FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


At school, Snapped for hacking.. have you been caught?





gerpg
I got snapped for hacking the school, I was taken to the Deputy Principle for accessing staff emails on the local intranet and accessing the technitions databases and server stats etc..

I just want to know, has anyone else here gotten into trouble at school for doing something they weren't supposed too?


This could get interesting... Laughing


Louis.
brokenadvice
Never been caught....

Always use some form of flase identity, never use your own.
Gieter
I've been caught quite a few times, but that was just for playing games and not for hacking. Who installs Unreal Tournament on school's personal computers anyway...
coreymanshack
gerpg wrote:
I got snapped for hacking the school, I was taken to the Deputy Principle for accessing staff emails on the local intranet and accessing the technitions databases and server stats etc..

I just want to know, has anyone else here gotten into trouble at school for doing something they weren't supposed too?


This could get interesting... Laughing


Louis.


Why did you get caught? What a d00f. I'm a student at my school who actually used to try to do that stuff. Then though I actually work in the tech room now, so I don't really do that anymore.

>>Stealing Passwords was my specialty.
standready
Were not computers in my school to hack. Then again, we used hammer and chisel on a stone tablet. LOL
RiCtee
I got Admin access to quite a few of my high school's Novell NetWare servers, that was a few years ago. I was quite surprised at how many exploits there are that remain unpatched. I used to think how cool I am but seriously being on the good side is always more rewarding than trying to gain access for malicious reasons. You will undoubtedly get caught in the very end. Take pity on those deprived and lack-of-sleep IT technicians and help them. Very Happy
gerpg
Just to clear things up, i wasn't doing it for 'malicious reasons'. I've actually done the school a hell of a lot of favours, I usually find weaknesses and then tell the Tech's about them. I designed the schools website etc so im not a bad student. lol...

Louis.
coreymanshack
gerpg wrote:
Just to clear things up, i wasn't doing it for 'malicious reasons'. I've actually done the school a hell of a lot of favours, I usually find weaknesses and then tell the Tech's about them. I designed the schools website etc so im not a bad student. lol...

Louis.


If you weren't doing it for malicious reasons why where you sent to the deputy principal or whatever?

O, and another fun thing I did. I got passed the school intranet filter and looked at pr0n, got caught on that one tho.

No, wasn't proxy usage either.
gerpg
Quote:
If you weren't doing it for malicious reasons why where you sent to the deputy principal or whatever?


Because i hadn't told the technitions that i could access it. So they sent the logs to the Dp.

Louis.
Nameless
When I was bored, I used to access forums (such as this one) during class. Unfortunetly I am no quite the l33+ haxx0rz I'd like to be and was caught by a random check a few weeks later. Laughing [/Not in class at the moment, heh.]
Liu
coreymanshack wrote:
gerpg wrote:
Just to clear things up, i wasn't doing it for 'malicious reasons'. I've actually done the school a hell of a lot of favours, I usually find weaknesses and then tell the Tech's about them. I designed the schools website etc so im not a bad student. lol...

Louis.


If you weren't doing it for malicious reasons why where you sent to the deputy principal or whatever?

You need consent to typically find security faults in a system. I could attempt to break into the bank without a malicious intent but for specifically the enjoyment of finding a fault, however I'd probably end up behind bars.
taytay
the worst I did in school was find bugs in the Programs they used to try and teach us stuff. It was unbelievable. First off I was just doing the work like everyone else, then a couple kids froze their computers on the same part of the program, so I exploited it and found bugs in many other parts of the program. just dumb graphic errors that really upset the system. All the kids hated the "game" they tried to call it.. so I taught them all where the bugs were and they eventually replaced our Computer Class time with extra P.E. until they found a new program for the school to use.

