Hey guys -

I have a legitimate administrator acct. on my school network. I've written a small nondestructive senior prank program that I'd like pushed to all workstations on the network. Would it be possible to either mass log on all the workstations and then execute a program at the same time, or have a given executable execute on logon?

I have network shares and access to everything; I just need to know where to look.

[quote author=Banana fanna fo fanna link=topic=14006.msg143054#msg143054 date=1138161582]
Hey guys -

I have a legitimate administrator acct. on my school network. I've written a small nondestructive senior prank program that I'd like pushed to all workstations on the network. Would it be possible to either mass log on all the workstations and then execute a program at the same time, or have a given executable execute on logon?

I have network shares and access to everything; I just need to know where to look.


[/quote]

You do know the consequences if you were to get caught, right?

[quote author=Banana fanna fo fanna link=topic=14006.msg143054#msg143054 date=1138161582]
Hey guys -

I have a legitimate administrator acct. on my school network. I've written a small nondestructive senior prank program that I'd like pushed to all workstations on the network. Would it be possible to either mass log on all the workstations and then execute a program at the same time, or have a given executable execute on logon?

I have network shares and access to everything; I just need to know where to look.


[/quote]Stick to old fashioned senior pranks, they're funnier anyway cause everyone can appreciate them.

Technology pranks can get you SCREWED, maybe you could be a senior 2 or 3 more times.

Group Policy editor (gpedit.msc), Windows settings, Scripts, Startup.

Say hi to CupHead for me.

This is a very bad idea.  I would stick clear of computer pranks in somewhere like a school given the current administration's policies.

Such a thing could have serious negative consequences for you.  Iago's point should drive that home, I should hope.

I'm not suggesting you do anything you are unauthorized to do.

You indicated you have administrative authority and just need to know the technical details of centralized file distribution and execution.  That is the question I was answering, and in no way am encouraging any unauthorized activity.

But iago and Skywing are correct.  You should assume no sense of humor will be afforded your prank from administration.  Get written permission from the principle and secure that document at home before attempting this stunt or prank.  You're a senior, you have everything to lose and only seconds of laughter to gain.

Release a thousand cockroaches in the halls. Don't actually commit a crime.

What happend to Cup?

[quote author=Douglas link=topic=14006.msg143124#msg143124 date=1138215636]
Release a thousand cockroaches in the halls. Don't actually commit a crime.

What happend to Cup?
[/quote]

That's priveledged info, and a forum is no place for it.

Also, a derived prank of that kind can face a severe consequence in a Federal standing and like has been warned to you very ill adviced. If taken to a level further than seen, the school is within legal bounds to take action against it. This will most likely serve a nice probation period, you being expelled, and or jail time with a nice heafty fine. Or may contain all of the above statements in a nice fat partying gift on your way out the door.

Cuphead got arrested for computer crimes, and obviousley he thought the forum was ok for it as he posted the warrant from the police.

[quote author=Meh link=topic=14006.msg143127#msg143127 date=1138216862]
Cuphead got arrested for computer crimes, and obviousley he thought the forum was ok for it as he posted the warrant from the police.
[/quote]
He also deleted it. 

But yeah, he got in trouble for messing with school computers, to an extent that he'll probably never recover from it. 

Hahaha. I don't think you could get written permission from the principal, so good luck. :P

I dunno. I wouldn't have to bypass any security. I do the website and have (slightly limited) administrative privileges, and I know the guys who run the network. They are pretty cool.

All it would do is play a sound file at a certain particular time (and crank the volume). Thoughts?

Don't do it. Get explicit written permission from the network admins or the principal before you do it.

[quote author=Banana fanna fo fanna link=topic=14006.msg143149#msg143149 date=1138233795]
I dunno. I wouldn't have to bypass any security. I do the website and have (slightly limited) administrative privileges, and I know the guys who run the network. They are pretty cool.

All it would do is play a sound file at a certain particular time (and crank the volume). Thoughts?
[/quote]

Unless directed otherwise, don't do anything outside what's required by your job.  Depending on the environment, you may be able to get away with things which have strictly positive effects (e.g. "I just increased website performance by 5% (and didn't need to break anything else to do it)!") without prior authorization.  Something with neutral or negative effects (which is what you're proposing) is a bad idea.

