Very funny! I guess is this more of a universal (tech) experience than I had realized: my friends and I spent a lot of time in high school griefing each other with `net send` (and the other `net`) commands.
My memory is fuzzy at this point, but I vaguely recall being able to change others' desktop backgrounds with a remote client. That produced a lot of entertainment value.
A classic at my high school was taking a screen shot of the desktop with icons, setting it as the desktop background, then hiding all the desktop icons.
Bonus points if you could get the teachers machine
I rotated the screenshot to be upside down, set it as a background and then rotated the whole screen on Display settings. So that the background would be on the correct orientation but the mouse cursor and everything would be reversed.
The favorite prank played on me was coworkers changing my wallpaper to a "funny" picture, then renaming *.jpg to *.old and replacing the original *.jpg's with the same "funny" picture. So when I went to change my wallpaper back, it seemed like it didn't work. Harmless (mv *.old *.jpg, slightly more complicated, obviously) and funny!
Yeah, we played around with net send as well, I'm pretty sure you could also shut down other computers with either a net command, or with the shutdown command itself.
We found a way to circumvent the way they prevented third party apps from running and spent hours just playing AoE2 in the "study" hall.
my page didn't load the images (or whatever) in any kind of timely manner, so i bailed on it before they loaded. was there more than just the one pop-up?
ultimately, this is what I thought might have happened. Reading it on a desktop had enough space that the down arrows were probably meant to indicate scroll on mobile, but showed all at once on the desktop experience. However, with all of the blocking that I have sometimes causes render/layout issues when people embed things, so I naturally just assumed something wasn't loading vs lame layout tricks
we used to do similar with the Mac's ability to speak using the command 'say'. we'd ssh into a computer we knew someone to be sitting and have it 'say' something while using their name. at least, until one day, the 'say' app was not longer available!
I worked in an office in the early 2000s that was PC’s but we had a single shared Mac workstation we’d use for tasks like testing things in Safari. I sat right next to this workstation and every time someone would sit there I would ssh in and use `say` to make it say strange things like “help, I’m stuck in the computer”. It was one of those green G3 towers and it would come kind of creepily out of it’s internal speaker.
No one knew who was doing it until one day my friend was using it and I made too much of an inside joke that gave it away.
Reminds me of the day, obviously some years earlier, that a few of us aged about 10 years discovered *NOTIFY and even better, *REMOTE on the Econet connected Beebs we had at school.
The hidden copy of UT resonated deeply with me. We spent many hours playing Doom and Quake in the high school computer lab when the teacher was out of the room. Every time we were discovered we had to hide it somewhere else.
just wanted to say I enjoyed the alert() at the end
It was an absolute free for all when windows machines started to be plugged into campus networks.
The prankster's evolution generally went from net send to NetBus and then to Back Orifice in those days as the tools rapidly made such tomfoolery a point-and-click affair. Interestingly many of the features in these early Windows prankster/hacking tools heavily shaped modern day remote administration / MDM software. I actually remember BO being used as a proper remote management tool in some situations.
Luckily I went to a school that believed in redirecting the (endless) time and (boundless) energy of obnoxious nerds like me, and I spent far more time helping out than breaking things. Or at least I hope… the long tail on the IPX ping was pretty painful to stop.
I did something like this, also on Windows 2000, when I was in high school. It definitely surprised some teachers....
I also discovered that our student IDs and PINs were based on our birthdays, though I was not creative enough to come up with an amusing use of student logins.
One of my friends figured that out a few days after someone sent a net send message to * (they got away with that one by logging in as another user who wasn't in the room before the IT staff VNCed into the machine to see who it was). We ended up getting messages from "GOD" for a while before net set was disabled entirely. One of the teachers knew about this, and his only comment was "if you're going to mess around with this, don't get caught".
A group of people did get caught messing around with the network a while later, but only after they'd privesced their way to a domain admin account, then screwed up with a script that reset a bunch of local admin passwords rather just the one they wanted. Somehow, the existence of a new domain admin account didn't get spotted for weeks before that.
Hehe yes, the API was called something with named pipes IIRC. I created a GUI in Delphi that could spoof net send sender and used it at LANs and school.
That's pretty funny. I worked at a unix shop and occasionally got a kick out of things like the following, if I ever saw one of my buddies logged in at the same time as me:
echo 'Terminal overheating, please blow on screen' > /dev/tty0
I had fun with fork bombs on the VAX/VMS machine at uni. Till the day it ran too quickly for me to stop it. Walk of shame to the CSO to own up and for them to terminate the run-away processes on the Sysop console.
When we did this there was a dos command that came with the cd-rom driver. Something like 'eject'.
We also built a program that would monitor a file on a network drive and run new commands when added to it so we could eject the CD and/or show a message on demand.
