[HN Gopher] Coding Stories: Me vs. the VNC Guy
___________________________________________________________________
Coding Stories: Me vs. the VNC Guy
Author : martinrue
Score : 284 points
Date : 2020-01-24 11:42 UTC (1 days ago)
(HTM) web link (martinrue.com)
(TXT) w3m dump (martinrue.com)
| spentu wrote:
| I love stories like this. It would be nice to have a site full of
| them.
| ta999999171 wrote:
| Read old IRC logs.
| martinrue wrote:
| I wrote a couple more, both about amusing early programming
| experiences:
|
| C network programming: https://martinrue.com/zzuy-a-lesson-in-
| perseverance
|
| Commodore 64 & BASIC programming: https://martinrue.com/give-
| yourself-more-playtime
| techbubble wrote:
| The Daily WTF has some good ones. https://thedailywtf.com
| milankragujevic wrote:
| I did this in school. Not the exact same way but I was so smugly
| satisfied with myself. I tortured the IT teacher the last few
| months. He deserved it, for being stereotypically uninterested in
| teaching anything beyond the minimum and actively shut off any
| attempt to learn more about anything.
| tylerjwilk00 wrote:
| Ugh. I'm not sure what's worse: them being lazy and
| uninterested or them feeling actively threatened by a student's
| search for knowledge. The latter of course being the antithesis
| of education.
| tylerjwilk00 wrote:
| I've had a similar experience with spying software in University.
| The instructor was bragging about the spying tool during a
| lesson. Driven by disgust of being watched I quickly identified
| the remote host and port. Hacked together a shell script to flood
| the host with spoofed connections. While this was going on the
| command server was projecting it's video signal to a large screen
| at the front of the room. I watched with glee as the active
| clients preview thumbnails of the spy app slowly filled with fake
| clients. Very soon the machine locked up and became unresponsive.
| The instructor became noticably flustered I raised my hand and
| claimed responsibility. I was excited to explain how I did it and
| discuss but instructor was not interested at all.
| HeWhoLurksLate wrote:
| This was my life in middle school- we had these _crappy_ dual-
| core laptops that had monitoring software on them, and the
| computers would grind to a halt if a teacher wanted to see what
| you were doing. I think that running the modified VNC thing
| that was used took about 80% of the CPU 's available power, and
| like 90% of the RAM?
|
| Anywho, those experiences made me realize how much I value A)
| my privacy and B) just being left alone.
| core-questions wrote:
| That's surprising - used to use VNC to do remote support for
| people running Pentium II and III machines in the sub-1ghz,
| single core range, and performance was fine. I suspect those
| machines were overburdened if you really experienced that
| much of a performance hit.
|
| Just for reference, in middle school we had one Pentium 60
| with a CD-ROM that was an absolutely mindblowing machine. I
| got to use it maybe once a month or so... Everyone else had
| to use the 386s while one kid would have his day on the fast
| machine.
|
| It seemed so futuristic at the time, and now the story just
| makes me sound old.
| Already__Taken wrote:
| Our school system let them right-click and ban programs running
| on your machine and apply that school wide.
|
| It was a string match.
|
| We called all our games winword.exe lol
| connorfoxley wrote:
| My school had something called Securus, which would scan the
| memory of all the programs, scan for combinations of pixels
| indicating pornography (on the screen and on your personal media
| devices) and of course key log everything. Luckily they include
| Python on some of the computers for a quick task kill.
| MrStonedOne wrote:
| When encountering a problem, every now and then a programmer
| might say: "I know, i'll code a C app that uses sockets to solve
| my problem" Now they have two problems.
|
| But this brings up a fun idea for a red team challenge, How well
| can you disguise what you are doing while being watched by
| somebody.
| [deleted]
| setr wrote:
| I believe you're asking for the Underhanded C Contest:
| http://www.underhanded-c.org/
| c0nfused wrote:
| Would recommend the bit in Cryptonomicon with a similar
| challenge. Actually, the entire book
|
| But as a formal challenge it would be super neat to try to do.
| The sneaky hackathon
| maxerickson wrote:
| The outcome here was 1 less problem.
