Okay... I know what many of you probably thought when you read that title, but no, this isn't going to be your generic kidiot post about "how i hack thru firewall at school lol?"
I'm a highschool senior, and I know some of the basic mechanics of hacking, and I know how to do some light programming. I know C++, Java, have used Visual Basic Script a few times and am keen to learn Javascript. Anyway, today I was at school, dicking around on the computer as usual.
Eventually I got bored and thought, hmmm... what mischief can I get into? So I started typing in IP addresses into the address bar. The IP address for the school network storage is 10.0.0.19 (I think that's what it was anyway), so I got curious... Everyone knows how you type 192.168.1.1 into your browser at home and it takes you your router login. So I thought, hmmm... I should be able to get to the SonicWall login using the same principle. So I typed some shit in and found that the login is at 10.0.0.2. I saved the webpage to my flash drive, and I checked out the contents.
I analyzed the source and found that the login page handles login requests through a few Javascript files, and I believe it authenticates or some shit through MD5 encryption (forgive me, I'm a noob). Anyway, I was thinking... would I be able to trick the SonicWall into logging me in through a series of Javascript injections?
I think it would be an interesting senior prank to hack into the SonicWall and unblock every web page but block the school's website and Google.com. And of course change the password to make it more difficult for the tech people to remedy the error... *mischievous laugh*
Anyway, I'm a noob, so firstly I want to know if this is possible. Secondly I obviously want help or advice on how to do this from the more experienced people here. I learn pretty quickly. I don't exactly know Javascript... but it's nothing I can't figure out by playing around with it a bit.
**Disclaimer** I also don't want to do this for any "destructive" purpose... I mostly just want to learn. Of course, if I get in, senior lulz will be had.
https://216.56.27.34/auth.html That's the website.
I'm a highschool senior, and I know some of the basic mechanics of hacking, and I know how to do some light programming. I know C++, Java, have used Visual Basic Script a few times and am keen to learn Javascript. Anyway, today I was at school, dicking around on the computer as usual.
Eventually I got bored and thought, hmmm... what mischief can I get into? So I started typing in IP addresses into the address bar. The IP address for the school network storage is 10.0.0.19 (I think that's what it was anyway), so I got curious... Everyone knows how you type 192.168.1.1 into your browser at home and it takes you your router login. So I thought, hmmm... I should be able to get to the SonicWall login using the same principle. So I typed some shit in and found that the login is at 10.0.0.2. I saved the webpage to my flash drive, and I checked out the contents.
I analyzed the source and found that the login page handles login requests through a few Javascript files, and I believe it authenticates or some shit through MD5 encryption (forgive me, I'm a noob). Anyway, I was thinking... would I be able to trick the SonicWall into logging me in through a series of Javascript injections?
I think it would be an interesting senior prank to hack into the SonicWall and unblock every web page but block the school's website and Google.com. And of course change the password to make it more difficult for the tech people to remedy the error... *mischievous laugh*
Anyway, I'm a noob, so firstly I want to know if this is possible. Secondly I obviously want help or advice on how to do this from the more experienced people here. I learn pretty quickly. I don't exactly know Javascript... but it's nothing I can't figure out by playing around with it a bit.
**Disclaimer** I also don't want to do this for any "destructive" purpose... I mostly just want to learn. Of course, if I get in, senior lulz will be had.
https://216.56.27.34/auth.html That's the website.