[HN Gopher] Back Orifice (1998)
___________________________________________________________________
Back Orifice (1998)
Author : aphrax
Score : 363 points
Date : 2021-09-04 11:06 UTC (1 days ago)
(HTM) web link (web.archive.org)
(TXT) w3m dump (web.archive.org)
| bdcravens wrote:
| Bots to scan all users for BO on IRC were common. I even was a
| bit mischievous with it myself. Karma was served when I self-
| owned - was playing with running the server to experiment but
| forgot I left mIRC running, and in a minute my computer was
| hosed.
| christkv wrote:
| Oh man brings back so many memories of messing with friends.
| There was even a doom version that modeled monsters after system
| processes allowing you to shoot and kill the processes and watch
| them die
| AnIdiotOnTheNet wrote:
| psdoom still exists:
|
| http://psdoom.sourceforge.net/
|
| Though I'm skeptical it was ever part of a windows root kit.
| christkv wrote:
| It wasn't a part but there was support for the back orifice
| protocol. https://github.com/orsonteodoro/psdoom-
| ng/blob/master/trunk/...
| howmayiannoyyou wrote:
| My experience with BO:
|
| Me: "I bet I can guess your password..." I said to a close
| friend.
|
| Him: "No way. $50 says you can't".
|
| Another friend: "Stupid bet".
|
| Me: "eatme8"
|
| Him: <speechless>, turning red with rage.
|
| Another friend: "Holy shit".
|
| Needless to say my late 20's were a lot of fun, very little of
| which I could do now without serious repercussions.
| habibur wrote:
| I was thinking of it recently. Does it still run on modern
| Windows? Has anything new arrived as its alternate?
| spleen wrote:
| Yes, it's called Remote Desktop. :)
| junon wrote:
| I highly doubt it works these days. For a while there was Cain
| and Abel (probably spelled differently) and a few other popular
| RATs running around.
| nsxwolf wrote:
| Pretty sure someone used this to make my CD-ROM eject once, and
| that was very disconcerting.
| deusum wrote:
| You mean the cup-holder? They were just being helpful.
| system2 wrote:
| Following years Sub7 became a monster of its own. Schoolbus
| master password kind of ruined everything for us young lamers.
| shoelessone wrote:
| Was Girlfriend similar to this?
| anhanhanh wrote:
| Back in the good old days we were sending this to random ICQ
| users saying something like "hey I'm a game developer and made
| this game, would you like to try it?". I'm not very proud of that
| tbh.
| richarme wrote:
| What you could do was embedding the BO exe inside another exe
| disguised as a jpg picture. When executed it would extract and
| run BO in the background and also display a jpg. ICQ
| conveniently didn't display the end of long filenames, so you
| could send it as "xyz.jpg[20spaces].exe" and it would seem like
| you just shared a picture. Worked like a charm the one time I
| tested this technique on an unsuspecting friend during a LAN
| party.
| slim wrote:
| Or use silkrope to bundle it with any other .exe
| weci2i wrote:
| I used to do this exact same trick with Sub7. Good times.
| riffraff wrote:
| if I recall correctly, you could attach this to other binaries
| via silkrope so the receiver would be unsuspecting.
|
| I think we did it to a classmate once :)
| ianhawes wrote:
| Yes, now if you do that you end up with a 2000 word threat
| analysis write up by a network security startup that claims
| you're using sophisticated social engineering.
| ironmagma wrote:
| And a warrant for your arrest, probably.
| saagarjha wrote:
| Apparently people still do this on Discord.
| decko wrote:
| I wrote a similar tool to mess with my friends at the computer
| lab at school (since back orifice, netbus, etc. would all be
| detected by antivirus at this point).
|
| Years later, I was shocked when whatever antivirus I was running
| detected it as a trojan through heuristics. I realize this is
| pretty normal these days, but back then it felt like magic.
| sdfhsdfhsfj wrote:
| Netbus and BO got me in so much trouble as a kid (though honestly
| I probably should have gotten in a lot more trouble).
|
| At school, all the windows machines were locked down with a
| "security" application called Fortress. I started selling boot
| floppies that would disable Fortress to teachers, and might have
| loaded a few of those up with the aforementioned toys.
|
| At home, I don't think I paid for internet access at all until
| well after college. A port scan of local ISP networks usually
| yielded someone infected with netbus or bo, and I could snarf
| their dialup credentials.
|
| While those exploits probably should have landed me in jail, the
| worst that happened to me was an expulsion as a result of
| somebody else bulk changing logo.sys across school.
| tinco wrote:
| That really is mischievous, as a kid I'd play around on the
| schools computers which I felt were fair ground, though the
| headmaster would probably disagree. The only time I was really
| confronted was when I was warcycling around town, found an open
| WLAN and just browsed for a little while, and then the owner of
| the house came out and chased me away haha.
|
| I'd often read phrack even though I didn't really understand
| programming yet, but there was this one issue that detailed how
| to trick a bottle recycling machine into giving you unlimited
| receipts, my local supermarket had the exact machine and I was
| thinking about doing it to see if it would work, but chickened
| out because I realized I'd actually be stealing from the owner
| of the supermarket who everyone in the town was on first name
| basis with. I always believed everything in the digital was
| sort of fair play and was really shocked when people started
| going to jail even for the dumbest thing like grey hat url
| injection.
| temac wrote:
| There were tons of windows 95/98 computers with network shares
| exposed to the internet with no or weak passwords. It was
| really convenient to get their stored password list.
| DrAwdeOccarim wrote:
| Def. kept a list of us/pws for the local dial-up. Totally was
| at a good friend's house years later and discovered his dial-
| up username was one of my list I used often. rofl, that
| killed me at the time. I never told him!
| brassattax wrote:
| My University had public, non-firewalled IP addresses in the
| dorms... all one had to do was scan the IP ranges for the default
| port for Back Orifice to have some fun. (The good old days)
| gogopuppygogo wrote:
| My first year at university I took over the student radio
| program and found such a computer had been left online for
| months directly connected to the internet. It was so pwned the
| mouse would struggle to move.
|
| I wish to this day I'd imaged the hard drive before formatting
| it. It'd have been so much fun to boot up in a VM to play with
| today.
| sedatk wrote:
| BO was the only malware I got infected with on Windows. Back in
| 99, some colleague had sent me an executable to try out (supposed
| to be the portscan tool he developed), it did nothing so he said
| "hmm ok". Later, my mouse started becoming erratic, I started to
| make typos. I finally figured out what's going on when the CD
| drive ejected itself and I shut off the computer. He later
| admitted messing around.
| s_d wrote:
| Hi party people, this is Sir Dystic, author of the original 1998
| Back Orifice. Great to hear all of you reminiscing about my
| software!
|
| One thing that I did not predict when I released BO: The
| distribution ZIP contained three files, a readme.txt, the BO
| server and the BO client. In retrospect, the BO server should
| probably not have been distributed with the original .EXE
| extension as a LARGE portion of people apparently downloaded the
| ZIP, unzipped it and just double clicked on the BO server,
| immediately infecting themselves.
