[bradyd]

I too did something similar in high school. We were running Novel on either Windows 98 or 95 (Can't recall now the specific version). I started the Visual Basic program using the autorun.bat like you, except instead of presenting a fake login dialog, my program would listen for the OK button click event in the real dialog (using the Windows API) and would get the contents of the username and password textboxes and then POST them to a web server a fellow classmate had setup. This had the advantage that it was completely invisible to the end user. The program was also hidden from Task Manager (also using the Windows API).

We did end up getting the admin password and getting access to the server. I had written another program (also in VB) that would run hidden in the background and randomly open and close the CD-ROM drive. I uploaded this program to the server and attempted to get it to push to all of the computers in the school, but I don't believe I was successful as I didn't really know anything about Novell and never saw it working on any machines.

One of my fellow classmates also found the schools SOCKS proxy so we were able to run AIM and ICQ on the school machines. Our teacher pretty much let us do whatever we wanted in that class. It was my third year taking a programming class with her and she allowed the advanced students to work on their own projects. In that class I also wrote a Group/IM chat client in VB with a Perl server. As GrinningFool said, responding to teens who are obviously interested in computers with bans or expulsion or worse is just stupid. If I hadn't had the freedoms that my teacher gave us in those classes, I wouldn't have learned anywhere near as much as I did.