[HN Gopher] Back Orifice (1998)
___________________________________________________________________
Back Orifice (1998)
Author : aphrax
Score : 284 points
Date : 2021-09-04 11:06 UTC (11 hours ago)
(HTM) web link (web.archive.org)
(TXT) w3m dump (web.archive.org)
| bdcravens wrote:
| Bots to scan all users for BO on IRC were common. I even was a
| bit mischievous with it myself. Karma was served when I self-
| owned - was playing with running the server to experiment but
| forgot I left mIRC running, and in a minute my computer was
| hosed.
| christkv wrote:
| Oh man brings back so many memories of messing with friends.
| There was even a doom version that modeled monsters after system
| processes allowing you to shoot and kill the processes and watch
| them die
| AnIdiotOnTheNet wrote:
| psdoom still exists:
|
| http://psdoom.sourceforge.net/
|
| Though I'm skeptical it was ever part of a windows root kit.
| christkv wrote:
| It wasn't a part but there was support for the back orifice
| protocol. https://github.com/orsonteodoro/psdoom-
| ng/blob/master/trunk/...
| howmayiannoyyou wrote:
| My experience with BO:
|
| Me: "I bet I can guess your password..." I said to a close
| friend.
|
| Him: "No way. $50 says you can't".
|
| Another friend: "Stupid bet".
|
| Me: "eatme8"
|
| Him: <speechless>, turning red with rage.
|
| Another friend: "Holy shit".
|
| Needless to say my late 20's were a lot of fun, very little of
| which I could do now without serious repercussions.
| habibur wrote:
| I was thinking of it recently. Does it still run on modern
| Windows? Has anything new arrived as its alternate?
| junon wrote:
| I highly doubt it works these days. For a while there was Cain
| and Abel (probably spelled differently) and a few other popular
| RATs running around.
| nsxwolf wrote:
| Pretty sure someone used this to make my CD-ROM eject once, and
| that was very disconcerting.
| deusum wrote:
| You mean the cup-holder? They were just being helpful.
| shoelessone wrote:
| Was Girlfriend similar to this?
| anhanhanh wrote:
| Back in the good old days we were sending this to random ICQ
| users saying something like "hey I'm a game developer and made
| this game, would you like to try it?". I'm not very proud of that
| tbh.
| richarme wrote:
| What you could do was embedding the BO exe inside another exe
| disguised as a jpg picture. When executed it would extract and
| run BO in the background and also display a jpg. ICQ
| conveniently didn't display the end of long filenames, so you
| could send it as "xyz.jpg[20spaces].exe" and it would seem like
| you just shared a picture. Worked like a charm the one time I
| tested this technique on an unsuspecting friend during a LAN
| party.
| slim wrote:
| Or use silkrope to bundle it with any other .exe
| riffraff wrote:
| if I recall correctly, you could attach this to other binaries
| via silkrope so the receiver would be unsuspecting.
|
| I think we did it to a classmate once :)
| ianhawes wrote:
| Yes, now if you do that you end up with a 2000 word threat
| analysis write up by a network security startup that claims
| you're using sophisticated social engineering.
| ironmagma wrote:
| And a warrant for your arrest, probably.
| saagarjha wrote:
| Apparently people still do this on Discord.
| decko wrote:
| I wrote a similar tool to mess with my friends at the computer
| lab at school (since back orifice, netbus, etc. would all be
| detected by antivirus at this point).
|
| Years later, I was shocked when whatever antivirus I was running
| detected it as a trojan through heuristics. I realize this is
| pretty normal these days, but back then it felt like magic.
| sdfhsdfhsfj wrote:
| Netbus and BO got me in so much trouble as a kid (though honestly
| I probably should have gotten in a lot more trouble).
|
| At school, all the windows machines were locked down with a
| "security" application called Fortress. I started selling boot
| floppies that would disable Fortress to teachers, and might have
| loaded a few of those up with the aforementioned toys.
|
| At home, I don't think I paid for internet access at all until
| well after college. A port scan of local ISP networks usually
| yielded someone infected with netbus or bo, and I could snarf
| their dialup credentials.
|
| While those exploits probably should have landed me in jail, the
| worst that happened to me was an expulsion as a result of
| somebody else bulk changing logo.sys across school.
| tinco wrote:
| That really is mischievous, as a kid I'd play around on the
| schools computers which I felt were fair ground, though the
| headmaster would probably disagree. The only time I was really
| confronted was when I was warcycling around town, found an open
| WLAN and just browsed for a little while, and then the owner of
| the house came out and chased me away haha.
|
| I'd often read phrack even though I didn't really understand
| programming yet, but there was this one issue that detailed how
| to trick a bottle recycling machine into giving you unlimited
| receipts, my local supermarket had the exact machine and I was
| thinking about doing it to see if it would work, but chickened
| out because I realized I'd actually be stealing from the owner
| of the supermarket who everyone in the town was on first name
| basis with. I always believed everything in the digital was
| sort of fair play and was really shocked when people started
| going to jail even for the dumbest thing like grey hat url
| injection.
| temac wrote:
| There were tons of windows 95/98 computers with network shares
| exposed to the internet with no or weak passwords. It was
| really convenient to get their stored password list.
