My challenge

No explicit questions like "how do I hack xxx.com" please!
User avatar
Greenweed
forum buddy
forum buddy
Posts: 12
Joined: 25 Nov 2009, 17:00
14

My challenge

Post by Greenweed »

Dear suck-o,
I have recently been presented with a challenge by my friends. Let me brake it down.

Firstly, this challenge is taking place in my school, which means I have a very limited account. However I happen to know a teachers login details which means I can access a higher privilaged account, although it is not an administrator account.

Secondly, the challenge is simple. My friends, with more intelligence at computer skills have recently accessed a game 'Frets of Fire' on their student accounts. Which should be impossible unless they have twinked their knowledge and accessed it somehow. Although the game is not important, their knowledge of how to access it is important to me. It could lead on to bigger things.

The only HD's I should be able to access is the O: (student shared area) and H: (my personal area). However as I said before, I have access to a teacher account, meaning a lot more HD's are open to me. Although I have this teacher account, I may not need it as from my observation of my friends I have learned that I can use the program 'MuCommander' (or Explorer++) to access other hard drives, some that even teacher accounts cannot access.

This MuCommander allows me to access hidden files and the ability to right click folders (along with other benifits, just they are of quite importance). I know that they managed to install and play the game by installing it to the HD K: using MuCommander and then in a hidden folder within there. They then could access the game anytime using 'MC' as K: did not have any opening restrictions whereas H: has a lot of restrictions. This took me a couple days to figure out how they were accessing it (and between you and me, I 'borrowed' MuCommand off one of their accounts by using a teacher account to access it).

Once they found out I had figured it they chose to move the game and protect it. The moved it to a HD named P: and into a hidden folder in there. This was extremely easy for me to find as I did within five minutes, and with my hopes up I went to play Frets on Fire. I then came to realise their was a restriction on P:.

They have decided to be nice and place the game back in K: aswell as P: for their close friends to play (including me). However this is not enough, I simply must know how they have done it, they somehow have administrative rights on P:. I have discussed this matter with them and they know I'm on the case, and fair enough the do not mind that. Being gentlemen, they decided to give me a number of clues to their knowledge even though I asked them not to make it too easy.

These clues follow as such...

1."***.***.**.6
*a*a a**let
m*c

AND THE MEGA CLUE
*t***b****

The asteriods are for you to figure out.

And before you say thats useless, its better than no clue."

-------> Exact words. He has replaced some letter/numbers with *'s, thats what they are for. I persume this is some type of code, persumably C++ as my two friends are somewhat experienced in that language.

2."Explorer plus plus is only what we use for the interface

use a *a*a a**let
and learn how to write commands for msdos."

-------> Again the *'s are replacing letters/numbers. I do not know what he means by "msdos".

3."The clue again is

%run%."

-------> This may in my knowledge something either typed into a batch file, cmd or into a file search. I have seen them type it into something like C:/%run% (this may not be true but I have a vaugue recolection of them doing it for some reason).

4."That was the most usefull...
Cos it allows us to make 'buttons' to *** * *******"

--------> This could persumably mean anything.

The school's OS is XP, cmd is restricted on my account, but as metioned before, I have access to a teacher account where I can access cmd but the is a lot of restrictions within that. I also have access to my friends account and pretty much every students account.

These clue's that they have left me are all apparently to solving the challenge. As you can probably guess I'm not a wizz kid at computers but I'm also not computer illiterate. I am currently studying C++ but I'm not that advanced at the moment. Any help would be much appreciated, however I do not want the full story as I would like to figure some out for myself. If you could just point me in the right direction, that would be most helpful. (And sorry for the long post)

Most thankful, Greenweed.

User avatar
Greenweed
forum buddy
forum buddy
Posts: 12
Joined: 25 Nov 2009, 17:00
14

Today

Post by Greenweed »

Just to let you all know, I found out how they have done this. It was pretty simple, they made it out to be complicated however it was not. They had just logged onto the teachers account, used MuCommand to open P: and changed the rights to it. I have now changed their restrictions to read only on all files so they will get a nasty suprise on Monday. Although, they will soon figure it out and just take the restrictions off, but it's fun anyway.

Even though I have solved this simple task, I would like to know if there is anything 'interesting' I could do with the powers I have (i.e. teacher account, Explorer++)

Thanks again, Greenweed.

