The Ethical Hacker Network - NEED advice on a hacking project :]

Bryslayz

Newbie

Offline

Posts: 2

NEED advice on a hacking project :]

« on: May 15, 2008, 11:13:44 PM »

I take a Computer Engineering class in my highschool, and our awesome teacher has given us an awesome networking security project.

The goal is to hack into our classmate's computers and extract a file out of their "My Documents" folder, through a simple small network, using "any means necessary", aka: we have permission to use password hackers, firewall blockers, worms, viruses et era (as long as we dont break the hardware).

I would GREATLY appreciate advice and opinions on the best way to go about this intrusion and extraction, such as method and software recommendations.

bryslayz

p.s.
i am going to install COMODOS firewall on my computer to help evade my classmates, good idea bad idea? (i am also using avast AV, we arent allowed to use AVG)


	Logged

Bryslayz

Newbie

Offline

Posts: 2

Re: NEED advice on a hacking project :]

« Reply #1 on: May 15, 2008, 11:16:59 PM »

the class is full of noobs, so there are only about 2 people i have to really worry about.

but one thought i had was to use the web browser to access the router settings and ban my classmate's IP addresses after I have done my business?

That might be kinda mean since this project is a big grade but hey, survival of the fittest right? lol


	Logged

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4167

Editor-In-Chief

Re: NEED advice on a hacking project :]

« Reply #2 on: May 16, 2008, 12:04:09 AM »

Welcome to EH-Net. Hopefully coming here at such a young age will lead you down the ethical path in the future. That being said, your teacher has presented what seems like an isolated environment for you guys to have some fun.

A firewall on your system is a great first start. I don't know Comodo well, but there is someting called the Stealth Wizard. There are mixed results reported on their forum. But try to get some stealth, so that the other classmates won't even see you on the network during their scans of the network. Then try Nmap yourself to find your targets and other useful info. I'm not going to tell you how. That is your homework to do.

Next, are these machines configured identically? If so, use that to your advantage. Change your admin password, then use the old admin password on other machines. If your machine is running remote desktop, then so are the others. Deny RDP on your machine and login to theirs.

Without knowing OS version, apps on the machine, etc. I can't give too many specific recommendations. I can guess XP since their is a My Docs folder, but I don't know SP or patch level. Plus, I don't want to do your homework for you.

Try doing a little research on null sessions in Windows XP, fgdump and 0phcrack or Cain.

Kudos to your teacher. I'd like to meet him/her.

Let us know how it goes.

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

Andrew Waite

Hero Member

Offline

Posts: 928

Re: NEED advice on a hacking project :]

« Reply #3 on: May 16, 2008, 02:49:12 AM »

Bryslayz,

I wish I had a teacher like that when I was studying! Would have made study/homework much more fun Wink

As you state that most of your class are inexperienced don't forget social engineering. All it might take is a quick email to one of your classmates appearing to come from the lecturer or a sys admin and they might give you the keys to the kingdom. I'd pass this one by your lecturer first to ensure you will get the same credit for a non-technical solution.

As Don said, let us know how you get on.


	Logged

-- http://www.infosanity.co.uk
-- http://blog.infosanity.co.uk

LSOChris

Guest

Re: NEED advice on a hacking project :]

« Reply #4 on: May 16, 2008, 09:25:57 AM »

yup, time to send a spoofed email as the teacher asking for their password.


	Logged

jimbob

Guest

Re: NEED advice on a hacking project :]

« Reply #5 on: May 19, 2008, 02:44:09 AM »

If you have physical access to the opponent's PC you could just copy their files to a floppy or a USB key. Nothing wrong with being a "lazy hacker" and spend the least amount of energy to accomplish your goal ;-)

Jimbob


	Logged

pjayes

Newbie

Offline

Posts: 46

Re: NEED advice on a hacking project :]

« Reply #6 on: May 19, 2008, 08:07:10 AM »

learn nmap it is one of the best scanners out there to start you on your way


	Logged

p0et

Full Member

Offline

Posts: 197

Re: NEED advice on a hacking project :]

« Reply #7 on: May 21, 2008, 03:42:55 PM »

I'm not sure what kind of firewall your classmates will be using, BUT... I would make use of the suggestion to spoof an email from your instructure and add on to that. I would make the email come from your instructure and send it out to all your classmates except for the 2 who you think are experienced. In this email, I would send an attachment or a link to an AV app (with your trojan embedded). Make the email sound good, something about him suggesting they use this specific AV/Firewall. You get the idea. From here you're bound to have at least one person install the trojan and you're in.


	Logged

GCIH, Security+, Network+, A+, MCP, DCSE

LSOChris

Guest

Re: NEED advice on a hacking project :]

« Reply #8 on: May 21, 2008, 05:31:23 PM »

you can go simple too

do up a msfpayload executable tell them it is a MANDATORY system update for the lab network.

:-)


	Logged

Pages: [1] Go Up

« previous next »