Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
While reading this I was washing my hands. As soon as I read "hardcoded" I stopped moving them and looked into the mirror with an expression of dubiousity.
-
Welcome to devRant!
As others have said, be careful not to get caught and anonymously report both security holes - your privileged student credentials and the hardcoded password. -
compSci9588yI wouldn't even anonymously do it, I'd flat out tell them that YOU found a security loop hole.
But yeah, you're treading on very thin ice. -
I think that at some point it may sound cool to have access to some restricted areas due to an IT fuck up, but you don't need it, and it could get you in serious troubles. If you hide it now, when someone find out ( and someone will ) you will burn. But if you report it as @Dairattez suggested, you're gonna be doing something good for your college's security. You may even be able to hear the storm that will fall over the IT guy who screw it so bad. Think about it, man.
-
Jacobgc9098y@Dairattez We just use it to make life a lot easier. Our course is mostly web development. So we just use it to install things here and there. But only on our user.
-
Jacobgc9098y@JCAP it's a team of 5 that manage over 15 campuses. They really don't have time to read logs.
Related Rants
-
nikmanG16CS Professor: βWhat M word is the black hole to all productivity?β Student: βManagementβ CS Professo...
-
localjoost51Last year I built the platform 'Tindex'. It was an index of Tinder profiles so people could search by name, ge...
-
sonrisa37Best quotes from IT teacher: - "C# is a language to program your IDE." - "C# is a language for beginners, and...
Not really dev as much but still IT related π
in college we got some new macs in our class. Before we were allowed to use them the "IT Tech" came in and did something to them all (probably ran some scripts to set stuff up)
Anyway, I was completely new to OS X and accidentally pressed a key combo that opened up a dialogue to connect to a remote file server. I saw the address field was already filled out (from when the IT Tech was running the scripts). So me being me I decided to connect. Low and behold my student credentials got me in.
Taking a look around I found scripts, backups and all sorts of stuff. I decided to look at some of the scripts to see what they did. One of them was a script to add the Mac to the domain. Here's the funny part. The login to do that was hard coded into the script....
To conclude. I now have domain level access to my whole college network π
Tl;Dr: stupid it tech saves password in script. I find it. I now have domain level access to the college network
undefined
domain
college
it
level
access
rip