| brassattax wrote:
| My University had public, non-firewalled IP addresses in the
| dorms... all one had to do was scan the IP ranges for the default
| port for Back Orifice to have some fun. (The good old days)
| gogopuppygogo wrote:
| My first year at university I took over the student radio
| program and found such a computer had been left online for
| months directly connected to the internet. It was so pwned the
| mouse would struggle to move.
|
| I wish to this day I'd imaged the hard drive before formatting
| it. It'd have been so much fun to boot up in a VM to play with
| today.
| sedatk wrote:
| BO was the only malware I got infected with on Windows. Back in
| 99, some colleague had sent me an executable to try out (supposed
| to be the portscan tool he developed), it did nothing so he said
| "hmm ok". Later, my mouse started becoming erratic, I started to
| make typos. I finally figured out what's going on when the CD
| drive ejected itself and I shut off the computer. He later
| admitted messing around.
| Lapsa wrote:
| oh I remember this one. opening CD tray remotely
| Svperstar wrote:
| lol we used to use Back Orifice to mess with friends on ICQ,
| yeah, I'm old. I know.
| mikeodds wrote:
| I'd bet there's more than a few people here in respectable places
| now that learnt to code through VB6, Delphi, python, Perl, PHP to
| write rats and exploit code.
| brassattax wrote:
| tcl scripting for eggdrop bots too :)
| Grazester wrote:
| Yep in highschool it was all VB6 and back orfice shenanigans
| nurettin wrote:
| it was mainly delphi7, because the executables didn't require
| suspicious dll dependencies. If you statically linked midaslib,
| msvcrt was all you needed.
| mkr-hn wrote:
| Marco Arment (Overcast, Instapaper, Tumblr) on AOL proggies,
| most of which were built on popular VB6 libraries made for that
| purpose: http://articles.marco.org/44
| theshadowknows wrote:
| A "fell off the truck" version of Delphi :)
| gatorcode wrote:
| Ahh the good old days. Learned to program with VB6 writing
| progz for AOL.
| tscherno wrote:
| There is also Sub7 from the same period:
| https://web.archive.org/web/20050401072114/http://www.hackpr...
| cpach wrote:
| And NetBus https://en.wikipedia.org/wiki/NetBus
| Lammy wrote:
| I love that the NetBus website is still online:
| http://www.tcp-ip-
| info.de/trojaner_und_viren/netbus_pro_eng....
| unixhero wrote:
| All hail Netbus. It was so much fun. Those were good times.
| Pranking and harmless fun.
| surbas wrote:
| Wikipedia would seem to disagree:
|
| > " However, use of NetBus has had serious consequences. In
| 1999, NetBus was used to plant child pornography on the
| work computer of a law scholar at Lund University. The
| 3,500 images were discovered by system administrators, and
| the law scholar was assumed to have downloaded them
| knowingly. He lost his research position at the faculty,
| and following the publication of his name fled the country
| and had to seek professional medical care to cope with the
| stress. He was acquitted from criminal charges in late
| 2004, as a court found that NetBus had been used to control
| his computer."
|
| https://en.wikipedia.org/wiki/NetBus
| tmountain wrote:
| And C:\con\con. Ah, memories.
| jq-r wrote:
| A former "friend" of mine in high school deleted my documents
| including due school work with netbus or BO (don't remember
| which one). It really was a shitty thing to do and he was
| proud of it that I lost weeks of work.
|
| I got revenge couple of months later with a "screensaver"
| that I've made in Delphi. In reality it would just "crash"
| with some random error, but actually copy itself on multiple
| places on the hard drive with windows sounding names, run
| both as a service and some innocent sounding files etc. It
| wouldn't show up in task manager. I could send and execute
| whatever commands I liked. I've deleted his Diablo saves a
| week later or so, and man he was livid as he wasted months
| playing. He had no idea what happened as he had two AV
| programs installed and he was confident it would detect a
| trojan.
|
| Windows security at that period of time really was a
| contradiction in terms.
| ctf1er wrote:
| Sub7 was a lot of fun. So many options. I will add to the
| computer lab anecdotes. I gave this to my buddies at school who
| were in the same crew(we mostly made VB 'proggies' for AOL,)
| but of course two of them install it in the library computer
| lab. I told them it's not illegal to have but is to use. They
| mess with students even doing things like deleting essays being
| written. The IT people figure it out and my buddies get
| arrested and cut ties. They are expelled for a whole year and
| when they come back can't use any school computers. Did anyone
| ever figure out if there was a backdoor in the backdoor from
| the maker?
|
| But that kind of stuff is what got me interested in computers
| and programming back in junior high. Learned the basics of
| control statements and OOP in a fun engaging way. I made an AOL
| chatroom mailserver with sendkeys :D and later became more
| advanced using APIs. These were very much like mIRC but AOL
| hosted all the files so even better. There were private
| chatrooms based on just making these things and prewritten
| libraries floating around. Who remembers genocide.bas?(hey I
| didn't name it) Anybody have these? I have copies somewhere on
| a zip drive.
|
| Remember punters? In dialup days you could flood a person with
| chat messages containing html heading tags that would slow them
| down rendering to the point they could never catch up. Others
| eventually found exploits that could crash the app on one
| message.
|
| The Trojans for AOL were also pretty good. Would capture the
| password field and once connected open an email in the
| background and send it wherever, then delete sent. Back then
| though you could as easily just say you are an admin and ask
| someone for their password. Your whole neighborhood probably
| openly sharing through netbeui.
