Note from editor: I was searching Yahoo for some more information on AtEase...found a really good site by deltacrash. Here is an article by him....Give hime ALL THE CREDIT!!!
AtEase Breaking and Entering
by DeltaCrash
<================>
Intro
<================>
Welcome to AtEase Breaking and Entering. I am your instructor for this lesson, DeltaCrash. Now you may ask, "Why
should I read this?" or "Why bother with AtEase?". Simple; AtEase is used by many educational institutions for security
*cough*bullshit*cough* measures. Secondly, the AtEase breaking text that has appeared in other underground zines is
outdates and the majority of the methods (force quit, etc.) do not work on the newer versions. This file is here to show you
the security flaws and backdoors in AtEase along with a general synopsis of the system.
<================>
Legalese
<================>
The author, DeltaCrash, or his real life counterpart has no responsibility for the reader's actions. The following texts are for
educational or informational purposes only. Viewer discresion is advised. This concludes this broadcast of the emergency
bullshit system.
<================>
What is AtEase? 101
<================>
If you are new to AtEase cracking, or cracking in general, you need to read this; if not, you could proceed and skip this
section if you so please.
AtEase is a security system that resembles Novell's Networking client or Fortress with one exception; AtEase sucks. Most
educational institutions use this because it's easy to use and any airhead with half of a brain cell can use it with no problem.
The admins and sysops like it because it's simple to run. Like I said, it's widely used for it's simplicity. On the technical
side it's a tad more confusing.
<================>
What is AtEase? 102
<================>
AtEase is basically an alternative to using the Finder. At startup, the AtEase extension loads, waits for all other CDEVs and
INITs to load and then cancels the Finder's launch and runs the AtEase startup procedeure. You may now say "Why not
just startup with extensions off?". This method worked for a while until the publisher (Apple if memory serves) was
notified and a fix was released. Now, the AtEase extension recognizes that no other extensions have loaded and presents a
dialogue box asking for the admin password.
AtEase itself is an application, just like the Finder is. Force quitting dosen't work (for reason, see above.)- the quit dialogue
box appears, but the AtEase extension sees that AtEase has quit and relaunches it. From the programmer's standpoint, this
is quite ingenious. From the cracker's standpoint, it's extremely annoying.
<================>
Initial Break; Setup
<================>
To break AtEase, you must be extremely careful not to let the admin have any suspicion on your intentions. This involves
being patient and waiting for a good moment to do your work. If an admin is suspicious of you, he/she will be on your
back for a good while. While working, don't show nervousness or anything else that might alert admins. This needs to be
as cover and as silent as possible (Mission Impossible, huh?). Preperation is a must. Here's what you may need: (software
found on all good [k] sites)
1) A disk with a system folder
2) An AtEase Cracking utility (preferrably on the same disk)
3) Headphones (you'll see why in a moment)
4) Ability to get yourself out of stressful situations if you're not
careful.
Getting these materals are simple. For the System disk, look for a program called AtBreak. This installs a system folder
onto a Mac formatted 1.44 disk (hard to come by). If there is room, you may want to put DisEase or AtPeace on it so you
can do *ahem* fun stuff, persay. The headphones are nessary for silence- you'll need to reboot the computer in some
instances and the chime may alert admins.
<================>
Procedeure
<================>
1) Make sure the computer is off.
2) Insert your cracking disk.
3) Plug in the headphones into the headphone outlet on the Mac.
(on the back with some models)
4) Turn the computer on.
This makes the Mac read the system folder on the disk instead of the one on the hard drive.
You now should end up at the Finder interface.
<================>
Actions
<================>
First and formost, you don't want the admin to recoginze the system has been cracked (at first), so make sure AtEase will
boot on the next startup. Now that you're in you can screw with a ton of stuff. The aformentioned cracking software comes
in handy because one (DisEase if I remember correctly) can extract the password for each user. If you don't have have the
utilities, try trashing the prefs. After you have (or purged) the information, launch the AtEase Setup program. There, you'll
be able to mess with user information and abilities. You also may want to add a lewd beep sound since you have total
access to the system...he he he :)
<================>
Getting Out Alive
<================>
To get back to "normal" operating conditions, eject the cracking disk and restart. If you didn't do anything to rash to the
AtEase system, it will boot like it did, except your changes will still be there.
<================>
Admin Escaping
<================>
If an admin is coming your way, activate the screen saver and act like your doing something productive (an open book by
the computer may be wise). If the terminal has no screen saver, shut down. Like I said, patience is a must when doing this.
You could alternatly launch a word processor or something you would usually have access to and make sure it fills the
screen. The admin needs to know everthing is normal during this period.
<================>
Miscellaneous
<================>
If there is no admin around, you sill must have a certain level of caution. There may be some suck-up or ass kisser who
wants to be in good company of the admin (AKA social engeneering). Don't let on that you're doing something that is
against usual computing procedeures. Be suspicious of everyone.
<================>
Conclusion
<================>
I hope this helps you with your problem of AtEase. This procedeure also works on many other security systems on the
Mac and otherwise.
Happy Cracking. :-)
Ciao
-DeltaCrash
<================>
Resources for you
<================>
Neverness (http://www.neverness.net)
MacMan's Hacking (http://www.macman.net)
DeltaCrash can be found on MacMan's WWWBBS and on IRC as DeltaC.
