(Don't feel bad for the guy. Getting fired was the best thing that ever happened to him. He was a weekend "action photographer" [surf/skate/snowboard/...] who decided to go full-time after losing his job. He rode the early-2000s "extreme sports" wave and ended up being quite successful, and more importantly, much happier.)
> Long before FreeBSD, Jordan K. Hubbard earned a spot in Internet history in 1987 when he accidentally attempted to broadcast an rwall message to every machine on the Internet. He stopped it once he realized what was happening, but not before he & the other UC Berkeley network administrators were flooded with complaints.
1. Set fun messages on all the HP Printers: https://www.irongeek.com/i.php?page=security/jetdirecthack
2. Bypass firewall restrictions by setting http:// to https:// (later had to resort to SSH tunneling using Putty). Got me banned from our library for a month when I was on Facebook and a teacher passed by.
3. Our student directory set a cookie to a 6 digit identifier in the cookie. We could access any student's grades and details by just setting it to another ID, or looking at their lunch card.
4. During finals we wouldn't be allowed to see our grades until after all the finals were submitted into our grading portal. Somebody picked up on the fact that if you stop the page load before it finished that the grades would show up. Using JS to block our grades after they loaded didn't stop even the least technical people.
5. Some of our labs had monitoring software to make sure we were working. We could just kill that process and they would lose access.
6. Invert MacOS screen colors using Control + Option + Command + 8. Teachers didn't know how to recover from this and would resort to restoring the entire Mac.
7. CTRL + ALT + Down to flip the Windows screens. Again caused issues for a lot of people who didn't know this shortcut.
What a bunch of troublemakers we were...
As an experiment I wrote a piece of batch script that would append itself to both the network and local batch files if it wasn't already there (i.e if it was on the disk it would copy itself into your network account and visa versa), put it on one random computer, then forgot about it for a few days.
By the time I got around to checking again it had propagated itself to every computer in the lab and presumably every network account that had logged in during that time.
Oh man, that brings me back. We always went the extra mile by taking a screenshot of the desktop, rotating it 180 degrees, and hiding the taskbar and all the icons; everything seemed normal, but you couldn't click on anything, and the mouse pointer was upside down and had inverted movement.
The best we got up to was the year we found the admin password for the default image root user in some cached Skype logs. First we would SSH into random people's systems and use Applescript to type random things etc., bonus points if they currently were presenting something. We got bored of that pretty quick and resorted to just selling the ability to do stuff as an admin like installing things.
Earlier in middle school we figured out that the MacBooks the school issued had an IR receiver and the apple remote available at the time could trigger some Fullscreen tools by hitting a button on the remote and aiming at a victims computer, again mostly to disrupt teacher presentations.
Both bits of fun came to an end when some kid figured it out and ratted us out. When they figured out I was selling root access (installed CoD4 for a friend's little brother and changed the root password for them at extra cost, when they couldn't remember what they changed it to the went to the admin) all hell broke loose and they confiscated the laptops to re-image... no fun.
This reminds of all the shenanigans we had back in school (in the prime of Windows XP). Among the things of:
1. Doing the same thing you did with #7, as in flippin the screen. However, our computers were so slow that you could spam the rotation combination for 30sec and it would go on for at least 5minutes or even more before it was finished. It was almost faster to just do a hard reset most of the times.
2. Our network was miss-configured, which let us to connect two ethernet ports on the same switch together and take out a whole class room. Or better yet, if someone had forgot to lock the room for building switch and do the same.
3. Pupils were not allowed on school wifi back then, but somehow our IT-department wasn't up to date when those popular WEP vulnerabilities were released. Didn't take long for pupils to dual boot Backtrack and sniff out the password. School had to invest in better security until next semester.
4. MSN was blocked on school network. This later became a source of inspiration for those studying programming back then. As an example: there was a program published unto the public network share (deep down) called msn-unlocker.exe which wouldn't unlock MSN for you, but rather create directories inside directories recursively until windows registry and harddrive just gave up.
