Thursday, November 1st, 2007...8:56 pm
High School Kids HACK!
If you are new to the site, sign up for the RSS Feed. All new sign ups get punch and pieRSS feed. Thanks for visiting!
Your average high school’s system admin, is just out of college and really is just building up his resume to get to the next job. So to say the least the system probably isn’t all that secure. So why not play with them a little? Here is some tips I’ve picked up that might just help you…
Warning: This will not work on most new systems. If it does work you are doing this at your own risk. I am merely telling you old tricks that have worked in the “PAST”. If you want to do tricks like these on newer networks, or networks with better security, I recommend you build your own network and experiment.
You probably can’t open command prompt at school. If you can just go to run, and type cmd … Hit enter. If that is blocked try this…
- Open up Microsoft word.
- Type in Command.com
- Save the file as .bat something.
- Command prompt should open, afterwards delete the file. (if you can log in as a guest do it)
The next thing we are going to do is create an admin account.
- In the command prompt type, net localgroup
This will find out what they call their admin group. It could be administrator or God but you get the idea. - We will assume they use the defaul administrator.
So now you will type, net localgroup administrator Iambetterthanu /ADD
- Granted everything went smoothly you now have your self an administrators account.
Now this wont work on every system but chances are it will work on yours. If it does I take no responsibility what you do with your account. If your school or work has some sort of terms of use, I suggest you read it. It is up to you if you ignore it.
—-
Getting past your web filter.
Easy way: Type whatever you want to go on say i wanted to go on miniclips bug on wire i would go to google and search miniclip bug on wire
then instead of clicking the link i would click “cached”.
Hard way: I’m hoping you still have command prompt open.
Type: ping miniclip.com
And then you should get a IP type that out in your web browser, and don’t forget to put “http://” before you type the IP.
—–
Sending messages throught your school server
Okay, here’s how to send crazy messages to everyone in your school on a computer. In your command prompt, type
Net Send <domain> * “The server is h4×0r3d”
Note: <domain> may not be necessary, depending on how many your school has access too. If it’s just one, you can leave it out.
Where <domain> is, replace it with the domain name of your school. For instance, when you log on to the network, you should have a choice of where to log on, either to your school, or to just the local machine. It tends to be called the same as your school, or something like it. So, at my school, I use
Net Send Haxxor School * “The server is h4×0r3d”
The asterisk denotes wildcard sending, or sending to every computer in the domain. You can swap this for people’s accounts, for example
NetSend Varndean dan,jimmy,admin “The server is h4×0r3d”
use commas to divide the names and NO SPACES between them.
Computer hack, COmPuTer pRAnKs, Computer Tricks, Highschool pranks, Prank your school
60 Comments
November 5th, 2007 at 8:37 pm
Ok so how do I know if the Admin account I created has admin rights and how do I get on it to have those rights??
Website is Fan-Freakin-Tastic
November 5th, 2007 at 9:02 pm
It wont tell you the rights…but basically you are creating an account with the highest level security. So all of them theoretically!
November 5th, 2007 at 10:44 pm
[...] “Your average high school’s system admin, is just out of college and really is just building up his resume to get to the next job. So to say the least the system probably isn’t all that secure. So why not play with them a little? Here is some tips I’ve picked up that might just help you…” High school kids can find these tips here. [...]
November 6th, 2007 at 1:12 pm
[...] ( If you do not have access to a command prompt read this post on how to load it using word. Command Prompt Hack) Click Start –> Run –> Type Cmd – Click [...]
November 6th, 2007 at 4:51 pm
I would not recommend this. I did the message sending trick at my school, and the message carried the unique ID location of the computer I was at. I nearly went to jail, even though I couldn’t have done any REAL damage, even if I wanted to. Don’t try it unless you can haul ass immediately after hitting enter.
November 6th, 2007 at 5:08 pm
Shells ON the Floor….
I’d agree with that honestly. Dont do these things unless you understand you school or companies computer use policy.
I’m showing you how, its up to you if you use it. I’m the gun make but I’m not making you shoot it.
