When You Accidentally Break Your School Network in 1995

Ah, good times. Win95 used to crash so much, that my brother and I became quite adept at resurrecting Explorer by causing a surviving process to trigger it. Eventually, we discovered the infamous &quot;Login? No, just help yourself to the desktop&quot; hack. No one cared, it was normal for stuff to be broken.<p><a href="https:&#x2F;&#x2F;imgur.com&#x2F;rG0p0b2" rel="nofollow">https:&#x2F;&#x2F;imgur.com&#x2F;rG0p0b2</a>

Well, I used &quot;the internet&quot; to avoid suspension in high school.<p>It was 1995, and I had made a fake parking permit for Fairview Hugh school in Boulder Colorado using Corel draw and Kinko&#x27;s. The junior class president--my arch enemy--found out and narked.<p>I got pulled into the principal&#x27;s office and was threatened with suspension. When they asked me how I made it, I told them I downloaded it from the internet. I explained further, that I had my own business making websites for local businesses. &quot;Oh, ok then.&quot; They told me that my &quot;we sentencing&quot; would take place the next week.<p>I didn&#x27;t sleep that weekend for fear of someone molesting my &quot;permanent record.&quot; That next Monday, a student assistant pulled me out of class and took me to the principal&#x27;s office for my sentencing: teacj the principal how to use the internet!<p>The best part of all this, is that I later learned the snitch had purchased his ap history term paper from the back of Vanity Fair magazine. I called him to tell him that I knew and he hung up. I called again and it went to his answering machine, where I explained that this was blackmail: he had exactly 1 hour to deliver me his authentic parking permit for the entire next semester, otherwise I would snitch. He answered the call mid-message and delivered the goods 40min later.<p>When I first got busted, my dad told me about revenge being best served cold (it&#x27;s a saying in French), that I should bide my time. He was right!

I had to personally apologise to the IT department because I sent a message from &#x27;God&#x27; saying &quot;I saw what you did last night&quot; to the entire network (long time ago but it was Novell something) by mistake (was aiming to send it to just the one computer lab).<p>They thought it was hilarious and that was the end of the matter.

Once upon a time I was suspended from high school for having pen-testing tools on a flash drive in my locker.<p>I was interested in network security and asking to my teacher about the best way to learn this information and whether &#x27;these&#x27; tools would give me an understanding, I told her I brought them in to ask questions about and next thing I knew they broke into my locker, read the drive and I was pulled out of class and in the principals office for &quot;possessing&quot; these tools.<p>I still remember him saying &quot;it&#x27;s like you brought a gun to school, just because you didn&#x27;t use it doesn&#x27;t make it ok. The only reason we haven&#x27;t expelled you is because we can&#x27;t prove you used them on the school network.&quot;<p>I understand now they reacted this way out of fear but it was a pretty terrible way of handling a curious kid and ruined both my trust in teachers and interest in learning any kind of network security.

Way back in 1988, I was in the sixth form of a school in the UK (that&#x27;s for students aged 16-18). We had a bunch of BBC Micros networked together using Acorn EcoNet.<p>Very detailed manuals for <i>everything</i> were just on a shelf in the classroom.<p>I forgot <i>how</i> we did it, but we wrote something that gave us access to the place where the passwords were stored on the master server. I also forget <i>why</i> we did this, but somehow we accidentally deleted the master password file.<p>We were still logged into the system, but panic set in. We logged out...<p>...and of course we could not log back in. <i>Nobody</i> could log in.<p>We owned up right away. The difference between mine and the OP&#x27;s story is I just had a very stern talking to from the headmaster and strongly worded letter home! He did admit he was quite impressed but suggest we channel our talents into less destructive projects.<p>Network was down for a day while it was completely reinstalled!

Stuff like this is still happening. I graduated high school in 2012. During our final semester, my friend decided to try logging in to the school router. He thought it would be passworded, but it was completely open. He shared this info with me and a couple other friends.<p>We had fun for a bit restarting the router when we wanted to mess with a boring teacher, but eventually one of them set a password, the school IT guy found himself locked out, and I found myself getting threatened with expulsion. The principal interrogated me and asked if I knew what port scanning was, and even accused me of lying when I said I didn&#x27;t (I really didn&#x27;t!). I told him as much as I knew - which wasn&#x27;t much - because I didn&#x27;t want to get expelled a few months before graduating.<p>Long story short, the friend that set the password got expelled, the one that found the vulnerability got suspended for a week, and everyone else got off scot-free. I heard a year or two later they started offering programming classes there.

