Hacker News new | past | comments | ask | show | jobs | submit login
Coding Stories: Me vs. the VNC Guy (martinrue.com)
375 points by martinrue 9 months ago | hide | past | favorite | 68 comments



I went to a Catholic high school. One of the only sisters left that worked at the school ran the computer lab.

Passwords were stored in clear text and it was common for students to ask her what their forgotten password was. She would look it up in the system, and tell them.

Eventually some of us figured out how to change other users passwords and of course we changed them to all sorts of unseemly phrases that a high school student boy would find amusing.

When that student would ask for their password she would simply change it to something pleasant...but amusingly maintain the general structure of the unseemly phrase changing only the bad words. We saw her laugh a few times.


When I was in high school, internet was brand new and teachers got official emails for the first time ever. There was no password policy and the email clients were on the library computers. My friend decided we should become hackers so we sat down and spent 20 minutes guessing passwords until he actually got one right. Then we read a bunch of boring private messages from our social studies teacher to his father.


atleast she had a good humor about it.


Genuinely not how I expected the story to go! And the polar opposite from my catholic school experiences as well (the headmaster caught me logged into my Hotmail account one day, physically pulled me off the computer while he pried through and read hundreds of my emails and then after finding nothing untoward, used the entirely unread contents of my spam folder [which in the mid 90s meant mostly porn & dickpill spam] as an excuse to try and expel me from the school).


It's a strange thing the differences between my Catholic school experience and when other folks describe what to me seems like almost caricature-ish type Catholic school experiences.


I don't know how things are where you grew up but it was only years later that I learned that most of the people who taught at my Catholic school did not have the required qualifications to teach anywhere else (and those that did were total creeps, like the molesty kind).

Most of them weren't equipped for the job they were doing and I've seen that in others in my own career(s). An important lesson about authority.


Interesting.

I think the nature of catholic schools being a diocese to diocese (or grouping of them) thing tends to create a lot of variety.

My school had similar teachers (this one sister and one priest aside) to any of the other local schools.

Also unlike the schools near me now ... it was basically open enrollment like any public school and the costs were on a sliding scale based on income. Many students (myself included) paid very little in tuition. The diocese picked up the tab for the rest.

Meanwhile the catholic schools where I live now are ultra exclusive and bonkers expensive. They like to hint at a very 'classical' education and a lot of discipline.

But at my school things were very much easy going and by the time you were a senior you effectively were taking mostly college classes from the local colleges, and coming and going from school as you pleased as you might at college. It was a great experience (although I proved to be a terrible college student... so maybe not as effective for me, but I wouldn't blame the school).


I'm thinking, this is as expected? There's selection bias: people will write about their experiences, if weird things happened. Otherwise, not much to write about.


macneilr:yourmomlovessocksinhelloworld


I have a reverse story of this.

Bumped into a friend from freshman year in the computer lab one day. I don't recall what happened, but he decided that something I had said or done offended his honor (half jokingly) and that he was going to email bomb my account as retribution. He writes a shell script to do this, and proudly shows it to me. I read the code, state, "You don't want to do that," and walk away.

He does want to do that. A moment later he notices that his terminal window has started acting oddly. So he decides to log out and log back in (he could have just opened a new window). And it won't let him log in.

As I open my email client to delete the couple dozen emails his script managed to send, I explain to him that he just fork-bombed himself, and since the ulimit was something tiny (32 processes?) it took me less time to delete the 'mail bomb' he sent me than it did to explain what he did. And since he closed his only shell, only an admin could now get him out of this.

"I told you you didn't want to do that."

He did, in fact, have to go to the admin and apologize.

A year later, "friend" applies to and is accepted into the NSA. And joke's on me, because I have slept a little less soundly every night since knowing the idiot who fork-bombed himself is now involved in national security. God help us all.


> idiot

Maybe he learned?


I've had a similar experience with spying software in University. The instructor was bragging about the spying tool during a lesson. Driven by disgust of being watched I quickly identified the remote host and port. Hacked together a shell script to flood the host with spoofed connections. While this was going on the command server was projecting it's video signal to a large screen at the front of the room. I watched with glee as the active clients preview thumbnails of the spy app slowly filled with fake clients. Very soon the machine locked up and became unresponsive. The instructor became noticably flustered I raised my hand and claimed responsibility. I was excited to explain how I did it and discuss but instructor was not interested at all.