November 6th, 2007 at 7:03 pm
You are a blithering idiot. Not that I’ve ever worked for a school system before, but I can assure you that their requirements for a system admin are more stringent than “just out of college”.
Also, script-kiddies, the retarded commands given here will not work unless you’re on your admin’s workstation, so good luck with that.
This is the most stupid shit. ever.
November 6th, 2007 at 7:33 pm
Scott Oh Scott…
YOu system right are attached to the user not the specific work station. Wouldn’t be very effective for an admin only to be able to use ONE workstation.
Most systems have a default password for new users. Create the admin account, log back in under the admin. Have fun
November 6th, 2007 at 9:56 pm
Hate to tell you scott b, because it’s obvious that you have years of IT experience, [chortle, snort] most high schools *do* hire *relatively* inexperienced sysadmins, because the experienced ones will get better jobs else where and HS kids are a PITA, even worse than computer-illiterate office pukes. As for these ‘hacks’, on a poorly secured network, these would all work, depending on many factors, of course.
November 6th, 2007 at 11:56 pm
Dude! those tips are dumb as dogshit. Five bucks if you get any of those working on a decent school network.
Good luck
November 7th, 2007 at 7:29 am
Bill
EXACTLY, these are fun cheekish pranks. They are designed to mess with inexperienced computer users and to cause only frustration not harm. The people who complain are usually mad because the hack wouldn’t work against your geek squad employee or MIT grad.
November 7th, 2007 at 11:26 am
Always, always work from a terminal that is not associated with you. Do it at another students or another co-workers terminal. There should be absolutely no ties to you at all, ever.
November 8th, 2007 at 7:58 pm
Anyone else get the feeling scott b is a “just out of college” HS SysAdmin? lol
November 8th, 2007 at 8:56 pm
This isn’t a very good list.
Perhaps, back in the day of totally decentralized Windows-only networks they might have worked, but I’m sure most schools have moved onto bigger and better things. Novell, for a start. The network structure is now often far more complex than you’ve assumed it to be.
It’s fun in theory, but old and incomplete. There are hundreds, if not thousands, of ways to work around proxy filtering. The worst of them is, quite possibly, using the Google Cache. Group Policy, or pure registry work, is far more doable, powerful and open than the techniques you suggested.
Kudos for trying, though.
November 8th, 2007 at 10:34 pm
Well for one thing, all of the naysayers are idiots because I pulled every last one of these on my high school’s systems back when I was there in 2001-2002. They were running NT based systems on one network, and Novell on the other, and these all worked just fine and dandy on both systems cuz our system admin was too busy flirting with the 18 yr old seniors to do his job. Of course, when he got one of them pregnant and married her, he lost his job. Which is when we got this dumb blonde lady that was really clueless, and we had unreal tournament showdowns every day.
November 8th, 2007 at 11:31 pm
If this first “hack” actually works, then the account you are logged in as likely already has local admin rights. Creating a new admin account requires admin rights.
November 9th, 2007 at 12:18 am
An easy way to get to a blocked site is through a Proxy server. Eg: http://www.iamunblocked.com
November 9th, 2007 at 8:40 am
if your looking for a handy way to many blocked sites at college there are many http tunnelers and proxy servers online that will sort you out for nothing. (not to be spam advertising here) but i find vtunnel dot com to be extreemly handy and because it is a http tunneler it will compress and encrypt all the info you are recieving (so even if .mpeg or .mp3 files are blocked it will send them to u encrypted). youtuve it up in college when u should be working >_
November 9th, 2007 at 8:43 am
flan good point,
Use proxy whenever you can. The reason I suggested Ip’s is simply most schools have tight online filters (highschools that is). Some times proxy sites can be blocked. But if they aren’t, YES use a proxy first always
November 9th, 2007 at 12:10 pm
I dont know how it is in other countries but even when I finished high school 2 years ago these things did not work, net send worked for a bit til we got caught writing batch files to repeat the message endlessly causing people to have to turn of the machines and we use to use macro’s for a lot of stuff external portable apps mainly as certain extensions were disabled unless coming from a network drive for which we had no directory access to, our content filtering was pretty heavy as well if you put the IP for a web server in it would just resolve it and compare the domain name with the blocked list and they also had keyword filtering, also we found the best way to get around this was to use a proxy like Guardster.com or others, or for a while they left remote active so remote to home and go from there, but anyways if it works it’s fun none the less, we had on going games with our sys admin and now I am one myself but not for a school but for a bank.
