Xatrix Security

[jd2kuk]

Yeah, staff (other than IT techs) are typically completely unknowledgeable when it comes to anything with a keyboard and mouse...

[cheesepuff]

our school puts big OUT OF ORDER signs on a pc when it freezes. LOL! you think its gonna blow. Also i know a good freind of mine who has acsess to the management console. He's my computing teacher... and he is amazed i didn't know how to bypass the filer! (as far as he knows!)

[RMtutor_yay]

rm easylink
your easylink could be

https://
easylink.yourschool
folders.yourschool

[RMtutor_yay]

oh and also if you wonder why hte time wasting RMR: promt aperaed then hold both shift keys
this is RM RESTOR its ment to be spelled like that

the default pw is rmrboot
it is a recovery make on the disk when it was new

[littleben]

mkm

[Shaktal]

I Used safe mode to log into my schools account at school and was allowed to run .exe's However they still have restrictions on websense and they won't let you delete the folder that contains it. You also cannot access your user as normal in safe mode. You need to get through it through a seperate folder which contains all the users

[heebyjeebys]

Dear Xatrix Security Members,
My School has around 300-400 Computers. All running Research Machines software. All the computers are running Windows XP Professional as their OS. The thing that I want to change on RM is the fact that I can't open any .exe files and I only have 30mb storage. I am a Media Student so I need alot of HD space and also I want full internet access. My Plan is to take my Mini USB Keyboard and Notebook USB Mouse into school and plug them in and start up in Windows Safe Mode. My school has deleted the vital .sys file needed for Mouse and Keyboard on Safe Mode, hence why I am using USB. Once I am into Safe Mode I will then pull out my USB Pen Drive with the .sys file on and put it in the correct directory so I can then restart and use the schools keyboard and mouse and boot into Safe Mode. From safe mode I should be able to run any software I want. Please tell me any advice you have and wether this will work or not. Many Thanks.. T.H

Theres a simple answer : bring your own laptop, if thats at all possible

[heebyjeebys]

an easier way to get admin access and not to have that little yellow person in the system tray:

Before you continue, you will need the following:
Your own laptop (or if your lucky this can be done over the internet)
usb stick
Pro Rat (PM Me)
A good enough reason to get the techie to open up your usb stick

And heres what you do:

1. Use pro rat to make server, you NEED to know the ip address of the computer that its going to run on.
2. Embed the pro rat server in a word document or summin (pro rat does this)
3. Put the pro rat server on your usb stick and go and see the techie
4. Give him a good enough reason (this has to be a really good one) to open up the thing you embeded the pro rat server in on the admin account, WITH THE IP that you specified earlier in the setup process of pro rat server.
5. The document will open fine, pro rat will have automaticly installed on him opening the document, make up some crap about its now working blah blah blah, get out of there asap
6. As soon as you done that, whip your laptop out and start the pro rat viewer.
7. You now have full unlimmited control of the victims computer. You can even make the screen turn upside down, cd tray come out and make porn sites pop up on screen and make funny messages appear displaying all kinds of problems.
8. Pro rat, as soon as its deployed automaticy starts its keylogger. You can view the keylogger as one of the options in pro rat. There is also a built in hash decoder that looks for stored passwords. Given enough time he will type the admin password in.
9. As a suggested activity to force him to type the password in, ensure that pro rat is running after he has logged off (this is a setting) and make a message appear on screen telling him that hee needs to log of and back on agian to install updates or some shit. Then, bingo you have the admin password.
10. Use your laptop to access server shares and other crap like that with the admin password and username. Have fun!

Notes:
Your the only one who can remove pro rat
Some antivs pick up pro rat, such as panda and norton
Don't do anything too obvious to the server that he suspects anything (like changing the date to VIRUS ALERT and [i have seen this] changing the username that appears in the start menu to "porn star")

Other stuff:
Pro rat is bloody dangerous!!! be careful with it. I saw computer, (suspected pro rat victim) who had £300 take out of his bank account because of it.
You could wipe the hard drive and all any other drive you had access to with pro rat.
You can download files and documents off the server (pro rat makes it function like FTP server) onto your own computer. You can send too (like sending more servers to the SYSVOL folder, so when its replicated the other servers run it too and get infecteed)
IT is unlikley that you would be suspected of causing the virus infection.

Anymore questions PM me!

[quiksilver]

My school have just got RM CC4,
I found out that if you create a zip folder, put in any type of blocked file extension (EG .exe) in the new zip folder and run it, it works.

RightClick > New> Zip Folder > Name it > Drag file(s) over the zip file > Release Left button > Right Click > Explore > Right click file you want to open > open > vollia

Have fun

[heebyjeebys]

My school have just got RM CC4,
I found out that if you create a zip folder, put in any type of blocked file extension (EG .exe) in the new zip folder and run it, it works.

RightClick > New> Zip Folder > Name it > Drag file(s) over the zip file > Release Left button > Right Click > Explore > Right click file you want to open > open > vollia

Have fun

Another £200 more than they need spend on their network..tut tut