Only did this within our club that made the school yearbook which had three computers over two rooms in its own lab so we didn't do anything too dangerous.
I was worried for them, glad it worked out. I wouldn't be so sure about this statement: "now that I’m a grownup I know that [...] we wouldn’t have gotten in very much trouble anyway."
Unfortunately this was the type of thing that would get students banned from the computers, or only allowed to actually use the computers on Friday to do their computer science work (like my friend Dave).
Speaking of NET SEND specifically, I went to a vendor for training once (circa 2000) and they mentioned someone who had recently come for training and was sent home because they had used NET SEND * there. I wonder what their employer thought of that.
Either me or a friend has at some point (in the 80s or 90s as minor students) been: kicked out of computer lab, had notes posted in the library that we are not to "hone our programming skills", kicked out of the Supercomputer Challenge[1], been told (second-hand) we're "a security risk" by the government, been put specifically under remote monitoring by the teacher, lectured, sent to the principle, had the police sent to their house, been told we "probably have an FBI record" and "are putting their parents' jobs at risk" over similar levels of playing around with computers that they let us use, not even trying to do anything particularly "hacker (cracker)"-like.
This is such a typical story of American computing. They treated computer skills as literal witchcraft. It just makes boomers come off as more inept and bald (which is their culture, and seen as a positive amongst their peers) when they say to a 13 year old, "oh you bad student, you clicked an ad knowing it is malware, which installed a virus and penetrated our network, you goblin spawn!". The corollary where the NSA hires the "evil hacker genius" is the cringiest part.
Had 3.5 weeks of excel classes in school, completed everything in 2 days and spent the rest of the time playing quake or annoying the ones not finished with net send in loops. Now that I think about I'm not sure this classroom of computers were on their own broadcast network or not, but they were running an older version of windows that didn't block net send by default while others had a newer version.
Same here. However we discovered that the windows service "messenger" had to be re-enabled on the target machine to make this work again. So we'd sneak into a gullible person's computer, log in (each one of us was an admin, yay!), run "net start messenger" and were back in action!
My favorite discovery was that the "scheduled tasks" folder was shared on every computer in our school. This meant you could do the net send * bomb from a friend / enemies computer, and get them in trouble.
The other fun one was Borland C++ 6 had a limit on how wide the code window could be -- you could only horizontally scroll so far. However, you could hold down tab for a few seconds, then write something like cout<<"logout next time"; in their code. Unless you knew the trick, you'd never find the code afterwards -- you couldn't scroll to the right far enough due to the limitation of the viewing window.
The other thing we did was access network shares which you could see, but if you tried clicking them in explorer they'd say "access denied". The administrator apparently didn't lock things down very hard so a two-line .bat file:
We used to run executable versions of Quake and Tribes off the Administrative share. No need to install. Just run .exe and it threw you into the LAN game.
Our computers weren't that high spec but we did the same with scorched earth.
There was also evidence someone else found this before us because they had filled this one directory with viruses that had extremely obvious .jpg.exe extensions and basically various thirst trap stuff for creepy teachers filling the rest of the filename to click on it. I think I remember access to all of this was lost when this one kid was dumb enough to actually click something in there and he got blamed for it and expelled, which was pretty funny.
When I was in college I realized that they hadn't disabled net send with wildcards on the CS computer network. We all had individual logins.
One day I walk into my lab class and see that a poor soul forgot to logout of his session. I'm sitting with my lab group and explain this "net send *" macro that would send a message to every single account on the system.
Another person in my group says "I'll do it." He types it in and presses enter.
We log out of the account, then log into one of our accounts, see the message, laugh and move on.
The next week, I get to my lab and this kid walks in and says to my lab group member sitting in front of the computer "Can I speak to you outside?"
He goes outside and we think nothing of it, but then I hear my lab partner outside the door say in a raised tone "Look, I have no idea what you're talking about! Goodbye!" and he comes storming back in.
This lab partner was absent the week before and didn't know what had transpired. We ask, "What did that guy want?" He says, "Some BS about how he thinks I sent a message through his account to everyone on the network because he forgot to logout last week and now he's in trouble with the CS department because they think he did it."
Our jaws dropped and I think if he had spoken to anyone else in the group we probably would have laughed and he would have known it was us right away. I still wonder how much trouble he got in on our behalf for embarrassing the CS IT department. Didn't seem like that big a deal to me.
I was working a tech conference, probably around 2001, with about a hundred PCs networked together. A colleague of mine intended to send a simple "net send" message to only my workstation, just as a joke. He messed up the syntax and the popup appeared on every PC in the conference, including the giant screen in the main conference hall. The message: "Fuck you". He was fired the next day.
(Don't feel bad for the guy. Getting fired was the best thing that ever happened to him. He was a weekend "action photographer" [surf/skate/snowboard/...] who decided to go full-time after losing his job. He rode the early-2000s "extreme sports" wave and ended up being quite successful, and more importantly, much happier.)