|
| Keep disturbing shit please.
|
| ..--oo] ooM [oo--..
| syrusactual wrote:
| Thank you for your service
|
| Sy^
| _Anima_ wrote:
| I bought my first computer in April 1996. I learned a lot about
| network thanks to BO. I remember always being cautious about
| client vs server but I managed not to infect myself. Fun times.
| Thank you, sir.
| s_d wrote:
| An interesting bit about the internals and development of the
| BO code: The BO server was written in C and consisted mostly of
| a single while(1){ switch(command): ... } loop, the only
| functions were where callbacks were required, and it reused the
| same 5 variables in main() for everything. I got feedback from
| more than one security professional that this made it very
| difficult to reverse engineer. I think when I was writing it my
| concern was minimal overhead, and not using the stack must save
| SOME important resources?
|
| When Dildog wrote BO2k I gave him the BO source to start with,
| he claims he rewrote everything from scratch and seemed a bit
| horrified by my code, which was never intended for
| distribution.
|
| ..ooM? ..ooM!
| s_d wrote:
| The only bug I recall being reported on BO was in the built
| in HTTP server (which I wrote from scratch in C), if you
| shared a specific directory with the HTTP server, on Internet
| Explorer it would not let you click through to sub-
| directories because of a missing slash at the end I think. I
| only ever tested it with Firefox which seemed to not care if
| the slash was present. I found out about this from people who
| thought it was a feature, and were horrified to find out that
| anyone COULD access those sub-directories if they manually
| added the trailing slash or used a different browser.
|
| .ooM.ooF.
| anonu wrote:
| Was Firefox around in 1998?
| umeshunni wrote:
| He probably meant Mozilla
| grioghar wrote:
| You single-handedly made me interested in computers deeper
| than playing Doom and Duke Nukem 3D. You made a 12th grader
| who didn't have a decent computer at home start learning DNS
| and saving his dollars for a Pentium to start programming on.
|
| I got into so much trouble my Senior year of High School with
| your software, but it put me on a path.
|
| Your software and NetBus was all I needed. We owned
| EVERYTHING, and I mean EVERYTHING in our town until we got
| found out. Naive me at the time thought it was really cool,
| until the Detectives showed up...
|
| Here's to you. Thank you.
| sen wrote:
| You're literally the reason I got into IT in the first place.
| I'd messed around viewing source and writing static HTML for
| local businesses etc but it was never enjoyable, it just got me
| extra money towards rent (I had flunked out of highschool and
| couldn't get a job)... then a friend and I discovered BO and
| started infecting friends on IRC/ICQ/etc, it blew our freaking
| minds.
|
| Still got my cDc/l0pht/etc stickers on my old laptop and it led
| to my entire career. Thank you. I owe you many beers (or
| glasses of milk I guess).
| [deleted]
| bitwize wrote:
| You're... you're still putting l33t sigs at the end of your
| messages, like it's still the late 90s and this is USENET.
|
| Frickin' love that.
| aphrax wrote:
| Big fan of yours Sir Dystic, thanks for all the fun and games.
| All the best and hope you and yours are well.
| Lapsa wrote:
| oh I remember this one. opening CD tray remotely
| Svperstar wrote:
| lol we used to use Back Orifice to mess with friends on ICQ,
| yeah, I'm old. I know.
| teknopurge wrote:
| this thread is relevant to my interests.
| mikeodds wrote:
| I'd bet there's more than a few people here in respectable places
| now that learnt to code through VB6, Delphi, python, Perl, PHP to
| write rats and exploit code.
| brassattax wrote:
| tcl scripting for eggdrop bots too :)
| Grazester wrote:
| Yep in highschool it was all VB6 and back orfice shenanigans
| nurettin wrote:
| it was mainly delphi7, because the executables didn't require
| suspicious dll dependencies. If you statically linked midaslib,
| msvcrt was all you needed.
| mkr-hn wrote:
| Marco Arment (Overcast, Instapaper, Tumblr) on AOL proggies,
| most of which were built on popular VB6 libraries made for that
| purpose: http://articles.marco.org/44
| theshadowknows wrote:
| A "fell off the truck" version of Delphi :)
| gatorcode wrote:
| Ahh the good old days. Learned to program with VB6 writing
| progz for AOL.
| tscherno wrote:
| There is also Sub7 from the same period:
| https://web.archive.org/web/20050401072114/http://www.hackpr...
| dheera wrote:
| Also, NetBus ...
| cpach wrote:
| And NetBus https://en.wikipedia.org/wiki/NetBus
| Lammy wrote:
| I love that the NetBus website is still online:
| http://www.tcp-ip-
| info.de/trojaner_und_viren/netbus_pro_eng....
| unixhero wrote:
| All hail Netbus. It was so much fun. Those were good times.
| Pranking and harmless fun.
| surbas wrote:
| Wikipedia would seem to disagree:
|
| > " However, use of NetBus has had serious consequences. In
| 1999, NetBus was used to plant child pornography on the
| work computer of a law scholar at Lund University. The
| 3,500 images were discovered by system administrators, and
| the law scholar was assumed to have downloaded them
| knowingly. He lost his research position at the faculty,
| and following the publication of his name fled the country
| and had to seek professional medical care to cope with the
| stress. He was acquitted from criminal charges in late
| 2004, as a court found that NetBus had been used to control
| his computer."
|
| https://en.wikipedia.org/wiki/NetBus
| tmountain wrote:
| And C:\con\con. Ah, memories.
| _vzen wrote:
| A former "friend" of mine in high school deleted my documents
| including due school work with netbus or BO (don't remember
| which one). It really was a shitty thing to do and he was
| proud of it that I lost weeks of work.
|
| I got revenge couple of months later with a "screensaver"
| that I've made in Delphi. In reality it would just "crash"
| with some random error, but actually copy itself on multiple
| places on the hard drive with windows sounding names, run
| both as a service and some innocent sounding files etc. It
| wouldn't show up in task manager. I could send and execute
| whatever commands I liked. I've deleted his Diablo saves a
| week later or so, and man he was livid as he wasted months
| playing. He had no idea what happened as he had two AV
| programs installed and he was confident it would detect a
| trojan.
|
| Windows security at that period of time really was a
| contradiction in terms.
| ctf1er wrote:
| Sub7 was a lot of fun. So many options. I will add to the
| computer lab anecdotes. I gave this to my buddies at school who
| were in the same crew(we mostly made VB 'proggies' for AOL,)
| but of course two of them install it in the library computer
| lab. I told them it's not illegal to have but is to use. They
| mess with students even doing things like deleting essays being
| written. The IT people figure it out and my buddies get
| arrested and cut ties. They are expelled for a whole year and
| when they come back can't use any school computers. Did anyone
| ever figure out if there was a backdoor in the backdoor from
| the maker?