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:

Post by DNR »

These clues follow as such...

1."***.***.**.6
*a*a a**let ========= java applet
m*c ============== MAC

AND THE MEGA CLUE
*t***b****

They also said learn to use ms-dos - so you can run programs or commands in the CMD to avoid admin constraints on the XP GUI

You can also assign rights to a specific MAC address of a computer.
Instead of making the file read only, next time make it hidden.

messing with the school network could get you expelled, so watch out.

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

User avatar
bozotheclown138
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 172
Joined: 07 Feb 2009, 17:00
15
Contact:

Post by bozotheclown138 »

oh i only wish my school used windows i would wreck havoc on it, they only have one lab with windows and i got doom on their i used some wireshark for a little password :wink: and by the way its not monitored by anyone haha, but the majority are macs and i scared them by telling people how to make an admin account so they suspended a lot of people but not me and then i showed them a bluetooth trick which got others suspended but not me anyhow the people at the school know nothing from my experience as i have not gotten in trouble once

User avatar
Greenweed
forum buddy
forum buddy
Posts: 12
Joined: 25 Nov 2009, 17:00
14

Post by Greenweed »

DNR wrote:These clues follow as such...

1."***.***.**.6
*a*a a**let ========= java applet
m*c ============== MAC

AND THE MEGA CLUE
*t***b****

They also said learn to use ms-dos - so you can run programs or commands in the CMD to avoid admin constraints on the XP GUI

You can also assign rights to a specific MAC address of a computer.
Instead of making the file read only, next time make it hidden.

messing with the school network could get you expelled, so watch out.
DNR
Thanks for that, I will do a little research.
Also I am trying to watch my back, it also helps by the fact the school's I.T technition has an I.Q of an 7 year old. Anyway, thanks for the tips.

Another thing I was curious about was that my friends said they had found a weakness within teh basic Microsoft security. I am inclined to wonder if anyone else has heard about this? Thanks.



.... Just found out, apparently the m*c isn't MAC, thanks anyway.

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:

Post by DNR »

Be careful - your friends may be using you as a diversion to their hacking. Its called hacking by proxy - they tell you what to do, in this case they likely just want to you get caught to divert attention from their activities.

Security weaknesses may not nessisarily be with microsoft programs itself, but in its settings to make it run with other programs. The admins might have locked down the window's GUI, but left the IE browser's FILE>Open>browse..

On the mega clue, at best considering the age group you are dealing with:
*t***b****

sTart Batch - I doubt your friends are at the level of overwriting stack blocks, so I believe they found a way to reboot or get the machines to start using a modified batch file to run commands of how to start up.

http://www.computerhope.com/batch.htm

Batch files allow MS-DOS and Microsoft Windows users to create a lists of commands to run in sequence once the batch file has been executed. For example, a batch file could be used to run frequently run commands, deleting a series of files, moving files, etc. A simple batch file does not require any special programming skills and can be done by users who have a basic understanding of MS-DOS commands.

A good example of a batch file for someone who is more familiar with Windows or the MacOS is to think of a batch file as a shortcut in Windows or an icon on the MacOS. Much like a shortcut, batch files could be used to run one or more commands and/or programs through the command line.

Another example of a very well known batch file is the autoexec.bat, which is a simple boot file loaded each time the computer is loaded on MS-DOS and early Windows computers. This batch file contained all the necessary commands and programs used to run MS-DOS and Windows each time the computer booted.

Again, I must encourage you to step back and observe what happens when your friends continue to hack the school network.

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

User avatar
leetnigga
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 447
Joined: 28 Jul 2009, 16:00
14

Re: My challenge

Post by leetnigga »

Greenweed wrote:AND THE MEGA CLUE
*t***b****

The asteriods are for you to figure out.

And before you say thats useless, its better than no clue."

-------> Exact words. He has replaced some letter/numbers with *'s, thats what they are for. I persume this is some type of code, persumably C++ as my two friends are somewhat experienced in that language.
First of all, tell your friend they're called asterisks. Second of all, there's no way you're stuffing C++ code in such a small amount of characters.