Of course I found a flaw in that one as well which cut down my "new game" time by about 3 minutes so I didn't have to sit in front of that bright yellow and black screen as long as the other kids... any more than 5 and the teachers knew something was up. :p
Pikokola
do it lot's time but never caught, why? because i'm the admin at that time ^^ and I do that for searching exploit of my school intra net server *_*

ah... I remember that I ever mess with teacher at the first year after edit some of the server registry ^^, but, that's makes me famous LOL (Dam my friend who put my name in the startup menu)
theem
I never got caught but I do Formated the whole Harddisk of my school !!

My principal called me and asked me that if i know somebody who did !
ofcuorse i said " I don't know " Laughing
Srs2388
I did for getting past the protection thing and getting into myspace... but i never got caught. Cool
coreymanshack
Srs2388 wrote:
I did for getting past the protection thing and getting into myspace... but i never got caught. Cool


Ughh, we don't need to discuss proxy usage.
spacis
me and a group of friends used to be called the Betta Testas, played havoc with the schools systems, but then most of them left, and only the calm, placid ones remain lol

Joe
Soulfire
Apparently I'm not smart enough to do anything like this. Oh well, I'm not all that interested in the lives of our school staff members.
ExplicitRyan
I've almost been caught trying to acess dos a few times.
Also I've almost been caught trying to change proxies.
coreymanshack
ExplicitRyan wrote:
I've almost been caught trying to acess dos a few times.
Also I've almost been caught trying to change proxies.


Lmfao

Guess, what? Your proxy set up in the IE is the gateway to the internet.
If you change that you get no internet.

What were you planning on doing in dos?
Liu
So what level of depth do you guys consider "hacking" as? You all sound like a bunch of kiddies doing kiddy things.
J-Evil
I found a way to delete a teacher's account (and all their files, etc) once in the system. didn't get caught either, but the school district's system administrator kept backups of everything so it was restored next-day anyways. Later I also found a way to shut down the N2H2 (Bess) web filter throughout the network and played some online games while it was down.
Pikokola
Liu wrote:
So what level of depth do you guys consider "hacking" as? You all sound like a bunch of kiddies doing kiddy things.


yeah... most of us can't just jump out to the top of everest ^^

so even tough script kiddies aren't count as real hackers... at least they (or we, or us, or wathever), tries and keep learning ^^
dz9c
Ive never even attempted the idea lol. I have better things to do but it would be interesting yes.
jenice
I never got caught for hacking per se, but I did get in trouble with an employer once.

They had a test that you needed to take before the interview. I'd taken it once before a couple years before, but it was still in the system. They told me that if I'd taken it before, I couldn't retake it. The tester didn't know that though, so I bypassed the entrance screens and created a new test account for me to take.

They didn't catch it until just as I got done. Quite honestly I hadn't done it on purpose. I just entered the menus that were there and chose that options that would get me the test I was supposed to take.

LOL - they didn't appreciate it though and kicked me out before I could get to the interview.

I considered it a lesson learned. I've never been caught straight out like that since.
coreymanshack
jenice wrote:
I never got caught for hacking per se, but I did get in trouble with an employer once.

They had a test that you needed to take before the interview. I'd taken it once before a couple years before, but it was still in the system. They told me that if I'd taken it before, I couldn't retake it. The tester didn't know that though, so I bypassed the entrance screens and created a new test account for me to take.

They didn't catch it until just as I got done. Quite honestly I hadn't done it on purpose. I just entered the menus that were there and chose that options that would get me the test I was supposed to take.

LOL - they didn't appreciate it though and kicked me out before I could get to the interview.

I considered it a lesson learned. I've never been caught straight out like that since.


