RSS

UK school's network left wide open for invasion, student found

Bender1 pts0 comments

UK school’s network left wide open for invasion, student found

Jump to main content

Search

REG AD

SECURITY

UK school’s network left wide open for invasion, student found

And the admin password was right in the Active Directory description field

Avram Piltch

Avram<br>Piltch

US editor

Published<br>thu 25 Jun 2026 // 08:00 UTC

PWNED Welcome back to PWNED, the weekly column where we school ourselves on others' security failures. This week, we’ll learn about a school where the entire network was like an open-book test … and the IT department got a zero.<br>Have a story about someone leaving a gaping hole in their network? Share it with us at pwned@sitpub.com. Anonymity is available upon request.<br>Our tale of academic pwnage comes courtesy of a reader we’ll Regomize as Nathan. Nathan was 17 and attending sixth form at a UK school when he found a treasure trove of admin privileges and data at his fingertips.

REG AD

One day, our hero connected his laptop to his school’s Active Directory domain. There was no admin authentication required and Nathan was able to see domain controller tools in view mode, look at policy maps, and so on.

REG AD

Nathan then browsed the directory and located the domain administrator account. The password, “horse fence ditch,” was written right in the description field, where anyone with access to the network could view it. There were also backup accounts with passwords such as “bd” and “bigbaddog.”<br>Once he had full God mode enabled, Nathan said, he could see student and staff data, gain Remote Desktop access to any server or domain controller, and even access LanSchool, a popular classroom management app.<br>“I could've accessed sensitive leadership docs, reset passwords, deleted accounts, wiped the whole network, etc,” Nathan told The Register.<br>Moreover, the entire system was synced with Google Workspace, so Nathan had access to user mailboxes as well. He even found firewall settings, security policies he could change, and keystroke histories.<br>Because Nathan was a student and did not want to get in trouble at school, he didn’t actually use any of these privileges. He kept his head down and graduated from school without incident, but also without reporting the vulns, which might still be in place today for all we know.

MORE CONTEXT

Major US carrier stored credit card info in the clear, employee learned on first day

Every employee’s password was stored in a single Excel file

All the passwords were stored in Active Directory description fields

Company CEO flooded file share with smut, called for help after he deleted it

So what can we learn from this tale of academic malpractice? First, as we learned a few weeks ago, do not store passwords in description fields for Active Directory. In fact, do not store passwords in cleartext anywhere without serious controls! Second, Nathan should not have been able to see Active Directory domain controller tools. And it might also have helped if Google Workspace had different admin credentials.<br>Imagine the restraint required not to change people's grades, take over their computers, or delete data. Would you have been able to exercise the same level of discipline as a 17-year-old? ®

pwned<br>security

REG AD

personal tech

FOSS dev builds a BASIC compiler using LLVM

Not just any old BASIC, either: OS-9’s BASIC09

Recovery has to keep up with AI

SPONSORED POST: Why an AI-era recovery architecture looks different, with Eon's Gonen Stein

ZTE builds a TCO-optimal AI factory to fuel token economy

PARTNER CONTENT: Leveraging OEX architecture SuperPODs and multi-dimensional co-design to maximize tokens per second and lower total cost of ownership for scaled inference

personal tech

Apple passes RAMpocalypse costs on to consumers

Fondleslab and Mac prices rise by hundreds; phones safe ... for now

Virtualization

Lessons from the VMwars – nothing virtual about the Broadcom vs Tesco slugfest

Never get involved in a land war in Asia. Also, don't pick a contract fight with a monster of the art

PERSONAL TECH

Windows 11 can now turn back the clock when updates go bad

Point-in-time restore offers a 72-hour escape hatch for stricken PCs

MOST POPULAR

Personal tech

India and China are home to 2.9 billion people – and together they bought just 13 million PCs in Q1

Security

Mythos discovers 'Squidbleed,' a memory leak that's gone undetected since Clinton era

CYBER-CRIME

Massive password-stealing attack hits 75k Fortinet firewalls

virtualization

Tesco is sprinting to quit VMware and Broadcom despite rapid migration risks

Security

Why Amazon hates 'human-in-the-loop' AI governance

AI

personal tech

Apple passes RAMpocalypse costs on to consumers

Fondleslab and Mac prices rise by hundreds; phones safe ... for now

PAAS AND IAAS

Amazon pours another $13B into India's AI and cloud infrastructure

Mumbai and Hyderabad datacenter expansion forms part of broader $48B five-year investment pledge

DATABASES

Elastic stretches workforce 7% thinner as...

school nathan network security directory student

Related Articles

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

Is AI ruining our skills? Early results are in – and they're not good

Michelangelo1124 ptstools skills during physicians colonoscopies tool

The Anatomy of an AI-Native Org

kiyanwang22 ptstranslated managers business translation language engineering

Apertus – Open Foundation Model for Sovereign AI

T-A16 ptsopen model apertus foundation sovereign fully

Britain Became as Poor as Mississippi

SanjayMehta15 ptsbritain mississippi next financial crisis self
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.