|
| But that kind of stuff is what got me interested in computers
| and programming back in junior high. Learned the basics of
| control statements and OOP in a fun engaging way. I made an AOL
| chatroom mailserver with sendkeys :D and later became more
| advanced using APIs. These were very much like mIRC but AOL
| hosted all the files so even better. There were private
| chatrooms based on just making these things and prewritten
| libraries floating around. Who remembers genocide.bas?(hey I
| didn't name it) Anybody have these? I have copies somewhere on
| a zip drive.
|
| Remember punters? In dialup days you could flood a person with
| chat messages containing html heading tags that would slow them
| down rendering to the point they could never catch up. Others
| eventually found exploits that could crash the app on one
| message.
|
| The Trojans for AOL were also pretty good. Would capture the
| password field and once connected open an email in the
| background and send it wherever, then delete sent. Back then
| though you could as easily just say you are an admin and ask
| someone for their password. Your whole neighborhood probably
| openly sharing through netbeui.
|
| I think it's long enough ago to say I ran an FTP on mirc and
| the password was like the 5th word on the xdrive free account
| confirmation page. They started at $2 a referral and I bought a
| nice 17" ViewSonic monitor to play Quake on in the 8th grade.
| Other friends bought whole computers. Shut that down when the
| FTP got hacked and I got a cease and desist letter for 3d
| studio max, thought the law was coming to break down my door.
| After that I mellowed out.
| devin wrote:
| I remember packing jpegs with sub7 payloads and sending to my
| friends on AIM. The opening and closing on the CD tray is such
| a classic prank. Best part was that given I was usually the guy
| my friends and their parents called to fix their computer
| trouble, I was getting IMs from all of them saying "my cd tray
| keeps opening and closing". The reveal of the prank was great
| except for when I must have done it for like 3 hours while my
| friend's mom was using the family computer. She wasn't very
| happy with me.
| superkuh wrote:
| Sub7 was hilarious with all of it's UI features like custom
| skins.
| grobbie wrote:
| I can remember one called Code Red causing a bit of mayhem at
| work not that long after.
|
| Interesting to read on Wikipedia that work on Sub7 resumed in
| June this year.
| jonplackett wrote:
| I remember this - and using the same CD opening closing joke on
| people in the college lab. The technicians had no idea what was
| going on. I don't think they really knew anything about
| computers - we once found a word doc on one of the computers
| with every password for the entire college / website etc.
| VectorLock wrote:
| Did this to my Computer Programming teacher in high-school
| while he sat in the other room and we could watch him visibly
| confused. Probably the most vivid memory I h ave from high-
| school.
| olalonde wrote:
| The most fun I had with Sub7 (or maybe it was Netbus?) was
| opening the CD-ROM drives of computers in the computer lab and
| watching people's reactions. Good times....
| system2 wrote:
| Second popular one was Schoolbus.
| grioghar wrote:
| NetBus.
|
| NetBus was the GREATEST Win95/98 remote admin/spying software
| outside BO.
|
| Network scan? Don't mind if I do. Huh. So many machines.
| Let's see what windows they have open.
|
| alt.sex.grannies (or whatever it was back in the day)
|
| Fire off a message "NO. Turn that off. C'mon, man."
|
| Actually got a reply back.
|
| "OK. I'm sorry."
|
| Do the title bar refresh and see it's closed.
|
| That was my favoritest random memory of NetBus in the wild.
| [deleted]
| joemazerino wrote:
| The good old days. I recall hearing the cDc going on the radio to
| "announce" BO with some trite words about Microsoft. I thought BO
| was fun but bo2k was really the bees knees of RATs.
| AaronNewcomer wrote:
| Yeah I remember one of these would allow you to somehow make a
| jpg executable and then would download the full payload for the
| rest of the tool. Image sharing over AIM and the like would make
| direct connections when transferring so you had to look up their
| IP address with netstat or something while the picture was
| transferring to them. And then keep checking to see if they
| actually installed/opened it.
| [deleted]
| washadjeffmad wrote:
| The BO payload was so large that it was hard to inject or
| distribute without pretty obviously being suspicious.
|
| A friend developed Fraggle Lite in ASM with separate versions for
| the network adapter, which became the world's smallest RAT for a
| while. I never found the Easter egg, but I do remember the
| original password for our hardcoded users. I wonder if I still
| have them somewhere...
| richardfey wrote:
| _That_ fraggle lite?
| washadjeffmad wrote:
| I guess? Gobo's?
| dspearson wrote:
| Had a lot of fun with bo2k and friends. cDc zines got me in to
| hacker culture and probably contributed to my career trajectory.
| readingnews wrote:
| Ahhh the CDC.
| johnflan wrote:
| It's insane to think a CDC member ran in the US presidential
| election only recently.
| weci2i wrote:
| Seeing this thread and so many familiar stories makes me feel
| right at home. Sub7 was my RAT of choice. My brother and friends
| weren't very technical, but I taught them to use Sub7 so they
| could spread the exe around to their friends and we could all
| have some fun. We were all heavy ICQ users at the time. It wasn't
| long before we discovered the ICQ send file box had a size limit
| on the file name field. So you could, say, call the exe "pic-of-
| me-nude.jpg .exe" with so many spaces in the file name before the
| .exe part disappeared that most of our male friends would accept
| it from a "random female" and run it without any hesitation.
| Needless to say, we opened a lot of CD ROMS and listened in on
| many chats.
| system2 wrote:
| Yes, this was the most common use among kids, including me.
| Name-lastname-profile-picture.jpg .exe
|
| 99.99% of the time people ran it. Almost no exception. I spared
| no friend. :D
| stelonix wrote:
| Ohh, that brings back memories! I didn't use BO, though I knew it
| existed, but used sub7 and NetBus a lot. The person who taught us
| (me and brother) to use it did the classic CD tray prank and then
| rebooted out computer. I remember him telling us to who run a
| command like _arp -a_ on the Windows terminal and we were
| shitting our pants, so he triggered a reboot.
|
| Good times getting into friends' computers etc.
| [deleted]
| sparker72678 wrote:
| Same as so many others here, I remember messing around with BO
| with a buddy in high school days. Scanning IP addresses (I think
| we just started bulk scanning addresses that matched his ISP
| maybe?), browsing their files, taking screenshots...
|
| And yea, chatting about all this over AIM and IRC... ahhhh.
| cdcarter wrote:
| I can't recall if it was Back Orifice, or another "root kit tool"
| of the time, but these tools are absolutely where I first saw the
| allure and call of a custom telnet shell. I remember telnet-ing
| into the control port and aggressively open/closing the CD-ROM
| drive on my brother in the other room (among other pranks).
|
| Something about telnet-ing into a service gives that Great Hacker
| Feel. You're at a command line! But it's not bash, or cmd.exe,
| it's something specific to that rootkit. There's little easter
| eggs. Some common escape codes might work, they might not. The
| prompt changes as you use it.