This was my life in middle school- we had these crappy dual-core laptops that had monitoring software on them, and the computers would grind to a halt if a teacher wanted to see what you were doing. I think that running the modified VNC thing that was used took about 80% of the CPU's available power, and like 90% of the RAM?

Anywho, those experiences made me realize how much I value A) my privacy and B) just being left alone.


That's surprising - used to use VNC to do remote support for people running Pentium II and III machines in the sub-1ghz, single core range, and performance was fine. I suspect those machines were overburdened if you really experienced that much of a performance hit.

Just for reference, in middle school we had one Pentium 60 with a CD-ROM that was an absolutely mindblowing machine. I got to use it maybe once a month or so... Everyone else had to use the 386s while one kid would have his day on the fast machine.

It seemed so futuristic at the time, and now the story just makes me sound old.


Our school system let them right-click and ban programs running on your machine and apply that school wide.

It was a string match.

We called all our games winword.exe lol


Oh fun times. At my high school we ran Macs with an extremely tight allow-list of programs. For example, we were locked out of Safari and had to use IE5.5. I think even the text editor was locked out. Shameful.

Come to find out one day that 1) This was enforced only at the Finder (file manager) level, and 2) the AppleScript tool was on the allow-list(!)

A quick "tell application terminal to open" was all I needed to get into a fully-open environment. Not having a quarrel with the school, I didn't mess with anything. I just used it to do real work (like SSHing to my home server to fetch docs I forgot to bring in, or working on my AP Comp Sci stuff). But I also found out that the AirPort admin passwords were simply the SSID, so on the last day of my Senior year I changed a bunch of SSIDs to funny things. I also dropped a line to IT (via long AirPort SSIDs) letting them (and the students paying attention) know of the vuln :P

Bonus story: Years later at uni, I accidentally discovered that the shared "podium" account (used by guests to give presentations, but usable on any machine) was being used by someone to store their, uh, video collection. Much to the chagrin of the multiple presenters that accidentally ran across it during their presentations. Not to mention the rich browser autocomplete.


Wow, I did basically the same thing back in middle school! Noticed a checkbox on my computer teacher's monitor that said "Allow privileged applications to run unprivileged applications." Asked for AppleScript privileges so I could "learn some programming" and wrote a bunch of scripts that did nothing but start an application.

Of course, saving and running them didn't work at all. But clicking Run from the AppleScript editor meant that a "privileged application" was starting an unprivileged one :D


1st year at Uni. Year is 1993. 286 running DOS on top of Novel Netware and booting from network off a 386 behemoth that need it to run 1st.

So this guy was the sysadmin, a freshly minted assistant which had the bad habit of copying our sources and see if anything interesting is in it. Therefor I wrote a piece of code called Super.exe with nice graphics and a lot of bling bling that had inside a virus which when run from a normal user (like ours) did nothing but when was run from a Supervisor (Novel's name for Administrator) account would create another user called Hypervisor with blank password. I created the .exe, erased the sources and let it sit on my account and went home.

Next morning I tried the Hypervisor account and what do you know! I got in. Used for next 3 years to give my normal user more space when I need it and to do creepy stuff to said assistant when he was pissing me off. Poor sod never knew, always suspected bugs and viruses. I told him 5 years after that, when we met by chance at a beer with common friends. His eyes opened wide and exclaimed: "So it was you!!? I never suspected you". Fun times.


1997, pwd for the charter school dialup account was stored WarGames style. i used to connect after midnight until about 4am a few days a week. lasted until they switched providers.


Not entirely on topic, but I do remember going to college which was the first exposure to this large rooms with computers. I had computers at home since the early 80s but by the time I got into college it was win3.11 time, after my MSX-2, Amiga, DOS but even C64, I really really hated Windows for it's instability and inefficiency.

