Tuesday, May 27, 2008

How to Cheat and Bypass Examsoft....

This guide will show you how to start Microsoft Word to view notes during a live Examsoft test.

-----


UPDATE: THIS NO LONGER WORKS WITH THE CURRENT VERSION OF EXAMSOFT. I WILL UPDATE AFTER FALL 2008 FINALS.


UPDATE 2: Yeah, I'm really not going to update this. I reiterate again, THIS METHOD DOES NOT WORK. Examsoft has addressed this issue. Pictures below do not work.


Sadly my days at Caltech are gone, and I no longer have the luxury of taking finals in bed or at the beach. Caltech has an honor code which makes all finals take home (or if in-class, unproctored). Instructions on which materials could or could not be used and time limits are written on the front of the final, and we were trusted to not cheat.

The thing that I hate the most about law school is the lack of trust. Proctors are hired every term to watch over us like hawks (sometimes making silly demands, but that's another post). No trust in law school. Not only is there a lack of trust, but we are forced to use a horrible piece of software called Examsoft (technically Softest is the client program that is used on student's computer, but most call the program by the name of the software publisher). The California bar also requires the use of Examsoft.

Examsoft is program that reboots your computer into a secure simple word processor. The goal of the software is to prevent the user from accessing any notes or the web in violation of testing regulations. I have seen the software fail many times, forcing classmates to handwrite their finals when they were planning to type. We all hold our breath when rebooting into Examsoft, hoping that it doesn't fail.

Last term (December 2007) I found a way to bypass the security in the program. I promptly reported this to the IT department at my school and nothing was done. This past month I reported this to Examsoft, and I did not get responses beyond a generic reply that they would look into the issue. I am writing this in hopes that by publishing this I am able to force Examsoft to address the security hole and to let them know how unsatisfied students are with their software. This "bypass", really takes no real hacking skills, or security expertise.

DISCLAIMER: I do not condone cheating. I am in no way encouraging anyone to actually use this walkthrough in a real live testing situation. The following is for informational purposes only. Attempting to actually use this guide in a real live situation may result in a report to your state bar examiner's office, which could in turn reject your moral character application. In other words, if you want to be a lawyer, don't do this.

Technical Information

Computer: Macbook Pro 15" (Using Bootcamp)

Operating System: Windows Vista Business (SP1 not installed), with two user accounts created.

Examsoft Version: 8.5

Note: I have not had a chance to duplicate this on a non-Mac computer. It is quite possible that this will only work on a mac. I also would like to apologize for the screenshots, they were taken with a camera since I could not run screenshot taking software while doing this. I tried to minimize glare as much as possible.

Walkthrough

Boot into Examsoft in the usual way. This is the typical window you will see. We should all be familiar with this.
IMG_0113

Type "begin" and access the word processor.

IMG_0120



Press "Ctrl-Alt-Del," the Windows security dialog screen comes up as shown below.

IMG_0124



Click in "Switch User", to get the screen below. In my case I have two accounts "Franklin" which is the account I used to run the exam and the "Guest" account which is currently not logged in.

IMG_0125

Click on "Guest" (or any other account on the computer) to log in that account. Logging in shown below.

IMG_0127

Vista tries to run Examsoft, but since it is already running in the background it will fail and you will get the following error message below ("There was a problem starting Softest. If this continues to occur, please contact Examsoft Support"). This is expected, just click OK.



IMG_0128

No programs will be allowed to start, and all you will see is a blank screen like below.

IMG_0131

At this point press ctrl-alt-del again to get the security dialog screen again (see previous picture). This time instead of clicking on switch user, click on "Start Task Manager." The task manager should pop-up as shown below.

IMG_0133

Click on File>New Task to get the following dialog below.

IMG_0137

Here is the tricky part. Click on browse and find a Word document containing your outline/notes. Press OK. Word opens below as shown.

IMG_0139

You can now read all your notes and refer to them. Now start the process to go back to the exam. Press ctrl-alt-del to see the security dialog screen again and this time click on "Switch User."

IMG_0141



You should see this screen showing two accounts logged on. Click the original account, in my example "Franklin."

IMG_0143

You should now be back at Examsoft, ready to type your answers with a refreshed memory from your notes.

IMG_0145

End of walkthrough.

Final notes

There are some limitations to this method. You cannot copy and paste when switching between accounts. This may be possible with 3rd party software. Also, on my computer it takes between 4-7 seconds to switch between accounts, not an ideal setup with proctors walking around. It will be slower with older computers.

An easier way to cheat would also be to replace the background image of the security dialog screen. This is just an image file in a system folder that can be replaced with an image filled with text/notes. This means that ctrl-alt-del will now show you your notes, no need to switch between accounts.

You could also open up your default browser and access the internet by opening an HTML file instead of a Word file.

The fix to this cheat is easy. Disable the ability to bring up the security dialog screen with ctrl-alt-del.

Again, this is for informational purposes only. Don't be stupid and actually try this during a test. I'm curious to know if this will work on non-mac computers. Feel free to leave comment with your findings or any issues you encounter following this guide.