|
| These days, I don't get many opportunities, but if I can add a
| very simple line-oriented protocol to a side project I sure will.
| rbanffy wrote:
| I can't believe there's only one mention to Beto O'Rourke here...
|
| https://www.reuters.com/investigates/special-report/usa-poli...
| theshadowknows wrote:
| Mannnnn the nostalgia. I loved programs like this and Sub7c my
| favorite was DivineIntervention 3 I just liked the interface and
| thought the name was cool lol. I'd love to see what all the devs
| of these things are up to today. Pri$m, if you're out there let
| it be known that your work on DI3 is what got me into
| programming!
| atum47 wrote:
| Glad to see I was not the only script kiddie here, haha. I used
| them all: bo, netbus, sub7... To be honest back in my days it was
| not as fun to hack somebody, digital cameras were expensive as
| heck back then, people had just a few pictures on their computers
| which they usually scanned, no webcams... It took me a week to
| infect this girl I had a crush on, when I finally did all I found
| on her computer was a bunch of mp3s. Well, at least I learned her
| music taste. Not everyone had a computer back then. It was not
| cannon as it is today.
|
| Soon after I wrote my first chat in Java, that use the same
| principles of client and server. The server would even work with
| telnet. Fun times indeed.
| jahnu wrote:
| You think it's fun to stalk women?
| atum47 wrote:
| By the way, why do you think social media is such a big deal?
| Cause it's fun to stalk people.
|
| Stop trying to make things look sexist
| jahnu wrote:
| I'm sorry but you literally described breaking into
| someone's computer in order to snoop on them. You expressed
| disappointment that there were no photographs and you
| closed with "fun times". I don't have to do anything to
| 'make' this looks like abhorrent behaviour.
| atum47 wrote:
| No specific, it was fun because I had a crush on her. A
| little bit after that I started dating a girl who went to the
| same school as me, and she told me she and her friends would
| look at the signing list at the library to see what I was
| reading. Back then you had to checkout a book in order to
| take it home with you from the library, and they used pen and
| paper.
|
| I guess I was also stalked, just not digitally, haha.
| radicalbyte wrote:
| Oh the shenanigans I had with this at work. IT at the time were
| pretty clueless.. at least until that time they hired a good
| consultant who saw what we were up to :laughs:
| hestefisk wrote:
| I installed Netbus on the public computers at my local community
| library. They ran Windows 98 and were connected directly to the
| internet via a T1 / frame relay connection with a public IP for
| each machine, no firewall. So I could sit at home and keylog
| people's Hotmail passwords. Those were the days ....
| znpy wrote:
| I did set up a keylogger in a internet cafe.
|
| It used to log keystrokes but also the title of the window.
|
| Well... I wasn't looking for anything in particular, I was to
| about 12-13 and just into computers and didn't even have
| internet at home.
|
| Well to make it short, there was a lot of porn websites
| visiting. At all times of the day.
|
| Which in retrospect is immensely weird considering this was a
| public place.
| pcblues wrote:
| I had a big zip file of all my HPAVC files in one place from the
| early nineties. Fast-forward to about 2005 when I was working in
| corp and I needed a Win32 Disassembler for a particular task and
| I knew where it was. As soon as the still-compressed zip file
| hits my computer... well, my boss said my computer had 490
| viruses on it and counting. A VERY bad look that only trust got
| me past.
| Zelphyr wrote:
| We used Back Orifice on a co-worker's machine in a call center I
| worked at. While he was working we would open and close his CD-
| ROM drive randomly. Restart his machine. All the while we're four
| seats down just cackling and he's turning redder and redder as
| his machine does all these weird things while he's trying to
| work.
| tmountain wrote:
| We did that too. Someone almost got fired for it.
| phkahler wrote:
| I worked a call center over xmas season one year. During
| training they had us call each other and place fake orders for
| practice. I got call from the "hot chick" in the group, took
| down her info and asked if could call the number later. She
| responded in the positive. I never followed up 'cause I already
| had a GF. But hey, pranking people is fun too!
| flatiron wrote:
| now-a-days i just put a wireless keyboard mouse adapter and
| giggle as i move their mouse around and type on their screen.
| ljm wrote:
| Even as lately as 2016, at the office we would pair apple's
| bluetooth mice to multiple laptops when their owners were
| AFK. Then later on we would connect to their mouse from our
| own computer and either watch them battling the cursor or
| wait for a message to come in on HipChat/Slack.
| vidarh wrote:
| At university our computer labs were full of SGI Indy's. For
| most people at the time it was the first computer they'd used
| with a webcam.
|
| Every student could log into all the machines.... and access
| the webcam remotely.
|
| Lots of messages to people telling them things like to stop
| picking their nose when they were sitting somewhere they
| thought nobody could see them.
|
| People learned to use the privacy shields on the cams very
| quickly.
| eloeffler wrote:
| Here, have a free cup-holder!
| neals wrote:
| Some weird random anecdote about Back Orifice 2000 (BO2k) that
| nobody asked for:
|
| We were goofing around in high school with this. Putting it on
| computers in school and messing around. We sent it over to a
| classmate. Her father was teachter and we figured she might open
| it on their home PC. (we were 14 at the time, by the way).
|
| Anyway, we made a fake hotmail address in the name of another
| classmate. These two people didn't share any classes and were not
| in eachother little social circle. We sent a couple of emails
| back and forth pretending to be the other guy but lost interest
| along the way and nothing happend.
|
| Now for the strange part; forward 18 years or so. I'm in the
| city, I run into the person who we were sending the messages
| to... with the person who we were pretending to be. Married and 3
| children together.
|
| I'd like to think we brought them together in some strange way.
| rashthedude wrote:
| That is a beautiful anecdote
| xupybd wrote:
| Kris?
| grassmudhorse wrote:
| Isolde?
| sarahjosh wrote:
| In AOL Instant Messenger when I was in middle school I bulk
| messaged a ton of accounts in some teen chat saying "Hi Sarah."
| Most of them responded "I'm not Sarah" or similar but a few
| replied "who is this?" I said "It's Josh." Most of them said "I
| don't know a Josh" but one of them said "Hi" like she knew a
| Josh. I then started talking to her and slowly got around to
| telling her that I had a crush on her. She actually seemed
| interested and she said she was going to come over to my house
| to talk about it. Don't know how that ended but I hope it's
| like your story.
| HeckFeck wrote:
| I had many 'randoms' added on MSN messenger. Usually acquired
| through everyone inviting his complete contact list to one
| conversation. We used to discuss all and sundry back then.
|
| I was always slightly more nervous messaging the girls
| (obvious from their elaborate emoticon-saturated screen
| names).
|
| Curiously, one of my friends had a contact named
| 'korea@hotmail.com' who was always online but never replied.
|
| I sometimes wonder how many of them are doing now.
| andai wrote:
| > Usually acquired through everyone inviting his complete
| contact list to one conversation.