In college we had 2 (large) rooms with computers; 1 had Windows boxes with win3.11 (for networks) and later win NT and the other had Sun sparcstations. The Windows room was always full and the unix room always empty. So I sat in the Unix room behind these machines that never crashed and had access to not only all the others in the room for doing interesting distributed things, but also to the 2 E450's in the basement of the college. While the Windows machines were on another network and were just basically crashing all day long (got a lot better with win NT obviously but still wasn't great). I later learned that the school head sys admin seriously hated Windows and loved Unix. So he basically ignored everything happening in the Windows world and just switched off the entire room at night while the Unix machines had uptimes that felt impossible if you compare them.

Ofcourse, as the PC won, the room with the Sun machines was replaced with Windows machines; I got 10 SparcStation 5's (with the gigantic CRTs), a few SparcStation 1's, few UltraSparcs (5+10) and an E450 after they removed all. All are still working without fault to this day. It is depressing how throw-away modern hardware is, but what can you do.


Just found a picture of the E450 - https://s.yimg.com/aah/anysystem/sun-e450-large-27.gif - and I gotta say, any computer that looks like it could have been Zack Morris's sweater is a good computer in my books


I remember repartitioning the drives on the lab machines, so that when they were reimaged, the content in the new drive E, volume label CD-ROM, remained static. Hid the directory at the root, inserted a high ASCII character so that one couldn't browse to the directory without knowing the character, and shared this knowledge with a few individuals.


I got kicked out of my high school programming class for logging into another high school's computer network. I didn't even break in, I logged into a friend of mines account and downloaded a txt file about a game. The teacher reviewed all the paper (these were print terminals)that got thrown into the trash and decided I was up to no good. (This was in the 80's when we really didn't have rules about networks) It would be hilarious if isn't such a stark example of how a poor teacher can almost fuck your life up.


This is a really fun story, and I love your writing style! Thanks so much for posting this.

A lot of my most creative stuff growing up came out of me needing to work around really weird restrictions in middle/high school. In a really weird way, I'm almost grateful for some of the arbitrary rules and setups because they created a similar environment to what people seek out nowadays with platforms like the Pico 8 -- limitations in an unfamiliar environment force you to be creative with the resources you do have.

Edit: The other articles you reference in this one are also great! https://martinrue.com/give-yourself-more-playtime/ makes me really happy.


Thanks, really glad to hear you enjoyed them!


Me too! Interesting to see you’re in Manchester too - not every day a fellow Manc hits the front page :)


Awesome... small world :)


I remember in my high school every computer was a windows machine that ran Novell Net ware on boot. So some dude brought in a Linux distribution on a diskette and found he could mount anything on the network and do as he pleased.

He was honest and had a crowd of people around him including staff as he did it, which was No Fun At All.


I got called into the administration office for running Linux off a USB stick. It wasn't for anything nefarious, I was hoping could have my development environment stick around, since the Windows environment would reset everything after you logged off

It was clear the principal had no idea what this "Linux" thing was, but the IT person did his best to make it as spooky and evil as possible unfortunately.

I don't remember what came of it, but later in the year a computer virus hit a few computers in the school, and I distinctly remember a multiple people thinking I had done it...

Of course I would never, I was the last person who would want a run in with that IT guy again all. But no call into the office that time, and in retrospect I wouldn't be surprised if it was a simple misconfiguration being called a "virus" since it allegedly only affected teachers' classroom PCs


I was reprimanded for using PuTTY to log into a remote server for a course I was taking through the local community college in high school. The head IT person said that the white text on black background looked too much like "hacking" and that it wasn't allowed. I switched to black text on a white background, and everything was good again.


Green text, black background.

I’ll open a terminal in my university courses and take notes in vim just to see people’s reactions.

Even better, doing anything with a lot of stdout. Fast scrolling text in a terminal freaks out a lot of people.


They've obviously never tried using Gentoo before... the faster the text scrolled the better.


> Fast scrolling text in a terminal freaks out a lot of people.

Try compiling GCC during your lecture


OMG, that site is called "Hacker News"


Witch-burning hasn't gone away; it's just changed its vocabulary.


I got told off for typing *H.. on a BBC Master.

