Hey Null Byte!
Situation:
I go to an old highschool, built in the mid 1950's, and the tech is ancient. Most of the PA systems, cameras, etc are wired through the walls. The police at our school have a central control room where all the security data runs to, mostly wired in. Our wifi network is fairly nice and recent, but still runs WEP, so not too secure. Unfortunately, the walls are so old and thick that the wi-fi has a hard time getting through. (Also I was thinking that maybe because the school was so old, most of the tech didn't exist to hardwire into the walls, so there's a lot of exposed pipes containing wires) All of the wiring makes it hella hard to hack, but an old school also comes with some advantages: The computers run old and insecure windows OS's, we're talking Windows Vista old. The school also has ancient locks on the door, some with pins that are already set so picking them would take seconds. Similarly, there are class rooms with ethernet ports left unprotected for hours. There's also huge gaps in security when it comes to roof access and few external cameras. There are drop ceilings as well, and easy to gain access to. The electrical boxes are unsecurely locked and sometimes just completely forgotten about. And not all the computers are wired into the network, they still use the wifi and we have some Mac computers that use AirDrop.
My Thoughts So Far:
My school is near a college built in 2014, filled with wireless connections and students the leave accounts logged in and will connect to anything they see, and I've enjoyed screwing with that. But that's what I thought was so interesting about my school, it's old, wired tech makes it an interesting project. So far my ideas have been:
1: Pick the locks to one of the old computer labs, plug in my BadUSB into the computers and remotely control them from my computer.
2: Try finding an PE system or fire alarm that aren't watched by camera (Or get roof access and disable them from the back) and opening up the PE system/fire alarm and hooking up a Raspberry Pi into it. (Also how badass would a wired hacking tutorial series be? I don't believe that null-byte has a series yet, but if anyone has a link to one or would be interested in writing a series on it, please let me know!)
3: Do essentially the same, except opening up one of the drop ceiling and doing the wiring from there.
4: Plugging something malicious into the ethernet ports? (I don't know if this would actually work, or if these kinds of exploits exists, pardon my noob.)
5: Accessing the campus police radios via connecting a radio listener into the chatter, hooking it up to a discrete power supply and streaming it home.
6: Any kind of wifi hacking the old and insecure networks.
What Would You Do?
I thought the Null Byte community would have some interesting ideas for hacking these ancient systems, thanks!
(I know the dangers of hacking government property and I'm aware that this transcends into Grey Hat hacking, this is just a thought experiment for the community that I would follow through with. Probably.)
7 Responses
Many hacks don't matter if the network is wired or wireless. So most articles on Null Byte should be feasible regardless of the media used.
-Defalt
You could in discreetly hack into one of those college devices and use that as a proxy to hack the actual school servers.
Although if it's vista then you could probably crack that in like 30 seconds.
If you do something inside the actual school, they might or might not have a way to find out which computer the hack originated from. If you could find a way into the cameras and hack those, that would guarantee your anonymity but then if the admins found that out then things would get really serious.
Interesting discussion though.
use tor for whatever you do i have keyloggers on most keyboards in my middle school and have cracked the admins password also since my school is "good with tech" i created fake emails its really simple we are not allowed to modify the computers so i use a web browser in the background that runs stuff like that use wireshark to monitor what goes on in the system and have it so some site or searches bring up flags to blackmail students or teachers or just plain old get them fired. read the rule book you can then know what you can and cannot do if it is unspecific then you can take advantage of that.
also go to the city they will have a plan of your school get keys imprints and rfids for doors.
YOU could try hacking the Wifi network since its WEP,you could find quality tuts on Null-byte,then scan the network, launch an MIMT attack
against your victim using MITMF and BeEF,set up autopwn on metaspoilt after hooking their browsers,redirect them to your pwnable url using BeEF..... you can also hijack a software update and install your bd
OR
After gaining thier ip,do some recon,lots of tut on Null-byte which can help,then find some exploits ...........exploitdb is a good site ...
Jamal
https://www.dropbox.com/s/t3ltiwti2olfrml/CCTV.txt?dl=0
If you can view the webaccess of the wired camera circuit try, without login, these after-url they can be valuable.
but you don't need a old pc to hack the network, just if you wonder to create a botnet, but then you must have all-old-computers.
Share Your Thoughts