I had two instances of near expulsion, and these were quite recent (2013).<p>The first was when I created a small messaging application that allowed students to message each other on school computers when in study rooms that had an enforced silence rule - it was really basic and just used text files that were stored on the shared files on the school network.<p>The second was worse simply because I was pulled out of class for looking up how another student was making pop-up messages appear on all the networked PCs using the school&#x27;s printing system. So, this student was in the middle of somehow gaining admin rights, and I was threatened with expulsion because I was looking up how he was doing it.<p>Real fun times

<i>One tech savvy friend was called in for questioning and told that he was going to be blamed for everything and that they had enough information to prove it was him even if it wasn’t. He was going to be expelled unless he had any information that he could share to prove otherwise.</i><p>Classic interrogation technique. I also learned a lot about how police states work when I was in high school.

In 1998 I installed the NetBus server on computers in the computerlab at my school. I would then run the NetBus client on a computer in a secluded corner, and watch the reaction from people while I messed with their computer. The best reactions I got from randomly opening and closing the CD-tray. Good times.

A friend of mine installed sub7 back then in the school network and tried to host a starcraft server. Didn&#x27;t work out, for some reason- but yeah, that&#x27;s youth. To criminalize such creative vandalism, wouldn&#x27;t help anybody.

When I left school, I got the deputy-head, during an official meeting to state that they didn&#x27;t teach computer science because they were afraid of what the pupils might do.<p>A school frightened to teach pupils ...

Some 10 years ago, when I was in 8th or 9th grade, I was threatend to be expelled as well, and charges were allegedly brought against me (I never really checked). I &quot;hacked&quot; the school website (as the CS teacher explained to my parents) and deleted all it&#x27;s contents. In reality, I only logged in via FTP and renamed all HTML files (the hosting did not event support PHP, and this was around 2008). I had access to the FTP because a year ago I was briefly responsible for running the school website and nobody bothered to change the passwords when they took over running the website.<p>I got a call from the principal the next day. He congratulated me and asked me to apologize to the CS teacher. After I did that, she agreed to drop the charges. In the end, I was only reprimanded and I had to apologize to the whole school as well. My only other &quot;punishment&quot; was helping the CS teacher fix some computers after school.<p>As this was playing out, I was hoping they wouldn&#x27;t find out what I did a year earlier - I&#x27;d set up a phishing website for the country&#x27;s most popular email service and I&#x27;d set it as a homepage on all the school computers. Needless to say, noone bothered to check the address bar, so in a week, I had passwords of half the school, including some teachers and the principal himself.

My friends and I were accused of interfering with the school computers on a few occasions. I think we were just bored -- we lacked direction and inspiration.<p>The computers had Visual Basic installed, and my uncle had given me a &quot;Teach yourself VB in 24 hours&quot; book. I followed all the exercises, but I didn&#x27;t know what to do next. The book was obviously intended for business programming, so it didn&#x27;t have any interesting suggestions. I wanted to make a game, or animations, but didn&#x27;t know where to start.<p>I did implement a card game, but couldn&#x27;t get any animations to work smoothly, and eventually gave up. The teachers knew nothing about programming, so they couldn&#x27;t help, and couldn&#x27;t even recommend other books or a web site. I think they regarded whatever I made with suspicion.<p>Competant teachers should have been able to provide programming exercises (or a larger project) that I was capable of implementing, but challenged me to learn something new with each task.<p>Instead, we made bar charts in Excel, and had about as much respect for IT as a subject as we did for gym class.

In 1981, when I was 12 years old, I visited my brothers university to watch him graduate. I didn&#x27;t have much to do so they showed me the computer they had installed in one of the study rooms at his fraternity. It had a phone modem - they connected me to the campus network so I could play around. At the time everything was run out of one of the campus libraries. So, finding it all rather boring, I turned on a nearby stereo and put the phone to the speaker for a minute or so. Afterwards, I could no longer use the computer so I turned it off and went to wander campus. While I was away the library (security?) visited the fraternity wanting to know who crashed their network. Nobody even suspected it was me. They were told that they might face a temporary suspension. I only found out about this part 20 years later. So, which university was it? Stanford. ;)

I nearly got expelled for learning how to use Flash 8 in middle school to make games.

