IT Need help finding exploits in school laptops

[Mason Dulemba]

I am working on helping the IT at my school find ways around or filtering software.... Here is what we have for restricting settings, profiles, updates etc... we have Jamf, We have the efi locked and they are macbook airs so there is no removable ram, there is no single user mode, or way to change boot device without admin, for browser filtering we have zscaler, browser wise we have chrome, firefox, and safari, students have the applications folder locked and most of the other folders in the white list locked. students have access to terminal but not to admin commands They are unable to disconnect from the School wifi or turn wifi off but can connect to other networks and create P2P networks. The Apple remote desktop folder and process(screensharingd) which is used to remote control student computers is locked but is there any way to turn it off or block ARD? My question is there any other way to reset the admin password, make a new admin account, or make the current account admin, is there any way to install pkgs completely without admin, is there any other exploits that would still work with all the restrictions above ? Any comments are Greatly Appreciated Profiles listed below
Thanks,
Mason Dulemba

 

[vexorg]

IF we were skeptical we would think you'd be encrypting files next and demanding money for the decryption codes.

 

[Mason Dulemba]

IF we were skeptical we would think you'd be encrypting files next and demanding money for the decryption codes.

What do you mean ??? Ive already helped patch 2 exploits including the one that bypasses zscaler by turning off cookies, ive also found all the folders that users have read write and execute rights to and plan to patch them.. im not making this up

 

[vexorg]

What do you mean ???

That might have gone over your head

 

[chrfr]

IF we were skeptical we would think you'd be encrypting files next and demanding money for the decryption codes.

No, this stuff all is legit systems management for institutions like schools. A skeptic would think that this is a student looking for ways around the existing management infrastructure. Even more particularly so since the screen captures are just what an end user would see on a managed Mac, not information a system admin would actually see in the tools used to manage the systems.
Another edit: a Google search for the OP's name would make someone even more suspicious that this is a student trying to exploit a school-owned computer.

 

[Mason Dulemba]

No, this stuff all is legit systems management for institutions like schools. A skeptic would think that this is a student looking for ways around the existing management infrastructure. Even more particularly so since the screen captures are just what an end user would see on a managed Mac, not information a system admin would actually see in the tools used to manage the systems.
Another edit: a Google search for the OP's name would make someone even more suspicious that this is a student trying to exploit a school-owned computer.

I have found quite a few exploits already which im helping the IT at my school patch, im trying to find any other exploits you can think of that i should patch ......
[doublepost=1458230858][/doublepost]

That might have gone over your head

i understand what you are saying (i have worked with computers for a long time) just not how it connects to my question .......

 

[AlliFlowers]

i understand what you are saying (i have worked with computers for a long time) just not how it connects to my question .......

Apple vs. the FBI.

 

[maflynn]

[MOD NOTE]
Bypassing security is not something that should be discussed here. Closing the thread down