Here's what I think:

Code: Select all

/usr/home/g-brain
g-brain@Ares% wget ftp://ftp.openwall.com/pub/wordlists/languages/English/4-extra/lower.gz 
--2009-11-28 19:15:28--  ftp://ftp.openwall.com/pub/wordlists/languages/English/4-extra/lower.gz
           => `lower.gz'
Resolving ftp.openwall.com... 195.42.179.201
Connecting to ftp.openwall.com|195.42.179.201|:21... connected.
Logging in as anonymous ... Logged in!
==> SYST ... done.    ==> PWD ... done.
==> TYPE I ... done.  ==> CWD /pub/wordlists/languages/English/4-extra ... done.
==> SIZE lower.gz ... 1385776
==> PASV ... done.    ==> RETR lower.gz ... done.
Length: 1385776 (1.3M)

100%[==================================>] 1,385,776    435K/s   in 3.1s    

2009-11-28 19:15:32 (435 KB/s) - `lower.gz' saved [1385776]

/usr/home/g-brain
g-brain@Ares% gunzip lower.gz
/usr/home/g-brain
g-brain@Ares% grep -E '^.t.{3}b.{4}$' lower
atrributes
attirbutes
attleboros
attriblist
itssubfile
rtsgmbhnet
stainbrook
stansberry
starobelsk
steelblock
steinbecks
steinbergs
steinbrink
sternberga
stickboard
stonebrink
stonybrook
storebrand
storebytes
strasbaugh
strasbourg
strembicke
xtgrabnone
I'm no master of regular expressions, but that seemed to do the job.

"Attributes" sounds pretty good to me :)

User avatar
Greenweed
forum buddy
forum buddy
Posts: 12
Joined: 25 Nov 2009, 17:00
14

Post by Greenweed »

Thanks for the advice, quite a lot there. So you were right about it being "attributes", thanks for that. Also thanks for the rest of the advice too, here is an update to my situation:

Basicly, I have got a bit further and some of the things my friend has told me are

"Now you have to figure out what you need java apps and attributes for.
attrib /DIR +h +s -I
Very usefull for cloaking us from the ranger server manager"

"-i takes the file out the index, so it wont be searchable, and +h +s makes it hidden and makes it a 'system' file so it hides the file from the average user so they wont accidently delete it, you can do the same thing by right clicking and changing the properties- but theres no right clicking."

----> this one he mentions "no right clicking", he thinks there is no right clicking however I have found out how to right click/properties etc. Although I have not decided to share this with them for several reasons. I also already new about the content of this one, I just thought I would share it as it may give you more of an idea of what they are up too.

This one is most likely important:
"Another flaw I found was 'Limbo' Youll have to suss this one out for yourself.

Put it this way...... See More
Cmd dosent close when you are neither logged off nor logged on

Prehaps you could write a script that moves files to a drive while your in 'Limbo'"

I take it "Limbo" is quite vital.




'DNR' - Thanks for all the advice you have inputted, it has been greatly helpful, and yes thanks for the tip, I am holding back and watching their steps.

'leetnigga' - Thanks for that but may I ask, what exactly is the code for? It looks like the process the 'server' runs through when it connects. However as stated before, I'm no expert at all, so any help would be appreciated.

User avatar
IceDane
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 197
Joined: 12 Aug 2009, 16:00
14

Post by IceDane »

Greenweed wrote:Thanks for the advice, quite a lot there. So you were right about it being "attributes", thanks for that. Also thanks for the rest of the advice too, here is an update to my situation:

Basicly, I have got a bit further and some of the things my friend has told me are

"Now you have to figure out what you need java apps and attributes for.
attrib /DIR +h +s -I
Very usefull for cloaking us from the ranger server manager"

"-i takes the file out the index, so it wont be searchable, and +h +s makes it hidden and makes it a 'system' file so it hides the file from the average user so they wont accidently delete it, you can do the same thing by right clicking and changing the properties- but theres no right clicking."

----> this one he mentions "no right clicking", he thinks there is no right clicking however I have found out how to right click/properties etc. Although I have not decided to share this with them for several reasons. I also already new about the content of this one, I just thought I would share it as it may give you more of an idea of what they are up too.

This one is most likely important:
"Another flaw I found was 'Limbo' Youll have to suss this one out for yourself.

