4/1/2025 at 3:58:10 PM
In high school, we had a Netware 3.12 environment, and the Guest account was enabled, albeit with very limited privileges. But for some reason, Guest could still use NET SEND, which popped up a little message in the bottom row of the destination machine's display.The whole district shared a T1 connection to the internet. Which was more than plenty for email, but as this world-wide-web thing started gaining traction, it became quite the bottleneck. And as some of us had discovered mp3 files, the slowness simply would not do.
One day there was some severe weather and a power hiccup during school hours, and every station got a message from ADMIN informing us that the server room was running on UPS power and we should save our files and log out immediately.
Hmmmm.
A few weeks later, one of the bright sparks in the technology program realized that having everyone log off would free up some bandwidth. So he logged onto the next machine over as GUEST, and used a NET SEND ALL "SERVER ROOM POWER FAILURE - 11 MIN OF BATTERY REMAIN - SAVE FILES AND LOG OFF" and sure enough, within about a minute, the whole T1 was his. Did what he needed to do (i.e. leeching an entire fserv) for about 8 minutes, then NET SEND ALL "POWER RESTORED - RESUME YOUR WORK".
A few weeks later some hot commodity had just dropped and he repeated the drill. It still worked.
Nobody noticed that these messages came from GUEST, even the district administrator, who eventually called an electrical contractor to figure out why the power in the server room was so flaky. Someone eventually pointed it out to him, which got a very red-faced "that's really clever but please knock it off", and no further punishment. The next day, the Guest account had a lot fewer privileges.
by myself248
4/1/2025 at 6:48:33 PM
> In high school, we had a Netware 3.12 environment, and the Guest account was enabled, albeit with very limited privileges. But for some reason, Guest could still use NET SEND, which popped up a little message in the bottom row of the destination machine's display. > ...Nobody noticed that these messages came from GUESTYou mention Netware, but as I recall the Netware function you describe was just "SEND" and "NET SEND" was a Microsoft networking thing. (But maybe there was some integration between the two after my experience with Netware, who knows.)
I mainly wanted to say, as someone who used/abused a Netware network in high school, I disassembled the SEND program and discovered that the username included in the message is not authenticated at all -- the IPX (or NETX, I forget which) software interrupt just took a string, and the SEND executable formatted the username into this string. So by crafting your own SEND program that used the software interrupt directly, you could easily forge any username you wanted. So you could very easily send a message from "ADMIN". :)
This should not be construed as a confession of any network shenanigans that may or may not have occurred at my high school. ;) :D :)
by simmons
4/2/2025 at 2:08:15 PM
> You mention Netware, but as I recall the Netware function you describe was just "SEND" and "NET SEND" was a Microsoft networking thing.It's entirely possible that it wasn't part of Netware, I don't remember the hard details as it was a very long time ago. However, it worked in DOS text-mode (we rarely ran Windows), and my impression was that Microsoft didn't do much network-aware stuff until well into Windows. So that's why I thought of it as a Novell thing rather than a Microsoft thing.
> the username included in the message is not authenticated at all
Oh.... oh dear.
by myself248
4/2/2025 at 10:34:29 AM
I believe that Netware had NET SEND before Microsoft had any networking at all. But maybe I’m wrong. Certainly NT had a netware compatible stack, but this was way after netware blazed the trail.by diroussel
4/1/2025 at 4:16:26 PM
I had discovered the windows net send command as a highschooler too. We mainly just messaged jokes back and forth. One student later decided to try the wildcard to send to everyone, just a simple "Hi". It went out over the entire district hitting multiple schools. I forget why, but no one knew who did it at first. But we had some software installed that let the admin/teacher remotely blank screens or lock the computer, etc. I remember they blanked his screen remotely and once he complained they knew it was him. Didn't get in too much trouble, but I still felt bad for teaching everyone about net send.by pests
4/1/2025 at 5:36:20 PM
Speaking of "feeling bad for teaching someone"... I must have been in 5th grade and this other kid was talking about shorting out a power outlet. I said "What I'd do is unfold a couple of paperclips, stick them into a rubber eraser, then plug that into the outlet and twist it to get the paperclips to touch."A few days later the principal calls me in. "Did you tell him to do this?" "I didn't tell him to, we were just talking about how to do it." "... well, he's done it before. Don't do anything like this again. Dismissed." I still can't believe that I got out of it; petty tyrants love to flex their power.
