Beating the IT Crippler

4 01 2008

I know I’ll regret this one. I work in IT and I’ve seen people try some of this. Perpetuating the info probably isn’t too smart. Karma’s a bitch but…I just don’t like being told I can’t do something. I can’t stand being outsmarted. And even any limits imposed on me that aren’t specifically against me, I still have this need to know I could overcome if I needed to. This goes for anything, but for this blog, I’ll be talking about the lockdown your school/work puts on you. First, the easy, basic stuff.

What to do when Internet Explorer is disabled on a public computer.

Chances are there may be some form of internet connection, otherwise, why disable IE, right? Well, here’s something to try but it may not work if the computer uses a proxy server. Use the help menu. Yup. Fire up whatever you can. It can be something like Paint or the Calculator … anything with a Help menu. Once you’ve opened something up, press F1 | Right Click | Jump to URL | type in an address. There ya go. Just make sure to enter “http://” first, no quotes.

Need access to the file structure?

I once had a job where some computers didn’t have access to My Computer and auto play was turned off. So what? No access to flash drives. Not sure what the intention from IT was here but this group didn’t disable Winkey shortcuts (or they could have just disabled external media). That little flag looking key to left of your spacebar can be good for something sometimes. Yah, it does more than pop open your start menu. Win+E = Opens Explorer and the folder view. Browse to your hearts content.

Installing Programs and Instant Messaging.

This one’s tough. If you can’t install anything it means you don’t have admin privileges. Unless you luck out and the IT guy/girl leaves your computer logged in to an admin profile or the local computer, you can’t install anything. BUT … I’m gonna burn for this one…you can change the local admin password thus allowing you install anything you want. I’ll cover this next. But for now, the easiest (and less likely to get you fired) way is to run apps from a USB stick. Portableapps.com is all I have to say. Ceedo.com for running any app, not just the ones on the Portableapps site

As for IM, even if you manage to get a chat client installed, theres a good chance the ports are blocked so you’ll never connect. For this, use sites like Meebo.com, koolim.com, ebuddy.com. These sites use the http protocol (Port 8080) to communicate with the messaging servers which means if you have internet, you have a way in.

Changing the local admin password.

For this to work, you need to be logged into a network account with admin privilages or the local computer.
– Click Start | Run | CMD press enter | type “net user” enter. This shows you the local accounts. See “Administrator?”
– Now type ” net user Administrator * ” It will ask for a new password. The cursor will not move, don’t worry, it’s working. enter. Retype. enter. Good to go.

If you want something stealthier, so local IT doesn’t realize their PW has been changed, you can add a new account that only you know about. Start with the same as above. In the command prompt window:
– net user add Username Password /add
– net user localgroup Administrators Username /add

Accessing Blocked Websites

Web filters are getting better … and this one is hard. If your company uses Websense, you’re pretty much hosed. (maybe) You used to be able to do simple things like going to Google translate, type in a website and translate from English to English and viola. Some filters don’t monitor the websites IP address, only the URL. To find a site’s IP go here and type it in. You could also find “cached” or older versions of the site. This one doesn’t work for too well for sites that change regularly, (ie. MySpace, Facebook etc) Do this by going here and read up.

These aren’t very effective ways around these blocks. But as I said earlier, you keep looking until you FIND a way, depending on much you already know or are willing to learn, there’s a way around (even Websense) The following may be beyond the scope of this article so feel free to shoot me line with any questions. Just remember though, Google knows everything.

Remote Control a computer with no restrictions (a home computer)

– Setup a VNC server on your home computer and remote in to your own computer from school/work with a VNC viewer.
or
– Use something easier to setup, but require someone from home to help you out. Read here — Crossloop

And for the extreme nerds (I don’t get any of the following, so don’t ask me, I found it on some forum)

1) set up an ssh server at home (this can also be done using cygwin on Windows)
2) unblock port 22 from any firewalls and forward it on any routers
3) get an account on dyndns.org, no-ip.com, or another Dynamic DNS service, and get an updater client (this way you can remember your hostname instead of your public IP, which might change from time to time)
4) To surf the web, you just need to use your own computer as a proxy. Use ssh -D 1080 [user]@[hostname], or on Windows, use putty and set up dynamic forwarding in the GUI
5) Open your webbrowser with a socksifier. On Windows, use FreeCap, and on Linux, use ProxyChains.

So, I dont really advise anyone to do any of this. It could get you in trouble or fired. And it definitely gives your employer a reason to fire you, just in case they’re already looking. I can only hope that by the time I manage a network, stuff like this won’t be a problem *wishful thinking*

_____
L8z,
AleX

Advertisements