Author Topic: Most rewarding hack you've ever done?  (Read 42474 times)

0 Members and 5 Guests are viewing this topic.

Offline vezzy

  • Royal Highness
  • ****
  • Posts: 771
  • Cookies: 172
    • View Profile
Re: Most rewarding hack you've ever done?
« Reply #45 on: November 27, 2012, 02:58:57 am »
Accessing several political party websites.

Also at my (former) school, I was commissioned to design the school website after Microsoft announced the end of their Office Live service (yes, they actually used that). I recruited a friend of mine to help a bit with forums and configuration, but mostly make me company. We were excused from periods constantly throughout this time, and were called to various teachers' and staff offices frequently to make status reports and gather information, so we saw a lot about how their systems worked [some of these documents had some curious info].

Either way, one day we found out their (rather pathetic) password to one of their educational project emails. We decided to test it on their main one, and found out it worked. There is a lot of juicy info in there that could seriously put them at risk if leaked. I recently found out from my friend that they opened a third email, once again with the same password. So basically, we control their website, their three email accounts and have all sorts of insider documents that they voluntarily gave us (I have moved since then, btw).

Now I know this isn't exactly a hack, but the point is they trusted us... perhaps a little too much. No social engineering, they just gave away everything to us like that.
« Last Edit: November 27, 2012, 04:18:49 am by vezzy »
Quote from: Dippy hippy
Just brushing though. I will be semi active mainly came to find a HQ botnet, like THOR or just any p2p botnet

Offline Ragehottie

  • Knight
  • **
  • Posts: 313
  • Cookies: -9
  • Hack to learn, not learn to hack.
    • View Profile
Re: Most rewarding hack you've ever done?
« Reply #46 on: November 27, 2012, 04:05:11 am »
Accessing several political party websites.

Also at my (former) school, I was commissioned to design the school website after Microsoft announced the end of their Office Live service (yes, they actually used that). I recruited a friend of mine to help a bit with forums and configuration, but mostly make me company. We were excused from periods constantly throughout this period, and were called to various teachers' and staff offices frequently to make status reports and gather information, so we saw a lot about how their systems worked [some of these documents had some curious info].

Either way, one day we found out their (rather pathetic) password to one of their educational project emails. We decided to test it on their main one, and found out it worked. There is a lot of juicy info in there that could seriously put them at risk if leaked. I recently found out from my friend that they opened a third email, once again with the same password. So basically, we control their website, their three email accounts and have all sorts of insider documents that they voluntarily gave us (I have moved since then, btw).

Now I know this isn't exactly a hack, but the point is they trusted us... perhaps a little too much. No social engineering, they just gave away everything to us like that.


Seems like social engineering....
Blog: rexmckinnon.tumblr.com

Offline silenthunder

  • Royal Highness
  • ****
  • Posts: 700
  • Cookies: 23
  • Anpan.
    • View Profile
Re: Most rewarding hack you've ever done?
« Reply #47 on: November 27, 2012, 05:50:53 pm »
The only hack I've ever done that I wasn't the victim of got me suspended from the school's computer.. Basically all I did was secure one of the computers as my own by putting an admin password on in through BIOS. Then I used a win7 repair disc to get access to the administrator account on the computer, and then used that to get to the network administrator's account. That account had the password for the wifi on it so I made up some BS about how I cracked it and handed it out to everyone. After a couple days a teacher noticed the locked computer and automatically blamed it on me cuz nobody else knows how to use a fucking computer here -.-.


"Hacking is a lifestyle, a specific mindset, and it really is a lot of work." - Daemon

"Just wanted to state that this is just wicked social engineering at its best." - proxx

Offline EmilKXZ

  • Peasant
  • *
  • Posts: 109
  • Cookies: 10
  • likes monies :p
    • View Profile
    • EmilKXZ
Re: Most rewarding hack you've ever done?
« Reply #48 on: November 28, 2012, 05:35:11 pm »
That has happened to me @silenthunder.

