Sign in to follow this  
Followers 0
mikeosoft

windows search

10 posts in this topic

i was in my school's crappy ICT lesson, when i noticed that the *new* windows search had been installed, and had the icon in the taskbar.

my school isnt the best when it comes to computers, they have 23 shared drives, 20 of which are not supposed to be accessable. these drives contain exam results, school results, attendance databases and the like.

anyways, i opened the options for that, and whoa-behold, i see all 23 drives! only 3 were ticked to be accessable. so naturally i clicked "index all", and saved the changes.

then i thought about what i just did, and so opened my documents, pressed ctrl+s, opened the Disabled search pane, and searched for *.*.

then i get full access to every file one the network, and surroptitiasly change my grades and dissabled the staff logins (by deleting the individual text files which the "secure" managment console so helpfully saved under G:/)

and all i got for all that is a warning and a 1 month ban on my school account (bypassed by using 09spare1, the spare account for this year.

0

Share this post


Link to post
Share on other sites

There's all kinds of things you can do on a badly configured system. But I think in some cases (high school being one of them), it's best to leave them alone. Admins of high school computer systems are woefully underpaid and overworked. Yes, it would be pretty easy to poke holes in their system and say how utterly insecure it is, but what would be the point? Pile on top of that the reactionary staff and possible involvement of law enforcement, and there's another big reason not to touch school networks. And finally, you might break something. If you break something, you're depriving yourself and your classmates an education. So it might seem like an interesting computer system to explore, but you probably shouldn't touch it.

But on the technical side, you could probably access these drives the whole time. If Windows search can find them, they're accessible. Just open up Windows Explorer (hit Win+e) and type C:\ or F:\ or whatever drive you want to access in the address bar. Ideally, these drives should only be mapped if you actually have access to them, and should be behind some kind of authentication. Maybe your admin isn't quite so good with Active Directory.

0

Share this post


Link to post
Share on other sites

There's all kinds of things you can do on a badly configured system. But I think in some cases (high school being one of them), it's best to leave them alone. Admins of high school computer systems are woefully underpaid and overworked. Yes, it would be pretty easy to poke holes in their system and say how utterly insecure it is, but what would be the point? Pile on top of that the reactionary staff and possible involvement of law enforcement, and there's another big reason not to touch school networks. And finally, you might break something. If you break something, you're depriving yourself and your classmates an education. So it might seem like an interesting computer system to explore, but you probably shouldn't touch it.

But on the technical side, you could probably access these drives the whole time. If Windows search can find them, they're accessible. Just open up Windows Explorer (hit Win+e) and type C:\ or F:\ or whatever drive you want to access in the address bar. Ideally, these drives should only be mapped if you actually have access to them, and should be behind some kind of authentication. Maybe your admin isn't quite so good with Active Directory.

my school admin gets paid enough, i know that much. and he also isnt overworked as he chooses to only come in every other day. i fix everything else in this school, i passed my gcse in year 7 for ICT.

good points though:P

0

Share this post


Link to post
Share on other sites

doesn't the fact that the admin does a half-assed job sort of undermine the impressiveness of the hack? (not that it's at all impressive.)

0

Share this post


Link to post
Share on other sites

My question is... why would you disable all the teachers accounts? Changing your grades and deleting the security file should had been enough. Or atleast try and delete your entry and the change. That way nothing looks tampered with. No need to be destructive with it and disable the teachers accounts. They still have grades and stuff to upload as well.

I condone you on your hack and I would commend you more if you told your administrator how to fix this problem. ;) Hackers are hackers because they can manipulate programs but shared wisdom is what got us all here in the first place. If you pass on your knowledge on to your admin, you can still go down in school history for your hack but keep people from trying to out do you in the future by stopping that same backdoor. If you want, go as far as to make them try to hack their school another way. Nobody can stop people from trying to hack. Hackers will always be around.

"Knowledge isn't knowledge unless it is shared." - Unknown

0

Share this post


Link to post
Share on other sites

My question is... why would you disable all the teachers accounts? Changing your grades and deleting the security file should had been enough. Or atleast try and delete your entry and the change. That way nothing looks tampered with. No need to be destructive with it and disable the teachers accounts. They still have grades and stuff to upload as well.

