Network Security at it's best at my school.
So firstly our school has only one wifi AP in the whole building and you can only access Internet from there or their PCs which have just like the AP restricted internet with mc afee Webgateway even though they didn't even restrict shuting down computers remotely with shutdown -i.
The next stupid thing is cmd is disabled but powershell isn't and you can execute cmd commands with batch files.
But back to internet access: the proxy with Mcafee is permanently added in these PCs and you don't havs admin rights to change them.
Although this can be bypassed by basically everone because everyone knows one or two teacher accounts, its still restricted right.
So I thought I could try to get around. My first first few tries failed until I found out that they apparently have a mac adress wthitelist for their lan.
Then I just copied a mac adress of one of their ARM terminals pc and set up a raspberry pi with a mac change at startup.
Finally I got an Ip with normal DHCP and internet but port 80 was blocked in contrast to others like 443. So I set up an tcp openvpn server on port 443 elsewhere on a server to mimic ssl traffic.
Then I set up my raspberry pi to change mac, connect to this vpn at startup and provide a wifi ap with an own ip address range and internet over vpn.
As a little extra feature I also added a script for it to act as Spotify connect speaker.
So basically I now have a raspberry pi which I can plugin into power and Ethernet and an aux cable of the always-on-speakers in every room.
My own portable 10mbit/s unrestricted AP with spotify connect speaker.
Last but not least I learnt very many things about networks, vpns and so on while exploiting my schools security as a 16 year old.

  • 3
    I have no words 👏

    How did you get the mac whitelist?
  • 2
    @Linusero do you mean how I found out they have one or how I got a Mac to use. I got the Mac I use from the log of one of their PCs
  • 1
    @davidmaerz I meaned how you found the mac you used. Nice work
  • 1
    @Linusero I couldn't use the real PC's because they locked down access to the Mac adress. thankfully they also have some soft terminals with slow processors only streaming windows.
    They have some kind of Linux installed to then login into the domain and Windows and you can display the mac.
  • 2
    Haha I'm glad you posted your comment as a rant, good job 😂👍
  • 1
    @tisaconundrum I know I know not that clever but after I commented I thought maybe this could be my first rant :D
  • 0
    @davidmaerz Excellent, the best rants come from inspiration, or anger ;)
Add Comment