> Long before FreeBSD, Jordan K. Hubbard earned a spot in Internet history in 1987 when he accidentally attempted to broadcast an rwall message to every machine on the Internet. He stopped it once he realized what was happening, but not before he & the other UC Berkeley network administrators were flooded with complaints.
Got in trouble for something similar in middle school, actually. I would bike over to the high school for my robotics club, and some of the older members had written a privilege escalation script for the Windows machines. So, I brought it on a flash drive to my technology class the next day and ran 'shutdown -i' with admin privs. Being young and stupid, I broadcast a reboot message to all ~700 machines connected on the network, and got a fairly thorough talking-to...
I played with network sniffer on home network (that sent funny packets to switch to make it MITM traffic thru my machine). Except it didn't work/I fucked something up and all traffic went thru my machine.
They couldn't prove it's me so teacher just blanked banned anyone in the library (our class with few of my friends were on the 4 machines in the library) from using machines there for few months.
Then when we got new shiny machines for computer lab I was bored when the teacher was explaining something so I started guessing admin password. It was zaqwsx
When I was studying abroad, I noticed that the Ethernet at my Uni dorm seemed to have a lot of cross traffic. So I ran a simple password sniffer, not knowing it also effectively turned my computer into a giant switch. Soon after I came home to my flat mates saying “the IT department came and kicked you off the internet.” I thought it was a joke, until I saw I wasn’t on. I called and pled dumb, saying I had installed an “internet accelerator” and they believed me and restored access.
FWIW I wasn’t actually going to do anything with the passwords (of which I accumulated many!). It was mostly just a fun nerd flex with no bad intentions.
Similar story; bet with a friend to hack and change his password at university. Accidentally changing all user passwords to some profanity including his name, luckily didn’t get caught.
I mean, if I did the same and lost my job, I'd still say "worth it". I'd still be holding back the sniggers despite the vociferous verbiage flying my way.
I did the exact same thing in a freshman engineering course although the wording of my message was slightly different. My message wound up being displayed on the classroom projector. The Professor (former marine) dispatched the TAs to find the computer it came from. Each computer in the classroom was clearly labelled with an ID so it did not take them long.
I did this prank, only it was more elaborate. We were in the lab, playing around with Windows NT (so all machines were set up with the same Administrator password), and one thing you could do, is to get a remote telnet, and `net send` to yourself, but on the remote machine, so the origin would basically be that person's machine, which makes it impossible to detect the actual sender.
Once the person was sufficiently annoyed, he disabled the Messenger service, but again, because all Administrator passwords were same, it was possible to just connect to the Services snap-in in Microsoft Management Console, and re-enable it, send the message, and immediately disable it, so once that person went to check - the service would be off...
In retrospect it was somewhat cruel, but oh well...
143 comments
[ 5.1 ms ] story [ 241 ms ] threadMy memory is fuzzy at this point, but I vaguely recall being able to change others' desktop backgrounds with a remote client. That produced a lot of entertainment value.
Bonus points if you could get the teachers machine
Good times :D
We found a way to circumvent the way they prevented third party apps from running and spent hours just playing AoE2 in the "study" hall.
By designating the voice, you could even have multiple "people" talking to the user. It got annoying quite quickly to be on the receiving end
Saying that in a school lab wouldn't make much sense
Pretty sure this is how they generated the sound that was used for those commercials once upon a time.
No one knew who was doing it until one day my friend was using it and I made too much of an inside joke that gave it away.
Oh, here’s the manual (PDF), which we never read: http://chrisacorns.computinghistory.org.uk/docs/Acorn/Manual...
It was an absolute free for all when windows machines started to be plugged into campus networks.
The prankster's evolution generally went from net send to NetBus and then to Back Orifice in those days as the tools rapidly made such tomfoolery a point-and-click affair. Interestingly many of the features in these early Windows prankster/hacking tools heavily shaped modern day remote administration / MDM software. I actually remember BO being used as a proper remote management tool in some situations.
Luckily I went to a school that believed in redirecting the (endless) time and (boundless) energy of obnoxious nerds like me, and I spent far more time helping out than breaking things. Or at least I hope… the long tail on the IPX ping was pretty painful to stop.
Combine it with a for loop and you could generously message everyone on the LAN with little effort.
There's a reason why everyone around me turned off the net service after a while...
I also discovered that our student IDs and PINs were based on our birthdays, though I was not creative enough to come up with an amusing use of student logins.
A group of people did get caught messing around with the network a while later, but only after they'd privesced their way to a domain admin account, then screwed up with a script that reset a bunch of local admin passwords rather just the one they wanted. Somehow, the existence of a new domain admin account didn't get spotted for weeks before that.
echo 'Terminal overheating, please blow on screen' > /dev/tty0
We also built a program that would monitor a file on a network drive and run new commands when added to it so we could eject the CD and/or show a message on demand.