Put it this way...... See More
Cmd dosent close when you are neither logged off nor logged on

Prehaps you could write a script that moves files to a drive while your in 'Limbo'"

I take it "Limbo" is quite vital.




'DNR' - Thanks for all the advice you have inputted, it has been greatly helpful, and yes thanks for the tip, I am holding back and watching their steps.

'leetnigga' - Thanks for that but may I ask, what exactly is the code for? It looks like the process the 'server' runs through when it connects. However as stated before, I'm no expert at all, so any help would be appreciated.
Personally, in a hypothetical adjacent universe where I would spend this much time and resources on gaining privileges on my school's computer so I could go on facebook or something equivalently insignificant, I would start by finding these friends of yours so I could batter them so hard it would break the space-time continuum.

They're acting like they just watched "Hackers: The movie" a few hundred times in a row, which has them believing that giving clues that are so stupid, that reading them chips away at the little faith I have left in mankind, will somehow make them hackers.

But that's just me.

As for your conundrum; the way your friends are saying that 'cmd is never really off' is entirely incorrect. Or rather, it makes no sense. It's like replying with "I like oranges." to "How are you today?" It's just .. wrong.
However, what they are describing might be that when you plug a USB drive into a computer, when logged off, it might still get mounted, and if it gets mounted, it is likely that that any program on it listed to execute in the autorun.inf file that you can put on it will be executed.

This, of course, is a ridiculously insecure design, and I'm pretty sure vista and w7 don't do it. If it's XP, it might. Older, probably.

User avatar
lilrofl
Siliconoclast
Siliconoclast
Posts: 1363
Joined: 28 Jan 2009, 17:00
15
Location: California, USA
Contact:

Post by lilrofl »

IceDane wrote: Personally, in a hypothetical adjacent universe where I would spend this much time and resources on gaining privileges on my school's computer so I could go on facebook or something equivalently insignificant, I would start by finding these friends of yours so I could batter them so hard it would break the space-time continuum.

They're acting like they just watched "Hackers: The movie" a few hundred times in a row, which has them believing that giving clues that are so stupid, that reading them chips away at the little faith I have left in mankind, will somehow make them hackers.

But that's just me.
It's not just you, the friends in question seem a bit inane...
knuffeltjes voor mijn knuffel
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:

Post by DNR »

Maybe the whole point is not trying to run facebook or something 'insignificant' - but this young person wants to learn about computers and networking.

While I agree that his friend's approach to hacking is juvenile, their intent to learn is there. The older, smarter members should foster the spirit of effort and see the real questions hidden in all the chaff. What we do to this person can lead back to his friends, and thus hopefully creating useful, educated people.

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

User avatar
IceDane
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 197
Joined: 12 Aug 2009, 16:00
14

Post by IceDane »

DNR wrote:Maybe the whole point is not trying to run facebook or something 'insignificant' - but this young person wants to learn about computers and networking.

While I agree that his friend's approach to hacking is juvenile, their intent to learn is there. The older, smarter members should foster the spirit of effort and see the real questions hidden in all the chaff. What we do to this person can lead back to his friends, and thus hopefully creating useful, educated people.

DNR
While wanting to learn is all well and good, it doesn't mean there aren't right and wrong ways to do it. Or rather, better and worse ways to do it.

I don't understand why someone would want to do what he's trying to do, whether it be for learning or access to porn sites. It is much better to do both at home. Especially the latter.

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:

Post by DNR »

well as a mod that has access to the poster's IP, I can tell you he is smart enough not to access the suck-o forum from his school network.

Yes, I gave up trying to understand why people have all these different approaches to learning or teaching. There is never a good why, so I just focus on the how.

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

User avatar
Greenweed
forum buddy
forum buddy
Posts: 12
Joined: 25 Nov 2009, 17:00
14

Post by Greenweed »

For the record, I don't care about facebook nor to damage the school's network. I simply wan't to gain access so I can roam freely at school. This could then lead onto other things as I gain knowledge.

User avatar
DrVirus
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 383
Joined: 16 May 2007, 16:00
16
Contact:

Post by DrVirus »

DNR wrote:well as a mod that has access to the poster's IP, I can tell you he is smart enough not to access the suck-o forum from his school network.
Sorry for being skeptical but why do I've this strange feeling that the user can't access suck-o from his school network. :D

DrV

Post Reply