I started with programming when I was 12 years old. My uncle gave me some Visual Basic 3 books and a CD with Visual Basic 6.0. My English wasn’t that good back then but with the examples in the books I managed to create my first program. If I remember good it was a program to create alert boxes, choose an icon and text, press the button and there was the alert! You’ve to start somewhere… after that I’ve created a lot of useless programs with progress bars, reinvented the wheel by creating my own notepad application etc.
I was pretty fascinated by viruses because the computer of my dad was infected with the Sasser worm which caused the computer to reboot continuously. After the virus was removed I thought; let’s create a virus! So I’ve created a bunch of funny viruses but didn’t spread it outside my home.
High school
At my high school all the computers where kind of locked down. We didn’t have a start menu back then in Windows 2000 with some program every student only had a folder with programs we where allowed to use.
Getting in
I can create a virus so I can crack a school computer right? After a quick Google search I found a program which creates a bootable floppy with a administrator reset program. Next day at school I’ve booted from the floppy, removed the administrator password, restarted and yeah! I’m in! Locally but still… finally a normal desktop and I can install whatever I want. Guess what… The next day in the lunch break I was playing Counter Strike 1.6 with my buddies on school computers! After playing it every lunch break in a week the network administrator at our school noticed it. Instead of shutting it down he joined us from his office!
Going further
The lockers at my high school where automated with a chip. Every student with a locker does have a chip to open it. What if I could open all the lockers? I’ve tried hard but back then I’d no idea how those chips where working so let’s try social engineering. “I lost my chip”, so let’s go to the reception and ask if they can open my locker. I’d to say my name and class, they verified it with my school picture and with 1 click on the screen my locker was open. Alright… if they can do it, why I can’t do it? I’ve watched the receptionist a couple of days and written down the times there was nobody. In that case the glass screen was closed but not locked, there was a usb hub on the desk so let’s fix a USB drive with a remote desktop program on it. But then I’ve to install it, make sure it start on boot etc. What other options are there? A autorun.inf
works on CD’s, why not on a USB drive? Hell yeah! That’s working! Windows 2000 was a great place for viruses. You can imagine how that story ends; the next day a lot of lockers where open when I arrived early at school. I controlled the computer at the reception from my computer at home. Awesome!
Let’s have some more fun
Do you remember net send
? In Windows 2000 it was enabled by default! net send * Hello school!
, after that every computer in the whole school received that message. Pretty funny until I noticed the hostname where the message was send from was in that message. Within 5 minutes the network administrator stood next to me. I’d some fun sending messages to individual computers to irritate my class mates until the network administrator finally found the option to disable it.
What other things can we do? Change the boot screen of Windows? I created another bootable floppy which replaces the ntoskrnl.exe
with a modified one and then reboots the computer. So the next morning when all the computers which contains the modified file in a classroom where booting; my awesome boot screen was visible!
Never changed your test results?
Yes, even that I’ve done at the beginnen with an old test results system at school. Later they moved to a new more advanced system which I did not manage to get into. The old system was running on a server at school which was available through a network shared folder. I just had to search through the school network for open network shares so it wasn’t that hard.
My hacking website
Meanwhile I’d created several “hacking tools”, like a trojan horse, a mail bomber, etc. but I’ve created it just for fun, I’m not using them. That’s why I’ve created a website back then to sell my programs. I gave them some fancy names, played around in Photoshop to make some cool banners for them and done. It was possible to buy the programs by calling to a payed number (for some programs you’d to call multiple times) which costs €1,30 per call. I think I was getting about €0,80 from it per call but it was better then bringing the newspapers around.
On my website I’d for example a program called “MSN Terror” it was a program where you can fill in someones MSN address and when you start it the program will kind of brute force the login. Because Microsoft had a brute force protection after a several tries the account was blocked for some minutes. So when you keep doing that you’re unable to login with that MSN account.