It listed all the built in help, basically masses of text scrolling down the screen. I assume the teacher thought I was hacking the computers or something, scared them.

To be fair, I was hacking the computers, but not when they were watching. Turns out the password file used very simple reversible encryption, but we only used our powers for good, and games.

Linux does sound evil, is it from one of those eastern european countries? I hear it's like communism


When encountering a problem, every now and then a programmer might say: "I know, i'll code a C app that uses sockets to solve my problem" Now they have two problems.

But this brings up a fun idea for a red team challenge, How well can you disguise what you are doing while being watched by somebody.


Would recommend the bit in Cryptonomicon with a similar challenge. Actually, the entire book

But as a formal challenge it would be super neat to try to do. The sneaky hackathon


I believe you're asking for the Underhanded C Contest: http://www.underhanded-c.org/


The outcome here was 1 less problem.


I did this in school. Not the exact same way but I was so smugly satisfied with myself. I tortured the IT teacher the last few months. He deserved it, for being stereotypically uninterested in teaching anything beyond the minimum and actively shut off any attempt to learn more about anything.


Ugh. I'm not sure what's worse: them being lazy and uninterested or them feeling actively threatened by a student's search for knowledge. The latter of course being the antithesis of education.


This was a pretty great story, although I misread the title and expected the admin to turn out to be a founder of the VLC project


When I was a junior in high school and computer lab monitor, I made a suggestion that we install VNC on every computer and it was green lit by the administration. We used an app that could view thumbnails of all screens at the same time. I only enforced the "no porn" rule. Kids could play games, browse the web and I accepted fake hall passes. But if they were watching porn they would be thrown out and banned.


Not my hack but - when I was in college, there were two computer labs: one for CS majors and one for humanities majors who just wanted to type research papers. The CS computers booted to a DOS prompt and you could run anything on them, but the “writing lab” computers were configured to boot straight to wordperfect, and the exit command was password protected. A friend realized that you could hit F12 to get a shell (a DOS prompt), use that to look up the exit password, and exit out of WP on the writing lab computers.


I worked in a large call center and we used VNC to monitor the agents. This worked until one one of them figured out what the VNC tray icon color change meant - which meant they soon all knew what it was.

So I had to do the reverse hack of this guy. Easiest way was just to load up the VS resource editor and change the icon so that it always looked like there was no connection.


we had a similar system at high school: VNC on all computers, staff reguarly logging in to check you weren't doing anything fun

VNC ran as a separate user with its password hash protected by the relevant registry permissions

one day we found a machine undergoing an automatic rebuild, found the password hash, and of course VNC only supports upto 8 char passwords

apparently it turned out they used the same VNC password for every single machine, including the staff ones


Are there other fields like computer science, where some students start university knowing how hashing works and being able to brute force passwords, while others start having barely used a keyboard and mouse?

It seems like most programs people start on relatively level playing fields, but that couldn’t be more untrue for computer science.


Maybe some foreign language courses, the course itself will be mostly about literature in that language, you can get a mix of people who have learned other languages but not the one being studied and people who are native speakers.

My CS course had everything from a few of us already writing commercial software to people who had never touched a computer.


I am an artist and there sure were people in my classes who barely knew what end of a pencil to hold, while I had a decent grasp of the basics of perspective and anatomy.


Trade schools would analog very nicely to how you describe the knowledge gap between some students in CS programs.

Most other programs people goto post secondary to learn the subject at hand ... for a lot of trades and CS related programs they go into them because they enjoy that work and have been doing it on the side for a while. Those people immediately have a leg up on anyone who came in fresh.


Yup I had this same experience. You could try some ips and end up controlling the teacher's screen that was being projected to the class.


Fun story, thanks for sharing! Is it correct that it was around the year 1997 that you were using your Commodore 64 with a tape deck to get into computers? You mention that the college was using Windows 2000 and VNC setups, and that you were interested in the D language, which would place the start of those college years no sooner than 2001. I also kept using my Commodore 64 up until the late 90s!


