UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
November
Su M Tu W Th F Sa
1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#14963 - 01/14/04 10:08 PM Gettin through rm AGAIN
Syphon Offline
Junior Member

Registered: 01/14/04
Posts: 2
First id like to say hello to everyone as Im new to this forumso hello. Now i have a major problem with getting restrictions away from my schools rm network. I will tell u what I hav done and then could u tell me anything else i could try I basically want admin right to get rid of a program called SAFEGUARD that somehow blocks internet sites. Ok

First i got access to C: not the normal way through internet explorer but through alt + ctrl + return on a shortcut renaming the target to c:. I then found the safeguard program and it was gone and i could use the web again. But the admin now makes all the computers run the prog from n: (I think). So that no longer works. As N is protected i cannot delete the file. I then tried to use a regedit to give me admin rights. Somehow he has disabled regedits. So i tried through ms dos. Nope dos has been restricted. So i tryed some "Rm hacking tools". Didnt work as the admin has stopped people running executable files just comes up with a warning sayying im playin games. I hav also tryed default passwords none work. I hav also made attempts to get the main server ip but i hav had no luck so far.

So if anyone could help I would really appreciate it. The system is running a windows 2000 server with the computers running win 98.

If you can help please do I can not see any more holes in the damn RM security and belive me ive looked.

Top
Sponsored Links
      
#14964 - 01/15/04 07:13 PM Re: Gettin through rm AGAIN
Shinobi Offline
UGN Member

Registered: 09/25/02
Posts: 390
Loc: Asheville, NC
Have you tried to surf using windows explorer and not internet explorer. This works a lot of times with crappy software. Also I have heard if you can get to MS word sometimes you can create a link there and open it up. Then it will let the page open. Also you may want to try to go through google.com. At my school. If I went to yahoo.com or google.com and tried to surf to the page. It would allow it. Also try to reboot into safe mode and see if you can disable it from there, like in MSconfig or such. I honestly haven't messed around with these too much because the security at my school was pretty weak. So I'm tossing out ideas. Hopefully if they don't help they will give you a couple more ideas.
_________________________
"The secret to creativity is knowing how to hide your sources."
-Albert Einstein

Tech Ninja Security

Top
#14965 - 01/15/04 07:36 PM Re: Gettin through rm AGAIN
Syphon Offline
Junior Member

Registered: 01/14/04
Posts: 2
Thanks Shinobi the word thing u heard is true you go to veiw then select web bar and u can surf through the drives. But the user restictions make it so u can not edit the progs on the drives. Also this against this safeguard program u cant go through google or yahoo to get to websites. Thanks for your help though

Top
#14966 - 01/24/04 08:09 PM Re: Gettin through rm AGAIN
MrModest Offline
Junior Member

Registered: 10/08/03
Posts: 3
Try this:

Create a shortcut to regedit. Then create a new txt file in the same folder. Open up the new text file and place in it:

REGEDIT4

[HKEY_CLASSES_ROOT\*\shell]

[HKEY_CLASSES_ROOT\*\shell\txtopen]

[HKEY_CLASSES_ROOT\*\shell\txtopen\command]
@="C:\\WINDOWS\\NOTEPAD.EXE %1"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"Btn_Back"=dword:00000000
"Btn_Forward"=dword:00000000
"Btn_Stop"=dword:00000000
"Btn_Refresh"=dword:00000000
"Btn_Home"=dword:00000000
"Btn_Search"=dword:00000000
"Btn_History"=dword:00000000
"Btn_Favorites"=dword:00000000
"Btn_Folders"=dword:00000000
"Btn_Fullscreen"=dword:00000000
"Btn_Tools"=dword:00000000
"Btn_MailNews"=dword:00000000
"Btn_Size"=dword:00000000
"Btn_Print"=dword:00000000
"Btn_Edit"=dword:00000000
"Btn_Discussions"=dword:00000000
"Btn_Cut"=dword:00000000
"Btn_Copy"=dword:00000000
"Btn_Paste"=dword:00000000
"Btn_Encoding"=dword:00000000
"NoDriveTypeAutoRun"=hex:b5,00,00,00
"EditLevel"=dword:00000000
"NoFileMenu"=dword:00000000
"NoStartBanner"=dword:00000000
"NoPrinterTabs"=dword:00000000
"NoDeletePrinter"=dword:00000000
"NoAddPrinter"=dword:00000000
"NoStartMenuSubFolders"=dword:00000000
"NoRun"=dword:00000000
"NoSetFolders"=dword:00000000
"NoSetTaskbar"=dword:00000000
"NoFind"=dword:00000000
"NoDrives"=dword:04000000
"NoNetHood"=dword:00000000
"NoDesktop"=dword:00000000
"NoClose"=dword:00000000
"NoSaveSettings"=dword:00000000
"RestrictRun"=dword:00000000
"LinkResolveIgnoreLinkInfo"=dword:00000000
"NoActiveDesktopChanges"=dword:00000000
"NoChangeStartMenu"=dword:00000000
"NoFolderOptions"=dword:00000000
"NoRecentDocsHistory"=dword:00000000
"ClearRecentDocsOnExit"=dword:00000000
"NoLogoff"=dword:00000000
"NoTrayContextMenu"=dword:00000000
"NoViewContextMenu"=dword:00000000
"EnforceShellExtensionSecurity"=dword:00000000
"NoNetConnectDisconnect"=dword:00000000
"NoFavoritesMenu"=dword:00000000
"CDRAutoRun"=hex:00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network]
"NoNetSetup"=dword:00000000
"NoNetSetupIDPage"=dword:00000000
"NoNetSetupSecurityPage"=dword:00000000
"NoFileSharingControl"=dword:00000000
"NoPrintSharingControl"=dword:00000000
"NoEntireNetwork"=dword:00000000
"NoWorkgroupContents"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispCPL"=dword:00000000
"NoDispBackgroundPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispAppearancePage"=dword:00000000
"NoDispSettingsPage"=dword:00000000
"NoSecCPL"=dword:00000000
"NoPwdPage"=dword:00000000
"NoAdminPage"=dword:00000000
"NoProfilePage"=dword:00000000
"NoDevMgrPage"=dword:00000000
"NoConfigPage"=dword:00000000
"NoFileSysPage"=dword:00000000
"NoVirtMemPage"=dword:00000000
"DisableRegistryTools"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp]
"Disabled"=dword:00000000
"NoRealMode"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=dword:00000000
"NoDeletingComponents"=dword:00000000
"NoEditingComponents"=dword:00000000
"NoClosingComponents"=dword:00000000
"NoHTMLWallPaper"=dword:00000000
"NoChangingWallPaper"=dword:00000000
"NoCloseDragDropBands"=dword:00000000
"NoMovingBands"=dword:0000