Bear in mind that most computer crime laws are written by people who understand computers about as well as your average battle.net public gamer. :)

My school threatened to expell me about two-three weeks back because I had the network administrator password (n0tell - what a crappy password) & because I had a file on my account (psexec.exe - from sysinternals.com) that didn't belong.  I told the admin guy in the conference room that his password sucks and he should really make it something stronger so it won't be able to be bruteforced in a matter of minutes.  He said "ok, I'll look into it" --haha

[quote author=UserLoser link=topic=14006.msg143637#msg143637 date=1138515931]
My school threatened to expell me about two-three weeks back because I had the network administrator password (n0tell - what a crappy password) & because I had a file on my account (psexec.exe - from sysinternals.com) that didn't belong.  I told the admin guy in the conference room that his password sucks and he should really make it something stronger so it won't be able to be bruteforced in a matter of minutes.  He said "ok, I'll look into it" --haha
[/quote]

I know my admin's username and password. It's retarded: mm//**

[quote author=UserLoser link=topic=14006.msg143637#msg143637 date=1138515931]
My school threatened to expell me about two-three weeks back because I had the network administrator password (n0tell - what a crappy password) & because I had a file on my account (psexec.exe - from sysinternals.com) that didn't belong.
[/quote]

You got lucky. Why did you have psexec, again? I can safely guarantee if you had that on a computer out here you would be expelled within a matter of seconds. Hyper-paranoid system admins would freak when it could spawn remote processes as system.

[quote author=Newby link=topic=14006.msg143703#msg143703 date=1138570871]
[quote author=UserLoser link=topic=14006.msg143637#msg143637 date=1138515931]
My school threatened to expell me about two-three weeks back because I had the network administrator password (n0tell - what a crappy password) & because I had a file on my account (psexec.exe - from sysinternals.com) that didn't belong.
[/quote]

You got lucky. Why did you have psexec, again? I can safely guarantee if you had that on a computer out here you would be expelled within a matter of seconds. Hyper-paranoid system admins would freak when it could spawn remote processes as system.
[/quote]

Hmm why?  Let's say I was computer A, and someone else was computer B, and I didn't like the people at computers C, D, E, F, ...  Well, using psexec.exe I would command it to remotely execute shutdown.exe with some command-line arguments to on computer B to shutdown those computers C, D, E, F, ect.


i.e. B would execute:
shutdown.exe -m \\HBAC10919 -f -s -t 00

or something of that sort, I don't recall the exact command-line

Hahahaha. That is pretty good, actually. :P

Ooooh I can psexec my program all over the network. Sweet.

Thanks.

Us computer nerds at my college use flash drives to run MSN and other security blocked programs. As its notphysically on our partition they cant trace it to us especially if we log on under an anomouyes(sp?) username.

[quote author=Newby link=topic=14006.msg143703#msg143703 date=1138570871]
[quote author=UserLoser link=topic=14006.msg143637#msg143637 date=1138515931]
My school threatened to expell me about two-three weeks back because I had the network administrator password (n0tell - what a crappy password) & because I had a file on my account (psexec.exe - from sysinternals.com) that didn't belong.
[/quote]

You got lucky. Why did you have psexec, again? I can safely guarantee if you had that on a computer out here you would be expelled within a matter of seconds. Hyper-paranoid system admins would freak when it could spawn remote processes as system.
[/quote]

And they should be.  If I was running a school network, I would be wary of letting students (or employees) run programs like that.  Luckily, in government, the admin passwords were 14 characters long and alpha-numeric (we cracked them, of course :)). 

[quote author=Meh link=topic=14006.msg143723#msg143723 date=1138577461]
Us computer nerds at my college use flash drives to run MSN and other security blocked programs. As its notphysically on our partition they cant trace it to us especially if we log on under an anomouyes(sp?) username.
[/quote]
They can trace what programs were run on the computer, and they could easily (and probably do) see your chat logs and MSN username.  They could likely trace it back to the computer that it was on and do something about it, but they probably have too much fun reading your chat logs.  I know I did when I was an admin :)

What I meant was each computer has a basic logon such as NPC0023, where as an individuals username looks like MAS040633. NPC0023 doesnt require a password and is linked to that PC noone else. They cant trace what person is using the computer if logged on under NPC0023.

[quote author=Meh link=topic=14006.msg143730#msg143730 date=1138579223]
What I meant was each computer has a basic logon such as NPC0023, where as an individuals username looks like MAS040633. NPC0023 doesnt require a password and is linked to that PC noone else. They cant trace what person is using the computer if logged on under NPC0023.
[/quote]

All they have to do is look at the time the anonymous account logged on, check to see if any surveillance cameras were recording at the time and you're caught. If they're smart, they've have a special program alert someone when a user logged onto a computer anonymously, then run some sort of program in the background logging all activity. So yes, they can trace you. Especially if you're logging onto MSN thus giving away your email address in packet logs.

[quote author=Meh link=topic=14006.msg143723#msg143723 date=1138577461]
Us computer nerds at my college use flash drives to run MSN and other security blocked programs. As its notphysically on our partition they cant trace it to us especially if we log on under an anomouyes(sp?) username.
[/quote] I spoof linux with a firefox extension to get around their clean access based login system on the school computers and use the web based vpn login (in place for the unix and linux labs) so I can run whatever I want over the network without clean access throwing a shit fit.