Ouch that sucks! I did that one time sorta. There was a test and if you answered all the questions it gave you the right answers at the end of the test. I just opened up a new window under a different name and copied all the right answers Very Happy
DandDer
i wouldnt call it hacking, but i got caught doing this thing in dos that made windows appear on other peoples computers. Everyone did it, but most people got away with it...i guess i wasnt lucky back then Sad
scotty
I got the admin password out of a teachers computer using a fantastic program called CookieByte or something like that. Gave me unrestricted internet access for ages (this was in primary school). We had 5 GB of music on our classroom's computer and the teacher didn't care lol. But when me and a friend had a competition to see who could use the most space on the server with junk (about 49 GB in 1999 was good!) the techies found an ebook I had on hacking in my folder that I had left there for some reason and I got busted. I never even read it but they printed out all 90 or so pages and had my parents go to meet the principle with me lol. They banned me from the computers for 2 weeks, little did they know I still had about 30 user names all with full access so I really didn't care. I guess filling the server up was kind of lame and pretty disruptive but hey I was like 11! I never really tried anything like that again because I had my unrestricted internet and then left for high school the next year. Highschools filters were kind of annoying but I had less interest in them, plus proxies worked.
CMA
A long time ago, I used to access other people's computers using the subseven trojan. This one time I managed to install the trojan on (almost) all of the school's computers while making the antivirus ignore it during scans. I kept the program on a disk afterwards and had fun messing around with random people of the school library for the lulz. Those days are now long lost.

And no, I never got caught. I stopped and kept a low profile before things got messy and they suspected anything.
Byakuya_Kuchiki
I got in trouble for using a batch file to loop net send to the Principles computer and I left it on during "Break". I estimate around 10,000+ messages were sent. Didn't really get in trouble I just got "The talk" about abusing school resources. Smile
SpellcasterDX
No, but that's cause I never abused it. I just see no real point in even trying.
ftv_flung
I never really got the chance to do any hacking as such as school Sad - But we were all rebellious when websites, such as as social networks (MySpace, Bebo, Facebook etc.) became blocked.

We discovered Portable Browsers! We were all using FireFox Portable and they couldn't do much about it - loads of people had it.

Not as hardcore as some of you guys!
nilsmo
ftv_flung, firefox portable is actually an excellent use of school computers. They shouldn't do anything about that.
missdixy
Last year two guys at my school got expelled for hacking....I'm not exactly sure what they did but they goti nto a lot of trouble for it. The police were involved and everything.
ftv_flung
nilsmo, my school was always really anal about any technology, and stuff like social networks and using computers for "educational purposes only " - that was a load of bull - all the teachers were on Facebook!!

Teachers could go on any site (pretty much) whereas students had restrictions.

We were so pleased when we heard about FireFox Portable - we even told some teachers about it (ones we trusted) - I guess the IT Dept. didn't like the fact that we could get on these blocked sites.

Having the filter was so rubbish.
Blaster
Well see our school has this thing called wordsmart. Its a stupid program that has many bugs. Well to get into the teacher account where you can move yourself up they made the password, password. Yea i know n00b mistake. Well my teacher wasn't the best at typing and i found that out. And i found out how to beat out the system.
KHO
No, but interestingly enough, I use Total Commander, which I install on all local machines I use (using my own account) and an admin locked my account cause it "looked like I was hacking it". Total Commander is a newer version of Windows Commander or Norton Commander or Midnight Commander for those who don't know, and I had it themed to look like cmd.exe. My account was locked and I promptly logged onto the admin's account who locked it and unlocked it not but 5 minutes after he had locked it. Surprised him since he thought that his 4 digit password was secure.
garionw
Blaster wrote:
Well see our school has this thing called wordsmart. Its a stupid program that has many bugs. Well to get into the teacher account where you can move yourself up they made the password, password. Yea i know n00b mistake. Well my teacher wasn't the best at typing and i found that out. And i found out how to beat out the system.


Thats like our school - the BIOS password on at least one of the computers - acer. The machine in question - acer
[FuN]goku
yes... and when i did.. they wanted to kick me out.. so i said.. you do that and i wont unlock anything.... so they said.. well what do we do... then i said... well first you can get me a diet pepsi. man that pi**ed them off.... ahh good times... served them right tho.. i only did it cuz they wouldnt let me in advanced math and i was just making a point of how smart i was.. Smile ... its really not that hard to get around school stuff.
tony
Byakuya_Kuchiki wrote:
I got in trouble for using a batch file to loop net send to the Principles computer and I left it on during "Break". I estimate around 10,000+ messages were sent. Didn't really get in trouble I just got "The talk" about abusing school resources. Smile


YES!! i did this too; although not to the principal... but i did do it in a computer lab where i could see the monitor of the person who was getting the messages but he couldnt see me hihi

din get caught though...

whoa i d on think id do it to the principal..
Agent ME
Don't tell anyone... ...but I, er, just hypothetically of course, hit the jackpot at my school.