|
| Man, those were the days... Most of my contacts disappeared
| one by one (except for 2 which are my oldest friends now!),
| and it seems like that kind of atmosphere (just adding
| random people to chat) doesn't exist anywhere anymore, does
| it?
| mulmboy wrote:
| Smaller Discord servers are close
| grioghar wrote:
| +1
|
| Some of my favorite random people I've met, I met playing
| in various games then gave them my Discord channel.
|
| Good, good times.
| dnsco wrote:
| This made my day.
| dheera wrote:
| Back at MIT I had a script that would use "finger" to check who
| was logged into various machines on Athena clusters (MIT public
| computers) and occasionally send Zephyr messages to two
| adjacent people, one saying "look to your right" and another
| saying "look to your left" causing the two people to look at
| each other.
|
| I like to think a lot of inadvertent introductions and
| friendships might have been created by the script.
| derac wrote:
| This is wholesome hacking :)
| omginternets wrote:
| This is great. It's like the nobler version of trolling.
| api wrote:
| I'm a bit older and when I was about 14 or 15 I got into
| assembly language DOS virus writing. This was in 1992 and 1993.
| It's actually how I learned x86 ASM. I was involved with an old
| school hacking (sense 2) group called Phalcon/Skism. Did other
| fun stuff like "wardialing" with a program called ToneLoc.
|
| Anyway I wrote some viruses and dropped them in my high school
| computer lab. Several ended up getting loose on the local
| Cincinnati area BBS scene. One ended up in McAfee antivirus
| pretty quickly so I assume it spread further. There was
| basically zero security to stop such things back then.
|
| None of my viruses were designed to do real damage. They would
| print stupid messages or change your color scheme to funky
| colors, stuff like that.
|
| This was back when hacking (sense 2) and the computer
| underground was about a mix of pranks and exploration. It's not
| like today where it's all about serious crime and espionage and
| the penalties are also serious. It's definitely not fun
| anymore.
| tylerscott wrote:
| This reminds me of when I first discovered the Win32 API and
| used it to write some silly annoying apps in Borland C++
| Builder. This was around 1998 and the worst I ever came up
| with was a persistent pop up that was difficult to remove due
| to some registry obfuscation. It had a single button that
| would open the CDROM tray. I put it on every computer in the
| lab. Good times. You're right--it used to be playful to hack
| around. I miss those days.
| andi999 wrote:
| I just wanted to write it was a crime still back then and
| take the example of the first worm in 1988 :
| https://en.m.wikipedia.org/wiki/Morris_worm TIL: a Harvard
| student named Paul Graham was quite close to Robert Morris.
| It is a small world.
| jlrubin wrote:
| you might be interested in seeing the founders of yc
| https://www.ycombinator.com/people/
| AussieWog93 wrote:
| Immediately searched for dang when I saw there were
| portraits there. He seems to be the only one who doesn't
| show his face!
| dmix wrote:
| The ghost in the shell
| wyclif wrote:
| I never really looked at this page before. Wow, I still
| kind of think of YC as a small company but the reality is
| that they have more employees than I thought.
| [deleted]
| short_sells_poo wrote:
| We played a lot of counter strike during my uni days and at
| one point I created a prank program that disguised itself
| as system.exe and listened for mouse movement. It would
| then inject random but smooth error into the mouse
| movement. I installed it on a friend's PC and it drove him
| to white hot rage. I think he destroyed a couple of mice
| before I owned up and bought him a new high end Logitech
| laser mouse (which was a novel thing at the time).
| pcblues wrote:
| That's clever and awesome, in the true spirit of hacking.
| HeckFeck wrote:
| Have you ever happened upon the youtuber danoct1? He plays
| with old DOS and Win32 viruses.
|
| https://m.youtube.com/user/danooct1
|
| Perhaps one of yours has been featured!
| scruple wrote:
| Cincinnati was a lot of fun in those days. I was nearby,
| though most of my "hacking" friends were in Cincy.
|
| Ever meet a guy who went by PADMaster?
| squarefoot wrote:
| Upvoted. Whoever downvoted you has likely never attended
| certain universities, and clearly has never been in the
| military. Doing things that are wrong and fun while still
| being harmless requires creativity.
| api wrote:
| For it being called hacker news this place is very
| conventional. It's better than /r/programming though.
| ok123456 wrote:
| Burning a 0-day exploit on changing people's backgrounds or
| color scheme would be a good bit in 2021
| api wrote:
| There just was little to no security back then. The entire
| system was a permanent zero day.
|
| Computers were mostly not networked so the threat surface
| was small, and like I said most hackers in the sense I
| described were pranksters. Big money and power was just not
| in it unless you were going after serious specialized
| targets, and there were less of those and they were pretty
| much all air gapped.
|
| Air gap was the only real security back then. Just don't
| connect it and guard it physically.
| GekkePrutser wrote:
| People may not remember but the name was a pun on "BackOffice"
| which was a Microsoft product at the time.
|
| https://en.wikipedia.org/wiki/Microsoft_BackOffice_Server
|
| Back Orifice was basically a rootkit avant la lettre.
| luma wrote:
| The Back Orifice logo was also a play on the MS Back Office
| logo but with a goatse twist. CotDC were a cheeky bunch :D
| slim wrote:
| cDc (I'm not being pedantic but by stylizing it in another
| way you're missing the penis joke)
| speedgoose wrote:
| Avant l'heure ?
| luma wrote:
| I ran some training labs full of desktop PCs around the time that
| BO was released and it was a fantastic tool. It was free and
| offered a wide range of features for remote administration that
| win95/98 didn't have. I could power cycle, re-image, push install
| .exes, control user accounts, etc all with a free tool. With BO I
| had complete control of all systems in the lab at a time where
| that sort of tooling for "legit" uses was prohibitively
| expensive.
| docflabby wrote:
| For those not from the NT era the name derives from Microsoft
| Back Office
| https://en.m.wikipedia.org/wiki/Microsoft_BackOffice_Server
| th0ma5 wrote:
| I made a couple of plugins for this back in the day "butt plugs"
| heh I can't remember what they all did but I think one was sort
| of a proxy so that you could scan other networks with an already
| infected machine.
| DrAwdeOccarim wrote:
| Yes! Wow, I haven't thought about this concept in _decades_
| j0eblow wrote:
| This story sort of relates to BO and/or possibly other backdoors.
| If anyone can help me understand the mystery of what happened to
| me back around 2001 I would be forever grateful:
|
| I believe I was in 4th or 5th grade and one night, I was playing
| Diablo 2 online with my cousin. My family was still using dial-up
| at the time so I was using one line to play and the other line to
| talk to my cousin on the phone. It was getting late and I was
| getting tired so I told my cousin I was going to call it a night.
| I exited Diablo 2 and continued talking to him on the phone. All
| of a sudden, I noticed a window pop up on my screen and it read:
|
| "MASTER: what are you doing?"