There is of course a lot more stories here, but I'll keep those for reunions and bar nights with friends :)
It still amazes me that weev went to Federal prison for doing essentially this on the internet and telling others how he did it
For example a left-right flipped screen could be needed in a rear projection setup, but I am at a loss for what you would use inverted colors for.
Sadly on macOS 11+, Apple changed some color management so it became unusable together with the f.lux app because the warm colors become cold/blueish instead.
Unfortunately, dark mode is no proper replacement because it does not invert standard web pages.
I used to go to Fry's Electronics computer department and screenshot the desktop with clickable stuff, then proceed to set that as the background and close all the windows and remove or relocate all desktop items. To an end user, it then seemed like the computer was frozen or otherwise fubar'd. Rinsed and repeated that for a whole row of machines a few times. It was entertaining to then watch people approach and try to interact with them.
I know this is weak kung-fu compared to many stories in this thread is but it was a good time! (at the time..)
It was an absolute free for all when windows machines started to be plugged into campus networks.
The prankster's evolution generally went from net send to NetBus and then to Back Orifice in those days as the tools rapidly made such tomfoolery a point-and-click affair. Interestingly many of the features in these early Windows prankster/hacking tools heavily shaped modern day remote administration / MDM software. I actually remember BO being used as a proper remote management tool in some situations.
Unfortunately this was the type of thing that would get students banned from the computers, or only allowed to actually use the computers on Friday to do their computer science work (like my friend Dave).
Speaking of NET SEND specifically, I went to a vendor for training once (circa 2000) and they mentioned someone who had recently come for training and was sent home because they had used NET SEND * there. I wonder what their employer thought of that.
Either me or a friend has at some point (in the 80s or 90s as minor students) been: kicked out of computer lab, had notes posted in the library that we are not to "hone our programming skills", kicked out of the Supercomputer Challenge[1], been told (second-hand) we're "a security risk" by the government, been put specifically under remote monitoring by the teacher, lectured, sent to the principle, had the police sent to their house, been told we "probably have an FBI record" and "are putting their parents' jobs at risk" over similar levels of playing around with computers that they let us use, not even trying to do anything particularly "hacker (cracker)"-like.
[1] https://supercomputingchallenge.org/22-23/index.php (Not this specific year obviously. More like 30 years ago.)
One day I walk into my lab class and see that a poor soul forgot to logout of his session. I'm sitting with my lab group and explain this "net send *" macro that would send a message to every single account on the system.
Another person in my group says "I'll do it." He types it in and presses enter.
We log out of the account, then log into one of our accounts, see the message, laugh and move on.
The next week, I get to my lab and this kid walks in and says to my lab group member sitting in front of the computer "Can I speak to you outside?"
He goes outside and we think nothing of it, but then I hear my lab partner outside the door say in a raised tone "Look, I have no idea what you're talking about! Goodbye!" and he comes storming back in.
This lab partner was absent the week before and didn't know what had transpired. We ask, "What did that guy want?" He says, "Some BS about how he thinks I sent a message through his account to everyone on the network because he forgot to logout last week and now he's in trouble with the CS department because they think he did it."
Our jaws dropped and I think if he had spoken to anyone else in the group we probably would have laughed and he would have known it was us right away. I still wonder how much trouble he got in on our behalf for embarrassing the CS IT department. Didn't seem like that big a deal to me.
Well the entire county was on the same network. All computers in the school district received my message. Fortunately the message was just "hi", and I think it was only sent once.
Like the OP, in retrospect I saw that the message shows the sending computer+user. Since we had student-specific logins it didn't take long before I was tracked down and reprimanded. I think they even told my parents about it and were threatening suspension etc. But at a certain point it became kind of obvious that the network/configuration was more at fault than a curious kid. So I got off with a stern warning and narrowly avoided a life of crime.
Once the person was sufficiently annoyed, he disabled the Messenger service, but again, because all Administrator passwords were same, it was possible to just connect to the Services snap-in in Microsoft Management Console, and re-enable it, send the message, and immediately disable it, so once that person went to check - the service would be off...
In retrospect it was somewhat cruel, but oh well...
