I recently found the coolest, funniest flaw in windows I've ever found myself. As you probably know in most schools, you can't even change the clock without admin login privlages. (Ok. You aren't supposed to be able to. :D) I found that you can create shortcuts to ANYWHERE on the network or computer, including the DOS prompt. I was oh so giddy...
Anyway, I just wanted to know a few good DOS commands I could run to learn about the network at school. It's a public school, and I know this much:
Every school computer in the country is hooked into this huge network.
There is one T1 line per school, which runs into the country line, which all goes through one computer, to the outside internet. (Stupid, stupid school system! :P)
The computers are running Windows 2000 Pro, and some are running 95. I have yet to see a 98 computer, but there could be some there I haven't found yet.
I'm mainly a whitehat kinda guy, I don't want to destroy anything, or even alter, change, or install anything anywhere. I just want to snoop around without using anything not on the computer (foriegn programs, ect.). You know, see what I can find. Now, I don't have any problems COPYING files off.. :D (I've found some very interesting files already)
So pretty much, I know a few DOS commands involving network stuff, but not very many. I know there are lists out there, but I was wondering if you could tell me your favorite/best/most useful, how to use them, tips, ect. Anything you'd think useful. I get very, VERY bored in web page design.. ;)
[edit- I just remembered I have the IP address for a printer here somewhere, if that sparks any idea's.]
Just go to Windows Help Index and Find Commands.. Well, not just dos commands u can see, Well, you will have a lot to learn from there.. Use ur brain plz..
At one of my friend's workplaces, they had NT computers locked down, except they made one mistake: they left the "Help" available on the Start menu. Thru help, you can bring up the task manager. And the task manager has a Run command. So of course now he was able to play solitaire again :)
Hey cool, I was at public school too :)
My network had pretty similar vulnerabilities... I've posted a few bits and peices about it here, on ISA and Super Scout.
I'm not sure abo Citrix. I haven't seen anything relating too it in my exploring, but it's possible I've just been looking in the wrong place. I'm inclined to think we don't use it though.
Manu- I've looked there, and I've found lists of some DOS commands before, but I wasn't sure what they did.
Coder- Thanks, that site was great. Still a few questions, but I think I can manage them from here.
school fixed our network (friend and i (filtered) it over)
used to be able to run .bat scripts right a dos command on each line of a text file and save it as something.bat , you can play solitaire in lessons and shit or you can message people, run winpopup.exe in the windows folder
My programming class has all ghetto win98 box's with foolproof installed on all and all http requests disabled except for .edu's. After some scouting I determined everything was restricted in prompt and explorer no help no nothing (very very tight) We were able to get netmeeting going and able to connect to each other over the lan and save to the default folder for netmeeting but couldnt execute anything because of a crazy memory rule that foolproof was doing. I did find out that we could do echo commands in dos though which is really cool because that means we can basically kill any restrictive software on the OS or 3rd party like foolproof, it was one of the methods written in a tut here too, "echo bye > foolprooffiles.exe,.vxd,etc." Now i just have to figure out those damn macs in the library ;) :ph34r:
edit: oh and when foolproof was disabled explorer restrictions still stuck so I went through the winfile thingy in windows/system or /windows which is just as good.
my school was possibly the most unsecure network I've ever seen...
user: admin
pass: changeme
however, I'm in university now, and I've come across the first example I've seen of a "Metropolitan Area Network" (MAN)....which is connected to both of our universities, the council computer system and the telephone exchange. A goldmine if you will :rolleyes:
if you're feeling particulary brutal... a batch script like this...
example.bat
netsend * stop!
example.bat
...will just loop and loop and loop, sending thousands of 'net send' messages. if the network is made up of 95, 2k, NT, XP, or Citrix (not '98) machines, then you will bring the network to a standstill, as no one will be able to do anything other than click 'ok' - whereupon another message just pops up.
this can be made even more excitin if your network reads its email with outlook (not express). you can send a message to someone with this code embedded (rewrite it in VB if you prefer) and then they will be responsible.
now if you're feeling even nastier... you can recycle some of the code from the old BubbleBoy virus, and have this email post itself to everyone else in the address book...
(of course, if you're hoping to have this program run on computers other than your own, you must accept that you will have to design a method of having it run hidden...)
Finally, I accept no responsibility for your actions, or the actions of anyone using this code / these ideas for anything other than an educational purpose in a secure and privately owned environment.
if you're feeling particulary brutal... a batch script like this...
example.bat
netsend * stop!
example.bat
...will just loop and loop and loop, sending thousands of 'net send' messages. if the network is made up of 95, 2k, NT, XP, or Citrix (not '98) machines, then you will bring the network to a standstill, as no one will be able to do anything other than click 'ok' - whereupon another message just pops up.
this can be made even more excitin if your network reads its email with outlook (not express). you can send a message to someone with this code embedded (rewrite it in VB if you prefer) and then they will be responsible.
now if you're feeling even nastier... you can recycle some of the code from the old BubbleBoy virus, and have this email post itself to everyone else in the address book...
(of course, if you're hoping to have this program run on computers other than your own, you must accept that you will have to design a method of having it run hidden...)
Finally, I accept no responsibility for your actions, or the actions of anyone using this code / these ideas for anything other than an educational purpose in a secure and privately owned environment.
love that bit at the end. The not responsible bit lol it lets us learn, whoever worked it out has my thanks
I don't think you could do it as a batch file (unless I missed something way back when) as you need to alter packets as they leave, which I would think would require something a little more than simple scripting for.
Sign In
Register
Help
MultiQuote
Posted 31 October 2003 - 08:10 AM