|
| I immediately asked my cousin if it he was messing with me. He
| proclaimed to not know what I was talking about and for a little
| bit I didn't believe him. I clicked in the chat box and asked:
|
| "SLAVE: who is this?"
|
| Anytime I messaged back it labeled me as "SLAVE." Anyways, the
| chat continued and the person told me to "look behind me." Mind
| you I'm in the basement and there was nothing behind me besides
| my dad's computer desk. This is where it got spooky:
|
| "MASTER: who are you talking to on the phone?"
|
| At this point, my cousin swore it wasn't him and I believed him.
| I looked up at my monitor and chills were sent down my spine. My
| mom had just given me a webcam for Christmas (I guess they had
| just become popular) and it was at this point I realized this
| person had been watching me this entire time. I panicked and
| immediately pulled the phone cable from the back of my Dell. It
| was hard to sleep soundly that night.
|
| Believe it or not, I'd like to think this person gets partial
| credit for sparking my interest in computer security. From that
| point on, a chain reaction started and I began to immerse myself
| in security and became fascinated with learning about its
| history. Today, I happily have a career in the field :), but I
| still think back to this story from time to time and wonder what
| exactly happened.
|
| Could it have been a Diablo 2 exploit? Maybe I joined someone's
| hosted game, they were somehow able to get my IP address, and
| then possibly exploited Windows XP? The chat window mechanism
| seemed pretty unique to me (maybe I'm wrong) like this person
| created it themselves. I'd be curious to read other people's
| theories. Maybe the person that executed the attack reads this
| post and can explain it all... :)
| grioghar wrote:
| Hundred to one, it was NetBus or BO. You could view active
| windows and get window freeze frame.
|
| The message dialogue would have looked like Windows 95/98, with
| a reply option. BO was more extensible; ButtTrumpet would run
| and announce to the person who installed it that you had come
| online. Another BO plug-in allowed you to change how the
| message interface worked. My guess is someone saw your IP, and
| someone checked out your IP to find you open.
|
| I'll tell you, when I found someone who had open BO/NetBus, I
| would assign a password to their configuration so they weren't
| open to anyone other than me. I have to imagine that hash was
| was easy to crack, but at the time, I thought it was a solid
| way to keep people from getting messed with by anyone other
| than me.
| phendrenad2 wrote:
| It's amazing how vulnerable Windows used to be. And despite that
| it took over the computing world. Ah to live in the pre-internet
| days.
| themark wrote:
| I installed this on a pc at work when it came out to see what it
| could do.
|
| I must have forgot to shut it off because there was a gang of
| security people in my office the next morning.
| HenryKissinger wrote:
| It seems you've been living ... two lives, Mr. Anderson.
| ridaj wrote:
| It's interesting that your place of work was loose enough about
| security to let you install stuff off of the internet as it
| came out, yet paranoid and skillful enough to actually notice
| and get you in trouble the next day!
| themark wrote:
| I know what you mean. I recall that installing software from
| the internet was rather novel in the late 90s.
| jadams5 wrote:
| Oh man, yeah also adding to the list of people that abused their
| highschool computer labs with this. We had so much fun, but we
| eventually drew the ire of the school IT admin. After class one
| day the teacher took us aside with the admin and asked if we had
| installed BO on the computers, which we of course denied... they
| "believed" us, heh, but gave us a stern warning that whoever was
| doing it should stop. We would have all probably ended up with
| felony charges these days.
|
| The next year, so 1999, we actually got approval to attempt to
| change our grades as an exercise. We actually managed to do it by
| sneakily copying a floppy one of the teachers used to store their
| grades with a program called Integrade. We took it home, reverse
| engineered the password protection to disable it, changed our
| grades on the copy, re-enable the password protection with the
| original password, and turned that in as our proof. Our teacher
| was impressed and super sketched out/nervous at the same time. I
| guess they never considered we'd succeed and get access to the
| whole class's grades...
| xtracto wrote:
| Tangentially related but, back in the late 90s in my first year
| at BSc Software Eng. I got in trouble because I cracked the
| password of a Win98 program called Protect-Z which put some
| user controls I my Uni's labs machines.
|
| The funny thing is that when the person in charge of all the
| labs found out I had the password, he asked me how did I get
| it. When I explained to him about how I attached to the
| protect-z process and debugged it to get the password , he
| didn't believe it was possible.
|
| Great times... as someone said, these days you'll surely get
| suspended or worse.
| chihuahua wrote:
| At Oxford in 1989 or 90, some kid in the Math+CS program got
| caught running some password cracking software (reversing the
| hash on /etc/password) and I think he was expelled for that.
| grioghar wrote:
| Hex-editing Intergrade at certain points allowed you to bypass
| authentication and go RIIIIIGHT in.
|
| I didn't know what that meant at the time, but my buddy sure
| did.
|
| He was kicked out of school a few weeks later for editing his
| grades.
| jadams5 wrote:
| Oh wow, yep, that's exactly what we figured out. Their save
| file format stored the password hash, but didn't actually
| encrypt or obfuscate the grade data beyond just whatever
| serialization they were doing. We were starting on figuring
| that format out when we noticed that creating a new save file
| with or without a password changed a byte right before the
| password off and on... flip it off and the app no longer
| prompted for the password... edit/save in the app, flip it
| back on, and that was that. edit: I should add, rather than
| get expelled we got a ton of extra credit for it since it was
| at least sort of sanctioned.
| ryanmarsh wrote:
| I was suspended from school for things like this circa 1997. It
| was all relatively harmless but absolutely against the letter of
| the law. I wonder what would happen today to a young person
| exploring computer security and getting caught in shenanigans at
| school. Would they go to prison?
| deusum wrote:
| The seemingly unconstitutional - but very common - practice of
| trying minors as adults makes me uneasy for future security
| "explorers".
| grioghar wrote:
| My time to shine.
|
| BO and NetBus nearly got me arrested on the Friday before my
| Prom.
|
| I want to tell the rest of this story, but I worry about the
| statue of limitations and whether the crimes committed are still
| prosecutable.
|
| I didn't, at the time, realize what we were doing outside "near,
| we're in the ISP's computers?" but, uh, I found out when the
| Detectives knocked on my door and took a 16-year-old me downtown
| to discuss "what I've been up to on your computer."
|
| That story ends with my friend getting kicked out of High School,
| The HIPAA law guidelines being drafted around some of his
| actions, then his passing away of an unknown heart issue at 20.
|
| His naive partner-in-crime going on to having a great career in
| IT.
|
| Side note: we had _almost_ every teacher's Netware login before
| we graduated. =)
| davewritescode wrote:
| This brings back fun memories of teenage mischief. Used sit
| around IRC channels with mIRC scripts looking for people who had
| the default BO port open.
|
| Between that and unsecured smtp relays that didn't limit the from
| address, we had lots of fun.
