RM Exploits

Discuss it here

Moderators: Community Moderators, Veterans - RM Community

Forum rules
RM Specific Disclaimer: Users should be advised that any software files, modifications, upgrades, plugins etc are property of the poster.
Xatrix Security do not accept ownership of these files nor do we accept liability for any copyright violations.
Xatrix Community Guidelines: Click Here
YutziHak
Posts: 11
Joined: Thu Jan 24, 2008 8:06 pm

RM Exploits

Post by YutziHak » Fri Jan 25, 2008 3:07 pm

Hi,

At my college all the systems run RM and apparantly have very strict restrictions which make exploits very hard to find.

I have looked around this Forum at various other exploits and nothing has been able to work.

I would like to gain access to information I shouldn't as recently my Internet has been disabled due to "Inappropriate surfing" =o.

Anyway, the restrictions are as follows:

Every .exe .scr is unable to be run.
C:\ has restricted access.
Test accounts have been deleted long ago, so no backdoor entrance that way.

Any help is appreciated. I will be sure to reply and report back progress of any idea's.

Yutz.

User avatar
missi0n
Posts: 256
Joined: Sat Jan 27, 2007 9:15 pm
Location: UK
Contact:

Re:

Post by missi0n » Fri Jan 25, 2008 6:16 pm

there's 2 of the same thred here -.-

jd2kuk
Posts: 1537
Joined: Fri Mar 16, 2007 12:19 am
Location: UK

Re: RM Exploits

Post by jd2kuk » Fri Jan 25, 2008 8:35 pm

Mod message: Duplicate post deleted.

Ok, other than trying to get onto the internet, is there anything in particular you're trying to achieve? There are a lot of exploits out there... :P

Do you know what package your college is using to filter the internet?

YutziHak
Posts: 11
Joined: Thu Jan 24, 2008 8:06 pm

Re: RM Exploits

Post by YutziHak » Sat Jan 26, 2008 1:28 am

Unsure of the version being used, and other than being able to access the Internet I'd be very interested in other exploits which I can have fun with.

At the moment, there is a "Common Resource" folder of which I can click on and a shortcup appears in this folder to the management (L:\ Drive) I can see all the .exe's and view various things i'm sure I Shouldn't be able too (E.g. College Website User / Pass) but nothing which enables me to obtain a better access account or anything like that.

I'll find out the system / RM Version being used, however since looking over this Forum I have tried alot of what's been said to no avail.

Is it worth me shifting any programs from the management drive onto a memory stick or do would I gain nothing from this?

Sorry for posting two threads, I posted one in the Newbie section by mistake and forgot to delete it.

Thanks again, and sorry for sounding very noobish.

Edit: If it helps I have access to my Easylink account.

User avatar
ICT Tech
Community Master Admin
Posts: 1415
Joined: Thu Jul 26, 2007 6:33 pm
Location: In my chair!

Re: RM Exploits

Post by ICT Tech » Sat Jan 26, 2008 1:35 pm

can you actually use any of the management programs inside the L drive?
Copying them to a memeory stick helps sometimes, it depends on the management version being used,
copy it to a pen drive and PM it to me, and i'll run a vc on it.

YutziHak
Posts: 11
Joined: Thu Jan 24, 2008 8:06 pm

Re: RM Exploits

Post by YutziHak » Sat Jan 26, 2008 2:48 pm

Can't find the management console on Easylink, however will get it on Monday.

I can access almost every folder within the L:\ drive, however as I said I Can't run any of the .exe's or .bat's.

jd2kuk
Posts: 1537
Joined: Fri Mar 16, 2007 12:19 am
Location: UK

Re: RM Exploits

Post by jd2kuk » Sat Jan 26, 2008 3:10 pm

You can get to management console over easylink by appending /manage to your easylink URL e.g.:

Code: Select all

http://easylink.my.sch.uk/manage
or

Code: Select all

http://127.0.0.1/manage
if you're using an IP address.

Don't forget to change the domain/IP address to your easylink! :P

YutziHak
Posts: 11
Joined: Thu Jan 24, 2008 8:06 pm

Re: RM Exploits

Post by YutziHak » Sat Jan 26, 2008 4:35 pm

Heh, is the IP Address, however when altering the URL to include manage i'm asked for another Username / Pass of which my account has denied access.

=P

User avatar
ICT Tech
Community Master Admin
Posts: 1415
Joined: Thu Jul 26, 2007 6:33 pm
Location: In my chair!

Re: RM Exploits

Post by ICT Tech » Sat Jan 26, 2008 6:57 pm

yeah you need to use a user and pass which has the authority level of: delegate or authorise

YutziHak
Posts: 11
Joined: Thu Jan 24, 2008 8:06 pm

Re: RM Exploits

Post by YutziHak » Sat Jan 26, 2008 8:50 pm

Of course, I realise if I got access to an account with autority over mine I would be sorted... However :-(.

I have a list of all the teachers and their login Usernames, however none of their passwords are "password" "password2" or "changeme". Anything else I guess would be a complete stab in the dark.

Only teacher who I ever see logon uses his Laptop and doesn't appreciate people watching him >.<.

Post Reply