A challenge for me, a challenge for you
Jun. 4th, 2003 01:56 pm![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
hoffman-log.livejournal.com posting in ![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png){kind=small}
techrecoveryHey guys. Haven't posted here in a long time, but I have a good one for ya. Now, I know this isn't about bitching about crappy customers, but it's an interesting chance to test your skills, and possibly make some money too. My network teacher last year seems to enjoy doing these "challenges" where he sets up a system to be "unhackable" and offers a reward to anybody that can hack the system. Here's the specks.
The machine is protected by Hard-Guard. Read up on it. The basics are that any changes you make on the computer are lost once you reboot.
The system has a BIOS password. I have successfully passed this. The system setup password, however, is different. I have not yet cracked this.
The computer is a Dell Optiplex Gx1, BIOS version A07.
The computer will not boot into the OS. You must get past Hard-Guard first (so technically anything after this would be pretty much easy to do).
The CD-ROM is disabled (in the sense that the power cable is unplugged)
Same thing for the floppy drive, also the zip drive
Wake on LAN is disabled
I cannot make any hardware changes (like opening the case and removing the card)
Last year I was able to get around this simply by popping in a CD and re-installing the OS. Going by the above information, that's not possible this time around. So I've been trying a few other things, like hoping the "human" factor plays into it (i.e.: His windows password is the same as the hard-guard password). Thus far, however, I haven't been able to connect L0pht Crack successfully to the domain controller (from a different computer on the same network).
The ultimate goal is to boot into the OS, install Kazaa, place a folder on the desktop titled "HACKED", reboot, and have the installed changes remain (because hard-guard is supposed to wipe all changes clean).
I'm smacking my brain on the wall over this one and I gotta say, this one is really difficult... Any suggestions would be appreciated, and I will gladly split the reward money with anybody who provides any suggestions that help lead to a successful hack.
_MaH
Last year I was able to get around this simply by popping in a CD and re-installing the OS. Going by the above information, that's not possible this time around. So I've been trying a few other things, like hoping the "human" factor plays into it (i.e.: His windows password is the same as the hard-guard password). Thus far, however, I haven't been able to connect L0pht Crack successfully to the domain controller (from a different computer on the same network).
The ultimate goal is to boot into the OS, install Kazaa, place a folder on the desktop titled "HACKED", reboot, and have the installed changes remain (because hard-guard is supposed to wipe all changes clean).
I'm smacking my brain on the wall over this one and I gotta say, this one is really difficult... Any suggestions would be appreciated, and I will gladly split the reward money with anybody who provides any suggestions that help lead to a successful hack.
_MaH
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: Hmmm....
Date: 2003-06-04 12:05 pm (UTC)"Is it that we can't open the case, or just that we would have to get around the lock on the case?"
We're pretty good at picking locks... Anyway, no, you can't open the case. Boy wouldn't that make it easier? I'm not sure what info they need. I told them I was an assistant network administrator for a company, and that our head administrator installed the product last week. Anyway, we need to make a critical update, our head admin. is on vacation and we can't reach him, and he's the only one with the password and key to the server room and server case.
Either the guy saw through me, or something, because he didn't ask me for any additional information, and just said "I'm sorry, I'm not allowed to release that information." I read this as "There is one but I can't tell you", otherwise he probably would've just flat out said "Sorry, there's no backdoor on Hard-Guard." So now I'm scouring the net to see if anybody else has managed to crack hard-guard, but so far, nada.
_MaH