What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

More How to be a Hero in School Computer Lab...

Let's now show your teacher something that is a little bit scary. Did you know that Internet Explorer (IE) can be used to break some Windows babysitter programs? Your school might be running one of them. If you play this right, you can win points by trashing that babysitter program.

Yes, you could just get to work on those babysitter programs using the tips of othe Guides. But we will look at a new way to get around them in this Guide, using IE. The advantage of using IE when your teacher is anxiously looking over your shoulder is that you could just "accidentally" stumble on some cool stuff, instead of looking like a dangerous hacker. Then you could show that you know how to take advantage of that security flaw -- but only if you already are confident that your teacher trusts you to not do mailcious hacking.

Besides, if it turns out the security program you try to override is well enough written to keep IE from breaking it, you don't look like a dummy.

Evil Genius tip: People are less afraid of you if you type sloowwwlllllyyyyyyyyyy.

The dirty little secret is that IE actually is a Windows shell program. That means it is an alternative to the Win95 desktop, and the same program that you use for WIndows 98 and ME's Windows Explorer, and totally integrated into the desktop. From IE you may launch any program.

Yes, from the IE shell you can run any program on your computer -- unless the security program you are trying to break has anticipated this attack. With a little ingenuity you may be able to even gain control of your school's LAN. But don't try that just yet, and never unless you have permission!

Newbie note: A shell is a program that mediates between you and the operating system. The big deal about IE being a Windows shell is that Microsoft never told anyone that it was in fact a shell. The security problems that are plaguing IE are mostly a consequence of it turning out to be a shell. By contrast, the Netscape and Mosaic Web browsers are not quite such full-featured shells. This makes them safer to use. But you can still do some interesting things with them to break into a Windows box. Experiment and have fun!

Evil Genius tip: Is your school network run from an NT server? None of the hacks in this Guide may work if it is running Policy Editor. But as we saw above, you can get around Policy Editor.

To use IE to launch programs, bring it up just like you would if you were going to surf the Web. If your computer is set to automatically initiate an Internet connection, you can kill it. You don't need to be online for this to work.

Now here are a few fun suggestions. In the space where you would normally type in the URL you want to surf, instead type in c:.

Whoa, look at all those file folders that come up on the screen. Now for fun, click "Program Files" then click "Accessories" then click "Paint." All of a sudden Paint is running. Now paint your teacher who is watching this hack surprised.

Next close all that stuff and get back to the URL window in IE. Click on the Windows folder, then click on Regedit.exe to start it up. Export the password file (it's in HKEY_CLASSES_ROOT). Open it in Word Pad. Remember, the ability to control the Registry of a server is the key to controlling the network it serves. Show this to your teacher and tell her that you're going to use IE to change all the school's password files. In a few hours the Secret Service will be fighting with the FBI on your front lawn over who gets to try to bust you. OK, only kidding here, but remember, don't even joke about breaking into anything unless your teacher really trusts you.

No, maybe it would be a bit better to tell your teacher that if you can edit the registry, you can get total control over that computer. And maybe much more. Suggest that the school delete IE from all its Windows 95 computers. (It's a lot harder to do on 98 and ME and hard to get along without.) You are on the road to being a hero.

If you actually do edit the Registry, you had better know how to revert to its backup, or else undo your changes. Otherwise you will be making more work for the computer lab teacher instead of less work. Remember, the objective is to prove to your teachers you can cut how much work they have to do!

What if the school babysitter program won't let you run regedit.exe? Try typing c:\command.com. This brings up the DOS window -- if the babysitter program hasn't figured out how to prevent it. Then command it "regedit.exe" and see if the babysitter program anticipated that attack.

More how to be a hero in computer lab--->>


Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

Return to the index of Guides to (mostly) Harmless Hacking!

© 2001 Happy Hacker All rights reserved.