|
| I think it's long enough ago to say I ran an FTP on mirc and
| the password was like the 5th word on the xdrive free account
| confirmation page. They started at $2 a referral and I bought a
| nice 17" ViewSonic monitor to play Quake on in the 8th grade.
| Other friends bought whole computers. Shut that down when the
| FTP got hacked and I got a cease and desist letter for 3d
| studio max, thought the law was coming to break down my door.
| devin wrote:
| I remember packing jpegs with sub7 payloads and sending to my
| friends on AIM. The opening and closing on the CD tray is such
| a classic prank. Best part was that given I was usually the guy
| my friends and their parents called to fix their computer
| trouble, I was getting IMs from all of them saying "my cd tray
| keeps opening and closing". The reveal of the prank was great
| except for when I must have done it for like 3 hours while my
| friend's mom was using the family computer. She wasn't very
| happy with me.
| superkuh wrote:
| Sub7 was hilarious with all of it's UI features like custom
| skins.
| grobbie wrote:
| I can remember one called Code Red causing a bit of mayhem at
| work not that long after.
|
| Interesting to read on Wikipedia that work on Sub7 resumed in
| June this year.
| jonplackett wrote:
| I remember this - and using the same CD opening closing joke on
| people in the college lab. The technicians had no idea what was
| going on. I don't think they really knew anything about
| computers - we once found a word doc on one of the computers
| with every password for the entire college / website etc.
| [deleted]
| joemazerino wrote:
| The good old days. I recall hearing the cDc going on the radio to
| "announce" BO with some trite words about Microsoft. I thought BO
| was fun but bo2k was really the bees knees of RATs.
| AaronNewcomer wrote:
| Yeah I remember one of these would allow you to somehow make a
| jpg executable and then would download the full payload for the
| rest of the tool. Image sharing over AIM and the like would make
| direct connections when transferring so you had to look up their
| IP address with netstat or something while the picture was
| transferring to them. And then keep checking to see if they
| actually installed/opened it.
| [deleted]
| washadjeffmad wrote:
| The BO payload was so large that it was hard to inject or
| distribute without pretty obviously being suspicious.
|
| A friend developed Fraggle Lite in ASM with separate versions for
| the network adapter, which became the world's smallest RAT for a
| while. I never found the Easter egg, but I do remember the
| original password for our hardcoded users. I wonder if I still
| have them somewhere...
| richardfey wrote:
| _That_ fraggle lite?
| washadjeffmad wrote:
| I guess? Gobo's?
| dspearson wrote:
| Had a lot of fun with bo2k and friends. cDc zines got me in to
| hacker culture and probably contributed to my career trajectory.
| readingnews wrote:
| Ahhh the CDC.
| weci2i wrote:
| Seeing this thread and so many familiar stories makes me feel
| right at home. Sub7 was my RAT of choice. My brother and friends
| weren't very technical, but I taught them to use Sub7 so they
| could spread the exe around to their friends and we could all
| have some fun. We were all heavy ICQ users at the time. It wasn't
| long before we discovered the ICQ send file box had a size limit
| on the file name field. So you could, say, call the exe "pic-of-
| me-nude.jpg .exe" with so many spaces in the file name before the
| .exe part disappeared that most of our male friends would accept
| it from a "random female" and run it without any hesitation.
| Needless to say, we opened a lot of CD ROMS and listened in on
| many chats.
| stelonix wrote:
| Ohh, that brings back memories! I didn't use BO, though I knew it
| existed, but used sub7 and NetBus a lot. The person who taught us
| (me and brother) to use it did the classic CD tray prank and then
| rebooted out computer. I remember him telling us to who run a
| command like _arp -a_ on the Windows terminal and we were
| shitting our pants, so he triggered a reboot.
|
| Good times getting into friends' computers etc.
| [deleted]
| sparker72678 wrote:
| Same as so many others here, I remember messing around with BO
| with a buddy in high school days. Scanning IP addresses (I think
| we just started bulk scanning addresses that matched his ISP
| maybe?), browsing their files, taking screenshots...
|
| And yea, chatting about all this over AIM and IRC... ahhhh.
| cdcarter wrote:
| I can't recall if it was Back Orifice, or another "root kit tool"
| of the time, but these tools are absolutely where I first saw the
| allure and call of a custom telnet shell. I remember telnet-ing
| into the control port and aggressively open/closing the CD-ROM
| drive on my brother in the other room (among other pranks).
|
| Something about telnet-ing into a service gives that Great Hacker
| Feel. You're at a command line! But it's not bash, or cmd.exe,
| it's something specific to that rootkit. There's little easter
| eggs. Some common escape codes might work, they might not. The
| prompt changes as you use it.
|
| These days, I don't get many opportunities, but if I can add a
| very simple line-oriented protocol to a side project I sure will.
| rbanffy wrote:
| I can't believe there's only one mention to Beto O'Rourke here...
|
| https://www.reuters.com/investigates/special-report/usa-poli...
| theshadowknows wrote:
| Mannnnn the nostalgia. I loved programs like this and Sub7c my
| favorite was DivineIntervention 3 I just liked the interface and
| thought the name was cool lol. I'd love to see what all the devs
| of these things are up to today. Pri$m, if you're out there let
| it be known that your work on DI3 is what got me into
| programming!