Only did this within our club that made the school yearbook which had three computers over two rooms in its own lab so we didn't do anything too dangerous.
Unfortunately this was the type of thing that would get students banned from the computers, or only allowed to actually use the computers on Friday to do their computer science work (like my friend Dave).
Speaking of NET SEND specifically, I went to a vendor for training once (circa 2000) and they mentioned someone who had recently come for training and was sent home because they had used NET SEND * there. I wonder what their employer thought of that.
Either me or a friend has at some point (in the 80s or 90s as minor students) been: kicked out of computer lab, had notes posted in the library that we are not to "hone our programming skills", kicked out of the Supercomputer Challenge[1], been told (second-hand) we're "a security risk" by the government, been put specifically under remote monitoring by the teacher, lectured, sent to the principle, had the police sent to their house, been told we "probably have an FBI record" and "are putting their parents' jobs at risk" over similar levels of playing around with computers that they let us use, not even trying to do anything particularly "hacker (cracker)"-like.
[1] https://supercomputingchallenge.org/22-23/index.php (Not this specific year obviously. More like 30 years ago.)
1. Discover net send
2. Discover net send *
3. Get in trouble for using net send *
The next step was discovering telnet and the schools smtp server.
My favorite discovery was that the "scheduled tasks" folder was shared on every computer in our school. This meant you could do the net send * bomb from a friend / enemies computer, and get them in trouble.
The other fun one was Borland C++ 6 had a limit on how wide the code window could be -- you could only horizontally scroll so far. However, you could hold down tab for a few seconds, then write something like cout<<"logout next time"; in their code. Unless you knew the trick, you'd never find the code afterwards -- you couldn't scroll to the right far enough due to the limitation of the viewing window.
The other thing we did was access network shares which you could see, but if you tried clicking them in explorer they'd say "access denied". The administrator apparently didn't lock things down very hard so a two-line .bat file:
Would get us access to all sorts of crazy stuff.There was also evidence someone else found this before us because they had filled this one directory with viruses that had extremely obvious .jpg.exe extensions and basically various thirst trap stuff for creepy teachers filling the rest of the filename to click on it. I think I remember access to all of this was lost when this one kid was dumb enough to actually click something in there and he got blamed for it and expelled, which was pretty funny.
One day I walk into my lab class and see that a poor soul forgot to logout of his session. I'm sitting with my lab group and explain this "net send *" macro that would send a message to every single account on the system.
Another person in my group says "I'll do it." He types it in and presses enter.
We log out of the account, then log into one of our accounts, see the message, laugh and move on.
The next week, I get to my lab and this kid walks in and says to my lab group member sitting in front of the computer "Can I speak to you outside?"
He goes outside and we think nothing of it, but then I hear my lab partner outside the door say in a raised tone "Look, I have no idea what you're talking about! Goodbye!" and he comes storming back in.
This lab partner was absent the week before and didn't know what had transpired. We ask, "What did that guy want?" He says, "Some BS about how he thinks I sent a message through his account to everyone on the network because he forgot to logout last week and now he's in trouble with the CS department because they think he did it."
Our jaws dropped and I think if he had spoken to anyone else in the group we probably would have laughed and he would have known it was us right away. I still wonder how much trouble he got in on our behalf for embarrassing the CS IT department. Didn't seem like that big a deal to me.
(Don't feel bad for the guy. Getting fired was the best thing that ever happened to him. He was a weekend "action photographer" [surf/skate/snowboard/...] who decided to go full-time after losing his job. He rode the early-2000s "extreme sports" wave and ended up being quite successful, and more importantly, much happier.)
> Long before FreeBSD, Jordan K. Hubbard earned a spot in Internet history in 1987 when he accidentally attempted to broadcast an rwall message to every machine on the Internet. He stopped it once he realized what was happening, but not before he & the other UC Berkeley network administrators were flooded with complaints.
They couldn't prove it's me so teacher just blanked banned anyone in the library (our class with few of my friends were on the 4 machines in the library) from using machines there for few months.
Then when we got new shiny machines for computer lab I was bored when the teacher was explaining something so I started guessing admin password. It was zaqwsx
FWIW I wasn’t actually going to do anything with the passwords (of which I accumulated many!). It was mostly just a fun nerd flex with no bad intentions.
Once the person was sufficiently annoyed, he disabled the Messenger service, but again, because all Administrator passwords were same, it was possible to just connect to the Services snap-in in Microsoft Management Console, and re-enable it, send the message, and immediately disable it, so once that person went to check - the service would be off...
In retrospect it was somewhat cruel, but oh well...