Let's just say that every school computer had VNC (program for full remote access to computers - see the screen, and take control of keyboard+mouse) installed on it. I don't know why it was, er, would be there - teachers didn't use it to monitor kids - they had some specialized software for that. I guess some idiot tech did thinking it'd help make repairs quickly or something.
It would've only taken 30 seconds to find a program on the net that could extract the password from the registry, and to run the program.
And every computer had the same password set up for VNC.


Can you imagine the fun I had, hypothetically of course? Razz

Funniest thing ever... first one I log into has a flash game running on it, and some kid just got the high score. "Please enter your name for the high score board". Before he can type "BOB WANTS YOU. HARD."
"Teacher, my computer is saying stuff to me. Who the f* is Bob and why's he want me?"

Minutes later I go onto another computer, sitting at the login screen. "Please press Ctrl+Alt+Delete to log in. Help"
Help was a link which brought up a window explaining where the buttons were. Pressing enter made it activate. Pressing enter again made the window go away. Holding enter down made it flicker very fast...
"Teacher, that computer is having a seizure or something!" Same kid again. I think I fell out of my chair laughing silently. Thank god everyone was trying to look at the computer he was talking about.


Over a few days, when some of my friends had figured it out from me (they never did grasp it fully - only figured out to get into about 3 different computers, and I think only 1 of them was used by someone every day), I decided to play the good guy and try to talk to a tech and get it fixed.
The tech apparently didn't have enough experience with the system, and only managed to make it so the server didn't auto-start on most of the student computers in the technology department. Didn't affect library computers/teachers/ta-computers. I was the only one using it after that Rolling Eyes

Something funny I did after that... you know the "net send" command that is on almost all windows systems that students like to use to message each other? Apparently if you send a message to "*", or the name of the network, it sends the message to as many computers it can reach on the immediate network. I connected with VNC to some computer in a class room that I knew was only ever used to file attendance, and tested the command from there. Lmao.


Now something php/web programmers would probably love:
My school website used a simple header/footer system with a huge security hole. When you went to the page, the browser showed ".../index.php?start.htm". I figured that the code just opened up that file and put it between the header and footer. Going to ".../index.php?http://www.google.com/" would make it show google's homepage fractured into the header and footer. Then I got creative. Going to ".../index.php?index.php" did something unexpected; it loaded the header, and then loaded the header again below that... and then infinitely repeated for 30 seconds, which then php gave a 30-second timeout error. I thought it should load into itself one time - why would code be running inside the second page?
I never did figure it out until I saw the source code.
I tried to find the tech to help fix it - he was clueless. After a bit of talking I found out one of my teachers kept the files to the site, and I was able to get the source code from him to fix it.
You know what I saw?

header stuff
include($page);
footer stuff

An include command to raw user input! You know how big a security hole that is?! I could've made a custom php file, uploaded it somewhere, and gone to ".../index.php?http://www.myphpfile/lol.php" and ran any code I wanted, including command prompt commands with the exec() command.
I did a quick fix to it, I added code that scanned $page for ".." ":" and "index.php", and if it found those, it nulled out $page.
[FuN]goku
Agent ME wrote:

An include command to raw user input! You know how big a security hole that is?! I could've made a custom php file, uploaded it somewhere, and gone to ".../index.php?http://www.myphpfile/lol.php" and ran any code I wanted, including command prompt commands with the exec() command.
I did a quick fix to it, I added code that scanned $page for ".." ":" and "index.php", and if it found those, it nulled out $page.