I learned that in a dumb environment, you must play dumb too. Become a secret genius lol.
« Last Edit: November 28, 2012, 05:39:19 pm by EmilKXZ »

Offline kingboo

  • /dev/null
  • *
  • Posts: 5
  • Cookies: 0
    • View Profile
Re: Most rewarding hack you've ever done?
« Reply #49 on: November 30, 2012, 12:21:57 am »
My rewarding hack was when I had to install TinyLinux on an antique laptop... with floppies, lol.
You can read the documentation here and here.

That is badass. Nice job man.
"In the long history of humankind (and animal kind, too) those who learned to collaborate and improvise most effectively have prevailed."
- Charles Darwin

Offline Xires

  • Noob Eater
  • Administrator
  • Knight
  • *
  • Posts: 379
  • Cookies: 149
    • View Profile
    • Feed The Trolls - Xires
Re: Most rewarding hack you've ever done?
« Reply #50 on: December 02, 2012, 09:14:16 pm »

There's so much crap from the past that's awesome & interesting that I couldn't possibly list them all(can't even remember them all).  So I'll offer a small selection of things that I do recall.  As most of you know, I'm long-winded so either brace yourself or skip the post.

    Once upon a time, back in the good old days of the BBS, a friend & I had 'hacked' an office building through a series of social engineering, building custom equipment, wiring the equipment into the building, etc.  It was one of my favourite early complex hacks.  Now that most of the businesses no longer exist, I feel it safe to share a little bit about it.
    The target was an office building not far from where I went to school.  This particular office building is the type that holds offices for different companies.  You usually have one company that rents out an entire floor or so or occasionally a floor that is split between a couple different companies.  The target building held offices for a small law firm, a document processing company, an insurance company and a company that developed, sold & supported voice mail systems.  Of course, our primary focus was the voice mail system company, but being the ego-driven kids that we were(I was 11 or 12 & my friend was 16), we figured it'd be most excellent to take over the entire building and secure our place among our peers as masterminds.
    The hack started out with me going to the office building every day after school for about 2 to 3 hours.  This continued for a week or two until the lobby staff began to recognize me easily and relax when I was around.  I started out by bringing my Atari Lynx(damn, I miss that thing) and playing it for a while and then going outside to 'play'(which was really my excuse for disappearing out of sight without anyone 'knowing' who I 'belonged' to).  After a while, I decided to start bringing homework so that I could occasionally ask for a pencil sharpener or something to spark minor social interaction with the staff.  Eventually, they became comfortable enough that I could just continue past the lobby into the rest of the building.  At this point, I worked with the assumption that I was someone's kid, whilst carefully avoiding specifying precisely whom.  Soon, I was able to convince some people to let me type on the computer and since I was young, minor annoying sounds provoked them to put me somewhere secluded where I could play on a computer without interrupting anyone's work.  That is when I started hacking the local network and eventually put my friend on payroll using one of his fake IDs.  Then he started coming into the office as some lowly evening janitorial staff and we started hacking away at the rest of the building.
    In a couple instances, we had to use money from my friend's paycheck to buy some small equipment from Radio Shack to do things like tap phone lines, run new cabling, etc.  I eventually got the idea to use an office equipment distributor to deliver new equipment to us and bill it to one of the businesses in the building.  This also gave me a good excuse to introduce myself to other offices by carrying equipment between floors.  The distributor would deliver it to the building, to the floor they were supposed to, where my friend would sign for it.  Then we would slap a delivery label for another office on the box and I would hand carry it there, convincing them that it had been delivered to the wrong floor by accident.  Finding the candy jar on every receptionist's desk, I would help myself and strike up a conversation with whomever sat there.  This way I could pick up names in the office and even find a way to copy signatures("Hey Miss D., can I do something to help?  I'm really good at stamping, do you want me to help stamp some stuff?  I was the best stamper in grade school.  Oh, is that a paper for Mr. J?  I could take it to him if you want.  Does it need to be stamped?"  They always gave in.).  They tell me to deliver a paper, I copy the signature on it on my way there.  The assumption that I'd stop to bug some random person on the way meant they didn't ask what took me so long and I was rarely ever expected back.
    We used information from the voice mail system company to take over some VMBs at other corporations.  We were able to set up call relay on a few of the VMBs and eventually used some of those to connect to BBSs.  Through some private exploits that we'd developed for a few popular BBSs, we were able to take admin on quite a few and some of them actually provided dial-out access.  My friend got the idea to patch the BBS software so that file uploads would be copied to another system.  Since we had access to all the companies in the office building, we used their file servers to store all the data.  Since we didn't want the BBS to dial directly into the offices where we were, I used some of the VMBs as storage mediums.  The BBS would, when it received a file, store the file locally and when done, dial out to a number that would always go to voice mail.  It would then essentially fax the uploaded file as a voice mail and the VMB would store it until it was later retrieved by the office systems we were using as file servers.  It worked quite well for almost a year but eventually some BBSs would update or the chosen VMBs would be changed or phone numbers would get reassigned(I can only imagine what someone would think when they checked their voice mail and received a fax in their ear).
    It was 'rewarding' because we were able to get A LOT of useful information quite easily.  We got source for some major office software, private exploits(there wasn't really a 'release' concept back then so "0day" wasn't a term we used), important business documents for some local companies, etc.  The greatest thing was that, since we started this whole process by social engineering our way into the office building and eventually used that to get my friend a 'job' there, the companies themselves paid for the hack against them and we actually made a monetary profit too.