November 9th, 2007 at 3:35 pm
hi,
just thought i’d say great site but…
none of the things worked on my school’s network,
if you save a batch file then it just isnt there
but there are loads more things i could try so thanks for the great tips anyway
November 9th, 2007 at 5:53 pm
I really don’t know who in the hell you’re trying to fool. “net localgroup” doesn’t create accounts. It adds existing accounts to groups that already exist. AND YOU CAN ONLY DO IT IF YOU’RE ALREADY AN ADMINISTRATOR.
This is an absolutely ridiculous article.
November 9th, 2007 at 7:46 pm
I realize that this is supposed to be a fun way for bored kids to have fun, but I think you should explain what everything does/why it all works. Instead of complaining, I’ll go ahead and do just that….
Hack 1: Bat files are small scripts designed to make it easier to do repetitive tasks. Command.com is the commands prompts executable file. By adding this to a bat file, you are making a script to simply run the command prompt.
Hack 2: The net commands are used on networks (duh). There are a bunch of net commands, that can be used for printing, sending files, etc. Typically you can’t create an admin account with net localgroup or net user (the other way to create accounts), because you aren’t an admin. Be careful when trying this, as it may not work, and you could get in trouble.
Hack 3: When you ping a website, you are simply asking for a response from that site. By pinging miniclips, you are asking miniclips to verify it is operating and responding. The number you get is the actual address of the site, resolved from a DNS (use wikipedia to learn more about this).
Hack 4: Its fairly self explanatory how this works, so instead I’m going to warn you. The net send will not work unless the message service is enabled. Also, the message tells you what computer it is from, so this is the equivalent of writing your full name in graffiti. A better use for this is to send messages to friends, instead of informing the entire school about what you’re doing.
November 9th, 2007 at 9:11 pm
you know in wealthy high school these might not work because they have the money to hire an experienced sys admin, or a higher quality networking setup, or likely both. but on average, particularly here in the northwest, that isn’t the case. I know for a fact that all of these would work in all the high schools where I’m from….. on a separate note, “will not work unless you are at your admins workstation”?!?!? what?!? I swear some people don’t even understand what networking does….
November 9th, 2007 at 11:46 pm
As a current high school student, I can tell you that these worked untill they took the admin privilege from the student accounts at our school. It was pretty easy to edit the registry to turn of novel so we could do pretty much anything we want. Of course the web filter was still in, but we could make accounts, install things, play with settings, anything.
But you wanna know why all this worked? because you could double click on a folder in the start menu and get into the c:\ drive that is normally blocked.
And for all i know, the command.com .bat file still works to open up solitaire:)
November 10th, 2007 at 12:20 am
Hey everyone,
Props to you all for trying to find a back door for systems, this is where security mind people are born, but keep in mind that when you do try these things you are putting yourself at risk. My advice is to create simple networks at your home with same simple security like the system you know is using. You say “ok, but I can’t” if you’re looking to really hack a windows network, take the time to setup a few systems, download windows server 2003 trial and any other trial software windows has and hack a fuckin way… but tread lightly where you tend to spin your tires…
November 10th, 2007 at 8:19 am
As a one-time college lecturer, I can tell you that on some older and poorly-secured systems some of these hacks may work, but not on newer ones, or ones where the admin does in fact know what he’s doing. What this site doesn’t tell you is that most school/college networks log all accesses to the Internet and to the main servers, and the one I worked at also had a keylogger on every machine. We could backtrack any suspicious activity and trace the user; to even use any machine, you had to log in on a student or staff account, and in the staff office there was a group of machines that allowed us to view whatever was on any other screen on the campus. We did not allow guest accounts at all, and no admin worth his degree will allow them. As I had a lecturer account, I could also view any student’s screen at any time in my class while sitting at my desk, as well as review their account access logs. So it’s not hard to track you down, believe me. While all my students behaved themselves most of the time, and none committed any serious transgressions, I did know of several students who were expelled from the college for merely trying to hack the server and create admin accounts.