That depends whether they restricted things with the exec command... i know i cant exec stuff from my webserver, if i could there wouldnt be 37 gig of free space XD
8ballcrazy
Srs2388 wrote:
I did for getting past the protection thing and getting into myspace... but i never got caught. Cool


everyone does that lol! its easier if you just use a myspace proxy tho..
Chelissamow
I've never tried any of that stuff before - basically because I don't understand how to do it. If I did do that, it'd sure be some interesting stuff. You could totally blackmail all the teachers with their emails. xD
DjinniFire
I never was because I used the computers 3 times on my own and 5 times for class use in the 3 years so far at my current school. Quite sad.

Anyways my friend got busted and was expelled and sent to a different school. He was not allowed on any computer at any school and his parents even banned him from his computer for a year. The cops were brought in as well x]

Why he got busted? Was not his fault. One of his friends knew about it, decided to try it and log on to our school's administrator account and on a laptop which you needed to use an ID card to check out. Wow stupid, leaving a trace right there especially since the main computer that monitors all network activity at our school was in the library, where he was checking out the laptop -.-" idiot got my friend in trouble.

Basically my friend used a keylogger and basically compiled a list of over 200 students/teachers/admin accounts with passwords. x] So two expelled, one of my friends suspended for knowing but not saying, and I was home free even though I was the first to know about this x]

Nothing much really, but it was interesting x]
unknownc1c
haha not yet, but i'm only just starting college Wink
ChrisCh
I got into the administrator end of the school's administration program... all I had to do was login and change a few cookies, and then go to the admin address, and the program thought I was a regular admin... Too easy!

At least I help them when I find holes like that - otherwise I'd probably be suspended... lol!
Daniel15
I got caught a few times Embarassed
Once, I knew the password of a teacher and logged in as them.
And I did other little things as well. Like edit the permissions on my home directory to prevent teachers and other staff members from viewing its contents. The IT techs at my school kinda hate me. Razz
This was ages ago, I don't play around with the school computers any more. I haven't used them for ages, as I've had no need for them.

Quote:
Minutes later I go onto another computer, sitting at the login screen. "Please press Ctrl+Alt+Delete to log in. Help"
Help was a link which brought up a window explaining where the buttons were. Pressing enter made it activate. Pressing enter again made the window go away. Holding enter down made it flicker very fast...

Bahahahahahahahaha Laughing Laughing Laughing Laughing Laughing Laughing
I'm so glad it's not only my school that does that. Students at my school place the mouse on the numpad enter to hold it down Razz

Quote:
An include command to raw user input! You know how big a security hole that is?! I could've made a custom php file, uploaded it somewhere, and gone to ".../index.php?http://www.myphpfile/lol.php" and ran any code I wanted, including command prompt commands with the exec() command.
I did a quick fix to it, I added code that scanned $page for ".." ":" and "index.php", and if it found those, it nulled out $page.

Really, the quick fix would be to scan $page for "http://" Wink
Of course, the proper fix is to have a list of valid pages
Code:

$pages = array('home', 'about', 'contact');
if (!in_array($_GET['page'], $pages))
   die('Invalid page!');
PatTheGreat42
I usually wind up as the guy who gets new rules made for him.

Happens to me a lot, actually.

Who knew that setting up a SNES emulator was so wrong?
Agent ME
Daniel15 wrote:
Quote:
An include command to raw user input! You know how big a security hole that is?! I could've made a custom php file, uploaded it somewhere, and gone to ".../index.php?http://www.myphpfile/lol.php" and ran any code I wanted, including command prompt commands with the exec() command.
I did a quick fix to it, I added code that scanned $page for ".." ":" and "index.php", and if it found those, it nulled out $page.