We close the security programs down otherwise MSN wont log on. Majority of rooms dont have surveliance.

[quote author=quasi-modo link=topic=14006.msg143738#msg143738 date=1138582720]
[quote author=Meh link=topic=14006.msg143723#msg143723 date=1138577461]
Us computer nerds at my college use flash drives to run MSN and other security blocked programs. As its notphysically on our partition they cant trace it to us especially if we log on under an anomouyes(sp?) username.
[/quote] I spoof linux with a firefox extension to get around their clean access based login system on the school computers and use the web based vpn login (in place for the unix and linux labs) so I can run whatever I want over the network without clean access throwing a shit fit.
[/quote]

You sir, are lucky having firefox at school. IE, blah.

Also, just disable the proxy and you should be fine. Unless they actually know what they're doing and truely filtered..

[quote author=Joe link=topic=14006.msg143805#msg143805 date=1138658578]
[quote author=quasi-modo link=topic=14006.msg143738#msg143738 date=1138582720]
[quote author=Meh link=topic=14006.msg143723#msg143723 date=1138577461]
Us computer nerds at my college use flash drives to run MSN and other security blocked programs. As its notphysically on our partition they cant trace it to us especially if we log on under an anomouyes(sp?) username.
[/quote] I spoof linux with a firefox extension to get around their clean access based login system on the school computers and use the web based vpn login (in place for the unix and linux labs) so I can run whatever I want over the network without clean access throwing a shit fit.
[/quote]

You sir, are lucky having firefox at school. IE, blah.

Also, just disable the proxy and you should be fine. Unless they actually know what they're doing and truely filtered..
[/quote]

I'd imagine most schools use transparent proxies.

IF your talking about me Joe, we have IE.

[quote author=Meh link=topic=14006.msg143820#msg143820 date=1138663806]
IF your talking about me Joe, we have IE.
[/quote]He's probably talking to quasi-modo since quasi mentioned the Firefox thing

[quote author=Lord[nK] link=topic=14006.msg143817#msg143817 date=1138661930]
I'd imagine most schools use transparent proxies.
[/quote]

This is my experience as well.

[quote author=Meh link=topic=14006.msg143730#msg143730 date=1138579223]
What I meant was each computer has a basic logon such as NPC0023, where as an individuals username looks like MAS040633. NPC0023 doesnt require a password and is linked to that PC noone else. They cant trace what person is using the computer if logged on under NPC0023.
[/quote]

That's a stupid way of doing things, but oh well :)

Don't forget that they can (and probably do) read your conversations without your knowledge.  Just don't talk about private or illegal stuff, and you'll probably be ok. 

[quote author=Skywing link=topic=14006.msg143823#msg143823 date=1138664825]
[quote author=Lord[nK] link=topic=14006.msg143817#msg143817 date=1138661930]
I'd imagine most schools use transparent proxies.
[/quote]

This is my experience as well.
[/quote]
The other alternative is to block all ports that go from the inner network to the outside world, except for on the proxy server.  Then the only way to get out is going through the proxy.  That has the bonus of killing most other networked programs (bots, brute-forcers, IM, etc) at the same time. 

In my experience (which, admittedly, is limited), transparent proxies, for some reason, break easily and don't handle traffic as well as they should.  It's possible that there are ones that work fine, but I have not seen them. 

Last year I managed to gain the Administrator password, access the local grade server, and disable all the site blocking software at my school in about 5 mins.  Then some freshman realized the site block was off and went to a porn site, and well they literally pulled the plug.  It was kinda easy since the Admin login was Technology and so was the password for everything.

The admin at my old highschool left his teacher's account logged on my workstation for some reason. I changed my mark for the course and adjusted others that are contained on one of the teachers shares where all the marks are stored. Then I found a text file with every students lastname, firstname, number, parents business number, sex, etc, it looked like a text file that was used with one of Active Directory's commnad-line tools, CSVDE, to import a file with a large amount of users into the domain controllers database. Then simply used Novell's built-in messenger service to message every computer in the school that was powered on about a 100 times over. All this in less than two minutes, with no security camera's in the room. So no one suspected me.