So by all means, try it. Just don’t complain when you get found out, expelled and arrested.
November 10th, 2007 at 9:54 am
Go to walmart and pick yourself up a Linksys WRT54G/GS (wireless G) router, then visit this site DD-WRT.com … Learning it while setting up your network will teach you all kinds of nifty little tricks you can test out at your school
Router should only be like $50, prob cheaper on ebay.
Make sure to research the version prior to buying, some models have more memory for add-on apps than others.
And I completely agree from personal experience, hacking (obviously while not causing any damage to your schools publicly funded network which you and everyone you know pays for) breeds network administrators, so unless your up for a career dealing with idiot users and hardware failures in the middle of the night don’t do it, lol, pays not bad though.
November 10th, 2007 at 3:09 pm
Dear Kiddies,
This is an almost entirely useless tutorial. First off, trying to open up command prompt that way will only work if your administrator is a moron. It is very simple to disable command prompt completely, leaving the only way to run bash scripts is to write them into the actual .bat itself.
Second, creating your own user, equally useless. This will ONLY work if you’re on a machine that already has an admin account. And if you have an admin account…why would you do it through commandline?
As for netsend…that is just juvenile. The point of ‘hacking’ is not to one up yourself over your peers, its about finding your own solutions to problems.
Lastly, getting around the firewall. You are much better off to open up an ssh tunnel to your house where you could have a designated proxy server running.
November 11th, 2007 at 4:20 am
(Within Plano ISD)
The funny part is, command.com works in most all schools. Through middle and high school it was never once removed. But, cmd.exe is blocked and most functions are disabled, and the ‘net’ function is severely limited to almost nothing.
Practically useless, I’d sooner (and have) use a live-run Linux CD.
For a proxy, you can host one with Apache HTTP Server, or tunnel as tyr said. If it’s just music or something you want access to, use a flash drive.
Note: If you’re caught, you’ll probably get suspended.
November 11th, 2007 at 11:15 am
I can vouch for these. they worked last *school* year. I say it that way because I’m talking about the part of last *school* year that was still 2007, so still this year.
November 11th, 2007 at 11:18 am
P.S. people are going to flame you toasty warm if you keep calling them kiddies. You might want to call them “old farts”, because4 in general, it’s the old folks who are most computer illiterate.
November 11th, 2007 at 11:28 pm
net send can be a real bitch but the messenger services has been disabled by default on all sp2 machines…. getting local user passwords may be really easy by just burning yourself a copy of ophcrack live-cd and booting from it. if your successful in getting any local accounts with the live cd, try to also find out if other machines around you also have the same login because if they do your in luck. just google pstools and get very familiar with it because it just might be the most fun youll have. that is of course if that rpc and netbios services are operational, try also the runas command incase your SOL. there are tons of ways to get into admin accounts just google it…..
November 12th, 2007 at 7:44 pm
ok,
im a Sr. in highschool and sience freshman year we have been hackin the network with our admins permision!
its a rather weird. freshman year they roundedup all the people who hacked and gave us free rain till we graduate with the requirement that we report our sexses at the end of teh semester or we loose the privlage
so far we can still axcess command.com through just makeing a shortcut
another way to access the hidden c:/ drive is to go into a program with an information library. we found autocad software usefull and just up till your in the C:/
proxy’s are blocked as a search keyword but in the process they stoped blocking the proxy sites so there still reliable if you know one
home proxy’s work AMAZING!
streaming video is blocked but if you have another internet access (IE. Firefox) you can go around most everything except DNS blocks
as for young IT guys and shitty networks…our school was founded in 2004 and we were able to get around shit that our 47Y/o IT guy that has worked in the county sience he was fresh out of collage so we kinda taught eachother
and to the guy that suggested the live-cd linux……a-fuckin-men
that has been hack numeral uno
the ONLY thing that will stop you thne is the internet DNS blocks!