| atum47 wrote:
| Glad to see I was not the only script kiddie here, haha. I used
| them all: bo, netbus, sub7... To be honest back in my days it was
| not as fun to hack somebody, digital cameras were expensive as
| heck back then, people had just a few pictures on their computers
| which they usually scanned, no webcams... It took me a week to
| infect this girl I had a crush on, when I finally did all I found
| on her computer was a bunch of mp3s. Well, at least I learned her
| music taste. Not everyone had a computer back then. It was not
| cannon as it is today.
|
| Soon after I wrote my first chat in Java, that use the same
| principles of client and server. The server would even work with
| telnet. Fun times indeed.
| jahnu wrote:
| You think it's fun to stalk women?
| atum47 wrote:
| By the way, why do you think social media is such a big deal?
| Cause it's fun to stalk people.
|
| Stop trying to make things look sexist
| jahnu wrote:
| I'm sorry but you literally described breaking into
| someone's computer in order to snoop on them. You expressed
| disappointment that there were no photographs and you
| closed with "fun times". I don't have to do anything to
| 'make' this looks like abhorrent behaviour.
| atum47 wrote:
| No specific, it was fun because I had a crush on her. A
| little bit after that I started dating a girl who went to the
| same school as me, and she told me she and her friends would
| look at the signing list at the library to see what I was
| reading. Back then you had to checkout a book in order to
| take it home with you from the library, and they used pen and
| paper.
|
| I guess I was also stalked, just not digitally, haha.
| radicalbyte wrote:
| Oh the shenanigans I had with this at work. IT at the time were
| pretty clueless.. at least until that time they hired a good
| consultant who saw what we were up to :laughs:
| hestefisk wrote:
| I installed Netbus on the public computers at my local community
| library. They ran Windows 98 and were connected directly to the
| internet via a T1 / frame relay connection with a public IP for
| each machine, no firewall. So I could sit at home and keylog
| people's Hotmail passwords. Those were the days ....
| znpy wrote:
| I did set up a keylogger in a internet cafe.
|
| It used to log keystrokes but also the title of the window.
|
| Well... I wasn't looking for anything in particular, I was to
| about 12-13 and just into computers and didn't even have
| internet at home.
|
| Well to make it short, there was a lot of porn websites
| visiting. At all times of the day.
|
| Which in retrospect is immensely weird considering this was a
| public place.
| pcblues wrote:
| I had a big zip file of all my HPAVC files in one place from the
| early nineties. Fast-forward to about 2005 when I was working in
| corp and I needed a Win32 Disassembler for a particular task and
| I knew where it was. As soon as the still-compressed zip file
| hits my computer... well, my boss said my computer had 490
| viruses on it and counting. A VERY bad look that only trust got
| me past.
| Zelphyr wrote:
| We used Back Orifice on a co-worker's machine in a call center I
| worked at. While he was working we would open and close his CD-
| ROM drive randomly. Restart his machine. All the while we're four
| seats down just cackling and he's turning redder and redder as
| his machine does all these weird things while he's trying to
| work.
| tmountain wrote:
| We did that too. Someone almost got fired for it.
| phkahler wrote:
| I worked a call center over xmas season one year. During
| training they had us call each other and place fake orders for
| practice. I got call from the "hot chick" in the group, took
| down her info and asked if could call the number later. She
| responded in the positive. I never followed up 'cause I already
| had a GF. But hey, pranking people is fun too!
| flatiron wrote:
| now-a-days i just put a wireless keyboard mouse adapter and
| giggle as i move their mouse around and type on their screen.
| vidarh wrote:
| At university our computer labs were full of SGI Indy's. For
| most people at the time it was the first computer they'd used
| with a webcam.
|
| Every student could log into all the machines.... and access
| the webcam remotely.
|
| Lots of messages to people telling them things like to stop
| picking their nose when they were sitting somewhere they
| thought nobody could see them.
|
| People learned to use the privacy shields on the cams very
| quickly.
| eloeffler wrote:
| Here, have a free cup-holder!
| neals wrote:
| Some weird random anecdote about Back Orifice 2000 (BO2k) that
| nobody asked for:
|
| We were goofing around in high school with this. Putting it on
| computers in school and messing around. We sent it over to a
| classmate. Her father was teachter and we figured she might open
| it on their home PC. (we were 14 at the time, by the way).
|
| Anyway, we made a fake hotmail address in the name of another
| classmate. These two people didn't share any classes and were not
| in eachother little social circle. We sent a couple of emails
| back and forth pretending to be the other guy but lost interest
| along the way and nothing happend.
|
| Now for the strange part; forward 18 years or so. I'm in the
| city, I run into the person who we were sending the messages
| to... with the person who we were pretending to be. Married and 3
| children together.
|
| I'd like to think we brought them together in some strange way.
| sarahjosh wrote:
| In AOL Instant Messenger when I was in middle school I bulk
| messaged a ton of accounts in some teen chat saying "Hi Sarah."
| Most of them responded "I'm not Sarah" or similar but a few
| replied "who is this?" I said "It's Josh." Most of them said "I
| don't know a Josh" but one of them said "Hi" like she knew a
| Josh. I then started talking to her and slowly got around to
| telling her that I had a crush on her. She actually seemed
| interested and she said she was going to come over to my house
| to talk about it. Don't know how that ended but I hope it's
| like your story.
| HeckFeck wrote:
| I had many 'randoms' added on MSN messenger. Usually acquired
| through everyone inviting his complete contact list to one
| conversation. We used to discuss all and sundry back then.
