School left BIOS unprotected

Barrows · February 17, 2013, 2:53pm

So my School IT guy thinks he is the shit or something and has dubbed himself "HackerX" as a log in name for when you restart the computer.

Pretty sure he is just running Vista, maybe Windows 7 (been on too many differnt computers in the last 3 days)

But he left the BIOS open so i figured i could have some fun there, any suggestions?

Not sure how to do this but I would love to be able to change his log in name to something like "hackerxsucksathisjob" or "hackerxneedsanewdayjob"

thetony · February 17, 2013, 3:14pm

You are just as bad as him *facepalm*

ArkaneCow · February 17, 2013, 3:50pm

There's a couple things you can do.

You got to the BIOS first, so you can set a password before he does and therefore secure access to the BIOS
Change boot sequence so that CD drive is first, pop in a live cd of whatever linux distribution, get the NTLM hash of his password and use any cracker (I wrote one myself here: http://github.com/jasonwupilly/Hoplite, but it's a little slow and experimental, I don't recommend you use this if you need it to crack it immediately), log into his account and change his password and do hilarious stuff like that.
Or, you can burn KonBoot to a disc, boot from that, and have fun with his Windows account (the free version is only 32 bit though)
Alternatively, you can also boot into a linux disc and wipe out his hard drive :3

Tungus · February 17, 2013, 3:50pm

Minors can get arrested too. And for something so dumb, you desrve a little time off. *shrug

boov · February 17, 2013, 6:02pm

You sound just as pathetic as him to be honest.

Commissar · February 17, 2013, 6:49pm

just bump up the FSB a little

MrPete1985 · February 17, 2013, 7:03pm

Will an OEM PC BIOS let you do that?

Rinzler · February 17, 2013, 7:22pm

report the security hole and move on, tampering with it will only ruin your school record (since hey hate it when students do that)

Adey_Johnson · February 18, 2013, 12:57am

1) password the bios so you will forever have unristricted access to pc

2) make live ubuntu usb drive

3) do your work dilligently and use ^that^ wisely, he need never know you have it

4) you have no blocks on websites d/ls admion privilages, keep shtum and youll keep it longer

5) botnet the it department and have them mining bit coin in down time?!

anon7678104 · February 18, 2013, 3:32am

yeah you can do all that then get expelled for missuse of the schools property.

or you can point out the guys flaws and ask to run the netowrk and become a white hat.

seriously do you want to put all your grades at risk for the sake of a laugh at some prat that cant do the job. better to point out the flaws and then earn a position of trust that will give you more access than just a bios.

thanos · February 18, 2013, 3:46am

lol that's nothing the school i went too was an IT college, some kid got our head of years password and he sent really disturbing messages of a sexual nature to other teachers on school intranet email as a bit of a prank and yeah he got exepelled. but not arrested on the otherhand this is the uk where it happened. so minors dont get arrested for that sort of thing. but still proceed at your own risk, and at least have some kind of back up plan if it all goes shit tits up.

Also the guy's giving OP chip with the "your no better" style comments, give it a rest with the moral high ground crap. save it for where it actually counts.

ArkaneCow · February 18, 2013, 4:16am

lol see the thing is you'll only get in trouble if you get caught... cover up your tracks :P

Commissar · February 18, 2013, 4:44am

yeah, that's probably the best option... it's best to be responsible

d3athgat0r · February 18, 2013, 5:19am

Am i the only one who finds school It people to not be all that smart? I mean really every computer at the schools I have been to but one has had a unlocked BIOS and kinda home made PC and man are those fun to mess with lol sometimes with unlocked CPUS if your lucky but if you want to mess with them just have like a 32GB Flash drive with Linux on it and do everything threw that.

EthanLovesPi · February 18, 2013, 7:34am

An average school will have average IT employees, and there are usually only 1 or 2 of them. I work at a school with 11 IT staff. Most of them know their stuff, and then some. Something like forgetting to lock the BIOS is just pathetic.

Nerd_Rage_LBC · February 18, 2013, 7:44am

I personally wouldn't do anything but secure myself a way to boot into something of preference for some(what) secure computer work like checking private stuff etc (yeah you could proxy but I'd prefer a clean OS)... to each his/her own, choose your destiny lol.

Vortex88 · February 18, 2013, 8:15am

Perhaps I'm a little more cut-throat, or maybe I just like to cause chaos, but I would set the computer to an impossible overclock and password the bios if possible. There's always a pretty easy fix for this, which would be pressing the reset cmos button or activating the jumper, but it would at least be entertaining to watch him struggle. Either way, it sounds like neither of you are very good with computers considering you somehow think you can reset his username and password within the bios, rather than within Windows or the school's server network.

Hell, if you really wanted to be malicious you could always set CPU, RAM, and North Bridge voltages to settings way higher than they should be which would cause some pretty significant damage to the hardware over time. Just make sure there aren't any cameras in the room the computer is in...

boov · February 19, 2013, 4:21pm

Most school computers are pretty low end, the motherboards don't support any sort of overclocking or voltage changing.

Adey_Johnson · February 20, 2013, 10:47am

i thought this went out with xp but deleting system32 aparently still works but you have to work for it !

http://www.youtube.com/watch?v=wDrqq5b0J58

RyTak · February 20, 2013, 12:06pm

^Isnt that why we have RAID now a days?