A few months later I got expelled for some Novell netware breakin shenanigans but that whole experience was well worth it. I had been booting into slax and stealing SAM files from shared/library computers and then cracking them at home with lophtcrack to figure out passwords. The top level system admin had a 5 letter dictionary word, “north” as his password. I had keys to the kingdom. I’d shut systems down all the time for fun but never broke a thing. They tried to throw the book at me but fortunately it all fizzled out in the end.
In any case, your tenacious dedication to the cause was admirable.
Ultimately this experience hardened me in a number of ways. In my new school I had a really cool counselor who knew about my wrongdoings but was still supportive. I distinctly remember the discussion about needing a fine art requirement to graduate - but I was red flagged for absolutely no computer classes so couldn’t take computer graphics. Ended up taking ceramics and it was hands down the most fun class I had ever taken in all of school. Ended up meeting my girlfriend there too, losing my virginity, etc. all-in-all it was a blessing in disguise.
The irony is that the school I got kicked out of was a special science and technology magnet school with a ginormous superiority complex. They could have easily turned me into a white hat assistant to help them with the network but they were so insecure (literally and emotionally) that they wanted to make an example of me.
In my own personal experience, I was immediately expelled for getting access to admin in the AD for our district. Didn't cause any "pranks" or anything.
This was around 2015, I think schools are just much harder on "hacking" incidents these days.
We figured out that while the C: drive wasn’t accessible in Explorer directly, you could create a desktop shortcut directly to subfolders. Installed a copy of Worms World Party on all of our machines using that; somehow, although the machines were imaged weekly, it ended up on the image and got copied across to every school computer which was convenient.
I also went a step further with the joke messages, creating a program which showed a bunch of dialogs with choices in a loop. It couldn’t be closed and some choices did things like open/close the CD tray (as a “diagnostic”). People started just dragging it to the corner of the screen out of sight.
We also had a self sign-up system for sports, where you could pick a main interschool sport, or a “development” sport that was more about learning interesting stuff. The system was pretty insecure, using your date of birth as a “password”, but it also turned out that it had an SQL injection, so I used that to set everyone’s sport to Equestrian. Getting to hear an announcement at the school assembly about how the computer system had a problem was pretty great. I even emailed them about the injection issue but they never fixed it. (A risky move, really.)
In the early 90s employees still occasionally used the Messenger service (the service behind “net send”) for messaging. It was originally intended for alerts like print job completion or server powering down, but it became widely abused.
It could actually be used over the internet if the target machine was addressable, eg had a non-rfc1518 address.
We started getting lots of complaints about abuse in the mid 90s as the web was taking off, and changed our best practice recommendations to disable that service; it was not mission critical.
Most of the low level NetBIOS services were designed naively before people thought much about security; we eventually disabled or removed most of them.
…surely begs an interesting question!
My favorite discovery was that the "scheduled tasks" folder was shared on every computer in our school. This meant you could do the net send * bomb from a friend / enemies computer, and get them in trouble.
The other fun one was Borland C++ 6 had a limit on how wide the code window could be -- you could only horizontally scroll so far. However, you could hold down tab for a few seconds, then write something like cout<<"logout next time"; in their code. Unless you knew the trick, you'd never find the code afterwards -- you couldn't scroll to the right far enough due to the limitation of the viewing window.
echo 'Terminal overheating, please blow on screen' > /dev/tty0
So, I promptly ran `net send * All your base are belong to us`.
The immediate result was giggles from all around the computer lab. As soon as I realized I had sent it to every computer in the lab, I realized I had no idea what other computers I had sent it to. I decided my best course of action was to log out of the machine and switch to another one.
About 5 minutes later, a couple people came into the lab, going straight to the machine I had sent the message from. They looked around, asked the room if anyone knew who was using the machine, got a bunch of noncommittal shrugs, shrugged themselves, and left.
A couple weeks later, the Messenger service was disabled across the campus. I found out from someone that the message had popped up on every machine on campus, interrupting presentations and leading to some slight confusion on the part of teachers all over.
Sounds like it was _for great justice_. ;)
The third friend's father was LIVID that our friend's name was besmirched by being placed in the contents of the pop-up, later threatened me over the phone, and put pressure on the school to throw the book at us (fulfilling his promise to "TAKE THIS TO THE MAT!"). My friend and I were suspended for a day and banned from visiting the high school computer club for some weeks.
From the district IT perspective the middle school's punishment somewhat backfired because news of our suspension resulted in many more students across the district learning about the command, greatly increasing the # of incidents and becoming a district-wide. They weren't able to figure out how to turn it off for a year+ after. As a temporary measure they made the printer in the high school library print out the originating computer of every net send message, which often backed up printer and caused the HS librarians (my mom happened to be the head one lol) to have to remove these useless sheets from the printer all day.
0/10 would not recommend glob experimentation
The computers were really locked down to the point that they were annoying to use. Right click was disabled (at least in windows explorer?), among other things. One of my acquaintances wrote a program in visual basic called "Firstname Lastname's Computer Fixer" that was somehow able to disable many of the restrictions on the computer. I remember it was a pretty large window with lots of buttons though I can't remember what they were all supposed to do. After passing it around for a few months it was deleted from all our home folders and I found out that he was suspended for a week and banned from using computers. The computers got even more locked down. Oh well.
Combine it with a for loop and you could generously message everyone on the LAN with little effort.
There's a reason why everyone around me turned off the net service after a while...
I also discovered that our student IDs and PINs were based on our birthdays, though I was not creative enough to come up with an amusing use of student logins.
A group of people did get caught messing around with the network a while later, but only after they'd privesced their way to a domain admin account, then screwed up with a script that reset a bunch of local admin passwords rather just the one they wanted. Somehow, the existence of a new domain admin account didn't get spotted for weeks before that.
1. Scanned the network for all the teacher's computer names periodically
2. Randomly sent a benign message from one random teacher to another random teacher like, "Hey, want to go out later tonight"
3. Sat dormant over the summer in the computer lab that had our programming class and was programmed to become active when school was back in session in the fall.
Apparently the thing actually worked! When fall came around one of my friends reported to me that he overheard teachers talking about random messages on NETSEND.
I never got caught. Maybe now that I'm bragging about it, as a stupid hacker does, I'll finally get hauled off to the principals office.
This is something I actually worry about future generations missing. My core love of computers came from being able to tamper with them. Being able to poke around in the operating system, figure out how to do neat things, etc.
Today, students are given either an iPad or a Chromebook, and generally locked into using some horrific privacy nightmare like Gmail, and have very little ability to actually experiment with computers.
I suppose this means we have better security, but people like me born more recently may not end up in the field because of it.
The Chromebook model issued to students at my middle school powered off when a magnet was placed over the top right corner. After this was first discovered, it because common practice to carry a small magnet around and turn off people's machines when they weren't looking. If you wanted to be subtle, you could use the corner of another Chromebook to pull off the same trick.
Chromebooks use (G)-mail sign-in, and the school generated us all accounts that had the format
e-mail: <firstinitial><lastname><student ID sans the first digit>@schoolname.com
password: <initials><full studentID>
I figured this out a few weeks in, and we had great fun logging into each other's account and sending ourselves incriminating e-mails. Admin figured out after a while and for all successive school years we had random phrases.
All machines had a remote-viewing/tab managing utility installed so that teachers could surveil us as we did our work. Many ``bypasses" came and went over the years, by my favorite was simply abusing Chrome's ability to play flash .swfs and disconnecting from the internet. Once that got out teachers often forced me to sit next to/facing them as I worked.
Another was that only ``real tabs" showed up on the admin viewer -- `New Tab's and similar Chrome-isms would just be a blank screen. You could abuse this by opening Inspect Element on a new tab and writing in an iframe for the website of your choice.
Web filters were often bypassed using interactive browser compatibility testers like Browserstack and Browserling[0]. Not terribly interesting, but it worked just fine for our purposes.
Later, in high school, I wrote a script that autoran on a single machine's local storage no matter who logged on, copying itself to the shared storage. Next, when that user logged on to a different machine, it copied itself back to local. It didn't do anything flashy or obvious, so by the time I graduated, I had a calling card on maybe 75% of the machines in the school. I also aggressively portscanned the whole district, and found some IP cams and Cisco phones that had open (And seemingly unpatched) RCE CVEs. I never got around to doing anything with them, and my only regret is that I didn't pass the knowledge along to someone else before graduating.
[0] https://www.browserling.com/browse/win/7/firefox/104/http%3A...
The other thing we did was access network shares which you could see, but if you tried clicking them in explorer they'd say "access denied". The administrator apparently didn't lock things down very hard so a two-line .bat file:
@echo off
net use Z: \\administrators
There was also evidence someone else found this before us because they had filled this one directory with viruses that had extremely obvious .jpg.exe extensions and basically various thirst trap stuff for creepy teachers filling the rest of the filename to click on it. I think I remember access to all of this was lost when this one kid was dumb enough to actually click something in there and he got blamed for it and expelled, which was pretty funny.
@net use Z: \\administrators
My memory is fuzzy at this point, but I vaguely recall being able to change others' desktop backgrounds with a remote client. That produced a lot of entertainment value.
Bonus points if you could get the teachers machine
Good times :D
We found a way to circumvent the way they prevented third party apps from running and spent hours just playing AoE2 in the "study" hall.
I seem to remember there was an option you could pass to override the sender's name so you could anonymize yourself and have the messages come from JESUS or MY BUM or something equally hilarious. You could even set it to the genuine ID of a nearby computer and watch the chaos unfold once the IT guy came running in.
I like to imagine there was some twinkly-eyed old trickster at Microsoft who saw to it that net send came enabled by default.
There was also a program that let you enable any disabled button in Windows by clicking on it. Turns out a lot of the security was only implemented at the GUI toolkit level.
There was something magical about those insecure school networks. It was amazing to watch how it affected the teachers, when you pulled some minor prank. They would flip out, not because you did anything particularly dangerous, but I guess just at the loss of control.
Good times.
1. Discover net send
2. Discover net send *
3. Get in trouble for using net send *
The next step was discovering telnet and the schools smtp server.
Luckily I went to a school that believed in redirecting the (endless) time and (boundless) energy of obnoxious nerds like me, and I spent far more time helping out than breaking things. Or at least I hope… the long tail on the IPX ping was pretty painful to stop.
† for Americans, the UK used to have selective education, some parts of the country still do, under this system children who test well at age 11 or 12 are sent to different state funded schools from their peers, mostly single sex such as a Grammar School, so that's a school of mostly high achieving all boys, this is probably a bad idea on net but it's popular for various reasons.
When I was in school the admin left his account logged in and left the room. I was there to make few admin accounts to myself, and later programmed malware that worked as a keylogger and gave me some remote control of all the machines (I put it inside a .BAT script that was ran after login, distributing it to every computer in the school).
I used my powers by downloading stuff and burning it to CDs as I didn't have a good connection. I also gave some access to my friends, and the computer lab turned into a war zone. We were opening stuff on other people's screens, but not good stuff. Things like Goatse and people doing stuff with farm animals they shouldn't be doing..
After some time it had gone way too mad and computer lab got shut down. But the crazy thing is, after a while the school just let it go and didn't even notify our parents. Apparently, nobody wants to tell the parents that a room in school has been OnlyFans Farm Edition for a while.. I had some stern talks with the principal and IT teacher as the only suspect, but that was it.
"What is it supposed to do? Nothing's happening."
"Really? Did you run it in a shell?"
"Yeah, in my SSH session in the main server."
Oh.
The server was down for a couple of days while the admin figured out what happened, fixed it, and limited the number of open processes per user.
I didn’t get in trouble and returned to class.
Later that year I installed VNC server on my friends workstation in the same class and used it to mess with him during class. We had a pretty good laugh. Another friend saw this happen, took the idea with some of his friends and a few days later installed VNC server on a bunch of computers throughout the building. My understanding is they generally caused a bunch of chaos, it was figured out who had done it, and the group were arrested(!). They ended up with community service if I recall.
I very thankfully was not pulled into this at all and found out about the whole thing later.
Another 'write' unix shenanigans was the ability to send control sequences, so one could send a 'terminal reset' sequence to any user online a terminal room using a dumb terminal (wyse, vt100 etc) and it would quickly reset the terminal and log them off. One could even send a long sequence of control strings to force a crude ascii animation, then reset terminal if you wish. (not me of course)
The command was TELL on IBM VM operating systems, IIRC. "TELL <user> AT <node> <message>".
Not only that, but my computer name was assigned to my username so it said my full name next to it.....
I was called up to the office within 2 seconds and immediately suspended. I also got braces that dad. Rough day. :(
We also built a program that would monitor a file on a network drive and run new commands when added to it so we could eject the CD and/or show a message on demand.
Only did this within our club that made the school yearbook which had three computers over two rooms in its own lab so we didn't do anything too dangerous.
Later we’d find ourselves logging in to machines remotely to do similar things in order to make it harder to trace. We did this with ordinary windows tools.
We even disguised that we were inside a terminal by creating shortcuts to the command prompt that changed the font, colors, and even the application icon to make it look like we were just running notepad at a glance.
Exactly what we did with this devious set of tools I’m not at liberty to speak of ;)
Oh, here’s the manual (PDF), which we never read: http://chrisacorns.computinghistory.org.uk/docs/Acorn/Manual...
All of our computers among 50+ elementary/middle and high schools were networked together. We could open CD trays, turn on/off window services, force restarts and other things we thought were funny at the time.
One day, I decided to send the message 'I'm gonna kill you' to a friend and didn't know his computer name. I left the wildcard in there for the domain to our school and poof, 900+ computers got the message. Lots of kids were scared and jumped out of their seat reading the message. I realized quickly i made a mistake...
I was labeled for sending a terroristic threat and kicked out. After some litigation and staying at home for a few months, they let me back into school the next year.
I also told a friend in another school about the command, and their attempt also ended up sending a message to every machine in a district with over a dozen schools. We knew it would go to the whole school based on the group settings, we were still surprised that it went to other schools as well (still haven't really figured out how that worked). Luckily for them, nothing got disabled, and they kept using net send as a bilateral chat system happily ever after :)
Saying that in a school lab wouldn't make much sense
Pretty sure this is how they generated the sound that was used for those commercials once upon a time.
By designating the voice, you could even have multiple "people" talking to the user. It got annoying quite quickly to be on the receiving end
No one knew who was doing it until one day my friend was using it and I made too much of an inside joke that gave it away.
My friend saw it and said "What's this?" I told him not to open it and of course he did so immediately.
This was a K-12 school, so every single lab, every single teachers computer all the way down to kindergarten got it.
When IT came to my friends machine, I fessed up and got in trouble. Banned from school computers for the rest of the year, all my teachers got a notice about it and I had more than one awkward conversation about what I did.
Once it was determined that "net send" was a security problem, thus forbidden, we found ways of alerting involving less spit and bailing wire. And fun.
I always found the *nix 'talk' command much more annoying, since it would throw off the screen drawing for programs like pine.
All that was required to "take over" any machine on the network was to open server.exe and enter the IP address
See https://c-hey.redbrick.dcu.ie/ for the wrapper around write. These days students seem to prefer discord. :/
Although, I don't actually think they really tried or were ever going to try to catch him.
Same thing for me, the feature was disabled shortly thereafter.
so, of course I wrote a little script that wrote a single space character to a random tty every so often. the character wouldn't be in the users source code but since it was shown on their terminal they would generally hit backspace to "fix" it which made the text on screen line up but misaligned the columns in their actual source file.
very few people got their assignments to compile
"We’d gone wall to wall sup!" hilarious.
I knew some folks who did that as well. Unfortunately I was not in the set of folks who could get away with such nonsense. You were incredibly privileged, and need to be mindful of that for the rest of your life.