Log in

View Full Version : Bypassing a network blocker at school computers.


midnightrider384
2008-12-04, 00:25
I don't know of a better title, I realize that it makes me sound like an idiot. I do, however, like to think that I'm not.

Anyway, on to the topic in question.

I've always enjoyed computer class. I can sit there, getting 100s on my test while browsing the interwebs the whole time. Apperantly, this is not so anymore. The network administrator recently installed a program that prevents programs from accessing the internet.

I took a look around it, and to be granted access to the internet, an admin needs to load up a dominating program that controls which computers can and cannot connect to the internet.

I found this quite annoying, I figured the admin had once again installed a program that didn't show up in the system tray and blocked the internet until he issued a universal command over the network to close it. I loved it when he did shit like this becase you could just close it and you had internet.

I looked and searched for a way around this. I looked through the "About" section of it looking for any stupid exceptions it gives, I tried closing it with task manager, I tried closing it with command prompt, but I could not close it or get around it.

I forgot the name of the program, I'll post it tomorrow when I get to the lab again.

13579
2008-12-04, 07:01
Tell me, does it not allow internet explorer/firefox to open, or do they just give you a 404?

My web design teacher used something like what you describe (Starts with an 'S', can't remember at the moment) that wouldn't allow internet explorer/firefox to open, would give a little access denied box if you tried.

I got around it by right-clicking on the start button, clicking explore. Then you'll be looking in different file directories.

There should be an address bar at the top, if not there's a way to enable it. Should say C://somethingsomethingsomething.

I just erased that, typed in google.com, and it worked.

wargsm
2008-12-04, 15:31
Like the poster above said, does the program prevent firefox/IE from opening, or does it give you some kind of error when they open?

Knowing how the program works would certainly help, so post the name when you get it.

Spoofing your MAC address to that of a machine that has internet permissions, could work though.

Can you ping out when you don't have permissions?


cmd: ping google.com

midnightrider384
2008-12-08, 08:17
I've tried the windows explorer trick too. And even the notepad help browser trick.

It doesn't prevent you from opening an internet browsing program, it gives you a 404.

I'll try pinging out tomorrow.

KeepOnTruckin
2008-12-08, 19:16
Not to hijack the threadm but I am in a similar situation at my workplace. The sysop realizes that there are smart computer people working and and blocked all traffic at the router, with the exception of one whitelisted PC and three work-related whitelisted sites. Cannot ping out, which means that most ports are blocked.

How to get MAC addy of the whitelisted computer?

midnightrider384
2008-12-08, 21:12
Not to hijack the threadm but I am in a similar situation at my workplace. The sysop realizes that there are smart computer people working and and blocked all traffic at the router, with the exception of one whitelisted PC and three work-related whitelisted sites. Cannot ping out, which means that most ports are blocked.

How to get MAC addy of the whitelisted computer?

No sorry necessary, it's pretty much the same problem.

wargsm
2008-12-08, 22:42
Not to hijack the threadm but I am in a similar situation at my workplace. The sysop realizes that there are smart computer people working and and blocked all traffic at the router, with the exception of one whitelisted PC and three work-related whitelisted sites. Cannot ping out, which means that most ports are blocked.

How to get MAC addy of the whitelisted computer?

Changing the MAC is what could provide a problem for you. If you are on Linux systems, then just:

ifconfig eth0 hw ether xx:xx:xx:xx:xx:xx


On windows machines, the MAC address is stored in a registry key. I'm guessing you don't have write access to the registry, so you're going to have to find a workaround for that. I could maybe help with this, but it's sidetracking a little.


To scan for MAC addresses, I would probably use nmap to listen in on network traffic. Then use nmaps '–spoof-mac' option. If that's a bit much for you, then 'cain and abel' is another option.



Can you ever get access to any of the machines that have outbound permissions?

cmd: ipconfig /all

Will show the machines physical address, only takes a second. You could always make a little script, so that when you insert a USB drive into the machines, it saves the machines MAC to it. Really simple to do.

Just tell the lecturer that you have some work to submit, but you can't email it to him since you don't have outbound. Plug your USB in to his machine, it notes down the address, and steals a few other things...might as well, you show him the work, then fuck off.

//
If you can post the results of running 'ipconfig /all' and 'netstat -a' it would help us a bit.

KeepOnTruckin
2008-12-09, 00:41
If I didnt know what ipconfig did then the computers probably would not need a hardware block on them.

We're on XP, tho I could install linux. We use removable hard drives so that we can buy half as many computers, since not everybody is there every day. I have 2 hard drives, one which I have a clean install of XP on which I am admin of, and one which has much security: I cant install anything to it without administrator password. plugging anything into a USB port also requires pw to run it.

No, I am not able to access the whitelisted computer as the manager is always using it or if he isnt, it is behind a locked door. Were I able to get access to it, there is a security camera watching it.

If I have work to submit, he will open up the router for 5 mins to allow us to have unrestricted network access. Of course, these times are infrequent and short.

Obviously I could use my admin drive to edit my mac addy, but I dont know the whitelisted one yet. Perhaps I should try to find a way into the router (its a Cisco 2820)

If I installed linux, most of my work related programs wont work with it.

Roor
2008-12-12, 04:43
Me and Trippson have a computer class at our school as well. Our school district has a program that blocks sites, by user permission, that are deemed inappropriate such as youtube or gaming websites... all we did was set up a linux ssh server on trip's computer and we connect to it using putty from the school computers, change our web browsers connection to a socksV5 127.0.0.1 8080 proxy connection and now we have our own encrypted connection to go anywhere we want on the school computers. Probably doesnt help you at all but im just sharing my own problem and solution. :)

P.S. Was the program called Surflock?

RiVAL
2008-12-13, 07:48
I don't know of a better title, I realize that it makes me sound like an idiot. I do, however, like to think that I'm not.

Anyway, on to the topic in question.

I've always enjoyed computer class. I can sit there, getting 100s on my test while browsing the interwebs the whole time. Apperantly, this is not so anymore. The network administrator recently installed a program that prevents programs from accessing the internet.

I took a look around it, and to be granted access to the internet, an admin needs to load up a dominating program that controls which computers can and cannot connect to the internet.

I found this quite annoying, I figured the admin had once again installed a program that didn't show up in the system tray and blocked the internet until he issued a universal command over the network to close it. I loved it when he did shit like this becase you could just close it and you had internet.

I looked and searched for a way around this. I looked through the "About" section of it looking for any stupid exceptions it gives, I tried closing it with task manager, I tried closing it with command prompt, but I could not close it or get around it.

I forgot the name of the program, I'll post it tomorrow when I get to the lab again.

my guess is try "ultrasurf", download the latest version should fix your problem

LiquidIce
2008-12-13, 10:58
Uhm, tell me if I'm wrong, but why not use a CGI proxy in the first case? And in the second, it looks like you're in need of some 733t hax0rz skillz or social engineering or plain old ninja-night-ops.

KeepOnTruckin
2008-12-18, 22:57
Solution to OP (but not me)

Install Apache (xampp is easiest) http://www.apachefriends.org/en/xampp.html on home computer: now you have a webserver. (knowing a little HTML might be helpful)

download proxy: http://www.proxybuilder.com/

Put proxy code on webserver

to get to it, type in your IP address to your web browser in the blocked computer.

Of course most ISP's hate on servers at home so you probbly wont be able to use port 80 (standard webserver port)

Also if you are behind a router at home, you will need to tell it to use a port.