| malloc2048 wrote:
| And Winnuke, when you knew an unsuspicious user without a
| firewall (which was a necessity on IRC those days) saw his
| Windows crash when the user left with error message:
| "connection reset by peer"
| peejfancher wrote:
| I used to use this tool to mess with my college computer class
| professor. Me and a buddy installed it on the teachers computer
| that she used to instruct the class. We did mostly innocent stuff
| like closing windows or messing with the browser a bit.
| Occasionally we would reboot her computer when it was close to
| the end of class and we didn't want to start something new. We're
| both still coders to this day.
| InvertedRhodium wrote:
| I was 13 when it came out, and my targets of choice were my
| peers rather than the teacher - I eventually got caught and had
| my account locked for 6 months as punishment. I don't recall
| exactly how I got caught, but no doubt it was something dumb
| and avoidable like talking about it.
| AnIdiotOnTheNet wrote:
| I'm wondering if people like you have grown up to be the people
| who break user interfaces needlessly, write cookie popups,
| integrate ads and telemetry, and force updates on things that
| don't need them.
|
| In other words, did you grow out of your childish shenanigans
| or are you just getting paid for them now?
| batch12 wrote:
| Nah, some of us now use the knowledge gained to defend
| against real threats.
| richardfey wrote:
| Doubt it. Those are introduced by your next seat hip frontend
| developer
| grubbs wrote:
| I used to do the exact same thing to friends over AIM and
| various computers at my HS.
|
| I now manage a massive HPC cluster for a world renowned
| university. -\\_(tsu)_/-
| S_A_P wrote:
| Wrote about this as a college senior for my computer security
| class. Spent a day or two in the TAMU computer lab with that site
| prominently displayed... that was 22 years ago. I did set up 2
| computers to demo how this worked as part of the presentation but
| never went much further than that. I seem to remember my report
| including hypothetical ways to use a tool I think was called
| silkworm or silk wrapper to disguise this as something else for
| distribution. Time flies.
| alexhawdon wrote:
| Saran Wrap (https://www.itconsultancy.org/malware/name/saran-
| wrap-1-0)
| riffraff wrote:
| I think it was silkrope[0]
|
| [0] http://web.textfiles.com/software/silkrope.txt
| jdmoreira wrote:
| This brings me many good memories of my script kiddie humble
| beginnings. It all started with backoriffice and mIrc and slowly
| it evolved to me wanting to run bitchX and eventually getting
| into linux. It probably took me an year to go from being a
| windows user to exclusively run Slackware and poring over Phrack
| :)
| hestefisk wrote:
| Very much exactly my story! I also did mIRC scripting :)
| riedel wrote:
| Seeing the title of post I immediately felt sentimental. It
| so funny to understand actually understand that so many
| people were socialized with the same tools. I recently found
| the tools compilation CDs my brother used to assemble with
| all those tools. Having Back Orifice on a random computer on
| the internet was somehow the first feeling what the internet
| ment without knowing actually what to do with that. I
| additionally remember spending hours on SoftICE (My biggest
| success was to discover that the only license key to the
| Siemens webwasher adblocker was 'Mr Nuts'.) I wonder if is
| there similarly innocent things today's script kiddie's do.
| k__ wrote:
| I started programming with mIRC scripts too.
|
| I fondly remember writing an anime news bot, that scraped a
| anime news site and spammed it into one of my channels.
|
| I didn't know what HTTP, HTML, loops, or even arrays where. I
| copy-pasted everything from countless sources I found.
|
| Good times.
| mousepilot wrote:
| I played with ircii scripting, one time I made a bot
| (probably copied some script from somewhere) that would op
| folks with a hardcoded irc usermask list.
|
| I then ran one with just a mode that would op anybody upon
| joining and then when I'd run into folks who were all into
| bots, I was like "yeah I have one you can borrow for your
| channel," and then they'd invite it and op the thing, and
| then it would start opping everybody who joined and the
| prior owner of the channel would get all ornery about it.
|
| lol irc was like the crackhouse of the internet to me.
| dnsco wrote:
| mIRC scripting is why I'm a software developer today.
| mhitza wrote:
| Asynchronous message based programming before it became hip.
| In an ungodly language nevertheless. :)
| fxtentacle wrote:
| Me too. Started writing bots that offer mIRC file downloads and
| then I had to learn Linux because that was what our only server
| had installed.
| earthboundkid wrote:
| Beto's greatest achievement.
| edwinyzh wrote:
| Holy... I had the similar idea and have just implemented it
| (https://sitemakertools.com/vps-bootstrapper/), but for Linux!
| pietromenna wrote:
| Oh Gosh, many many memories of my script kiddie past.
| beermonster wrote:
| Wow. This brings back memories!
| DrAwdeOccarim wrote:
| Woah, totally! I feel the need to write this one down. I was in
| high school when BO arrived. We had such a blast scanning the
| local dial-up ISP since we know the subnet block they always
| used, it was fast because it was all within their hardware.
| Anyway, we noticed a webcam on a computer we discovered, which
| was very rare at the time, but it was turned off. So we sent a
| pop-up window that said something like. "system configuration
| required, please power on all peripherals". And it worked! We
| were able to capture a short clip and download it. Well, it was
| uncompressed AVI and a 6 second clip was like 1.6 MB, so it took
| tens of minutes to get it. When we played it, it was just some
| dumpy guy with his dumpy wife sitting in the background mumbling
| stuff; but to us, it was totally 31337...
| gr_m wrote:
| when the internet was actually fun, mostly anonymous and almost
| fully detached from real life.
| beaconfield wrote:
| wow. this takes me back...
| jmrm wrote:
| Ah, yes. I used that to prank some friends when Windows/MSN
| Messenger started to be a thing. Good memories :-)
| buddylw wrote:
| When I was in highschool in the late 90's, I was really into
| exploring networks and systems I wasn't supposed to be in, but it
| was always about learning technology for me. I found this tool to
| be extremely creepy.
|
| I discovered that my local ISP had the finger port open on their
| dialup gateway. Since usernames were first letter + last name I
| could look up any ip addresses I found in my local firewall logs
| basically by name.
|
| I saw someone trying to connect to this port and knew exactly who
| was scanning for this and eventually found a honeypot listener
| that would allow attackers to connect, but let you control the
| data sent back. I can't remember exactly what I sent, but I
| called out the attacker by name when he connected to my machine
| and he never scanned me again
| [deleted]
| rojeee wrote:
| I installed this on a bunch of school computers when I was 15
| only to open and close the CD-ROM bays to freak out the teachers.
| This was the golden days of computing!
| sneak wrote:
| More fun was popping up obscene dialogs on the computer the
| teacher was using to present to the class on the projector.
| beaconfield wrote:
| OK I have to say this: reading some of the comments here makes me
| think I was actually friends with you back in 1998/1999 because
| that's about when I was doing this same shit in my high school
| computer lab. Small world.
| DrAwdeOccarim wrote:
| Completely agree. Its like a very specific point in time where
| not a ton of people experienced the same wonder.
| jdalgetty wrote:
| Oh boy! We used to have a lot of fun with this back in high
| school!
