💾 Archived View for gemini.theuse.net › textfiles.com › uploads › termhack.txt captured on 2022-01-08 at 21:07:01.

View Raw

More Information

-=-=-=-=-=-=-

file written by OTTRE


Hacking XP Comp. Terminals
======================
Disclaimer:
Whatever the consequences from you using this file, they have everything to do with yourself not with I. However, I do encourage program and ISP theft,but dont condone it.
 

Forward:
This works on a network from a computer running XP **I think**. Use it to avoid internet download charges from a public-pay computer network.  



First you need: 
1.   An isolated computer connected to the target network. 

2.   A computer that when you restart it does NOT automatically connect to the login server. We dont want the login box. Rather it will boot and show a blank, default desktop with no icons. It does however have a system tray and a Start Menu. Look around the vacinity for an older computer showing this screen with no-one using it. There;s bound to be one.   


=============================================================================
			



			PART 1: ACCESSING COMMAND 
 
Because we are not logged in an account on the server, Start Menu should resemble:   

Step 1: Accessing Help

Click on the Start Menu
__________________________________________
| CONNECT :          | TO SERVER          |
|-----------------------------------------|      
| PROGRAMS :         | NONE               |
|-----------------------------------------|
| SETTINGS :         | NONE               |
|-----------------------------------------|
| DOCUMENTS :        | NONE               |
|-----------------------------------------|
| FIND :             | Empty              |
|-----------------------------------------|
| HELP :             | Windows Help       |
|------/----------------------------------|
|START/
|----/


Step 2: Exploiting Windows Help To Open Command

Open the Help in Help Menu. Now open the INDEX of help topics. The Help topics are alphabetically labelled. Open the second help-topic which is called ACCESS PERMISSIONS or similar. A box with 2 subtopics should open. 
Open the second subtopic and a CHM helpfile should open (See Below).
Recognise the CHM file as the textwindow with a yellow background. Ignore the text and look in the print menu (drop-down) for PRINT OPTIONS.


Diagram:

|--------|--------|-----------|--------|-------------|
| FILE   |  EDIT  |  BOOKMARK |  HELP  |  PRINT      | <------- MENUS
|--------|--------|-----------|--------|-------------|
| OPEN   |  COPY  |  DEFINE   |  ABOUT | PRINT TOPIC | 
|--------|--------|-----------|--------|-------------|	
|						     |	
|						     |
|      			CHM HELP FILE                | <------- TEXT
|						     |
|			IGNORE THIS TEXT	     |
|						     |
|						     |
|----------------------------------------------------|


In printing options click properties. In properties click help. This will bring up another help file. This time click FILE MENU>OPEN. In the file name path type : 
"C:\*.*" without the quatation marks. Open command in:
WINDOWS
WINDOWS \ SYSTEM32
WINDOWS \ SYSTEM32 \ COMMAND.COM
A message might appear saying "file is invalid, or corrupted" ignore this. 
Close all opened boxes
Return To Blank Desktop




=============================================================================
			



			PART 2: INSIDE COMMAND

In Part 1, I showed you how to open command through CHM help files. In this following "Stage" I will tell you simple MS-DOS commands to retrieve PASSWDs if you dont already know how to. 


Click on Start Menu. Resembles:  
__________________________________________
| CONNECT :          | TO SERVER          |
|-----------------------------------------|      
| PROGRAMS :         | NONE               |
|-----------------------------------------|
| SETTINGS :         | NONE               |
|-----------------------------------------|
| DOCUMENTS :        | Command.com        |
|-----------------------------------------|
| FIND :             | Empty              |
|-----------------------------------------|
| HELP :             | Windows Help       |
|------/----------------------------------|
|START/
|----/


Open command in documents. The command window shall open. Change directories into the ADMIN account using the cd command to change directories. Anyone can do this task. See below for a diagram.

=============================================================================
Microsoft Windows
<C> Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS> cd ..

C:\> cd documents and settings

C:\Documents and Settings> dir
Volume in drive C is C:
Volume Serial Numer is 3249-4665 etc


	Directory of C:\Documents and Settings
29.02.04	08:15 PM	        <DIR>     .
29.02.04	08:15 PM		<DIR>     ..
14.04.04	11:19 PM	        <DIR>     Administrator
12.03.04	03:26 PM		<DIR>     ******
4 Directories 0 Files

C:\Documents and Settings>cd Administrator

C:\Documents and Settings\Administrator> dir

Volume in drive C is C:
Volume Serial Numer is 3249-4665 etc

     Directory of C:\Documents and Settings\AdministratorAccountName
29.02.04	08:15 PM	        <DIR>     .
29.02.04	08:15 PM		<DIR>     ..
14.09.03	07:15 PM		<DIR>     Desktop
12.10.03	06:25 PM	43,904            Diction.ary
12.02.04	08:15 PM		<DIR>     Favorites
31.04.02	04:32 PM	    49            File.name
12.04.01	12:47 PM		<DIR>     MKDIR
29.02.04	13:12 PM	    89            netstat.log
29.02.04	07:11 PM	    19            PASSWD
29.02.04	11:16 PM		<DIR>     Start Menu
29.02.04	08:15 PM		<DIR>     WINDOWS

7 Directories 4 Files

===================
See the file called PASSWD? This is the backup/saved password file which contains the admin username / password. 
Type this file:
===================

C:\WINDOWS> type PASSWD
administrator/6532212				
							 C~:: %XAs%
       
administrator:3wr :wre3f :w34:35wr5:wr:RET

===================   
The username is "administrator" and the password is "6532212".

NOW:
Repeat PART 1 but instead of opening command, open iexplorer in:
C:\*.*   (in path bar)
Program Files
Plus!
Microsoft Internet
docs
bckgrnd.bgf

Click the start menu and you should see the file "backgrnd" in documents. Open this and you are put into Internet browser. Open hotmail and e-mail yourself the admin password. Use the administrator account to use the internet and get it charged to the school, modify user accounts, whatever.