| commandlinefan wrote:
| Not my hack but - when I was in college, there were two computer
| labs: one for CS majors and one for humanities majors who just
| wanted to type research papers. The CS computers booted to a DOS
| prompt and you could run anything on them, but the "writing lab"
| computers were configured to boot straight to wordperfect, and
| the exit command was password protected. A friend realized that
| you could hit F12 to get a shell (a DOS prompt), use that to look
| up the exit password, and exit out of WP on the writing lab
| computers.
| Thorrez wrote:
| In high school I found there was an whitelist of executable
| names, as long as I named the file firefox.exe it would be
| allowed to run.
|
| For senior prank I created small Autohotkey executables that
| would swap what some keyboard keys would do (e.g. 'm' with 'n').
| Then I booted the lab computers with a Linux live CD, and copied
| the executables into the global start folder (a different
| executable for each computer). When students came in that day to
| finish their homework in the morning at the last minute, they
| were quite annoyed, but some found it funny. One clever student
| figured out that killing the firefox.exe process fixed it (until
| the next login).
|
| I didn't get in any trouble (senior prank was semi-sanctioned),
| but they did need me to clean it up the next day.
| daneel_w wrote:
| Fun story, thanks for sharing! Is it correct that it was around
| the year 1997 that you were using your Commodore 64 with a tape
| deck to get into computers? You mention that the college was
| using Windows 2000 and VNC setups, and that you were interested
| in the D language, which would place the start of those college
| years no sooner than 2001. I also kept using my Commodore 64 up
| until the late 90s!
| martinrue wrote:
| Thanks, glad you enjoyed it. Yeah, I first got into the C64 in
| 97. College was 5 years afterwards, so in 2002 for me. I link
| to another story, "Give yourself more playtime", at the bottom
| of the post. You may enjoy that - it's the story of how I
| securely wrote password programs to all my favourite game
| cassettes :)
| tluyben2 wrote:
| Not entirely on topic, but I do remember going to college which
| was the first exposure to this large rooms with computers. I had
| computers at home since the early 80s but by the time I got into
| college it was win3.11 time, after my MSX-2, Amiga, DOS but even
| C64, I really really hated Windows for it's instability and
| inefficiency.
|
| In college we had 2 (large) rooms with computers; 1 had Windows
| boxes with win3.11 (for networks) and later win NT and the other
| had Sun sparcstations. The Windows room was always full and the
| unix room always empty. So I sat in the Unix room behind these
| machines that never crashed and had access to not only all the
| others in the room for doing interesting distributed things, but
| also to the 2 E450's in the basement of the college. While the
| Windows machines were on another network and were just basically
| crashing all day long (got a lot better with win NT obviously but
| still wasn't great). I later learned that the school head sys
| admin seriously hated Windows and loved Unix. So he basically
| ignored everything happening in the Windows world and just
| switched off the entire room at night while the Unix machines had
| uptimes that felt impossible if you compare them.
|
| Ofcourse, as the PC won, the room with the Sun machines was
| replaced with Windows machines; I got 10 SparcStation 5's (with
| the gigantic CRTs), a few SparcStation 1's, few UltraSparcs
| (5+10) and an E450 after they removed all. All are still working
| without fault to this day. It is depressing how throw-away modern
| hardware is, but what can you do.
| core-questions wrote:
| Just found a picture of the E450 -
| https://s.yimg.com/aah/anysystem/sun-e450-large-27.gif - and I
| gotta say, any computer that looks like it could have been Zack
| Morris's sweater is a good computer in my books
| danShumway wrote:
| This is a really fun story, and I love your writing style! Thanks
| so much for posting this.
|
| A lot of my most creative stuff growing up came out of me needing
| to work around really weird restrictions in middle/high school.
| In a really weird way, I'm almost grateful for some of the
| arbitrary rules and setups because they created a similar
| environment to what people seek out nowadays with platforms like
| the Pico 8 -- limitations in an unfamiliar environment force you
| to be creative with the resources you do have.
|
| _Edit: The other articles you reference in this one are also
| great!https://martinrue.com/give-yourself-more-playtime/ makes me
| really happy._
| martinrue wrote:
| Thanks, really glad to hear you enjoyed them!