|
| I was always slightly more nervous messaging the girls
| (obvious from their elaborate emoticon-saturated screen
| names).
|
| Curiously, one of my friends had a contact named
| 'korea@hotmail.com' who was always online but never replied.
|
| I sometimes wonder how many of them are doing now.
| andai wrote:
| > Usually acquired through everyone inviting his complete
| contact list to one conversation.
|
| Man, those were the days... Most of my contacts disappeared
| one by one (except for 2 which are my oldest friends now!),
| and it seems like that kind of atmosphere (just adding
| random people to chat) doesn't exist anywhere anymore, does
| it?
| dnsco wrote:
| This made my day.
| dheera wrote:
| Back at MIT I had a script that would use "finger" to check who
| was logged into various machines on Athena clusters (MIT public
| computers) and occasionally send Zephyr messages to two
| adjacent people, one saying "look to your right" and another
| saying "look to your left" causing the two people to look at
| each other.
|
| I like to think a lot of inadvertent introductions and
| friendships might have been created by the script.
| api wrote:
| I'm a bit older and when I was about 14 or 15 I got into
| assembly language DOS virus writing. This was in 1992 and 1993.
| It's actually how I learned x86 ASM. I was involved with an old
| school hacking (sense 2) group called Phalcon/Skism. Did other
| fun stuff like "wardialing" with a program called ToneLoc.
|
| Anyway I wrote some viruses and dropped them in my high school
| computer lab. Several ended up getting loose on the local
| Cincinnati area BBS scene. One ended up in McAfee antivirus
| pretty quickly so I assume it spread further. There was
| basically zero security to stop such things back then.
|
| None of my viruses were designed to do real damage. They would
| print stupid messages or change your color scheme to funky
| colors, stuff like that.
|
| This was back when hacking (sense 2) and the computer
| underground was about a mix of pranks and exploration. It's not
| like today where it's all about serious crime and espionage and
| the penalties are also serious. It's definitely not fun
| anymore.
| tylerscott wrote:
| This reminds me of when I first discovered the Win32 API and
| used it to write some silly annoying apps in Borland C++
| Builder. This was around 1998 and the worst I ever came up
| with was a persistent pop up that was difficult to remove due
| to some registry obfuscation. It had a single button that
| would open the CDROM tray. I put it on every computer in the
| lab. Good times. You're right--it used to be playful to hack
| around. I miss those days.
| andi999 wrote:
| I just wanted to write it was a crime still back then and
| take the example of the first worm in 1988 :
| https://en.m.wikipedia.org/wiki/Morris_worm TIL: a Harvard
| student named Paul Graham was quite close to Robert Morris.
| It is a small world.
| jlrubin wrote:
| you might be interested in seeing the founders of yc
| https://www.ycombinator.com/people/
| [deleted]
| short_sells_poo wrote:
| We played a lot of counter strike during my uni days and at
| one point I created a prank program that disguised itself
| as system.exe and listened for mouse movement. It would
| then inject random but smooth error into the mouse
| movement. I installed it on a friend's PC and it drove him
| to white hot rage. I think he destroyed a couple of mice
| before I owned up and bought him a new high end Logitech
| laser mouse (which was a novel thing at the time).
| pcblues wrote:
| That's clever and awesome, in the true spirit of hacking.
| HeckFeck wrote:
| Have you ever happened upon the youtuber danoct1? He plays
| with old DOS and Win32 viruses.
|
| https://m.youtube.com/user/danooct1
|
| Perhaps one of yours has been featured!
| scruple wrote:
| Cincinnati was a lot of fun in those days. I was nearby,
| though most of my "hacking" friends were in Cincy.
|
| Ever meet a guy who went by PADMaster?
| squarefoot wrote:
| Upvoted. Whoever downvoted you has likely never attended
| certain universities, and clearly has never been in the
| military. Doing things that are wrong and fun while still
| being harmless requires creativity.
| api wrote:
| For it being called hacker news this place is very
| conventional. It's better than /r/programming though.
| ok123456 wrote:
| Burning a 0-day exploit on changing people's backgrounds or
| color scheme would be a good bit in 2021
| api wrote:
| There just was little to no security back then. The entire
| system was a permanent zero day.
|
| Computers were mostly not networked so the threat surface
| was small, and like I said most hackers in the sense I
| described were pranksters. Big money and power was just not
| in it unless you were going after serious specialized
| targets, and there were less of those and they were pretty
| much all air gapped.
|
| Air gap was the only real security back then. Just don't
| connect it and guard it physically.
| GekkePrutser wrote:
| People may not remember but the name was a pun on "BackOffice"
| which was a Microsoft product at the time.
|
| https://en.wikipedia.org/wiki/Microsoft_BackOffice_Server
|
| Back Orifice was basically a rootkit avant la lettre.
| luma wrote:
| The Back Orifice logo was also a play on the MS Back Office
| logo but with a goatse twist. CotDC were a cheeky bunch :D
| slim wrote:
| cDc (I'm not being pedantic but by stylizing it in another
| way you're missing the penis joke)
| speedgoose wrote:
| Avant l'heure ?
| luma wrote:
| I ran some training labs full of desktop PCs around the time that
| BO was released and it was a fantastic tool. It was free and
| offered a wide range of features for remote administration that
| win95/98 didn't have. I could power cycle, re-image, push install
| .exes, control user accounts, etc all with a free tool. With BO I
| had complete control of all systems in the lab at a time where
| that sort of tooling for "legit" uses was prohibitively
| expensive.
