UGN Security
Posted By: Usurp HaCkinG WiNBLoWz AdMin RigHts - 12/23/03 03:32 AM
this is how this goes:
I have a school network and I wanted to get admin rights on it, so i did a little research and testing

Here is a step by step of what i did

************************************************************************************
Login w/ username and pass

The skool has allot of restrictions so here is a list of them:

-No C: in my computer
-cant rightclick
-no run
-certain web acess
-cant open nething in IE (ie. C:\)
-and all the other basic crap

You can get in the harddrive in most XP restricted computers (to my knowledge) by going to word and doing open file. Then you should be able to browse the hard drive and open files, but dont open it in word or it will be a bunch of characters.

in the C:\windows\system32 folder there is a file logon.scr

you switch logon.scr w/ cmd.exe
(rename logon.scr to anything and cmd.exe to logon.scr)

then logoff

when the screensaver is suppose to come up it will be the cmd window, without ne being logged in.

you can then type:
Taskmgr
(opens taskmanager)

Go to run:
Type C:\

This will open the whole desktop
(but only as system user)

I tried this at skool and my home network. (works in 2000 also)

anyways.,my question is if i can open explorer after that or something else where i can increase my user rights.
************************************************************************************
THE NOTEPAD TRICK IS THE BEST!!
it is so simple but useful
I 'hack'(not real hacking for some people) into this Internet Cafe all the time by going into their hard drive when they thought i couldnt, all their progs include games and word and IE.. I changed the admin pass on the local comp and shutdown their server/client transmission which ran the clock on my hours. So i can play for free. Only takes 1 min of my user time to complete. Cheap [censored] 2$ hour rate.
Posted By: Vechen Re: HaCkinG WiNBLoWz AdMin RigHts - 12/24/03 06:45 AM
We don't have write access to the C:\ drive at school. We can't even change the BIOS because it's password protected. Luckily two of my friends were Computer aides so they gave me the admins PW.

When DOS opens at the user logon type net administrator yournewpassword.

And, to get into C:\ open a wordpad document and create a hyperlink. Make the hyperlink C:\ and click on it.

I wasn't entirely sure what your question was, but those should help.
Posted By: Sicosis Re: HaCkinG WiNBLoWz AdMin RigHts - 01/08/04 02:21 AM
If it is an XP machine, all you have to do is log onto a Workstation (for Novell protected pc's) and you can use Run, Find, and all other stuff.
Posted By: Gremelin Re: HaCkinG WiNBLoWz AdMin RigHts - 01/08/04 03:08 PM
Quote:
Originally posted by pc_phreak88:
If it is an XP machine, all you have to do is log onto a Workstation (for Novell protected pc's) and you can use Run, Find, and all other stuff.
Not nessessarily true, all depends on the security suite's that the school or institution has purchased, some disable even notepad...
© UGN Security Forum