other than that you can play in the windows server all day long! (when useing liveCD it uses a random IP that can be on a static IP is what our IT guy says and what we concluded) WARNING! the can still SEE you there but only the fact that your there and nothing else
ill post more at the end of this semester
skot
November 12th, 2007 at 7:50 pm
oh ya and also flash games and anything u can put on a flash drive can be stored in networks either on the school or even county level!
at my friends high school they had a fourm active with over 20GB worth of games and active people with him as top dog of the thing
at our school we have access to 3 networks
school inbot
student assignments
teacher inbox
the student inbox can be modified by anyone and if you hide the file and make an HTML page that has a direct link to it then you can hide the games and anything else with out a problem
November 13th, 2007 at 8:22 pm
I would like to thank those that posted ideas and the original author for sparking them. My school is quite nice and so long as their is no damage done (or intention to do some) then the worst I have heard of is my friend is not allowed to go near the school’s computers. interesting to me is the novell is newish (2004 i think) and they constantly check where we have been and what we are doing yet the command prompt is still unblocked… and our firewall (or whatever it is (stBernard)) blocks some pages on technology.
is fun
November 13th, 2007 at 9:07 pm
also one more thing i remembered yall were talking about useing someone elses ID
usualy admins dont DELETE profiles so at the end of teh year get a Sr.’s ID
or if they do use microsoft word to run a network search for a special ed’s kids name and get there ID and use it they never use them and are usualy either the defalt pass or a generic one
also the admins not only have a password for there login but an individual PC login witch disables them from locateing u on the network (this is the case at our school)
ours was easy to crack
user: administrator
pass: ca11ahan
we used a DOS based live-cd to crack teh user names and passwords on that PC
November 17th, 2007 at 12:09 pm
instead of using the ping command to find an ip address you can put nslookup miniclip.com. It will give you all of the wbsites ip addresses.
November 17th, 2007 at 12:34 pm
on my computer it gives me a message that there is no such global user or group…plz help!
November 19th, 2007 at 12:36 pm
This would prolly work in most schools, my friend is a network admin for one school district here and he’s not even out of freshman year of college yet so i believe that part. My school’s admins have no lives so this wouldn’t work. They’ve restricted all permissions for accounts other than admin. I can only open like 5 programs on my computer (not including Office). The rest have the execute disabled. I tried mmc and to simply run command.com but no luck ever.
November 19th, 2007 at 5:58 pm
lol ok all you nay sayers are amusing me, you keep pointing out “this will only work on old systems or if the admin is a moron”. um, read the beginning of this, the original author made that point from the very beginning. he very plainly stated this will PROBABLY work IF your admin is a newbie AND IF the system is old. please, do try to keep up with the rest of us here. I know it is cool to try to be smarter then everyone else on the internet but you might want to read the whole article before you decide on what to nitpick eh?
November 20th, 2007 at 6:19 pm
has anybody heard of the company called “8e6 Technologies”? They are in charge of the web filtering, and let me tell you, they are a major pain in the ass. If anybody has any tips on how to get around them, please share. I tried the first H4x on meh home computer, and I didn’t get a command prompt. The other three, I will be sure to try out on our brand new school computers. If anybody has tips on 8e6, email me at koth442@hotmail.com
thank you.
November 23rd, 2007 at 11:10 pm
watch for students that leave school or transfer or what not. most schools don’t clear out those network accounts so the default password for the year should still be active all you have to do is change it and you have a account for a student that doesnt even go to that school anymore.
November 28th, 2007 at 6:13 am
Dude,
When i create a admin acount,
Whats the pass?
I think the user id is Iambetterthanu
Or does it make my acount into admin?
Thanks
_______
Im the god of Rock
November 29th, 2007 at 9:43 pm
net localgroup Administrator USERNAME PASS /add
December 4th, 2007 at 3:59 pm
(how sweet - report a command-line function and the freaks are with you…)
funny facts:
i’m working for a pretty large concern (the world-wide playing size) and guess what: they hired lots of proofen it-experts, they set up really big networks and stuff and shit (boring…).
now guess what they did to a pc near to me, to block browsers and machine preferences: they created an user account with nearly no rights.
and NOW guess what i did to get access to this pc (in order to change some settings when none of the “experts” were around)…
reality beats every single one of you.