    Something unrelated(but I just remembered whilst I was reliving the above); there was a time where a different friend & I were trolling a BBS whilst we hacked it.  One of the BBS admins, respected by all the other admins as well as the rest of the membership as the best one there, just couldn't avoid trying to make someone look like crap in front of everyone else when they showed the slightest hint of noobishness.  So we decided that the greatest distraction was to play the noob part whilst we hacked not just the BBS, but his personal machine as well.  Toward the end of the conversation, we told him that we would go but we didn't want to leave it like that.  So whilst I distracted him with my 'making ammends' SE work, my friend grabbed a picture of a piece of pizza, copied it w/ an office copier, messed up the paper w/ some folding & rips, copied the messed up copy and then faxed it to him.  He laughed so hard and made fun of us for trying to fax a pizza and fucking up the fax machine.  It literally took him like 20 minutes to realize that he'd never given out his phone number.  As soon as we realized he'd figured it out, we disconnected him from the BBS, changed all the admins credentials, took over the BBS & announced to everyone that they'd been a great audience and if they had any complaints, they could call his number(at which point we publicly displayed his name, ph#, address, etc.).
    It was rewarding to get revenge on an asshole who needed to be put in his place.

    Yet another funny story; one time I got caught dumpster diving and I ran from the security guard(who was some distance away).  I turned the corner and promptly ran into a pole, knocking the wind out of myself and falling on the ground.  When the security guard caught up, he made sure that I was okay and then asked if I could describe the hobo that pushed me over.  Apparently he thought the guy he was chasing was older/taller and because I was a kid, he never suspected me.
-Xires

Offline silenthunder

  • Royal Highness
  • ****
  • Posts: 700
  • Cookies: 23
  • Anpan.
    • View Profile
Re: Most rewarding hack you've ever done?
« Reply #51 on: December 02, 2012, 10:00:23 pm »
This just happened the other day, not even a hack at all but I got 10 high-5s for it :D

