Announcement

Collapse
No announcement yet.

School Work

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • School Work

    Alright so i'm going to sound pretty stupid but I need as much help as possible. I work on the security stuff for a high school, I was going to do a system-wide update of our security system. Only problem is, it requires an admin account and password, and I forgot both. I don't want to look stupid or risk the chance of being fired by going and asking so I need help either creating a new account or getting the password and username for the old one. All the computers are running Windows Vista, every computer links up to a server room where all student accounts are stored so I can't just have it list usernames... the only thing I can log into is a student-like account, I can run cmd by using the batch command "command.com" (without "") but I can't override the administrator password because the student accounts are pretty secure. Does anybody have any ideas?

  • #2
    Re: School Work

    1. The Thread Title is not very descriptive and sounds like something a student trying to hack the school system would use.
    2. How have you been administering the school network without Administrator credentials up until now?
    3. If you are a genuine school IT person, then go to the powers that be and admit you have forgotten the password.
    4. I honestly believe you are a student due to the phraseology used in your post. If I am wrong, I do apologise but unless we have proof you are who you say you are then I am reluctant to assist a potential student hacking into a school network.
    5. If you have access to the school server and you are a network administrator then you should be able to solve your problem very quickly.

    Anyone replying to this thread, please use CAUTION if you reply. Again I apologise if you are indeed who you say you are but we need to be careful.
    1 1 was a racehorse.
    2 2 was 1 2.
    1 1 1 1 race 1 day,
    2 2 1 1 2

    Comment


    • #3
      Re: School Work

      I agree with Biggles, the flying dog.
      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: School Work

        And if you were an administrator, you would know that the server OS is more important than the clients, and that accounts are not exactly "stored in a server room" (perhaps stacked neatly on shelves in class order )
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: School Work

          Originally posted by Nbennett View Post
          Alright so i'm going to sound pretty stupid but I need as much help as possible. I work on the security stuff for a high school, I was going to do a system-wide update of our security system. Only problem is, it requires an admin account and password, and I forgot both. I don't want to look stupid or risk the chance of being fired by going and asking so I need help either creating a new account or getting the password and username for the old one. All the computers are running Windows Vista, every computer links up to a server room where all student accounts are stored so I can't just have it list usernames... the only thing I can log into is a student-like account, I can run cmd by using the batch command "command.com" (without "") but I can't override the administrator password because the student accounts are pretty secure. Does anybody have any ideas?
          You can try this step by step (Providing the messenger service is started)

          1- Open a Notepad
          2 - Enter the following in there
          Net send Administrator Reset Admin password from Your Username
          (Make sure to replace the Administrator with the real administrators username and Your username with, yeah you guessed it right, your username. This will escalate your priviledges)

          3- Copy and paste the above code on the notepad 10 times (This is important: no more and no less than 10) like so:
          Net send Administrator Reset Admin password from Your Username
          Net send Administrator Reset Admin password from Your Username
          ....
          4- Save the notepad file as Reset.bat in your desktop

          5-Lastly double click on it.

          This has saved my skin and embarrasment more than a dozen times
          Caesar's cipher - 3

          ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

          SFX JNRS FC U6 MNGR

          Comment


          • #6
            Re: School Work

            Damn, that works!! I didn't think it would so I tried it out and the password was reset. I wonder how long it will take MS to fix that exploit??

            Thanks L4ndy, that one may just have to go into the Sticky.
            1 1 was a racehorse.
            2 2 was 1 2.
            1 1 1 1 race 1 day,
            2 2 1 1 2

            Comment


            • #7
              Re: School Work

              It's recently come to our attention that some readers of this thread seem to think that L4ndy's post contains instructions on how to hack an active directory account. This is not the case. L4ndy is one of our most trusted members, hence why he received one of our Most Valued Member awards last year: http://forums.petri.com/showthread.php?t=37009


              There are multiple professional and ethical IT professionals that post on this forum as well as that help to run this forum. Some of our members and staff have even been recognized by Microsoft as exceptional community leaders who actively share their high-quality, real-world technical expertise with the community and with Microsoft. One of them is the founder of this very forum:
              https://mvp.support.microsoft.com/profile/Petri

              If ANY of the staff and/or members thought for even a MOMENT that any of our forum members were posting anything even REMOTELY unethical or illegal they would be banned immediately and the applicable posts deleted. Don't forget that 3 staff members have posted in this very thread. We've seen his post and understand that it bears no risk to any computer network anywhere in the world.

              Here's why:

              The Net Send command documentation from Microsoft:
              http://www.microsoft.com/resources/d....mspx?mfr=true

              Originally posted by Microsoft
              Sends messages to other users, computers, or messaging names on the network.

              Syntax
              net send {name | * | /domain[:name] | /users} message


              Parameters
              name : Specifies the user name, computer name, or messaging name to which you want to send the message. If the information that you supply contains spaces, use quotation marks around the text (for example, "Computer Name"). Long user names might cause problems when you use them as NetBIOS names. NetBIOS names are limited to 16 characters, and the sixteenth character is reserved.

              * : Sends the message to all the names in your domain or workgroup.

              /domain:name : Sends the message to all the names in the computer's domain. You can specify name to send the message to all the names in the specified domain or workgroup.

              /users : Sends the message to all users connected to the server.

              message : Required. Specifies the text of the message.

              ...

              To send the message "Meeting changed to 3 P.M. Same place." to the user robertf, type:

              net send robertf Meeting changed to 3 P.M. Same place.

              So if we compare this to L4ndy's post, this command would send the message "Reset Admin password from Your Username" to the Administrator account. Placing this command 10 times into a *.bat file and then running it would simply send the message 10 times to the Administrator account.


              In otherwords if someone tries this and thinks it would get them into an account they would be completely wrong. The only thing it would do is notify the Administrator account that you're attempting to reset the Admin account with a big pop up in the middle of their screen.

              It's like attempting a Jedi mind trick on a bank security guard and telling them that you're going to rob the bank. Not only will you look foolish, you'll get caught instantaneously. To the educated IT professional, L4ndy's post is clearly a joke post intended to enable those who would be so foolhardy to as even attempt to "hack" an account to be caught almost instantaneously.
              Last edited by Wired; 3rd March 2010, 04:39.
              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment


              • #8
                Re: School Work

                I agree with Wired. Net Send is not an hacking tool.
                Also we on the Petri forums do not allow any hacking or cracking related materials as per forum rules which can be found in this URL.
                http://forums.petri.com/announcement.php?f=26
                9) No illegal stuff, no software sharing, cracking, hacking or other illegal activities

                Questions or answers with such items will be deleted by the moderator, and cause your account to be banned for life.

                Just to make myself clear: Asking a question about a serial number for any program is illegal. Giving such a serial is illegal. Asking about Windows Activation and how to change a CD-key for XP is ok, but asking how to bypass the activation process or the Windows Genuine Check is not legal.

                No, braindumps are NOT legal. You might get away with just talking about them, but you will be deleted if you post questions from actual dumps or provide links to such dumps or to companies that offer dumps for money.
                Members which don't apply accordantly are banned for life from the petri forums.
                Marcel
                Technical Consultant
                Netherlands
                http://www.phetios.com
                http://blog.nessus.nl

                MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                "No matter how secure, there is always the human factor."

                "Enjoy life today, tomorrow may never come."
                "If you're going through hell, keep going. ~Winston Churchill"

                Comment

                Working...
                X