by linsomniac
4/1/2025 at 6:53:52 PM
:)I’m legit trying to figure out who your calling the petty tyrant flexing their power: - The principal which let off with a warning - The other kid, popping circuit breakers - Or you, ‘corrupting’ other young minds :)
by wingspar
4/1/2025 at 11:07:14 PM
It refers to the principle, who didn't flex his power which came as a surprise. The other kid is a gremlin. GP was playing the clueless engineer type who forgets to give thought to who is asking the question and how the answer will be used.by fc417fc802
4/2/2025 at 11:55:48 AM
>playing the clueless engineer typeOr... Maybe I was just 10 and hadn't really learned that lesson yet. ;-)
by linsomniac
4/1/2025 at 4:45:39 PM
I did the same thing by accident, except mine was "test", I heard murmors around about some strange message on computers in multiple schools in our district, so I fessed up immediately. Our network administrator was just mildly amused about the whole affair and no punishments were carried out.by BrainBacon
4/2/2025 at 11:54:08 AM
I got a three day suspension from school for doing this. I sent something mundane like “hello” to entire school. Few minutes later, the IT admin came running down, told me off and took my details.Made the mistake of telling a couple friends what happened. Said friends thought it would be hilarious to send swear words to the entire school (I was not there).
They played dumb saying they didn’t know what would happen and got off with one day each, I got suspended for three days.
I wouldn’t have minded so much except the next day was an inter-school chess tournament. Thankfully the sympathetic chess coach told me to wait behind the school the next morning and picked me up in the school bus.
by nraf
4/2/2025 at 12:27:44 AM
At least the district didn't send a runner, shouting "cyber terrorism, we traced it to this room!!!" at the top of their lungs [0].by snerbles
4/1/2025 at 4:19:45 PM
I just wrote a comment on this thread and I almost thought you were talking about me for a second. lolby xeromal
4/1/2025 at 5:11:44 PM
In high school a friend figured out you could map any network drive to your desktop and access it (Windows XP), and since everyone in the entire school district had a username of {last name}{first initial}, you could gain read/write access to anyone’s network drive (essentially “home folder”). He used it to get test answers from teachers, I used it to create (empty) folders named “porn”, “porn 2”, et al.Anyway when he was caught (a fellow classmate ratted him out) he got 10 days out of school suspension. The VP threatened to call the police… for what offense I’m not really sure. There seems to be a fundamental misunderstanding of cybercrime and cybercrime laws. I mean was it really unauthorized access (they called it “hacking” of course) if his user account literally had permission to map network drives?
They removed the ability for student accounts to map network drives, but the district IT guy was not fired. I really don’t get that. Maybe the union saved him… but dog, everyone knows you can map network drives by right clicking on the desktop. I never thought to try it, but that doesn’t mean the district’s IT SME gets a pass.
by gymbeaux
4/1/2025 at 5:22:18 PM
> I mean was it really unauthorized access (they called it “hacking” of course) if his user account literally had permission to map network drives?My expectation is that laws probably specify that gaining access that you know you’re not supposed to be able to get is probably illegal, but I get your point.
Reminds me, however, of the pen-testers that got hired to infiltrate a court system and got harassed by a prosecutor despite having explicit approval to conduct an audit.
https://darknetdiaries.com/episode/59/
Our judicial system is ludicrous.
by alsetmusic
4/2/2025 at 3:06:22 AM
The Florida Computer Crimes Act was passed in 1978 so as you can imagine it’s very draconian. I’m pretty sure it was a misdemeanor for 16-year-old me to boot Linux from a live USB as a means to get around the IE-only web filter the school district used.by gymbeaux
4/1/2025 at 10:11:31 PM
If someone didn't question, or otherwise call out, the pentesters activity, that would have been a blemish against the security training of the org being pentested. This is why pentesters need a way to immediately escalate to the hiring party, to satisfy legit concerns over access and ensure those claiming to be pentesters legitimately are.by thwarted
4/1/2025 at 11:14:12 PM
In this case IIRC they did have exactly that but were caught up in drama between different factions within the justice system. Unfortunately a few of the people involved behaved in bad faith and thus they got stuck in jail for a while.The moral of the story, if there is one, is probably a cautionary tale about petty individuals prioritizing workplace politics over ethical integrity.
by fc417fc802
4/1/2025 at 11:18:51 PM
If you listen to the episode you'll learn that such escalation did occur, and unfortunately the harrassment by local LEO did not cease.by Full_Clark
4/1/2025 at 9:58:17 PM
> I mean was it really unauthorized access (they called it “hacking” of course) if his user account literally had permission to map network drives?It may not pass as hacking, but it certainly was unauthorized. Network policy in software should reflect reality, but the source of authority comes from humans. Your friend literally was not authorized to access teachers' files, regardless of poor software configuration permitting the capability.
by chungy
4/1/2025 at 11:49:09 PM
Is it still trespassing if the door was unlocked? Yes. Not sure why so many people have trouble applying the same principles of unauthorized access to computers.by dandelany
4/2/2025 at 1:06:07 AM
The interesting bit is that social expectations matter.There is a social expectation that people can generally only enter your home with explicit permission, and so if they didn't invite you it's trespassing even if the door is unlocked. But maybe you have some close friends who you get used to coming over and just entering even if you may be out at the moment -- and then it's not trespassing anymore.
