Hacking your School

Intro

I'm assuming that you came to this thread looking for a tutorial on how to hack your school network. I'll start by introducing myself. I go by the pseudonym True Demon, and I'm a somewhat recognizable name in the hacker community. I've written a a book and several white-papers on the subject of computer security and penetration testing. On the outside, I am an IT and security consultant with five years of career experience and ten total years studying the art of computer intrusion. I have a modest collection of certifications, have worked as a network administrator, network design architect, network engineer, security analyst, penetration tester, and have managed both Windows and Linux servers.

One of my first jobs as a network administrator was as the Network Admin for a local school district near my home town. It boasted over 800 students and approximately 1,200 networked devices including wi-fi infrastructure, Windows 2008 and Linux Novell servers (state of the art, at the time), and the usual computers, student laptops, tablets, lab computers, thin-clients, and all types of other cool stuff.

Every day I find a new post somewhere about a kid who wants to learn how to hack their school network, or got caught doing such. 

These questions have been asked of me over a thousand times:

"How can I hack my school?"
"How can I gain administrator access to my school network?"
"I want to deface my school's website, can someone show me how?"

"Can someone tell me how to hack my school's Wi-Fi?"
"I need to change my grades. Can someone (help me) hack my school?"

So, for the sake of all of you kids out there who want to get into hacking and believe it is an easy way to success in life, I want to answer your questions and explain a few things. Hacking anything is not easy, and no matter how you look at it, it is illegal and there are consequences. I am so frustrated by this losing battle I am fighting, trying to explain to one dumb kid after another about why this should never be attempted. So, here is where I leave all my cards on the table. If you are thinking about hacking your school network, read this before proceeding any further.

If you know someone who wants to attempt something this extraordinarily stupid, please share the link to this post with them. It should answer all the questions you shouldn't have to. 

So here goes nothing...

_________________________________________________________________________________

Why Hacking Your School is a Bad Idea

I'm going to be blunt. You're an idiot if you think you can pull it off, and I am going to list a handful of reasons why:

• You have no idea what you are doing. 

I am guessing you've been watching YouTube videos and reading web blog articles on how to learn to be a hacker in a day. I'm also going to assume you've only just decided to do this in the last weak or so. I've been doing this for more than 10 years and wouldn't even think about hacking a school network for any reason. If I wouldn't do it, there is absolutely no reason you should attempt it.

• You are not willing to put in the effort

If you think that hacking and cheating in school is a good alternative to actually studying, you're a moron. Hacking is way harder than high school is, trust me. If you aren't willing to study for your test to get good grades, there is absolutely no way you will ever be able to commit yourself to learning how to become a hacker. You'll give up in under a week, and all you'll have done is waste a bunch of time you could have spent studying.

• Even if you are willing to put in the effort...

Hacking is a skill that takes years of hard study and practice to get decent at, let alone master. You'd need to study computer hardware, science, and programming, three topics that have filled libraries worth of books by themselves. Are you seriously trying to convince me that you are more willing to spend years, living as a hermit in your mother's basement so that you can cheat your way through high school? You need a reality check and a slap across the face...

• It's totally pointless

Your grades don't stay on your teacher's computer like you think it does. They get saved to a database which is incrementally backed up, probably daily. In about 99.999% of cases, schools grading system are maintained by a third-party, meaning a company manages and backs up the data. There are companies that specialize in maintaining the security and design of a school network. While the school's administration gets to choose their provider, they have to choose someone, since it's a federal requirement for a school network to be managed by qualified professionals.

• Your school's administrators know more than you do

Contrary to your popular, misguided beliefs that your school's network administrators are incompetent dunces, they actually know more than you do. I would know, it was one of my first jobs in college. Compared to other administrators, I started very early in my career because I was lucky enough to know people that worked at the school that helped me get hired.