I have a story from the other side. In the late 90s my university RA position involved installing and maintaining a network in a nearby school district. One day, a teacher at a junior high indicated that one of his brighter students was &quot;messing around&quot; with one of the workstations. I took a look, and sure enough he had rebooted it with a linux CD-ROM distro. No problem. However, there were clearly multiple logins for people who weren&#x27;t students, and the server was accesible from outside the network. Problem. Further tracking led us to a password sniffer installed back at the university, which in the 90s was serious business (and a whole other story).<p>Once the teacher understood what was going on, he quickly ran it up the chain and we wound up in a vice principal&#x27;s office with an SRO and the boy&#x27;s parents (SRO = School Resource Officer). I was a pretty bright kid in high school and the one time I wound up in a vice principal&#x27;s office, it was pretty unpleasant. However, when the kid walked in I think he outdid me -- he instantly went #ffffff and almost fell over. To his credit, once he started breathing again he was honest and open about what he did. I tried to emphasize that he didn&#x27;t act out of any bad motive, so I&#x27;m pretty sure the worst punishment he received was that office experience.<p>In retrospect, I&#x27;m glad I was there because (even as a college student) I had enough credibility to explain the situation. I did not keep up with the student, but I hope he went on to much career success.

I sorted some of my work product with bubble sort (I wrote maintenance procedures and docs for a defense contractor), in 1982 or 3; I figured out bubble sort &quot;all by myself&quot;. I don&#x27;t remember the mini-computer or the language. The system admin visited me and told me not to do that anymore. I went to school after that (where I learned that it was called bubble sort).

My &#x27;episode&#x27; was in &#x27;93. I&#x27;d just learned about TSR&#x27;s and execution vectors and really wanted to try to write a floppy disk boot sector virus. Coded it up in turbo pascal. Thought I was being ultra careful: promptly spread it everywhere.<p>My school was much more laid back, thankfully.

Was the early 2000s, but in my high school library I did a<p><pre><code> NET SEND comp1231 i know where you live </code></pre> to mess with my friend who was sitting right next to me. Then the hacker in me decided to see if asterisk worked (of course, without changing the message)<p><pre><code> NET SEND * i know where you live </code></pre> (Hint: it works). Everyone in the school who had a computer on got the message. I caught hell for that one, had to write a letter of apology to a bunch of school staff who didn&#x27;t &quot;feel safe&quot; after receiving the message. Never got access to my account after that either, so I always had to get my friends to log me in.<p>I didn&#x27;t break the network...but hey, I helped expose a vulnerability, right? That&#x27;s something.

In 2015 (perhaps more recent than other comments...) I was in trouble for starting powershell via a shortcut and using it to kill the monitoring process. Apparently it was &quot;causing intentional damage&quot;, when in fact I just wanted to finish reading something online after the teacher disabled the internet.<p>Luckily they didn&#x27;t take it any further than a stern telling off, unlike the article.<p>On top of that, I had actually revealed a vulnerability allowing anyone to access anyone elses&#x27; files earlier in the year.

Meh, I got a suspension for using Net Send on Windows XP back in 2003&#x2F;4.<p>I got the date with the girl and I annoyed some people and pissed off the network admin, win&#x2F;win.

I was looking for the keyword &quot;Novell&quot; to make me smile. I used to comb the web for exploits all the time.<p>My stories of mischief are probably like many of yours who were in high school in the late 90s - phone systems, Sub 7 and BackOrifice installs.

After my first week in high school computer class they moved me to a separate room where I was free to work on my own. This was in 1984. The class was using Commodore PETs. They gave me a Commodore 64 to play with. Easy A.