go to save as save it as a reg file.

Go back to the folder and drag the reg file over the shortcut and it might ask you whether you want to merge registry entries. Click yes. That should give you access to all drives.
_________________________
Fly like a mouse, Run like a cushion, BE the small bookcase

Top
#14967 - 01/27/04 07:58 PM Re: Gettin through rm AGAIN
RMHackingFr3ak Offline
Junior Member

Registered: 01/27/04
Posts: 1
I aslo have RM Network Computers at my school, and have found a way to access the Registry-through use of a 'Macro' in Microsoft Word...

Here's how:

Firstly, load up Microsoft Word, and go to:
Tools->Macro->Macros (or Alt+F8)....
Then, in the dialog box that appears, type a name for your macro, in the input field, labelled 'Macro name' (say "Regaccess"). Then go to the right-hand side of the dialog box, and click the button, labelled 'Create'....
Now, on the first line of the Macro (this should be ABOVE the blue 'End Sub' text), type the following in:

System.PrivateProfileString("", "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\", "DisableRegistryTools") = 0

Then, on the second line BELOW the text you have just written. Write this:

Shell "C:\windows\regedit.exe"

To run the macro, scroll your mouse to the play button, which is located underneath the 'Tools' menu. You could alternatively, select the 'Run' menu option, and click on 'Run Sub/UserForm' (or just press F5)....

Now hopefully, if you typed everything correctly, and followed the instructions carefully, you will now have access to the Registry....

Top
#14968 - 01/30/04 04:21 PM Re: Gettin through rm AGAIN
MyMilkshakeBrings Offline
Junior Member

Registered: 01/30/04
Posts: 1
Loc: UK
Hey, im new here [alien]

first of all thanks to the above post about the word macro, it works a treat, but my administrator has disable reg files so that it stays as text. I was wondering is it possible to get around this by using the macro function?

ie would this work?

System.PrivateProfileString("", "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\","Btn_Back")=dword:00000000

i am fairly certain the above wont work, the only reason i dont test this for myself is that i will be out of college for a few days.

so if someone could correct the above (if possible) and maybe list the commands to disable net restrictions & open DOS, i would be grateful.

Top
#14969 - 02/07/04 10:03 PM Re: Gettin through rm AGAIN
sponge Offline
Junior Member

Registered: 02/07/04
Posts: 1
ok first things first use your head and second thing first visit http://www.hts2.tk they have one of the best tutorials on RM Network Hacking
_________________________
visit http://www.hts2.tk its the only place on da net you havnt been yet.

Top
#14970 - 02/08/04 07:06 AM Re: Gettin through rm AGAIN
weeve Offline
UGN Super Poster

Registered: 10/29/02
Posts: 616
Loc: The Beach
Windows hacking, macros, and regedit lol. Fun fun. Ya know I bet the security section here would spice up with quite a few easter egg/backdoor/holes out there that are quite fun, and somewhat annoying. It's kinda like level access on a cisco the exploits for that were listed like *thinks*, 6 years ago or some such. in forms. Freakin old code still effects this buggy swish cheese os I'm on, along with 2000, home, and pro editions. heh, I bet one oday, and this forum would fill up with soooo many posts:D I wonder what Shin thinks.
_________________________
"Beware the Jabberwock, my son!
The jaws that bite, the claws that catch!
Beware the Jubjub bird, and shun
The frumious Bandersnatch!"

Top
#14971 - 02/13/04 02:59 PM Re: Gettin through rm AGAIN
jenover Offline
Junior Member

Registered: 02/10/04
Posts: 1
Loc: home
ok i am quite a noob in theese things could any1 tell me what is the access to reg needed for?

ty

Top

Featured Member
Registered: 08/22/14
Posts: 1
Forum Stats
2150 Members
46 Forums
35738 Topics
70908 Posts

Max Online: 1567 @ 04/25/10 05:20 AM
Top Posters
UGN Security 28899
Gremelin 7193
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
HushHush, golqm, Tim050, Gecko666, defghi795767
2150 Registered Users
Who's Online
0 registered (), 479 Guests and 289 Spiders online.
Key: Admin, Global Mod, Mod
Latest News
luxury goods sales at $405B by 2019
by golqm
10/28/14 05:19 AM


Donate
  Get Firefox!
Get FireFox!