[quote author=MrRaza link=topic=14006.msg143848#msg143848 date=1138677209]
The admin at my old highschool left his teacher's account logged on my workstation for some reason. I changed my mark for the course and adjusted others that are contained on one of the teachers shares where all the marks are stored. Then I found a text file with every students lastname, firstname, number, parents business number, sex, etc, it looked like a text file that was used with one of Active Directory's commnad-line tools, CSVDE, to import a file with a large amount of users into the domain controllers database. Then simply used Novell's built-in messenger service to message every computer in the school that was powered on about a 100 times over. All this in less than two minutes, with no security camera's in the room. So no one suspected me.
[/quote]

If somebody had walked in on you, or had been monitoring the system  (who knows how, there are tons of ways) and saw you change the mark, you'd probably be expelled and, at least where I live, you'd very likely serve jail time.  So basically, you'd be throwing your life/future away to have some fun with a computer.  Is that really worth it?

[quote author=111787 link=topic=14006.msg143842#msg143842 date=1138673814]
Last year I managed to gain the Administrator password, access the local grade server, and disable all the site blocking software at my school in about 5 mins.  Then some freshman realized the site block was off and went to a porn site, and well they literally pulled the plug.  It was kinda easy since the Admin login was Technology and so was the password for everything.
[/quote]
They dont block google. Go to images, select Do not Filter My Results. Then type n porn or something. It wont get blocked.

[quote author=Meh link=topic=14006.msg143886#msg143886 date=1138704568]
[quote author=111787 link=topic=14006.msg143842#msg143842 date=1138673814]
Last year I managed to gain the Administrator password, access the local grade server, and disable all the site blocking software at my school in about 5 mins.  Then some freshman realized the site block was off and went to a porn site, and well they literally pulled the plug.  It was kinda easy since the Admin login was Technology and so was the password for everything.
[/quote]
They dont block google. Go to images, select Do not Filter My Results. Then type n porn or something. It wont get blocked.
[/quote]

Content filtering does just that and does not require Google being blocked.  Having uncensored internet access in schools is a significant liability so it's taken very seriously.

But it's done through a proxy, which is disabled with the snap of a finger, unless they have some decent netadmins who disabled your right to change IE settings.

[quote author=Joe link=topic=14006.msg143891#msg143891 date=1138713307]
But it's done through a proxy, which is disabled with the snap of a finger, unless they have some decent netadmins who disabled your right to change IE settings.
[/quote]

A transparent proxy, not some IE proxy setting.

[quote author=Joe link=topic=14006.msg143891#msg143891 date=1138713307]
But it's done through a proxy, which is disabled with the snap of a finger, unless they have some decent netadmins who disabled your right to change IE settings.
[/quote]

It doesn't even need to be a transparent proxy.  I can't get ANY public internet at work without the explicit proxy settings enabled.

@dxoigmn: There's a difference? Call me stupid if you want, but honestly, I thought 'transparent' was describing anonomity (however you spell it).

[quote author=Joe link=topic=14006.msg143940#msg143940 date=1138744576]
@dxoigmn: There's a difference? Call me stupid if you want, but honestly, I thought 'transparent' was describing anonomity (however you spell it).
[/quote]

A transparent proxy is a proxy that is invisible to the user. That is, all traffic is routed through the proxy transparently (without the client's knowledge), which allows all traffic to be filtered or shaped without the user being able to do anything about it. It's their network, they can do whatever hell they want.

[quote author=iago link=topic=14006.msg143859#msg143859 date=1138681168]
[quote author=MrRaza link=topic=14006.msg143848#msg143848 date=1138677209]
The admin at my old highschool left his teacher's account logged on my workstation for some reason. I changed my mark for the course and adjusted others that are contained on one of the teachers shares where all the marks are stored. Then I found a text file with every students lastname, firstname, number, parents business number, sex, etc, it looked like a text file that was used with one of Active Directory's commnad-line tools, CSVDE, to import a file with a large amount of users into the domain controllers database. Then simply used Novell's built-in messenger service to message every computer in the school that was powered on about a 100 times over. All this in less than two minutes, with no security camera's in the room. So no one suspected me.
[/quote]

If somebody had walked in on you, or had been monitoring the system  (who knows how, there are tons of ways) and saw you change the mark, you'd probably be expelled and, at least where I live, you'd very likely serve jail time.  So basically, you'd be throwing your life/future away to have some fun with a computer.  Is that really worth it?

[/quote]

Well, if someone did walk in on me, it is hard to tell the difference between teacher accounts and student accounts desktop wise. And of course the consequences of getting caught are there, that's what makes it interesting. The thing is, I didn't get caught, the network admins probably wouldn't monitor a teachers account that is the head of the Cisco learning department at the school, instead I think they'd be monitoring the how many of hundreds other students that might have been logged on at that time. I don't suggest hacking or anything of that sort, I would barely called this hacking :P. But I do agree with you, it is really risky to throw away your education and career. I have a friend that got caught doing something similar to this, and pleaded guilty to some sort of hacking charge given to him by the RMCP and the school.