| jwdunne wrote:
| Me too! Interesting to see you're in Manchester too - not
| every day a fellow Manc hits the front page :)
| martinrue wrote:
| Awesome... small world :)
| rkachowski wrote:
| This was a pretty great story, although I misread the title and
| expected the admin to turn out to be a founder of the VLC project
| blibble wrote:
| we had a similar system at high school: VNC on all computers,
| staff reguarly logging in to check you weren't doing anything fun
|
| VNC ran as a separate user with its password hash protected by
| the relevant registry permissions
|
| one day we found a machine undergoing an automatic rebuild, found
| the password hash, and of course VNC only supports upto 8 char
| passwords
|
| apparently it turned out they used the same VNC password for
| every single machine, including the staff ones
| 3fe9a03ccd14ca5 wrote:
| Are there other fields like computer science, where some
| students start university knowing how hashing works and being
| able to brute force passwords, while others start having barely
| used a keyboard and mouse?
|
| It seems like most programs people start on relatively level
| playing fields, but that couldn't be more untrue for computer
| science.
| monkeywork wrote:
| Trade schools would analog very nicely to how you describe
| the knowledge gap between some students in CS programs.
|
| Most other programs people goto post secondary to learn the
| subject at hand ... for a lot of trades and CS related
| programs they go into them because they enjoy that work and
| have been doing it on the side for a while. Those people
| immediately have a leg up on anyone who came in fresh.
| rjsw wrote:
| Maybe some foreign language courses, the course itself will
| be mostly about literature in that language, you can get a
| mix of people who have learned other languages but not the
| one being studied and people who are native speakers.
|
| My CS course had everything from a few of us already writing
| commercial software to people who had never touched a
| computer.
| egypturnash wrote:
| I am an artist and there sure were people in my classes who
| barely knew what end of a pencil to hold, while I had a
| decent grasp of the basics of perspective and anatomy.
| bvinc wrote:
| Yup I had this same experience. You could try some ips and end
| up controlling the teacher's screen that was being projected to
| the class.
| butterfi wrote:
| I got kicked out of my high school programming class for logging
| into another high school's computer network. I didn't even break
| in, I logged into a friend of mines account and downloaded a txt
| file about a game. The teacher reviewed all the paper (these were
| print terminals)that got thrown into the trash and decided I was
| up to no good. (This was in the 80's when we really didn't have
| rules about networks) It would be hilarious if isn't such a stark
| example of how a poor teacher can almost fuck your life up.
| jstewartmobile wrote:
| Undertaking nerd-duel with low pay disrespected computer lab
| janny is shameful. Would not share...
| joelmeckert wrote:
| I remember repartitioning the drives on the lab machines, so that
| when they were reimaged, the content in the new drive E, volume
| label CD-ROM, remained static. Hid the directory at the root,
| inserted a high ASCII character so that one couldn't browse to
| the directory without knowing the character, and shared this
| knowledge with a few individuals.
| sdca wrote:
| When I was a junior in high school and computer lab monitor, I
| made a suggestion that we install VNC on every computer and it
| was green lit by the administration. We used an app that could
| view thumbnails of all screens at the same time. I only enforced
| the "no porn" rule. Kids could play games, browse the web and I
| accepted fake hall passes. But if they were watching porn they
| would be thrown out and banned.
| redstripe wrote:
| I worked in a large call center and we used VNC to monitor the
| agents. This worked until one one of them figured out what the
| VNC tray icon color change meant - which meant they soon all knew
| what it was.
|
| So I had to do the reverse hack of this guy. Easiest way was just
| to load up the VS resource editor and change the icon so that it
| always looked like there was no connection.
| s_Hogg wrote:
| I remember in my high school every computer was a windows machine
| that ran Novell Net ware on boot. So some dude brought in a Linux
| distribution on a diskette and found he could mount anything on
| the network and do as he pleased.
|
| He was honest and had a crowd of people around him including
| staff as he did it, which was No Fun At All.
| selpop wrote:
| I got called into the administration office for running Linux
| off a USB stick. It wasn't for anything nefarious, I was hoping
| could have my development environment stick around, since the
| Windows environment would reset everything after you logged off
|
| It was clear the principal had no idea what this "Linux" thing
| was, but the IT person did his best to make it as spooky and
| evil as possible unfortunately.
|
| I don't remember what came of it, but later in the year a
| computer virus hit a few computers in the school, and I
| distinctly remember a multiple people thinking I had done it...