Managing a network as large as a school district is a very taxing job that requires you to be very versatile with managing wireless technology, databases, network management servers and domain controllers, backup systems, and yes, security systems. My school was in Amish country, and it still required me to know how to run a security system and manage the intrusion detection systems. We had network-wide host-based antivirus, network intrusion prevention systems, and network-based intrusion detection systems. We backed up student files daily, logs were taken hourly and sent off-site to our third-party backup managers, and we managed the website, proxy filters. We also had what was basically spyware on every single student computer that let us look at the desktop and review the activity of each student, which paged us on our smart-phones and e-mail whenever someone attempted to visit a disallowed site or typed a buzzword into their search engine.

Within minutes of a student trying to log into a porn site, we could look at what the student was doing for the 15 minutes, identify them by name, and call their teacher to point them out in front of the whole class. Don't tempt fate...

• School networks are heavily protected both with security and legal repercussions

Schools are commonly the target of identity thieves because they can collect social security numbers from the students and falsify the information in order to open up bogus credit cards. For this reason, governments, especially in the US, have placed very strict security requirements on school networks and issue VERY harsh penalties for breaching them. Even the edgy hackers wouldn't dare mess with this stuff, just because the consequences for getting caught are so high with the rewards being so low. They wouldn't do it for the chance at several thousand dollars, why the hell would you do it for an A on your report card?

• You are going to ruin your life...

If you think I'm trying to scare you, you're absolutely right, because it's true. Public schools are government institutions. By default, that means any intrusion of its computer network is an cyber-attack on a government owned system. That's a felony in the United States, a federal crime that stays on your record for your entire life and cannot be expunged or pardoned except by the President.

The Legal Consequences of Getting Caught

_________________________________________________________________________________

(Sorry to my readers in Europe and elsewhere, I'm not privy to the equivalent laws in your nations.)

A felony as serious as computer system intrusion does several things to you that cannot be undone for the rest of your life.

1. You are REQUIRED to pay a fine, no less than $1,000 and up to $15,000 per count of network or system intrusion.
2. You are REQUIRED to pay the full amount of damages you cause to your school.
3. You WILL serve a sentence, likely community service if you're a minor, possibly juvenile detention. Everyone else 18 and over gets about 5 to 15 years on average. Yeah... sucks, right?
4. Your parents will be forced to cover your bill, and trust me, their problems are going to hurt you a lot more than an F in your math class.
5. Your school will absolutely expel you, and your permanent record will have bad remarks carved into stone that will prevent you from getting into any half-decent schools in your neighborhood.
6. You will never attend college. They take computer intrusion very seriously, and will assume you will do it again.
7. You will never get a decent job. The "cyber crime" you committed will show up on your background check forever, and no employer in his right mind would hire someone who the news media and law enforcement consider a "cyber-terrorist."
   
   You'll be lucky if you get to be a janitor...
8. You will never be able to serve in the military. If that's important to you, say goodbye to a stellar military service, let alone any medals or commendations.
9. In some countries, the penalty for computer intrusion is death. Just saying...

"But I won't get caught!"

Bullshit. 

Yes, you will, and here is why.

Again, you have no idea what you are doing. You have no idea what kind of security system rests on the network or where. You do not have physical access to an administrator's computer, and even if you do, the logs on their computer aren't the only place that logs get saved to. In a network as large as a school's where wi-fi and large computer labs are present, there are network management servers present that frequently do off-site backups, usually daily, sometimes multiple times a day. That leaves you with a few hours to successfully breach the network, change your grades (haha...), and erase all traces of your activity, which I can guarantee you will miss something...probably everything.

Administrating the security of network has gotten so easy that we have tools that basically do the job for us. I was a school network administrator when I was just starting college several years ago. I can tell you this from experience. The logs are kept in several backup locations on multiple servers, hidden behind proxies, which disallow unallowed IP addresses from accessing, so even if you had our password, it wouldn't do you any good unless you logged in from one of our machines in our office which was not even located at any of the schools we managed. Many schools are organized this way.

Common spyware and malware immediately sends us a page on our cellphones which detail exactly what, where, and who tried to install it on the system. Most schools don't even let student accounts install any software to begin with, and any attempt, malicious or not, is automatically flagged.