Hello competitors
Back then I was not the only one who was creating and selling “hacks”, a guy who named himself MR-X with his MR-X Shop was doing the same. There was also a website Frukky which was selling hacks he found on the internet. The problem was; Frukky bought hacks at my and MR-X his website and was selling it for less on his own website. So a kind of “war” started. What MR-X did was implementing a backdoor in his new hacks so everyone who bought it and used it was infected but it was just for Frukky. I’ve no idea if he used it and I’ve still no idea who those guys where. When someone knows who these guys are, I’d like to get in touch with them to chat about those days. If you search on the internet some hacks are still available, but they don’t have their own website anymore. If you come across hacks of mine, please let me know. I always used my real name.
University
When I was done with my high school, which I didn’t finish by the way. I’d a company to run, when I was 13 I started a webhosting company and I thought there was nothing more useful to learn at my high school at the age of 15. After some visits at the attendance officer I was allowed to go to the university. In Dutch: “MBO niveau 4” where I started the ICT manager education. Within a few weeks there I arranged exemption for almost all IT related classes because I could prove I already knew it. At some classes we’d to open a computer and tell the teacher where the components are located, really? Also we’d some programming classes where we’d to build a website with HTML tables… come on, you can imagine the education level.
Let’s have some fun!
In the past I’ve created my own trojan horse (still in VB6) which I spread around the school by infecting USB drives (still with the autorun.inf
trick) which all students where using to store there documents. They where reporting to my command and control server so I’ve created a grid of all the computers with the IP addresses. That way I can target individual computers to irritate class mates. I’d no intention to do any damage to all infected computers. It started with shutting down some computers of people I didn’t like that much. MSN was pretty popular those days so with the trojan I was able to change they’re status but I’d the most fun with opening cd drives. One day a teacher was talking to a student and his arm was hanging on a computer. I looked up the IP address, connected to the computer and opened the drive where the hand of the teacher was hanging. You’d to see his face, it was hilarious.
The end of school
About 3 months after starting the education I quit and started full time working. I was not allowed by the attendance officer to work full time from home for my own business. So I started working at a local computer store and ran my own business in the weekends. I did get an offer to finish the education within 1.5 year instead of 4 and skip the first year of the continuing education (in Dutch: “HBO”) but I declined it. So I’ve only finished my elementary school.
My biggest hacks
GHED
When I started with web development I needed webhosting to put my website online. There are some companies which offer free webhosting but most of them inject ads. So after searching around I came across GHED: “Gratis hosting en domein”, in English: “Free hosting and domain”. At the time of writing they still exists but I just read they stop in 2018. You can earn points by clicking on ads, filling out surveys, etc with affiliate marketing. You can trade those points for webhosting or a domain.
You’ll get webhosting at a big hosting company but years ago they had their own dedicated server with all the free hosting accounts on it. That server wasn’t protected that well so I used a c99 shell script to look around on the server which was running on the Direct Admin control panel. I came across a unprotected phpMyAdmin folder, I modified the login script to send me an email when someone uses it and I was waiting. Apparently that one wasn’t used by anyone so let’s do some social engineering: I’ve created a thread on their forum with a link to the phpMyAdmin installation with the question if that’s the right one to use. Guess what… a administrator logged in with the admin credentials, removed the folder from the server and replied with the correct link.
So I received an email with the username and password, logged in with a proxy to the Direct Admin control panel and there we are! I could do anything I want on that server with hundreds of websites hosted on it.
Recent hacks?
I’m a ethical hacker now so I report things I find and don’t abuse it. After shutting down my hacking website I focused on web development which I’m still doing. I’m not doing that much with hacking anymore but recently I published these related blog articles:
– Hacking public GIT repositories
– Magento 1 cacheleak exploit
And did I only create hacks in VB6? No… I also created invoice programs, a radio station program, CD / DVD Magic and much more.
Wrapping up
Some things I regret, other things where so much fun but keep in mind: hacking and abusing it is not allowed by the law! A lot of things I did at school can get you suspended or can bring you in serious trouble! It sounds like a fun story but I’ve been suspended at my high school for a week and one time the police was contacted for stuff I’ve done. It’s getting a little bit long and I haven’t told everything I wanted yet, maybe I’ll update this post later with more stories.