|
| Of course I would never, I was the last person who would want a
| run in with that IT guy again all. But no call into the office
| that time, and in retrospect I wouldn't be surprised if it was
| a simple misconfiguration being called a "virus" since it
| allegedly only affected teachers' classroom PCs
| mavhc wrote:
| I got told off for typing *H.. on a BBC Master.
|
| It listed all the built in help, basically masses of text
| scrolling down the screen. I assume the teacher thought I was
| hacking the computers or something, scared them.
|
| To be fair, I was hacking the computers, but not when they
| were watching. Turns out the password file used very simple
| reversible encryption, but we only used our powers for good,
| and games.
|
| Linux does sound evil, is it from one of those eastern
| european countries? I hear it's like communism
| opticfluorine wrote:
| I was reprimanded for using PuTTY to log into a remote server
| for a course I was taking through the local community college
| in high school. The head IT person said that the white text
| on black background looked too much like "hacking" and that
| it wasn't allowed. I switched to black text on a white
| background, and everything was good again.
| bransonf wrote:
| Green text, black background.
|
| I'll open a terminal in my university courses and take
| notes in vim just to see people's reactions.
|
| Even better, doing anything with a lot of stdout. Fast
| scrolling text in a terminal freaks out a lot of people.
| mjevans wrote:
| They've obviously never tried using Gentoo before... the
| faster the text scrolled the better.
| kragen wrote:
| Witch-burning hasn't gone away; it's just changed its
| vocabulary.
| duxup wrote:
| I went to a Catholic high school. One of the only sisters left
| that worked at the school ran the computer lab.
|
| Passwords were stored in clear text and it was common for
| students to ask her what their forgotten password was. She would
| look it up in the system, and tell them.
|
| Eventually some of us figured out how to change other users
| passwords and of course we changed them to all sorts of unseemly
| phrases that a high school student boy would find amusing.
|
| When that student would ask for their password she would simply
| change it to something pleasant...but amusingly maintain the
| general structure of the unseemly phrase changing only the bad
| words. We saw her laugh a few times.
| celticmusic wrote:
| atleast she had a good humor about it.
| busterarm wrote:
| Genuinely not how I expected the story to go! And the polar
| opposite from my catholic school experiences as well (the
| headmaster caught me logged into my Hotmail account one day,
| physically pulled me off the computer while he pried through
| and read hundreds of my emails and then after finding nothing
| untoward, used the entirely unread contents of my spam folder
| [which in the mid 90s meant mostly porn & dickpill spam] as
| an excuse to try and expel me from the school).
| duxup wrote:
| It's a strange thing the differences between my Catholic
| school experience and when other folks describe what to me
| seems like almost caricature-ish type Catholic school
| experiences.
| busterarm wrote:
| I don't know how things are where you grew up but it was
| only years later that I learned that most of the people
| who taught at my Catholic school did not have the
| required qualifications to teach anywhere else (and those
| that did were total creeps, like the molesty kind).
|
| Most of them weren't equipped for the job they were doing
| and I've seen that in others in my own career(s). An
| important lesson about authority.
| duxup wrote:
| Interesting.
|
| I think the nature of catholic schools being a diocese to
| diocese (or grouping of them) thing tends to create a lot
| of variety.
|
| My school had similar teachers (this one sister and one
| priest aside) to any of the other local schools.
|
| Also unlike the schools near me now ... it was basically
| open enrollment like any public school and the costs were
| on a sliding scale based on income. Many students (myself
| included) paid very little in tuition. The diocese picked
| up the tab for the rest.
|
| Meanwhile the catholic schools where I live now are ultra
| exclusive and bonkers expensive. They like to hint at a
| very 'classical' education and a lot of discipline.
|
| But at my school things were very much easy going and by
| the time you were a senior you effectively were taking
| mostly college classes from the local colleges, and
| coming and going from school as you pleased as you might
| at college. It was a great experience (although I proved
| to be a terrible college student... so maybe not as
| effective for me, but I wouldn't blame the school).
| 867-5309 wrote:
| macneilr:yourmomlovessocksinhelloworld
| [deleted]
| eps wrote:
| Could've just unplugged the network cable... though the plan to
| proxy someone else's VNC server was a good one.
___________________________________________________________________
(page generated 2020-01-25 23:00 UTC)