Lets assume you even got access to your admin's computer with their password and username, and found all the logs on their local machine (and there are several places), you still would be unable to touch the remote logs stored at the third party location which is backed up several times a day. It literally takes seconds for a full backup of a log file to be taken. Anomalies such as an entire log getting deleted set off at least a dozen different alarms.

Using your laptop won't do you any good either, since your laptop's wi-fi card and ethernet card have something called a MAC (Media Access Control) address on it which is unique to the manufacturer, model, and serial number of your computer. The admin can identify it on the network, and compare it to a label on your laptop to prove it was you who did it. If you scrape it off, it just makes you look guilty, and they can see the mac address on the device itself, or in your operating system's device information (device manager) anyway, so it's pointless. You can't change it either, since it's hard-coded into the device, so you can save yourself a few minutes of google searching.

Oh, but all this assumes that you even know anything about hacking in the first place. I haven't even gotten to address the fact that you probably know nothing about hacking. So if you're still interested in trying this out, you might as well keep reading.

_________________________________________________________________________________

The Learning Process of Hacking

For those of you who think that hacking into your school's network is a good alternative to studying and doing your homework, I have some bad news for you. Hacking is a hell of a lot harder than your homework. What we call penetration testing in the InfoSec (that's Information Security) industry, is the lengthy process of gathering information on a computer network, scanning that network for vulnerabilities and weaknesses, exploiting those weaknesses, creating a backdoor (a way back into the network whenever we want) and covering our tracks. This is called The Hacker Methodology which all hackers have to follow whether they know it or not. This is the fundamental process, and depending on whether you do it well or not will mean the difference between success and failure.

While you may think you know your school well enough, you do not know how its network infrastructure works. So in order to figure that out, you'll need to know how network infrastructure works in the first place. You'll need to learn how the TCP/IP stack works (that's Transmission Control Protocol / Internet Protocol). It is a fundamental concept that illustrates the differences between the physical layer (cables, adapters, devices, etc), data (binary code, network frames/packets), the network itself (TCP/IP), complex additions such as encryption, and applications (Microsoft word, Internet browsers and web pages, etc).

You need to understand the differences between Intrusion Detection Systems and Intrusion Prevention Systems, how they work, how they detect an intrusion attempt, and the countermeasures they employ. You also would have to know where they were on the network so you can dodge them or creep through the network without setting them off which is a very slow, painstaking process.

I'm guessing you don't really know any of that, but just in case you do, or you don't care and still want to pursue this, keep reading.

Tools you have to learn how to use

The tools in a pentester's arsenal are practically endless. Computers, applications, and especially security systems are constantly changing. To adapt to this, the best pentesters know one or several programming and scripting languages. Maybe you took a class on C or C++ in high school, but that won't really help you here. We're not talking about making something as simple as text-based calculators and "Hello world" strings. We're talking about exploiting vulnerable C functions to fill up data registers with arbitrary data to cause a stack buffer overflow that would result in remote code execution. If you have no clue what I just said, you should realize by now that you have absolutely no prayer of pulling off something this complex when you're still struggling with a simple science project.

You can't fool me, True Demon, I have a RAT!

Oooh, a Remote Administration Tool? Wow, I'm so impressed! You sure did show me... [end the sarcasm]

This is the default answer for any script kiddie (beginner/unskilled hacker) that thinks he can break into any network with a simple Trojan horse program. Just in case you aren't already aware, a RAT/Trojan is a virus that is designed to look like legitimate software to fool a victim into activating it on their computer. Normally, it allows the attacker to gain remote access to the system with barely any effort. It is easy to use, but...

...you have no idea how it works.

I am willing to bet that you paid anywhere from $15 to $25 tops for that program after being recommended by either your friend in class, or some random user on a hacking web forum. All of a sudden, you thought you had everything you needed to become a bad-ass hacker to impress all your friends at school and take over the network. WRONG!