Thanks, glad you enjoyed it. Yeah, I first got into the C64 in 97. College was 5 years afterwards, so in 2002 for me. I link to another story, “Give yourself more playtime”, at the bottom of the post. You may enjoy that – it’s the story of how I securely wrote password programs to all my favourite game cassettes :)


In high school I found there was an whitelist of executable names, as long as I named the file firefox.exe it would be allowed to run.

For senior prank I created small Autohotkey executables that would swap what some keyboard keys would do (e.g. 'm' with 'n'). Then I booted the lab computers with a Linux live CD, and copied the executables into the global start folder (a different executable for each computer). When students came in that day to finish their homework in the morning at the last minute, they were quite annoyed, but some found it funny. One clever student figured out that killing the firefox.exe process fixed it (until the next login).

I didn't get in any trouble (senior prank was semi-sanctioned), but they did need me to clean it up the next day.


I have a similar story but with a lot less actual hacking. Our school was monitoring lab computers using iTalk (?), which besides remote desktop also allowed things like sending messages and blanking the screen.

After my Grand Hacking Crime of teaching all of my friends how to use proxy servers and supplying them with a text file containing several hundred that allowed them to bypass the website filter, I was constantly being watched, which annoyed the hell out of me.

So I started digging around when the teacher wasn't looking and discovered that, while only the server part of the monitoring system was "installed", the files for the client part were still included. Without having the admin creds, all I could do is send messages, but that was enough. After testing it on a friend's computer as a joke, I sent the master PC a single message containing several hundred lines of Shakespeare's plays. The message appeared in an always-on-top msgbox and could only be dismissed by the OK button, which was by my estimate several meters below the bottom edge of the monitor.


I love stories like this. It would be nice to have a site full of them.


I wrote a couple more, both about amusing early programming experiences:

C network programming: https://martinrue.com/zzuy-a-lesson-in-perseverance

Commodore 64 & BASIC programming: https://martinrue.com/give-yourself-more-playtime


The Daily WTF has some good ones. https://thedailywtf.com


Read old IRC logs.


Assuming I had the patience and wherewithal to trawl specific channels, but not to actually identify the channels in the first place, could you give some recommendations?


My school had something called Securus, which would scan the memory of all the programs, scan for combinations of pixels indicating pornography (on the screen and on your personal media devices) and of course key log everything. Luckily they include Python on some of the computers for a quick task kill.


>can for combinations of pixels indicating pornography

How could this possibly work in the era before convolutional neural networks?


Heuristics. Amount of skin tones mostly. Of course, lots of false positives at that age, and some false negatives due to racial biases of the algorithm. It was crude, but kind of worked.


Could've just unplugged the network cable... though the plan to proxy someone else's VNC server was a good one.


It's a good plan until that person breaks some rule and gets you punished.


A few of my stories, back from the XP/2000 days at school:

---

The internet webpage filter at the school would stop you from playing games (particularly flash games), something as kids we quite enjoyed doing. I noticed that sometimes the real page would flash up and then go to the block page. After a while, I found out it was simply serving a "redirect" if the page contained banned keywords.

My 14 year old brain figured that I could make use of iframes so that the top section of 1 pixel height got given all of the "redirects" whilst the bottom half opened up google.com, where we could merrily search for games and proxies. This worked until I got VNC'd one day, logged off, account banned and the blocking system updated to filter prior to connection.

---

Still wanting to play games, I went to a friend's home (I didn't have internet back then), downloaded the entirety of a games website using a crawler and then brought the flash games in on a memory stick. As some of the teaching software also used flash player, this method of playing games was good until the every end.

---

My friend was watching all of these little tricks and thought they were cool. I wanted to try some things that would require two people to pull off. One lunch time we go to the library (the only machines in the school I can actually use now) and start experimenting with emails. It turns out that we could set custom rules.

A few minutes later, he has a rule that emails "Hi" every time I send him an email, and mine in return says "Hey". We trigger this snowball off... 500 emails... Haha. 5000 emails... Still funny. 50,000 emails - erm. 500,000 emails, the computers are grinding too a halt. Disk space on everybody's accounts is evaporating.

