High School Mac Hack

by The Bard

Following up on The 999's article on high school PC hacking, I have some tips to pass on to hopeful high school Mac hackers...

To begin with, AppleShare is hard to hack.  There are precious few Mac hacks around, so you must exploit the weakest link in the chain - the user.

Collecting Passwords

There are thousands of ways to get passwords from people.  The most obvious is simply asking for the password, or offering to help them login.  Still, administration will probably infect most users with a paranoia about someone stealing their passwords - enough to make shoulder surfing impossible.

One trick works really well, however: if you know enough programming to write a program with a passable Mac interface, you can get them to enter their passwords!  Simply draw a dialog box with something like "Invalid login, please reenter your name and password", (with some appropriate technobabble), and save the results to a text file, to be retrieved at leisure.  Of course, if they've locked the hard drive, then you won't be able to put the program on in the first place.

The solution is to make a start-up disk with a slimmed down system, put your dummy program into the start-up items folder, and leave it in the drive.

Don't forget that most people use obvious passwords, and if you see someone typing on the numeric keypad, try using his phone number or student ID.

Getting Superuser Privileges

Not for the faint of heart.  If you do spot a computer science teacher hard at work on his AppleShare, hang around discreetly, trying to look as stupid as possible.  When he leaves the room for one reason or another, quickly leap over to his computer, make an alias of his AppleShare, and copy to disk.  Then when he logs out for the day, you can go back to the computer he used, and open the alias AppleShare.  If you're lucky, it should give you all his/her privileges.

The Joys of ResEdit and Norton (Not to mention Broadcast)

If the hard disk isn't locked, you can use tools such as ResEdit to "personalize" applications (remember, you can really screw things up if you don't know what you're doing).  I haven't taken a copy of Norton disk editor to the drive yet, but, since you can uncover hidden files, and hide visible ones, you can hide your password program, while digging for the password file (I haven't found it yet).

Let me introduce you to a great extension called "Broadcast."  It enables you to send messages to other computers on AppleShare - all you have to have is a copy of it in the Extensions folder.  Makes for great practical jokes - especially on Mac virgins.

I am personally opposed to destructive hacks.  Destroying people's files, crashing the network, stuff like that blackens the hacker's name.  Yet, there are thousands of non-destructive practical jokes for the Mac.

For example, write a program that shuts down the computer when it is launched (use code from ShutDown.p in THINK Pascal), and put it in the start-up folder.  Thus, the computer turns off as soon as it loads up.  (To get around this after the joke's gone stale, boot with the start-up disk.)

End Word

The one last place to infiltrate the system is to start early - late enough so that the AppleShare is loaded in, but early enough so the guards are not up.  Try logging in as admin or administration with no password.  Also, if you see something like FileGuard being installed, you can probably slip in an account with full privileges if you get in early enough.

Remember, most network supervisors hate what they can't control.  They can snoop around your files, and do anything they want with them (remove copies of ResEdit...), but doing something as simple as DES encrypting a file called "List of passwords" or "Viral source code" can drive a supervisor crazy.