This is a standalone POC using the main exploit used in MNSPlusTrasher
The theory behind this exploid is that the packages send to the "mnsscreengrabber" service on the student pc are never validated or blocked.
We could abuse this by either by writing our own remote (which whould require extensive reverse engineering) or patching this test in the frmMain class of the mainForm.cs file in the TeacherConsole executable.
The problem with this aproach is that we need to get ahold of the 15 year old Visual Studio 2005 that has been used to originally compile TeacherConstole and Janus which has also been used in this project
The final POC patches the isTeacher function of all users in dynamic link dibrary "RoomMgr.dll", which is able to compile in newer Visual Studio versions and easily modifyed to our needs. We only need to modify the return value to "true".
You can try to control teacher computers by removing the isTeacherComputer check, which probably won't work as teacher computers don't start the ScreenGrabber service, which is needed to control them. (But you can at least try)
