I really enjoyed the whole process of figuring out how to get the keys to the kingdom. Our teachers were pretty good about logging out after they were done. The first way I got root was by running a fake login program remotely from another computer. That was a thing about the Icon's, you could run programs remotely from another computer. I knew which computer the teachers liked to log into, so I patiently waited. Eventually it happened, he tried to log in, got "Invalid password or login name", and thought he had fat fingered it. Meanwhile I now had root's password. At that point I put in a backdoor on one of the bootup shell scripts, which checked for the presence of a file, if that file existed, it would copy the first part of the password file somewhere else. At that point, if they changed root's password, I would create the file, reboot my computer, then check for the copy of "passwd" somewhere else. The passwords were in plaintext, they weren't stored as a hash. I discovered the poke method later as I got bored of my existing method. I once got a copy of an exam before the actual exam. I saw the teacher printing something out on the dot matrix printer, and guarding the contents, so I logged into root, and copied the printer spool file. Upon examining the file I discovered it was an exam.