There was a short power surge that hit the entire town last Wednesday, lasted for about 15 seconds or so. My home network completely freaked out and it took me about 20 minutes to get everything reset in the right order etc., no big deal. The next day (Thursday), I go to work (grocery store) and our credit card machine in lane 1 wasn't working (error message: "no connect"). The manager came and called the manufacturer and went through a multi-step troubleshooting process that ultimately failed, and she gave up after about 40 minutes of playing with it. She told the manufacturer to overnight a new machine to the store because we only have 2 lanes in the store. She was on her way to her office when I caught her and told her to ask the owner for permission to let me play with the machine and see if I can get it working. The first step I took was browsing every application on the machine and seeing which ones did what, resulting in me knowing how they work. There was a pinging tool. It offered the options to ping the server, the backup server, and a few other servers like Gate City Bank and Citizens State, etc. Pinged them all, no response. For some reason there was also the option to ping the default gateway, no response. That immediately told me it wasn't connected properly to the router, so I went to tell the boss man that I figured it out and if he'll give me access to his office I'll fix it. He said I have 5 minutes, so I had someone unplug the machine in the front, I turned off and reset the router, plugged the machine in again, turned on the tills so he wouldn't notice that I shut down the internet, told him "of course this will work" because I'm "soon to be microsoft A+ certified", tested the machine and it was good to go. Took a total of 11 minutes from the time I asked to play with the machine. All I was given was 10 high-fives...I should raise my rates -.-


"Hacking is a lifestyle, a specific mindset, and it really is a lot of work." - Daemon

"Just wanted to state that this is just wicked social engineering at its best." - proxx

Offline iTpHo3NiX

  • EZ's Pirate Captain
  • Administrator
  • Titan
  • *
  • Posts: 2920
  • Cookies: 328
    • View Profile
    • EvilZone
Re: Most rewarding hack you've ever done?
« Reply #52 on: December 03, 2012, 02:14:04 am »
...A LOT of text...








<3  :-*

----------------------------------------

@silenthunder
Here's another :P
* skidiot.h gives silenthunder a HIGH FIVE!

So now you have 11, is that better for your rates?
« Last Edit: December 03, 2012, 02:16:52 am by skidiot.h »
[09:27] (+lenoch) iTpHo3NiX can even manipulate me to suck dick
[09:27] (+lenoch) oh no that's voluntary
[09:27] (+lenoch) sorry

Offline techb

  • Soy Sauce Feeler
  • Global Moderator
  • King
  • *
  • Posts: 2350
  • Cookies: 345
  • Aliens do in fact wear hats.
    • View Profile
    • github
Re: Most rewarding hack you've ever done?
« Reply #53 on: December 03, 2012, 02:48:55 am »
Stuff...


I do this daily since I work tech support lol. The person they called was incompetent [lol inside joke].
>>>import this
-----------------------------

Offline Xires

  • Noob Eater
  • Administrator
  • Knight
  • *
  • Posts: 379
  • Cookies: 149
    • View Profile
    • Feed The Trolls - Xires
Re: Most rewarding hack you've ever done?
« Reply #54 on: December 03, 2012, 03:25:38 am »
This just happened the other day, not even a hack at all but I got 10 high-5s for it :D

There was a short power surge that hit the entire town last Wednesday, lasted for about 15 seconds or so. My home network completely freaked out and it took me about 20 minutes to get everything reset in the right order etc., no big deal. The next day (Thursday), I go to work (grocery store) and our credit card machine in lane 1 wasn't working (error message: "no connect"). The manager came and called the manufacturer and went through a multi-step troubleshooting process that ultimately failed, and she gave up after about 40 minutes of playing with it. She told the manufacturer to overnight a new machine to the store because we only have 2 lanes in the store. She was on her way to her office when I caught her and told her to ask the owner for permission to let me play with the machine and see if I can get it working. The first step I took was browsing every application on the machine and seeing which ones did what, resulting in me knowing how they work. There was a pinging tool. It offered the options to ping the server, the backup server, and a few other servers like Gate City Bank and Citizens State, etc. Pinged them all, no response. For some reason there was also the option to ping the default gateway, no response. That immediately told me it wasn't connected properly to the router, so I went to tell the boss man that I figured it out and if he'll give me access to his office I'll fix it. He said I have 5 minutes, so I had someone unplug the machine in the front, I turned off and reset the router, plugged the machine in again, turned on the tills so he wouldn't notice that I shut down the internet, told him "of course this will work" because I'm "soon to be microsoft A+ certified", tested the machine and it was good to go. Took a total of 11 minutes from the time I asked to play with the machine. All I was given was 10 high-fives...I should raise my rates -.-