Email system starts sending out "Unable to send message, not enough space". Few, we thought. But each one of these messages was a few kilobytes, and each one triggered a new one (as there wasn't any space for that either). Suddenly the number of emails starts growing again as each of our accounts gets an automated space message.

We undid the rules and held the delete key for 30 minutes, there was still 500k emails when we left for class, but it wasn't growing any more. I assume an IT guy saw what we did, because the next time I logged on, the rules were disabled and the emails were gone.

---

Some of the kids in the school had started to give me a "hacker" status and then one kid started to claim he was much better than me. Challenge accepted. I wrote a simple javascript webpage that would keep opening itself up,m saying something like "you think you're a hacker?" in every page. Crashed my machine - perfect I thought.

I email him this web page, he opens it, crashes his machine. He thinks this is as brilliant as I did. He emails it to all of his friends. Their machines also crash. They email it to their friends, etc, etc.

The next day I get pulled into the deputy-head's office, complete with angry IT staff. Apparently all of the kids using computers that day decided that it was a perfect way to get out of working, claiming their work had been lost (Word even back then had recovery options). Two weeks ban from using any computer. I got asked where I got it from - at the time I said "I downloaded it from some website", but I wish I had told them that I had learned javascript and created it from scratch.

---

"Trolling" had become a thing, where you would try to cause somebody an inconvenience and leave a troll face there to let them know it was on purpose. Some of our exploits included taping a troll face to the underside of a laser mouse, unplugging mice/keyboards and taping troll faces over the USB ports, swapping people's mice over so that they controlled each other's computers, turning everything upside down in the settings when somebody left their computer unlocked and left the room, holding down sticky keys to crash the computer out whilst making an awful noise, etc. We got quite creative with this.

---

Printing was done by room, with printers automatically added to your account depending on where you log in. In one of our classes there was an "expensive" glossy colour A3 printer, where the teacher would monitor what it was used for. We figured it did no authentication and that we could copy the printer settings and print remotely. We could also pretend to be another user as it didn't connect at all to the user database. In a class with a few friends in, we remotely printed large cartoon pictures. Apparently the teacher was frantically trying to find the person who was printing and they all had a good laugh. They then took that printer off the network.

---

File explorer back then was patched so that we couldn't see network drives and even if we could, we couldn't get onto them. A few teachers sharing their screens would leak the fact that they had a private staff share. Child mind: Challenge accepted.

After several failed attempts using browsers and explorer, we discovered that Microsoft Office wasn't patched. Suddenly we could access other student's work spaces and save files in there. We could access staff's work spaces and save files in there. We could access IT work spaces and save files in there. We occasionally left a "I'm watching you" file (created at home so it didn't have our user account metadata) in random staff accounts.

At this point I think we were on their radar, but they needed proof. One afternoon we access the headmasters work space, who apparently left files on his desktop with his various login details. A bunch of students could now pretend to be the headmaster (we didn't as we knew this was suicide). (Turns out later that this headmaster was stealing school funds, so in retrospect I don't feel bad.)

We then found the "program" drive. It was a literal jack pot. Installation binaries with site-wide licenses. Back then there was no IP checking, one of these licenses was golden. We could install thousands of dollars worth of software at home for free, including Adobe everything, Maya and other 3D packages, office and every other custom piece of software.

Stupidly I had shown other people how to do this and they were running through the network like a bull in a China shop, triggering lots of errors, and as it turned out - getting lots of attention. In bursts a network administrator and he shouts my username into the room. This was the "oh shit" moment. I was dragged into the headmasters office whilst my teach protested that I was a good pupil.

I sit there whilst being berated, the network admin wants to call the police - whilst he wafts a large document full of screenshots in his hand (50+ pages). (Apparently they kept screenshots for evidence as I caught them off guard and they didn't have video capture.) They come to an agreement that I am indefinitely banned from using a school computer with no police involvement, as long as I give them all of my exploits. As a child I don't see any way out and agree. They handed me single piece of A4 paper and said "write everything you know on here". Before I put even a single word to paper, I replied: "Can I have some more paper please?".


Undertaking nerd-duel with low pay disrespected computer lab janny is shameful. Would not share...




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: