Here's the situation:

The computer department guy at our school has recieved a "new build" from I/T, the people responsible for saying what's on the school computers that block us students from causing havoc. They told him it's "student proof." He has installed this "new build" on one computer, and told us (the directed study units) to do everything we can to break it, and get access to things we shouldn't normally be able to for some extra points.

There are several blocks already, like 'format c' in dos-prompt, and regedit. One major thing that's still open is the startup folder in the start menu, so that could proove useful. Basically, I could use some ideas. Remember, I don't need annoying stuff, I need things that either make Windows unbootable, or get me administrative privilages.

Make windows unbootable? That's easy!

As a last option you might consider downloading malicious software, if you have internet access.

Yes, as a joke we went to the gator corporation website and downloaded some of their stuff. It wouldn't install and yes, we have internet access, and we can bring in all the software we want.

I imagine they would have disabled Control Panel and the Run option from the Start Menu?

Step 1: Open case.
Step 2: Use a hammer.
Step 3: ???
Step 4: Profit!

+

= fun

You could try making a .bat file which runs regedit at the beginning of a login session. A thought.

Do you have any links to any folders on the hard drive? If so, then you have access to anything on the HDD, under the Windows XP client (either Home or Professional version). Often, DeepFreeze (IIRC, the gold standard of drive resetting software) will ignore anything placed there, so you can actually keep stuff on the drive. Also, don't forget about holding "Ctrl" to disable autrunning programs.

Another idea is the Windows messenger. Remember, if it runs any version of Windows, it is by definiteion "hack"able with little to no effort. I laugh at the fools that think otherwise (Service Pack II will do nothing, really)

I dunno to what extent your computer is blocked, but if you can't access the C drive, try opening word and right clicking the tool bar at the top, bring up the "web" toolbar, and use that to access the C drive.

ZZZzzzz.... boring.

Here's what you try first.

First you need access to the hard drive. If you already have this, then skip this step.

Try these things. They are listed from easiest to hardest:

#1. Start>Programs>Windows Explorer.
#2. Internet Explorer>Type c:\
#3. Right click on desktop, click create new> Shortcut. Make a shortcut to C:\
#4. Start>Run>explorer
#5. CTRL+ALT+DEL>Task Manager>File>New Task>Run>explorer
#6. Start>Programs>Accessories>Command Prompt>c:\ (Also try running explorer from here, if it doesnt work, thats okay, CMD prompt will work fine)

Okay. Now I am making an assumption that although your user account is highly restricted, it is probably still labled as an administrator. This means that certain admin powers are still given to you, simply because the admins didn't think you'd know about them or be able to use them effectively.

One of these powers is the ability to change the status of a different account.

Go to the C:\Winnt\System32 folder. Find compmgmt.msc. Run it. Usually this one goes unblocked for some odd reason. If not, try lusrmgr.msc. Anyway, if you use compmgmt, go to the Local Users and Groups. This is the same window as lusrmgr.msc. Open the users folder. There should be a Guest account. Open it. First thing, uncheck everything. Hit okay. Right click on Guest, and click Set Password. Set some password you will remember. Click okay. Open Guest again. Go to Members Of tab. Add the guest to the Adminstrators group. Click OK. Exit out of CompMgmt.msc.

Back at System32, find cmd.exe. Make a shortcut, wherever you feel comfortable. With that, right click on the shortcut and go to properties. Check "Run as a different User". Click OK. Run the shortcut. Enter Guest and the password you gave earlier. Now you have full command prompt admin access. You can run anything that you could run from Run. Regedit, Explorer (for a GUI browsing), whatever you feel.

Cool Matty, that's exactly the kind of thing I'm looking for. We're not REALLY restricted, I. E. we can put things on C:, and they'll stay, but deleting important ones will bring them back after logging back in. Also, this isn't just regular XP login, it's Novell, but I'll try your idea out anyway.

As far as Windows messenger goes, by "hack" do you mean spam? For ****s and giggles I set up a batch saying:



and copy-pasted it several hundred times into the startup folder in the start menu. While it does create quite an annoyance to the average student user, I need something a bit more perminant

[edit -I thought smilies didn't work in code tags, oh well.]

I would suggest getting a CD of knoppix (eitehr download and burn from your comp, if you have acces, or get it from anoutehr computer (if that's allowed), put it in the drive, set your bios to load that drive first, load linux, and enjoy. you should beable to have unrestricted acess to the C:\, internet, registry files (but only work with them if you know what you're doing) and may have a chance to disable that program. However, i've only used linux to a small extent, so i'd suggest getting the thumbs up from Mystic0 or GBK or some such before doing that, it may not work.

I tell you, the easiest solution is: U = HD.

Yah, we came up with the Linux idea. I'm taking my Redhat 9 cd's tomorrow, they're the only Linux CD's I have downloaded and burned. Oh, and the computer teacher made it very clear that our vandalism is to be software only.

I recall several applications that can crack Windows 2K/XP password files in a matter of hours, so long as you have regular user access...Maybe try Googling for them?

i'm just guessing but i think its not password protected, jsut plain blocked acess, right, Ring? my computers at school a security program like that. Never an imput password command, simply a denial of access.

I mean to gain administrative access.

Sadly, yes Noble. Everything in lusrmgr.msc is changable, but when I hit 'apply' it says access denied. I got the Redhat installer running, but I'll keep that as a last thing to do because the hard drive is small enough that Windows and Redhat won't fit at the same time.

Don't use Redhat, use Knoppix. It doesn't require any installation, it runs off CD.

As for Novell, depending on the version, it can be impossibly easy to break through. Unfortunately I haven't used it in a while, but from experience, Novell is the Windows ME of security programs.

Matty, the problem with changing user settings, is that (I think) it creates a pretty detailed log on the server, so if you have identifiable accounts, using that trick is liable to get you caught.

Now, I only know that they caught me and some other kids doing it at my old school, and I don't know if your system has anything like that. Also, it doesn't seem like it matters if your name gets printed on your actions.

the knoppix idea looks good.

the configuration files for the blocker should be able to be changed and saved quite easily from within linux.

I think you missed the point for this thread; RingMaster481's school invited the students to try and trump their system. He won't get punished, he'll get rewarded. They're being "white-hat hackers" here.