I condone you on your hack and I would commend you more if you told your administrator how to fix this problem. ;) Hackers are hackers because they can manipulate programs but shared wisdom is what got us all here in the first place. If you pass on your knowledge on to your admin, you can still go down in school history for your hack but keep people from trying to out do you in the future by stopping that same backdoor. If you want, go as far as to make them try to hack their school another way. Nobody can stop people from trying to hack. Hackers will always be around.

"Knowledge isn't knowledge unless it is shared." - Unknown

i did tell him how to fix it, i showed him step by step how i did it and told him to implement passwords on the files.

and i disabled the teachers acounts privilages, i jussed missed out a word :L

in other words, they no-longer had the abillity to monitor our computers. i fixed that aswell

0

Share this post


Link to post
Share on other sites

I've noticed that alot of schools feel safe doing minimal security work to partition student access and teacher access, mainly because they get the attitude that a 16 year old doesn't have the mental capacity to figure anything out. This thought stems from the "I'm the teacher, you're the student, bow down to me" mentality. School officials are notorious for underestimating the power and will of younger students.

True, most 16 year olds are utterly stupid, incapable of getting my fast food order right; however, there are some who are far more intelligent than myself. And all it takes is one determined student to bring the whole network down.

Now, when I was in High School, the worst I ever did was prank call my teachers during class. Some friends and I would take turns sneaking into unoccupied rooms, and dialing the extension to classes that our friends were in. Never anything too malicious.

0

Share this post


Link to post
Share on other sites

I've noticed that alot of schools feel safe doing minimal security work to partition student access and teacher access, mainly because they get the attitude that a 16 year old doesn't have the mental capacity to figure anything out. This thought stems from the "I'm the teacher, you're the student, bow down to me" mentality. School officials are notorious for underestimating the power and will of younger students.

True, most 16 year olds are utterly stupid, incapable of getting my fast food order right; however, there are some who are far more intelligent than myself. And all it takes is one determined student to bring the whole network down.

Now, when I was in High School, the worst I ever did was prank call my teachers during class. Some friends and I would take turns sneaking into unoccupied rooms, and dialing the extension to classes that our friends were in. Never anything too malicious.

Man, cellphones make this so much more fun. :D

0

Share this post


Link to post
Share on other sites

I've noticed that alot of schools feel safe doing minimal security work to partition student access and teacher access, mainly because they get the attitude that a 16 year old doesn't have the mental capacity to figure anything out. This thought stems from the "I'm the teacher, you're the student, bow down to me" mentality. School officials are notorious for underestimating the power and will of younger students.

True, most 16 year olds are utterly stupid, incapable of getting my fast food order right; however, there are some who are far more intelligent than myself. And all it takes is one determined student to bring the whole network down.

Now, when I was in High School, the worst I ever did was prank call my teachers during class. Some friends and I would take turns sneaking into unoccupied rooms, and dialing the extension to classes that our friends were in. Never anything too malicious.

Man, cellphones make this so much more fun. :D

too true

0

Share this post


Link to post
Share on other sites

I've noticed that alot of schools feel safe doing minimal security work to partition student access and teacher access, mainly because they get the attitude that a 16 year old doesn't have the mental capacity to figure anything out. This thought stems from the "I'm the teacher, you're the student, bow down to me" mentality. School officials are notorious for underestimating the power and will of younger students.

True, most 16 year olds are utterly stupid, incapable of getting my fast food order right; however, there are some who are far more intelligent than myself. And all it takes is one determined student to bring the whole network down.

Now, when I was in High School, the worst I ever did was prank call my teachers during class. Some friends and I would take turns sneaking into unoccupied rooms, and dialing the extension to classes that our friends were in. Never anything too malicious.

Man, cellphones make this so much more fun. :D

too true

Thats how I got into this game, playing around on a badly configured system. Ahh, lets remember: It was an old windows 95 RM network, and I recall getting hold of the RM setup disk, reading some files and learning all about the setup account, password "changeme" lmfao. Much fun was had!

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0