i did something very similar to this in 1998 at high school, good times

When I was 11 years old or so, I did not yet have a computer of my own but I had taken an interest in computers and wanted to learn more about them than just playing games. First and foremost I wanted to command computers to do my bidding. To create my own games and so on. So I read a couple of books and magazines and wrote a bunch on paper.<p>My father had a computer that he would let me borrow at times. One time my father brought with him home a copy of the installer for a program called POV-Ray, an open source raytracer and together we used it to describe a couple of simple scenes and render them. Aside from that my interactions with real computers at the time remained limited to playing games, using MS Paint and a little bit of supervised web browsing. However my interest in learning about computers remained and my father encouraged this. He would bring with him print-outs from the internet about various things relating to computers. One time he had printed out a few pages from the website of the Chaos Computer Club.<p>Those guys, the CCC, what they were able to do was amazing to me. They seemed like gods, well not quite gods but some sort of wizards or something.<p>The movie The Matrix had also captivated me when I saw it. It remains one of my all time favorite movies to this day.<p>At the age of 12 I got a computer of my own. It had a red rescue floppy, the contents of which I belived to be the entire installer for the Windows XP operating system. My father told me that the installer would weigh in at a lot more than the 1.44 MB that was able to fit on a floppy. I did not believe him. He was right of course, as I would come to understand a few years later -- the rescue floppy was booting the computer from a hidden partition and then the recovery stuff that was stored on that partition would take over and continue from there. Nonetheless, I had a blast and aside from a few misconseptions like the one mentioned, I learned a lot from having my own computer. Being able to restore Windows XP back to the factory state turned out to be very useful in the process of learning as I would regularily mess up my install in various ways that would lock me out of the computer or even make Windows unable to boot, but each time I would pop in the recovery disk and within 30 minutes to an hour or so I think the recovery program would have made the computer good as new. I lost a lot of data that way of course but little of it was of value to me anyway. The process of trying things and discovering and learning was much more important than my data. So on my computer I could experiment and if something broke there was no consequence. This would shape my attitude against computers. The lack of consequence however, not so.<p>Fast forward to 2006, I was in high school. I finally learned to program thanks to TI-BASIC on the graphing calculators and a book about PHP, after previously while in midleschool having given up on programming when the C++ Hello World program I copied from a book didn&#x27;t seem to work. (I had compiled it successfully but I had failed to understand that I would have to run it from a command prompt in order to see the output, so what happened was that when I double-clicked the executable, a command prompt opened itself, and as soon as the program finished it closed itself, leaving me to think that the black box that flashed on my screen meant that the program didn&#x27;t work.)<p>With the understanding I had gained from programming I figured maybe I would be able to create my own cracks for games and other pieces of software. After a bit of searching I came across a site called woodman.com, which had a bunch of tutorials on reverse engineering. I read them with great joy and after having followed guides and practiced on various crackme&#x27;s, I downloaded a shareware program that had a serial protection on it and was able to crack it all on my own.<p>Well, well, well. I am able to write software, I am able to crack other people&#x27;s software. Now I think it&#x27;s time that I look into network security. I bet there is some security issue with the school computers and I bet that the school will be happy when I tell them about it.<p>Yes and no. There was a security issue, but the school did not enjoy me finding it nor what I did once I had found it.<p>The first thing I did was I downloaded a collection of rainbow tables.<p>Next I tried to boot one of the school computers with a boot-CD so that I could copy the LM hashes file if it existed on the computer.<p>The school computers had a BIOS password and were configured not to boot from the CD-ROM drive.<p>So I gave up on that and focused my attention on other things.<p>Later one day when I booted one of the school computers, the boot process looked a bit different from what it used to (don&#x27;t remember how, but probably it attempted network boot or something) and I figured that maybe I should try to enter the BIOS menu on this computer. The computer allowed access without a BIOS password. (The school IT administrator had disabled the BIOS password temporarily and had forgotten to re-enable it afterwards.) I shut down the computer again and the next day I brought a boot-CD.<p>I booted from the boot-CD, found the file with the LM hashes and copied it to a USB stick. Brought it home and put my computer to work at using the rainbow tables I had downloaded.<p>After some time (several hours, perhaps several days) the password cracking program had found a match for the password of the local Administrator user.<p>At school I then tried to log in as Administrator on one of the computers using the password that the password cracker had found and it worked. Holy shit!<p>Instead of telling the school about this, I decided that I should investigate what more I could do. Bad idea. If I had stopped at this point, perhaps the school would have been thankful indeed, who knows.<p>So after a bit of pondering, I decided that I should install a keylogger on a bunch of the machines. I found something called FakeGina.dll online and was going to replace MSGina.dll with it. This triggered the antivirus software on the school computer which gave me a bit of panic. I logged off and didn&#x27;t do anything out of the ordinary for a while, expecting that the school IT admin would have gotten a notification and that he was going to question me about it and that it wouldn&#x27;t look good.<p>(Continues in a child comment.)

Based on the timeframe, I bet the software that found&#x2F;cleaned the virus was F-Prot.