| anonu wrote:
| Same. Nowadays kids get expelled for this!
| AnIdiotOnTheNet wrote:
| As more of our lives have become intertwined with computing
| infrastructure, why shouldn't they be? If you routinely broke
| classroom resources or messed with the HVAC you'd probably be
| expelled too.
| twodave wrote:
| We used something like this in the early 2000s called Blade
| Runner. Scary times on the Internet.
| dominicjj wrote:
| Rival company were compromised by BO. We found out and dialled
| in. I watched documents being written remotely by a staff member
| there. It was surreal.
|
| "Need to fill this detail in more for Heck blah blah..."
| hermitsings wrote:
| Today morning out of nowhere, this came to mind. Back Orifice. I
| had a smile when I remembered the first time I read about it.
| What coincidence its on HN today! Or is it?
| _joel wrote:
| Ah, the memories! I brought this into school and a few of my
| mates wanted copies. Word got out amongst the teachers that there
| was some program being used for shenannigans by the pupils. I
| told everyone do delete it but some didn't realise it'd end up in
| their recycle bin and the network admin found out. Saturday
| morning detention material, luckily I didn't got caught :)
| blablabla123 wrote:
| There were some fun tools around at that time :) Also there was
| this Windows bug where by default network sharing was open and
| of course everybody used a modem so there was no NAT/FW in
| between. So you could just connect to a random IP and see
| what's on the disk. (I think there was a tool to find IPs with
| just that port open.)
| _joel wrote:
| And lots of random messages via 'net send'
| aqrre wrote:
| BO reminds me of all new and shiny apps that are meant to "keep
| an eye on kids&spouses" ... or maybe it's the other way around.
| Brajeshwar wrote:
| BO was a must-have tool for crackers and to have fun with friends
| and colleagues. I had my tiny share of those days. In late 1999,
| I was part of a 50-60 odd team company in one of my very early
| jobs. I was in the non-internet department while learning to
| write ASP, JavaScript, and ActionScript on the side. So, our team
| had access to the Internet for about an hour each day.
|
| I was friendly with the Admins or those people who have access to
| the Internet and LAN thing. I helped them out quite a bit. Well,
| I dropped in BO, and the only thing I did was turn on the
| Internet for our team.
|
| I also found out that the boss goes around poking other people's
| computers across the shared network, and his first look was the
| "temp" directory. I remember masking or creating shortcuts for
| all standard windows directory names to go to a pre-defined
| directory with a set of pre-defined contents.
| imwillofficial wrote:
| I want to used BO to prank my mom. Having a background in
| computers, once she realized what was happening she dove for the
| network cable. I'd never seen her move so fast.
| dvno42 wrote:
| Like so many others here this really helped me gain an interest
| in computers at a young age. It's sad to think that the shit most
| of us did as kids for fun and learning would land today's
| children in hot water. I lucked out in Jr High, after getting
| suspended for 'hacking the school computers' as the computer lab
| admin caught wind and really encouraged me to learn and provided
| me with a lot of hands on experience that I may not have gotten
| otherwise. Novell, thick net, etc. Good memories for sure.
| tomc1985 wrote:
| Not only that, but some in the modern generation seem to
| genuinely see hackers as the scum of the earth
| derwiki wrote:
| I know it's a movie, but in Hackers they were also seen as
| the scum of the earth: "Hackers penetrate and ravage delicate
| public and privately owned computer systems, infecting them
| with viruses, and stealing materials for their own ends.
| These people, they are terrorists."
| bitwize wrote:
| Agent Richard Gill! You're hacker enemy number one, man.
| You're a boner!
| DrAwdeOccarim wrote:
| I lived a very similar story. I fondly remember dialing up to
| the local BBS on my 2nd grade library computer (92,93) with ATT
| or ATDT [phone number]. And throughout elementary and middle
| school getting in tight with the sysadmins, eventually starting
| a class at my high school of sys admin interns (98-01). What a
| grand time. So many rules bent via admin rights throughout the
| entire school's network...so much fun. Basically just helped
| image and setup/fix like a 300 computer deployment. Def. set
| the stage of my life's career choices.
| mobilio wrote:
| I still remember it because was one of first RAT available.
| pixl97 wrote:
| There was another called something like netbus right after this
| from what I remember.
| devilduck wrote:
| Not going to read anyone else's story about how they remember
| this program, but this was a good program
| bequanna wrote:
| A few friends and I managed to install this on target machines by
| starting a chain email and claiming the attached .exe was a
| "virus patch".
|
| We would then port scan known IP ranges for our ISP to find a
| machine we could connect to and play with. It was always fun
| trying to determine who actually owned the machine we found. I
| grew up in a small, rural community so it was actually possible
| to figure this out.
|
| This lasted maybe a year or two around 98,99. A very nice memory
| on a lazy Saturday morning, thanks for sharing!
| DrAwdeOccarim wrote:
| Yea, same 98,99 window for me doing the same shit. This thread
| is crazy.
| fanick wrote:
| I think the audience here would appreciate some stories on the
| darknetdiaries.com. There are even several interviews with people
| describing how they got interested in the IT security field in
| their teens in highschool. Can't really recommend any specific
| from the top of my head.
| CTOSian wrote:
| The golden era of the internet ;-}
| bsksi wrote:
| Nothing beats Cabronator
| titoasty wrote:
| Wow, so much memories! BO, Nervous, BitchSlap, mIRC scripts... I
| also remember the famous NetBios hack at this time. Easy to do,
| and you felt like a real hacker! Command lines instead of GUI!
| That was an incredible feeling and it later brought me to Linux..
| and still on Linux (ok on Ubuntu, I'm a casu now :D)
| SV_BubbleTime wrote:
| NetBios... still out there giving gifts. We had a pen test a
| couple years ago and the hackers were easily able to get
| NetBios to use some old legacy feature to request user hashes.
| From there just load them into a GPU heavy cracker and 50% of
| our company user passwords in a few hours.
|
| The IT company at the time had no idea they shouldn't enable
| netbios unless it was actually required for something.
| DrAwdeOccarim wrote:
| Yep, these apps definitely sparked my interest in linux as
| well.
| sulmanen wrote:
| Classmate got expelled from high school for installing this on
| school computer
| theshadowknows wrote:
| My very first "school computer incident" was so innocent by
| comparison for most people.
|
| I was maybe 11 and I was learning about batch files and I made
| one named win.bat that printed "hello". Well I'm sure most
| folks know what happened next time the computer rebooted
| ...hello hello hello hello hello...and the computer teacher
| said I had installed a virus and tried to kick me out of
| school. Luckily I was only expelled from computer class for the
| rest of the year.
| richardfey wrote:
| What an idiot computer teacher you had. They should have
| catalysed your desire to learn and discover more.
| DrAwdeOccarim wrote:
| Growing up surrounded by reasonable adults is a privilege,
| I've learned.
___________________________________________________________________
(page generated 2021-09-05 23:02 UTC)