81
dark0
8y

The first time I decided to hack around a bit:D

One of my teachers made a quiz software, which is only used by him(his lectures are about databases), and it is highly unsecure. When I heard that it is written in C# I decided to look in it's source code. The biggest problem I ran into: this program is only available on the computers in his classroom, and he monitors the computers display. However, I successfully put it into my pendrive without getting caught.

So when I got home, I just had to use a .NET decompiler(in this case: dotPeek) to get the fully functional source code. The basic function of the program was to download a quiz from his database server, and when it was finished, grade it client-side. Than, I realized how bad it was: It contains the number of questions, the number of correct and incorrect answers.
I've just made a modified .exe, which contained really little modification(like correctAnswers=maxQuestions, incorrectAnswers=0). Everything looks the same, you just have to click over it, and everytime it will return with 100%.

And the bonus: The program connects to the database as a user with root access, and without password. I was able to log in, download(dropping was available too, but didn't try) databases(with all the answers) and so on.

Never had to use it though, it was just a sort-of experience gaining.:)

Comments
  • 7
    Really nice!
  • 7
    Like! This small things give you a smile and I like it
  • 3
    Thank you!
    This is my first long post here, I really appreciate your feedback:)
  • 1
    When the student defeats the teachers, huh?
  • 14
    Cool dude.. πŸ€“
    You also made me remember a case when a grumpy teacher in my university took attendance in excel sheetsπŸ˜‚πŸ˜‚ present in the flash drive he brought with him... So I wrote a vbscript which changes the values of attendance column-till the total adds up to ~ 75 %, whenever he plugs in his drive into the classroom's computer :p - worked well for few weeks while I was sleeping in my room - till the teacher noticed that I wasn't coming to class and still my attendance % was never dropped - he called me - I got shit scared - but on contrary, in a calm voice he said me to just attend his classes - next day I went to his class, saw him talking attendance on a piece of paper πŸ˜‚πŸ˜‚πŸ˜‚πŸ˜‚
  • 0
    Yeah, this is an advantage of VM languages such as C# and Java, as they leave enough information to be able to decompile code back. There is even an online decompiler for this: https://www.decompiler.com/. This is unfortunately not the case for languages like C or C++.
Add Comment