December 5th, 2007 at 10:58 am
Hey guys need hints how to get past web blocks at HS on new apples and macs
December 13th, 2007 at 7:21 am
ok so i totally didnt make an admin when i wrote that down cuz the only way u can do that is if ur an admin. But, id like some shit u can send me so i can do it to some friends during programming class haha… soo send me an email and ill read on…
December 18th, 2007 at 4:59 am
hello my school pc cant access command prompt or anythjing its all blocked could you please email me anyway to get around it pleaswe email me at 04paynel@castle.kent.sch.uk or lpayne69@hotmail.com please try the 04paynhel 1 first
December 24th, 2007 at 6:19 am
Well i am currently at high school and the easiest technique I have found is to simply use the shell command in VB6 simply open a new form stick a command button on it then
Shell(pathname)
where the pathname is simply put the pathname of an exe file you want to run.
I use this to control RM tutor on my school network and it allowd me to view any machine on the network and take control of it. There is noting more fun that opening a VBcritical box on a first years computer saying “MASSIVE ERROR! THIS MACHINE WILL SELF DESTRUCT”
becareful of breaking into the networks I only do this with my computing teachers support to try and make the network more secure by finding the weaknesses
January 7th, 2008 at 12:52 am
Just have the administrator log in to your computer, say you forgot your password or something, they will come to reset it, or atleast they did in my school. Then you will have a cached copy of the password. Just crack it and you will have admin access. I did, and now I have complete access to everything in the school
February 1st, 2008 at 12:16 am
Most schools now reset pass words remotely, you have give the admin a reason to log on the compter and make sure it cant be done remotely
“Admin Access
January 7th, 2008 at 12:52 am Just have the administrator log in to your computer, say you forgot your password or something, they will come to reset it, or atleast they did in my school. Then you will have a cached copy of the password. Just crack it and you will have admin access. I did, and now I have complete access to everything in the school”
February 5th, 2008 at 10:11 pm
wow, i’m soo frustrated with our school administrators, they are soo ontop of things. But then again I got to a 5A school in Texas… but if anyone could help me get past 8e6 webfiltering please hit me up at nvdemise@aim.com
February 7th, 2008 at 11:22 pm
thanks worked for me perfectly. Only, not in word. If ur computer has vista or newest version of word, do it in notepad. Also many other students sometimes have default passwords (e.g. 9999) that they recieve when they first join that may still be active along with their assigned one if ur trying not to get caught. Also do it from library while no one is around cause libraries are less likely to have cameras, then just walk away casually. Thx again for the admin account
February 28th, 2008 at 9:30 am
can u tell more easy ways to hack in simple englis language please pleasepleasepleasepleasepleasepleaseplease
March 12th, 2008 at 5:29 am
lol my school wasn’t all that bright. we used to find all sorts of ways to circumvent the security on the network or the individual workstations.
For restricted program access: if you were in the programing class it was simple… just run a shell command to execute the particular program. If not you could do the same through action buttons in power point.
but my personal favorite in their nievity… their whole security system was hosted on the share drive. All you had to do was disconnect the ethernet cable and the security wouldn’t even load!
Then simply plug it back in and you had full access to the internet and the entire network at that.
March 12th, 2008 at 7:00 pm
With this admin account, am I able to change my grades, or able to perform some sort of similar task?
April 13th, 2008 at 4:25 pm
Is there any way to log on from a computer in your school, and somehow get on to your counselor’s settings?
April 18th, 2008 at 7:21 pm
Another way to access the hidden C-drive is to download portableapps from portableapps.com, and use firefox portable.
in the adress bar of firefox, just type “C:\”
without the quotes of course
and voila, c drive is yours to access
June 5th, 2008 at 7:33 am
everything he says is possible, u just need to make API calls to the register to unblock CMD and REGEDIT. Fairly simple if u kno what ur doing… ur all just noobs.
Leave a Reply