home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Freaks Macintosh Archive
/
Freaks Macintosh Archive.bin
/
Freaks Macintosh Archives
/
Textfiles
/
zines
/
Midnight-Raid
/
MIDNIGHT_RAIDvol1iss3.docÉ.sit
/
MIDNIGHT_RAIDvol1iss3.docmaker.rsrc
/
TEXT_159.txt
< prev
next >
Wrap
Text File
|
1999-03-03
|
5KB
|
99 lines
How to Take Down a Mac Network
_________________________
Contents
_______
A-Changing the printer
B-Grabbing passwords
1-shoulder surfing
2-keystroke recorders
3-social engineering
A
---this is assuming that printer sharing is running---My target ran off of four
printers when I did this, and I disabled two in 30 seconds. The key is to look
as normal, and mild-mannered as possible, not to attract attention. -If you
get caught play computer illiterate: “Well, the printer wasn’t working and at my
house I did this and fixed it!”-
1-Go to a single terminal and make sure there is more than one printer to choose
in the chooser. To do this, bring a disk from home with an outdated printer
extension that your school does NOT have. drop it into the extensions.
2-Go into the chooser. Pick the printer that your network isn’t hooked up to.
That should make it so that all of the computers that are hooked up to the printer
that you de-selected can’t print.
3-Leave that computer <make it look like you were never there> and move
to a different one, hooked up to a different printer. Maybe do the same printer
twice on different computers. Harder to save this way.
4-Don’t do this to someone unless they piss you off...don’t do it to you’re
library or anything. <unless they charged you for late fees of something>
B
Grabbing passwords-probably getting a few internet accounts, file sharing PW’s,
maybe even FTP passwords-is easily pulled off. My 3 favorite
methods are shoulder surfing, keystroke recording (by far the easiest), and
social engineering. I will explain all of these in detail below.
1
shoulder surfing-This is easiest pulled off in a beginner computer class. Act
like you belong there, walking around, talking to people. Pick your target.
Surprisingly, it is easiest to target someone who does know a little about
computers. I said a LITTLE, not ILLITERATE or a GENIUS. Walk around, looking
for that person who can type ok (ok, not great), knows the functions on netscape,
knows where they’re going, doesn’t ask for help, goes to popular search engines etc...When you find one, pull up a chair...here’s the
conversation:
You-”You need any help?”
Them-”No”
You-”OK”
<sit there for a while. After a few minutes, tell them when a page isn’t
loading right away:>
You-”You're connection is dropping. You aught to reset the browser. Watch.”
<Without an answer, close the browser window, quit Netscape/IE, and start it
back up. It should bring them to a proxy login page.>
Them-”why’d you do that” <kind of confused/mad>
You-”Your connection through the Alpha-Gateway was dying”
Them-”uhh...ok”
<They will type in the password, ask if you need to, and watch their fingers.
Look and talk like you are inspecting the keyboard while you are doing this.
“wow, you guys just got the new (whatever brand it is) keyboards.”>
You-”It’s been nice talking to you, but I’ve got to go...”
<ACT POLITE HERE so he/she doesn’t change the password.>
2
Keystroke recorders are simple, and easily put to use. Choose your target
computer carefully. Look for someone with high access on the network (i.e. the
teacher, system admin, etc). What computer do they use? That is the account
you probably will want (unless you want to mess up a specific persons email),
so install it there. If you just need an internet account, install it on a
computer that a computer-illiterate person uses. Think all of these things
through. When you find a target, install a keystroke recorder on it. MAKE SURE
THAT IT IS compatible with the system you are using it on. If you try installing
invisible oasis on a computer running os 8.5 it WON’T WORK. Go back, check
the logs, and login.
3
Here, you can have lots of fun. Look for your target. Browse the room for a
COMPUTER ILLITERATE IDIOT. There should be plenty on hand. When you find them,
go up to them. Say:
you-”Hi, need some help?”
Them-<doesn’t matter>
you-”It looks like your connection is slowing down A LOT! here, I’ll rebounce
the interface.”
<quite the browser, start it back up. Go into the preferences, empty the
cache or something. When it brings up the proxy login, ask them:>
You-”what’s your entry name?” <wierdly enough, this has NEVER failed me. DONT SAY “PASSWORD”. that scares people.>
Them-”<login>”
You-”What goes here?”<point at the password entry box>
Them-”<their password>