RATs are easily identified as malicious in their raw format. Most kids cannot even figure out how to set one up, let alone how to use it properly. They leave hundreds of dirty log entries, and can easily be traced back to their origin by anyone with basic knowledge about how Domain Name Servers work...and that is every network administrator. It's kind of a requirement of the job... If you don't even know what a DNS is, then trust me, you won't be able to outwit your network administrator who can follow the DNS entries in your RAT back to your home's IP address. Never mind, the FBI, if they get involved. They're the experts at following your digital footprints, and can pull a warrant out of their ass in less than an hour. Usually, they don't need one either, since most companies will immediately give them whatever they want just so they don't get charged as an accomplice to whatever stupid shit you were doing.

But what if I'm successful?

Let's just say you get a RAT on the admin's system, chances are it is going to get detected in less than an hour, a day at most, and that's if your admin is lazy or absent entirely. Even encrypted RATs don't last long on such heavily defended/isolated networks like schools. Since RATs require administrator access to execute properly, if they aren't opened while using an administrator's account, they fail every time. On top of that, installation of software on any school network gets flagged as unauthorized 9 times out of 10. Most Intrusion Prevention Systems will block the activity and isolate the machine from the network if it detects malicious software automatically, which prevents you from being able to use that machine to go anywhere else on the network, let alone delete the logs you just filled up with your malicious activity. The same goes for keyloggers and spyware.

But even if you succeed, there's no point. You can't change your grades. They're on a different network entirely! Not to mention, they're backed up in different locations that you cannot access, even if you did know what network they were on. That network is at least 3 times more heavily defended as your school's!

You could mess with your teacher's computer, but what good will that do other than making is totally obvious that someone broke into the school's computer network and immediately force them to phone the FBI?

You could cause a denial of service to the school's network, which will end in the same result.

If you didn't think that the school's administrator was competent enough to catch you, the FBI is certainly up to the task. The number of hackers that have gotten away with high-profile crimes and intruding on a federal computer system could be counted on one hand. Computers are very predictable, and the FBI spends millions of dollars educating and training their cyber-divisions to track down computer hackers every year. You could never hope to know computers better than they do in the few short weeks that you spent trolling through hacking websites in your spare time.

Even if you were successful, I can guarantee that you spent way more time getting into your school's computer network than you would have just doing your homework.

_________________________________________________________________________________

Conclusion

News flash, kids: school is easy. It may not seem that way, but trust me, it's way easier than being an adult, and at least a million times easier than a prison sentence. If you are interested in hacking and want to learn about it, there are plenty of safe, legal ways to do it. It can even land you a really awesome career in the future, but you will piss it all away if you decide that hacking your school's network is a good use of your time. Just the attempt at doing so will easily earn you a felony and a lifetime of regrets.

Hacking your school yields absolutely no benefits to you. It's pointless, and the cost is more than you can afford, guaranteed. 

I have answered your questions thousands of times. That's not an exaggeration. I am sick of it. It has gotten so bad that I and other experts like me (and even non-experts) have to tell you not to do it on a daily basis. So that is why I have left this here for all of you experts, non-experts, and stupid kids, so that you can be not-stupid kids and learn how to apply your desire to learn computer science and security to a more productive, profitable goal.

Hacking is extremely profitable, AND LEGAL if you do it right. There's plenty of ways to learn it. But becoming a hacker, like I said already, is way harder than high school. It's harder than most of your college courses, and good luck trying to find any college that will teach it to you. There are less than 10 schools I know of that even offer IT security as a course, let alone penetration testing. It takes a lot of work.

If you aren't willing to spend the time it takes to study for an algebra test, then you'll never put in the time and effort  to becoming a hacker. In fact, if you don't know algebra, then you can't even be a hacker. Algebraic math is a requirement of programming ie: hacking. Hacking is not a substitute for hard work. It is the definition of hard work. Save yourself some time, and a lot of heartache, and just study for your test.

If you still want to learn how to hack, you can always read more of my work, and the work of others before me. If you learn from anyone who actually knows what they're doing, they'll be able to tell you that the best way to live as a hacker is in a suit, getting paid six-figures to have fun doing what you love.