| docflabby wrote:
| For those not from the NT era the name derives from Microsoft
| Back Office
| https://en.m.wikipedia.org/wiki/Microsoft_BackOffice_Server
| th0ma5 wrote:
| I made a couple of plugins for this back in the day "butt plugs"
| heh I can't remember what they all did but I think one was sort
| of a proxy so that you could scan other networks with an already
| infected machine.
| j0eblow wrote:
| This story sort of relates to BO and/or possibly other backdoors.
| If anyone can help me understand the mystery of what happened to
| me back around 2001 I would be forever grateful:
|
| I believe I was in 4th or 5th grade and one night, I was playing
| Diablo 2 online with my cousin. My family was still using dial-up
| at the time so I was using one line to play and the other line to
| talk to my cousin on the phone. It was getting late and I was
| getting tired so I told my cousin I was going to call it a night.
| I exited Diablo 2 and continued talking to him on the phone. All
| of a sudden, I noticed a window pop up on my screen and it read:
|
| "MASTER: what are you doing?"
|
| I immediately asked my cousin if it he was messing with me. He
| proclaimed to not know what I was talking about and for a little
| bit I didn't believe him. I clicked in the chat box and asked:
|
| "SLAVE: who is this?"
|
| Anytime I messaged back it labeled me as "SLAVE." Anyways, the
| chat continued and the person told me to "look behind me." Mind
| you I'm in the basement and there was nothing behind me besides
| my dad's computer desk. This is where it got spooky:
|
| "MASTER: who are you talking to on the phone?"
|
| At this point, my cousin swore it wasn't him and I believed him.
| I looked up at my monitor and chills were sent down my spine. My
| mom had just given me a webcam for Christmas (I guess they had
| just become popular) and it was at this point I realized this
| person had been watching me this entire time. I panicked and
| immediately pulled the phone cable from the back of my Dell. It
| was hard to sleep soundly that night.
|
| Believe it or not, I'd like to think this person gets partial
| credit for sparking my interest in computer security. From that
| point on, a chain reaction started and I began to immerse myself
| in security and became fascinated with learning about its
| history. Today, I happily have a career in the field :), but I
| still think back to this story from time to time and wonder what
| exactly happened.
|
| Could it have been a Diablo 2 exploit? Maybe I joined someone's
| hosted game, they were somehow able to get my IP address, and
| then possibly exploited Windows XP? The chat window mechanism
| seemed pretty unique to me (maybe I'm wrong) like this person
| created it themselves. I'd be curious to read other people's
| theories. Maybe the person that executed the attack reads this
| post and can explain it all... :)
| phendrenad2 wrote:
| It's amazing how vulnerable Windows used to be. And despite that
| it took over the computing world. Ah to live in the pre-internet
| days.
| themark wrote:
| I installed this on a pc at work when it came out to see what it
| could do.
|
| I must have forgot to shut it off because there was a gang of
| security people in my office the next morning.
| HenryKissinger wrote:
| It seems you've been living ... two lives, Mr. Anderson.
| ridaj wrote:
| It's interesting that your place of work was loose enough about
| security to let you install stuff off of the internet as it
| came out, yet paranoid and skillful enough to actually notice
| and get you in trouble the next day!
| themark wrote:
| I know what you mean. I recall that installing software from
| the internet was rather novel in the late 90s.
| jadams5 wrote:
| Oh man, yeah also adding to the list of people that abused their
| highschool computer labs with this. We had so much fun, but we
| eventually drew the ire of the school IT admin. After class one
| day the teacher took us aside with the admin and asked if we had
| installed BO on the computers, which we of course denied... they
| "believed" us, heh, but gave us a stern warning that whoever was
| doing it should stop. We would have all probably ended up with
| felony charges these days.
|
| The next year, so 1999, we actually got approval to attempt to
| change our grades as an exercise. We actually managed to do it by
| sneakily copying a floppy one of the teachers used to store their
| grades with a program called Integrade. We took it home, reverse
| engineered the password protection to disable it, changed our
| grades on the copy, re-enable the password protection with the
| original password, and turned that in as our proof. Our teacher
| was impressed and super sketched out/nervous at the same time. I
| guess they never considered we'd succeed and get access to the
| whole class's grades...
| xtracto wrote:
| Tangentially related but, back in the late 90s in my first year
| at BSc Software Eng. I got in trouble because I cracked the
| password of a Win98 program called Protect-Z which put some
| user controls I my Uni's labs machines.
|
| The funny thing is that when the person in charge of all the
| labs found out I had the password, he asked me how did I get
| it. When I explained to him about how I attached to the
| protect-z process and debugged it to get the password , he
| didn't believe it was possible.
|
| Great times... as someone said, these days you'll surely get
| suspended or worse.
| ryanmarsh wrote:
| I was suspended from school for things like this circa 1997. It
| was all relatively harmless but absolutely against the letter of
| the law. I wonder what would happen today to a young person
| exploring computer security and getting caught in shenanigans at
| school. Would they go to prison?
| deusum wrote:
| The seemingly unconstitutional - but very common - practice of
| trying minors as adults makes me uneasy for future security
| "explorers".