Really, the quick fix would be to scan $page for "http://" Wink

If you just scanned for http://, it still wouldn't stop people from entering in index.php and making it recursively load or bringing up other files on the computer. I was able to make it display random winnt files like the config files and the raw data of some programs - though I never figured out where anything useful like a password was stored, so it wasn't of much use. Still a hole though.
soulery
My school bans most good sites, and they were smart enough to ban any webpage that had any of the words "prox", "proxi", or "proxy".
edzofcit
Me, caught when trying to play computer games at our computer lab. Thanks GOD our teacher is one of those old people who has techno phobia, she even has no idea about the things im doin. Im afraid he will report this matter to my parents, but because of this phobia, I freely played in our computer lab.
ronaldallan.mojica
hihihi... never really caught... i hope i will not
andy26
I was once caught hacking the Printer server and totaly got busted doing it but i managed to blag my way out of trouble. now im in college im planning to crash the college servers on the day that i leave there for good, iv decided to get a few people to search for all student user accounts on the search for people tab in the start/search bar and where gonna click select all then send an email to all the students in the college so this should crash the servers or at least force them to restart by overloading the system at once, what you think to that idea?
ThePolemistis
Byakuya_Kuchiki wrote:
I got in trouble for using a batch file to loop net send to the Principles computer and I left it on during "Break". I estimate around 10,000+ messages were sent. Didn't really get in trouble I just got "The talk" about abusing school resources. Smile



loll i did the same... managed to send net send messages around teh whole school... took a while when the teachers caught on, after some idiot abused my program lolll and they got done, and i, for making the program, got apparisal from my teachers and nothing said by the techies.

They disbaled net send after that.
Soulfire
I've never been caught, but I do find my ways around the internet blocks to MySpace, Facebook, and a few flash gaming websites ... nothing too serious. All that would happen is I would lose my internet priviledges for 30 days, but still have my school account.
vonboy
I have never hacked a computer at school or anywhere else, but my friend got caught once last year for hacking in and mass sending stupid messages to every computer in the school.
darvit
Daniel15 wrote:

And I did other little things as well. Like edit the permissions on my home directory to prevent teachers and other staff members from viewing its contents. The IT techs at my school kinda hate me. Razz

Yeah, I think it was last year when I was fooling around with the directory permissions. I wouldn't really call it hacking, though. XD

Anyway, my school's network is idiotic--I could access and alter permissions of students, staff members, and professors whose surnames started with the same letter as mine! So I was playing around with permissions, trying to be careful about altering mine... Big mistake! I accidentally write-protected my home directory against myself!

I tried to undo it--I even tried FTP and CHMOD, but to no avail... So I had no choice but to send tech support an email and tell them about it. Sad

Idiotic tech support forwarded my email to another person. This was his/her accompanying message:
Quote:

Elaine,

Do you understand what the client is talking about, if so, can you help her?

Charles K******
UCIS Helpdesk
helpdesk@***.edu


Laughing He can't even understand what I was talking about! Laughing

Unfortunately, when they fixed my permissions, they made sure that I couldn't access other people's folders anymore. Sad Oh well, at least they realized that there was a flaw with the directory permissions.
Agent ME
Might want to read the posts in the topic first to make sure you clicked the right topic Razz

Doesn't seem like schools pick IT people for knowing how to get a network working, more for being able to set up a computer and replace a broken one. When I found a problem with my school site as I said, talking to the techie was pointless - didn't get anywhere, and I stumbled onto the fact my science teacher had access to the site's files, and went to him instead.
LostOverThere
Our highschool has very clever technicians (strangely enough they're all grade 12'ers who get paid for it too). Though, in Primary School, my friend hacked the computers on the network to display "LOLOLOLOLOLOL GOT YOU'RE STUFF LOLOLOLOLOLOL". Yeah, he got suspended. Rolling Eyes
Related topics
I've Been Suspended from School
Computers at school
I got caught by the police! :(
Tell me about the laws in your school system
School Bombing?
CS Hacking
Harry Potter 5 (own written version)
no school
0bobby0
The Cat and the Doors
The Fates Are Fair
Megaman Phoenix
My Stories (Goth)
Secret questions 'make emails vulnerable to hacking'
Reply to topic    Frihost Forum Index -> General -> General Chat

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.