicate this at home yet since I have a few ideas that I think will work tomorrow. I have a 4GB Flash drive that no one will bother me about since I can say its homework (even this early in the year haha!). What do I need to put on the flash drive to get this working?

Oh and what are TOR and JAP Proxies?

#9 asn

asn

    SUP3R 31337 P1MP

  • Members
  • 298 posts
  • Location:Toronto

Posted 23 August 2005 - 12:22 AM

On the flash drive you can put tor and privoxy. Tor basically is a tool that automatically fetches proxies, all you need to do is in the internet options goto proxy and add localhost and the port, default for privoxy is 8118. Have you also tried anonymizer sites?

#10 Beave

Beave

    SUPR3M3 31337 Mack Daddy P1MP

  • Agents of the Revolution
  • 350 posts

Posted 23 August 2005 - 08:46 AM

A couple of quick things come to mind. Do you have access to a shell account with cgi access? I was just thinking that you could install something like nph-proxy.cgi (perferably password and SSL protected).
They probably do aggresive egress firewalling, but it might be worth checking what outbound ports
you can access. For instance, if they allow port 22 outbound, then you can run putty and setup
a tunnel (I've used this at a local hotel quite a bit).

#11 D31337

D31337

    DDP Fan club member

  • Members
  • 50 posts
  • Location:Crowley, LA

Posted 23 August 2005 - 10:30 AM

Or just use the CECID mirror I host. It is great for places that have filters, because it removes banned words with "***", so you can go to any site, it also obscures the URL so there is no way to tell where you've been.
http://tascs.us/freedom

#12 fate

fate

    DDP Fan club member

  • Members
  • 41 posts
  • Location:South-Western-New Hampshire, USA

Posted 23 August 2005 - 06:14 PM

If your type in the IP address of the SonicWall apllience (our schools is http://192.168.1.1) it will bring you to a login page. you could try to brute force or guess the username and password. Then unblock the sites you wish to goto.
Thats what i did but or school admin found out and cahnged the password.

#13 Apoc

Apoc

    SUP3R 31337 P1MP

  • Members
  • 250 posts

Posted 23 August 2005 - 06:29 PM

I dont necessarily call myself a hacker, I have never brute forced any passwords or anything of the like. I normally social engineer but if someone would like to explain how I would go about brute forcing this password (its worth getting caught). Otherwise, it seems like that portal posted above should work, I will try that out tomorrow during studay hall when I have an hour and a half of nothing to do. Thanks so far!


If your type in the IP address of the SonicWall apllience (our schools is http://192.168.1.1) it will bring you to a login page. you could try to brute force or guess the username and password. Then unblock the sites you wish to goto.
Thats what i did but or school admin found out and cahnged the password.

View Post



#14 b8zs

b8zs

    The phorce is with me!

  • Members
  • 76 posts
  • Location:64 Kbps x24

Posted 23 August 2005 - 06:39 PM

just host a socks4/5 (here) server at your house on port 80, then use portable firefox (here) and change the socks info. You can mix in soooo many different tunneling methods too... putty/stunnel-(cygwin) etc etc it all depends on what your allowed to install on the client at school.

Edited by b8zs, 23 August 2005 - 06:40 PM.


#15 phyburn

phyburn

    Gibson Hacker

  • Members
  • 88 posts

Posted 23 August 2005 - 08:49 PM

Here is one http://www.the-cloak.com/ try that one out. But I cant see the ban list on your firewall so I cant help very much.. I say you get the admin passwd off one of the DC "Domain Controler". Also have you tryed to crack the MD5 hashes from the SAM file. :blush:

Also use this Manuel

Edited by phyburn, 23 August 2005 - 08:52 PM.


#16 b8zs

b8zs

    The phorce is with me!

  • Members
  • 76 posts
  • Location:64 Kbps x24

Posted 24 August 2005 - 03:27 AM

Here is one http://www.the-cloak.com/ try that one out. But I cant see the ban list on your firewall so I cant help very much.. I say you get the admin passwd off one of the DC "Domain Controler". Also have you tryed to crack the MD5 hashes from the SAM file. 

View Post


All that is sooooo not necessary... I mean come on: owning the DC at your own school? whyyyyyy

Think smarter not harder.

socks will work.

#17 Mi5

Mi5

    DDP Fan club member

  • Members
  • 44 posts

Posted 24 August 2005 - 06:52 AM

Just http tunnel out. I used that for like 2 years (I've left school now), straight down port 80. No one ever guesses, because lets face it, how many admins packet sniff all the stuff going down port 80? The other thing I did was set up a proxy server on Apache from home for me and my mates. Every time the admins found out about it, I'd swap it to a different IP ^_^

#18 Apoc

Apoc

    SUP3R 31337 P1MP

  • Members
  • 250 posts

Posted 24 August 2005 - 11:13 AM

How exactly do I go about doing this? Is there a walkthrough somewhere? I tried teh guys portal site above and it takes WAY too long to load allthough ti does work. I have TOR and Privoxy loaded on the computer from my flash drive now but I still dont know how to set them up...I will mess with that for the next half hour or so though.

Also, I dont need the admin of the computers password because everything is done over a network...the SAM file is only local (I have done that many a times with LC5 and you need admin privaleges to run the program in the first place :()

I just need to understand how to setup socks and tunneling out....sorry I dont know more. Thanks for the help!


Just http tunnel out. I used that for like 2 years (I've left school now), straight down port 80. No one ever guesses, because lets face it, how many admins packet sniff all the stuff going down port 80? The other thing I did was set up a proxy server on Apache from home for me and my mates. Every time the admins found out about it, I'd swap it to a different IP  ^_^

View Post



#19 Coder(365)

Coder(365)

    SUP3R 31337

  • Members
  • 171 posts

Posted 24 August 2005 - 02:58 PM

SonicWALL is a bitch to get around...I have the same problem at my school, I've used a couple proxies before, but they always get blocked. My suggestion is to not fuck around with too many proixes, you'll eventually have those on the blocked list. I haven't been able to get around anything yet.


Good Luck.

#20 SUB-S0NIX

SUB-S0NIX

    !Pee-Wee Pimpin!

  • Members
  • 1,381 posts

Posted 24 August 2005 - 05:04 PM

In all seriousness why the fuck bother? The computers at school are there for educational purposes. Not for your own pleasure and enlightment. I see kids all the time in CISCO Networking in school trying to fuck stuff up or by pass stuff. Half of the kids in the class think they know more than every body else.

If your just being curious and not being a menis. It makes sense.... I work hand and hand with my schools IT staff. He has tons of other shit to do besides help teachers figure out that their monitor cable was unplug or their new printer drivers dont work. When im with IT staff some times they let me and other friends play on the network and even port scan shit to see what we can find and tons of other stuff. Im just saying dont be a dick head and do it just to play games or chat because that isnt the purpose of school.

Edited by SUB-S0NIX, 24 August 2005 - 05:06 PM.





BinRev is hosted by the great people at Lunarpages!