NOTE FROM EDITOR: This article was written by the weasel- since I have no knowledge of foolproof I decided to 'use' an article out of Hackaddict. This is HACKADDICT's ARTICLE, ALL CREDIT SHOULD BE GIVEN TO THE WEASEL!!!!!! Thankyou..
FoolProof Hacking
Hacking FoolProof. A revision v2.0 by The Weasel.
*************************************************
Section 1.
Lately in my many travels, I have discovered a few more FoolProof hacking techniques that work very nicely. This is just a
few more things to help out.
First of all, the version I am covering here is 2.5. However, some of
these techniques will work with earlier versions.
The goal is to get full, unadulterated, access to the entire machine.
To do this you will use the 5 step method. (This method applies to all hacking in general)
1). Find out your restrictions. None? Then what are you reading this
for?
2). Use the best (and hopefully easiest) way of disabling FoolProof.
3). Succeed in your aim. This means do whatever you set out to do on the computer.
4). Install InvisibleOasis to get the password for future (and easier)
access. This is optional, but recommended.
5). Remove the traces of the fun you had.
ON TO THE FUN!
Step 1...Find your restrictions.
+++++++++++++++++++++++++++++++++
1a. Can you move files? (i.e. If you move a folder, does it stay?)
If YES, go to step 2a.
If NO, continue.
1b. Does disabling the extentions work? (i.e. hold shift at startup)
If YES, go to step 2b
If NO, continue.
1c. Is the computer running 7.5 or later?
If YES, continue to the next step.
If NO, tell the administrators to join the 90's and go to 1h.
1d. Is Extensions Manager installed?
If YES, you're lucky. Continue to next step.
If NO, you're unlucky. Go to 1f.
1e. Can you open an use Control Panels?
If YES, go to section 2c.
If NO, not too bad, go to 2d.
1f. Is the Launcher installed? (BTW, I LOVE that thing!)
If YES, go to 1g.
If NO, go to 1h.
1g. When you drag a file to the launcher, does the mouse turn into a hand?
If YES, 2e is the place to be.
If NO, <sigh> Old version of Launcher...You are getting woried by now, eh?
1h. Do you have a boot disk?
If YES, 2f.
If NO, make one. (If you can't make one, next question)
1i. Can you run any applications off the disk?
If YES, continue.
If NO, go to 1k.
1j. Do you have anything that will allow you to edit the data fork of a file?
If YES, continue.
If NO, 1l.
1k. Can you get a file's or folder's info?
If YES, 2h.
If NO, 2i.
1l. Do you have write access to any file server at all?
If YES, 1j.
If NO, continue.
1m. Can you write any code at all? (C, C++, etc.)
If YES, 2j.
If NO, continue.
If you haven't gotten through yet, you might be screwed. If you want, break the computer and wait for someone to fix it.
Maybe you "could just watch" and see what they happen to enter as a password...
Step 2...Use the best way of disabling FoolProof.
+++++++++++++++++++++++++++++++++++++++++++++++++
2a. Open up the System Folder and move the FoolProof Init to the desktop (or wherever) and restart.
2b. Disable the extentions while starting up. (Hold shift at startup)
Then perform 2a.
2c. Use the Extensions Manager to disable the Init and the Control Panel.
2d. Hold down the spacebar while starting up. Then do 2c.
2e. Drag some folder onto the Launcher. This will create an alias for
the folder on the Launcher. Now open drag the FoolProof Init and the FoolProof Control Panel onto the alias you just made
on the Launcher. Restart and you are home free!
2f. Boot off the disk...This shouldn't be that hard.
2g. Get info on the FoolProof Prefrences. Make sure the file isn't locked. If locked, go to 2i. If not, go to 2h.
2h. Open up the FoolProof Prefrences with your hex editor. Change byte 15 from 01 to 00. Save and restart.
2i. Use ResEdit to unlock the file.
2j. Write a program that will change byte 15 in the FoolProof Prefs
from 01 to 00.
Step 3...Succeed in your aim.
+++++++++++++++++++++++++++++
This is fairly self-explanatory.
Step 4...Get the password for future reference.
++++++++++++++++++++++++++++++++++++++++++++++++
Install InvisibleOasis (that program has infinite possiblities)
and wait a few days for the SysAdmin to type in his password.
If you are in a hurry, break the computer. (Trash the Chooser
or something) This will make SysAdmin will hurry up. You may
also find some fun things in your log file. Who knows...
Step 5...Remove the traces of the fun you had.
+++++++++++++++++++++++++++++++++++++++++++++++
Take care of the obvious things, move files back, etc. But don't forget the Recent Documents and Applications folders. You
should trash the aliases in there also. Move all the FoolProof stuff back also.
Section 2.
A few more FoolProof hacking techniques courtesy of Macb3th...
Most FoolProof systems have an override key, for when the supervisor is too lazy to enter the password. The best way to find
this is just to hold down some modifier keys, and then peck around on the keyboard. (i.e. hold down control and shift, press
every key, then hold down option and control, press every key, etc). When you find the correct one (be sure to leave some
space in between tries so you know when you got it), it will beep twice and some little icon will flash in the Apple Menu (like
Eudora does, bloody annoying).
But sadly, some systems don't have an override key. So you must proceed to exploit the one weakness of FoolProof! It can't
detect a non-Finder attempt to delete itself. I wrote a little QBasic program (The code is...WHILE 1=1:Kill
FILES$(1):WEND). That's it. it just brings up a file select dialog and deletes whatever you select. So go after the control
panel and extension, and maybe kill the prefs file while you're at it. Then restart, and have fun.
Some FoolProof systems won't let you run a program from a disk. These computers, however, are usually networked. So,
using the regular hacking methods detailed in other files, get to the Finder on the File Server, which (for convenience) usually
doesn't have FoolProof active. Install Delete 'o Bitch on the file server, (included) and stick it wherever the shared programs
go. This has the added advantage of essentially putting this program on *every* machine with FoolProof.
Well, that about wraps up this edition. If you have any other FoolProof havocing techniques, please e-mail me.