| davewritescode wrote:
| This brings back fun memories of teenage mischief. Used sit
| around IRC channels with mIRC scripts looking for people who had
| the default BO port open.
|
| Between that and unsecured smtp relays that didn't limit the from
| address, we had lots of fun.
| malloc2048 wrote:
| And Winnuke, when you knew an unsuspicious user without a
| firewall (which was a necessity on IRC those days) saw his
| Windows crash when the user left with error message:
| "connection reset by peer"
| peejfancher wrote:
| I used to use this tool to mess with my college computer class
| professor. Me and a buddy installed it on the teachers computer
| that she used to instruct the class. We did mostly innocent stuff
| like closing windows or messing with the browser a bit.
| Occasionally we would reboot her computer when it was close to
| the end of class and we didn't want to start something new. We're
| both still coders to this day.
| InvertedRhodium wrote:
| I was 13 when it came out, and my targets of choice were my
| peers rather than the teacher - I eventually got caught and had
| my account locked for 6 months as punishment. I don't recall
| exactly how I got caught, but no doubt it was something dumb
| and avoidable like talking about it.
| AnIdiotOnTheNet wrote:
| I'm wondering if people like you have grown up to be the people
| who break user interfaces needlessly, write cookie popups,
| integrate ads and telemetry, and force updates on things that
| don't need them.
|
| In other words, did you grow out of your childish shenanigans
| or are you just getting paid for them now?
| batch12 wrote:
| Nah, some of us now use the knowledge gained to defend
| against real threats.
| richardfey wrote:
| Doubt it. Those are introduced by your next seat hip frontend
| developer
| grubbs wrote:
| I used to do the exact same thing to friends over AIM and
| various computers at my HS.
|
| I now manage a massive HPC cluster for a world renowned
| university. -\\_(tsu)_/-
| S_A_P wrote:
| Wrote about this as a college senior for my computer security
| class. Spent a day or two in the TAMU computer lab with that site
| prominently displayed... that was 22 years ago. I did set up 2
| computers to demo how this worked as part of the presentation but
| never went much further than that. I seem to remember my report
| including hypothetical ways to use a tool I think was called
| silkworm or silk wrapper to disguise this as something else for
| distribution. Time flies.
| alexhawdon wrote:
| Saran Wrap (https://www.itconsultancy.org/malware/name/saran-
| wrap-1-0)
| riffraff wrote:
| I think it was silkrope[0]
|
| [0] http://web.textfiles.com/software/silkrope.txt
| jdmoreira wrote:
| This brings me many good memories of my script kiddie humble
| beginnings. It all started with backoriffice and mIrc and slowly
| it evolved to me wanting to run bitchX and eventually getting
| into linux. It probably took me an year to go from being a
| windows user to exclusively run Slackware and poring over Phrack
| :)
| hestefisk wrote:
| Very much exactly my story! I also did mIRC scripting :)
| riedel wrote:
| Seeing the title of post I immediately felt sentimental. It
| so funny to understand actually understand that so many
| people were socialized with the same tools. I recently found
| the tools compilation CDs my brother used to assemble with
| all those tools. Having Back Orifice on a random computer on
| the internet was somehow the first feeling what the internet
| ment without knowing actually what to do with that. I
| additionally remember spending hours on SoftICE (My biggest
| success was to discover that the only license key to the
| Siemens webwasher adblocker was 'Mr Nuts'.) I wonder if is
| there similarly innocent things today's script kiddie's do.
| k__ wrote:
| I started programming with mIRC scripts too.
|
| I fondly remember writing an anime news bot, that scraped a
| anime news site and spammed it into one of my channels.
|
| I didn't know what HTTP, HTML, loops, or even arrays where. I
| copy-pasted everything from countless sources I found.
|
| Good times.
| dnsco wrote:
| mIRC scripting is why I'm a software developer today.
| mhitza wrote:
| Asynchronous message based programming before it became hip.
| In an ungodly language nevertheless. :)
| earthboundkid wrote:
| Beto's greatest achievement.
| pietromenna wrote:
| Oh Gosh, many many memories of my script kiddie past.
| beermonster wrote:
| Wow. This brings back memories!
| beaconfield wrote:
| wow. this takes me back...
| jmrm wrote:
| Ah, yes. I used that to prank some friends when Windows/MSN
| Messenger started to be a thing. Good memories :-)
| buddylw wrote:
| When I was in highschool in the late 90's, I was really into
| exploring networks and systems I wasn't supposed to be in, but it
| was always about learning technology for me. I found this tool to
| be extremely creepy.
|
| I discovered that my local ISP had the finger port open on their
| dialup gateway. Since usernames were first letter + last name I
| could look up any ip addresses I found in my local firewall logs
| basically by name.
|
| I saw someone trying to connect to this port and knew exactly who
| was scanning for this and eventually found a honeypot listener
| that would allow attackers to connect, but let you control the
| data sent back. I can't remember exactly what I sent, but I
| called out the attacker by name when he connected to my machine
| and he never scanned me again
| [deleted]
| rojeee wrote:
| I installed this on a bunch of school computers when I was 15
| only to open and close the CD-ROM bays to freak out the teachers.
| This was the golden days of computing!
| sneak wrote:
| More fun was popping up obscene dialogs on the computer the
| teacher was using to present to the class on the projector.
| beaconfield wrote:
| OK I have to say this: reading some of the comments here makes me
| think I was actually friends with you back in 1998/1999 because
| that's about when I was doing this same shit in my high school
| computer lab. Small world.