Just so you know...this is kinda the epitome of 'hacking'. Well done.
-Xires

Offline silenthunder

  • Royal Highness
  • ****
  • Posts: 700
  • Cookies: 23
  • Anpan.
    • View Profile
Re: Most rewarding hack you've ever done?
« Reply #55 on: December 03, 2012, 04:25:00 am »

I do this daily since I work tech support lol. The person they called was incompetent [lol inside joke].

The person they called actually somewhat new what they were talking about, but they didn't follow the steps of troubleshooting -.- step 1: make sure its plugged in. They didn't even ask that D: they just assumed it.

@silenthunder
Here's another :P
* skidiot.h gives silenthunder a HIGH FIVE!

So now you have 11, is that better for your rates?

YES! Finally I can pay the goddamn rent.

Just so you know...this is kinda the epitome of 'hacking'. Well done.


I suppose it kindof is isn't it.. thanks for the compliment :D


"Hacking is a lifestyle, a specific mindset, and it really is a lot of work." - Daemon

"Just wanted to state that this is just wicked social engineering at its best." - proxx

Offline iTpHo3NiX

  • EZ's Pirate Captain
  • Administrator
  • Titan
  • *
  • Posts: 2920
  • Cookies: 328
    • View Profile
    • EvilZone
Re: Most rewarding hack you've ever done?
« Reply #56 on: December 03, 2012, 06:27:19 am »
I suppose it kindof is isn't it.. thanks for the compliment :D


Coming from Xires, it defintaly is a compliment
« Last Edit: December 03, 2012, 06:27:43 am by skidiot.h »
[09:27] (+lenoch) iTpHo3NiX can even manipulate me to suck dick
[09:27] (+lenoch) oh no that's voluntary
[09:27] (+lenoch) sorry

Offline awbs

  • /dev/null
  • *
  • Posts: 8
  • Cookies: 0
    • View Profile
Re: Most rewarding hack you've ever done?
« Reply #57 on: December 04, 2012, 09:29:53 pm »
These posts... are hilarious.
I wish I could do these things, lol.Every kid would give me food during the break to hack into the school wifi.

Offline techb

  • Soy Sauce Feeler
  • Global Moderator
  • King
  • *
  • Posts: 2350
  • Cookies: 345
  • Aliens do in fact wear hats.
    • View Profile
    • github
Re: Most rewarding hack you've ever done?
« Reply #58 on: December 04, 2012, 11:09:36 pm »
These posts... are hilarious.
I wish I could do these things, lol.Every kid would give me food during the break to hack into the school wifi.


You could if you learned how to.
>>>import this
-----------------------------

Offline Daemon

  • VIP
  • Baron
  • *
  • Posts: 845
  • Cookies: 153
  • A wise man fears a gentle mans anger
    • View Profile
Re: Most rewarding hack you've ever done?
« Reply #59 on: December 05, 2012, 12:46:05 am »

Xires, im really fucking amazed that no matter where i go, what sites i join, you are damn near always an Admin, or Network Administrator, or in some way a person of authority.

I didn't know this, but it doesn't surprise me. Xires knows what's what and he's not an arrogant douche just because he's good either. Rather, he enjoys helping and teaching others. Dudes admin material and everyone knows it lol
This lifestyle is strictly DIY or GTFO - lucid

Because sexploits are for h0edays - noncetonic


Xires burns the souls of HF skids as a power supply