| jdalgetty wrote:
| Oh boy! We used to have a lot of fun with this back in high
| school!
| anonu wrote:
| Same. Nowadays kids get expelled for this!
| AnIdiotOnTheNet wrote:
| As more of our lives have become intertwined with computing
| infrastructure, why shouldn't they be? If you routinely broke
| classroom resources or messed with the HVAC you'd probably be
| expelled too.
| twodave wrote:
| We used something like this in the early 2000s called Blade
| Runner. Scary times on the Internet.
| dominicjj wrote:
| Rival company were compromised by BO. We found out and dialled
| in. I watched documents being written remotely by a staff member
| there. It was surreal.
|
| "Need to fill this detail in more for Heck blah blah..."
| hermitsings wrote:
| Today morning out of nowhere, this came to mind. Back Orifice. I
| had a smile when I remembered the first time I read about it.
| What coincidence its on HN today! Or is it?
| _joel wrote:
| Ah, the memories! I brought this into school and a few of my
| mates wanted copies. Word got out amongst the teachers that there
| was some program being used for shenannigans by the pupils. I
| told everyone do delete it but some didn't realise it'd end up in
| their recycle bin and the network admin found out. Saturday
| morning detention material, luckily I didn't got caught :)
| blablabla123 wrote:
| There were some fun tools around at that time :) Also there was
| this Windows bug where by default network sharing was open and
| of course everybody used a modem so there was no NAT/FW in
| between. So you could just connect to a random IP and see
| what's on the disk. (I think there was a tool to find IPs with
| just that port open.)
| _joel wrote:
| And lots of random messages via 'net send'
| aqrre wrote:
| BO reminds me of all new and shiny apps that are meant to "keep
| an eye on kids&spouses" ... or maybe it's the other way around.
| imwillofficial wrote:
| I want to used BO to prank my mom. Having a background in
| computers, once she realized what was happening she dove for the
| network cable. I'd never seen her move so fast.
| dvno42 wrote:
| Like so many others here this really helped me gain an interest
| in computers at a young age. It's sad to think that the shit most
| of us did as kids for fun and learning would land today's
| children in hot water. I lucked out in Jr High, after getting
| suspended for 'hacking the school computers' as the computer lab
| admin caught wind and really encouraged me to learn and provided
| me with a lot of hands on experience that I may not have gotten
| otherwise. Novell, thick net, etc. Good memories for sure.
| tomc1985 wrote:
| Not only that, but some in the modern generation seem to
| genuinely see hackers as the scum of the earth
| derwiki wrote:
| I know it's a movie, but in Hackers they were also seen as
| the scum of the earth: "Hackers penetrate and ravage delicate
| public and privately owned computer systems, infecting them
| with viruses, and stealing materials for their own ends.
| These people, they are terrorists."
| mobilio wrote:
| I still remember it because was one of first RAT available.
| pixl97 wrote:
| There was another called something like netbus right after this
| from what I remember.
| devilduck wrote:
| Not going to read anyone else's story about how they remember
| this program, but this was a good program
| bequanna wrote:
| A few friends and I managed to install this on target machines by
| starting a chain email and claiming the attached .exe was a
| "virus patch".
|
| We would then port scan known IP ranges for our ISP to find a
| machine we could connect to and play with. It was always fun
| trying to determine who actually owned the machine we found. I
| grew up in a small, rural community so it was actually possible
| to figure this out.
|
| This lasted maybe a year or two around 98,99. A very nice memory
| on a lazy Saturday morning, thanks for sharing!
| fanick wrote:
| I think the audience here would appreciate some stories on the
| darknetdiaries.com. There are even several interviews with people
| describing how they got interested in the IT security field in
| their teens in highschool. Can't really recommend any specific
| from the top of my head.
| CTOSian wrote:
| The golden era of the internet ;-}
| bsksi wrote:
| Nothing beats Cabronator
| titoasty wrote:
| Wow, so much memories! BO, Nervous, BitchSlap, mIRC scripts... I
| also remember the famous NetBios hack at this time. Easy to do,
| and you felt like a real hacker! Command lines instead of GUI!
| That was an incredible feeling and it later brought me to Linux..
| and still on Linux (ok on Ubuntu, I'm a casu now :D)
| SV_BubbleTime wrote:
| NetBios... still out there giving gifts. We had a pen test a
| couple years ago and the hackers were easily able to get
| NetBios to use some old legacy feature to request user hashes.
| From there just load them into a GPU heavy cracker and 50% of
| our company user passwords in a few hours.
|
| The IT company at the time had no idea they shouldn't enable
| netbios unless it was actually required for something.
| sulmanen wrote:
| Classmate got expelled from high school for installing this on
| school computer
| theshadowknows wrote:
| My very first "school computer incident" was so innocent by
| comparison for most people.
|
| I was maybe 11 and I was learning about batch files and I made
| one named win.bat that printed "hello". Well I'm sure most
| folks know what happened next time the computer rebooted
| ...hello hello hello hello hello...and the computer teacher
| said I had installed a virus and tried to kick me out of
| school. Luckily I was only expelled from computer class for the
| rest of the year.
| richardfey wrote:
| What an idiot computer teacher you had. They should have
| catalysed your desire to learn and discover more.
___________________________________________________________________
(page generated 2021-09-04 23:00 UTC)