Remote computer access is a much younger phenomenon than people living in houses, and so social expectations aren't as established. There's a legitimate need for discussion there.
For example, if you have an open webserver that you want people to access, is it trespassing if people fiddle a little with the URLs and encounter documents that you didn't mean to put out there? I'd argue it would make for a healthier and more tech-savvy society if we didn't consider that trespassing.
If we try to push the houses analogy further, it's a bit like inviting people into your house for a big party, and then somebody enters a room that you didn't want them to enter. It's a faux-pas, but you'd probably also have a hard time if you tried to label it trespassing.
by atq2119
4/2/2025 at 3:27:33 AM
There are echoes to discussions a few months ago about IMG_0001.https://news.ycombinator.com/item?id=42314547
The site displays random, ancient videos uploaded from the early iPhone YouTube app, often without people understanding what they were doing.
I tend to err on the side of caution: I don't expect most people to be tech savvy, and I think those of us who are must exercise restraint to avoid trespassing.
by macintux
4/2/2025 at 12:18:39 PM
I actually agree with you, but the point is the balance.Don't steal. Don't share embarrassing or humiliating information you may come across.
At the same time, there should be safety from prosecution overreach.
I ask for this mostly not for my current self but for "kids" (including young adults, e.g. college students) who are on a hacker journey in the original sense of the word. As a society, we should encourage rather than stifle that sort of exploration.
by atq2119
4/1/2025 at 8:27:41 PM
Someone at my high school (late 90s/early 2000s) was apparently distributing something on CDRs.I got called into the police station, where a cop asked me, verbatim: "Son, did you copywrite them there CDs?"
by pavel_lishin
4/2/2025 at 3:08:09 AM
Classicby gymbeaux
4/1/2025 at 8:20:54 PM
I did something similar in 7th grade, with the extra naughtiness of charging my peers 50 cents or so to drop the basic Windows games like pinball and Ski Free into their home drive. I created a couple of joke files in my favorite teachers' directories and then notified the IT admin before someone more nefarious saw what I was doing.That admin became my mentor and is now a lifelong friend.
by pathartl
4/2/2025 at 3:10:38 AM
The IT admin at my high school was a prick and from what I’m told took it very personally when my friend was caught mapping network drives.The closest thing we had to a computer class was graphic design where you played with Photoshop and Premier for a year. God forbid we learned to write code or whatever.
by gymbeaux
4/1/2025 at 11:25:45 PM
It sucks when school administrators are needlessly punitive.In my school, some jackass kid made a photocopy of a $20 bill, on a little mid-1990s HP Officejet in the library. Even in those days, they were programmed to make bad copies of US currency (I think they were enlarged and the color messed up). It was more of an innocent “woah look at this thing”, there was no intent or effort to glue it together and try to use it.
The assistant principal, who was a petty drunk who was uniquely unsuited for her job, flipped out and called the secret service. The kid was arrested & had a lot of issues over nothing.
It always stuck in my mind and accelerated the development of my contempt for petty tyrants who experience joy from the pain of others.
by Spooky23
4/2/2025 at 3:14:32 AM
I would imagine as in the professional world, there are certain school jobs that attract sociopaths/narcissists/psychopaths. Yes, I’m talking of course about vice principals. My elementary, middle and high school principals were very nice. The VPs were mostly unapproachable hardasses. It may have something to with the principal vs vice principal responsibilities in the U.S. I’m not sure how it is elsewhere in the world.by gymbeaux
4/2/2025 at 10:21:10 PM
I've never met a principal or vice principal who was not either bullied as a child or a bully.Something about having healthy self esteem in childhood causes you to avoid education administration career paths.
by BizarroLand
4/2/2025 at 1:04:46 AM
Is it really breaking and entering if they left their key under the flowerpot and you found it?by ummonk
4/2/2025 at 5:23:52 AM
Even with a key it is breaking and enteringby lurquer
4/1/2025 at 4:18:55 PM
I have a very similar story. In high school, our library was using a windows environment and through some luck, I discovered NET SEND or something like that. I figured out my friend's computer names and I started sending them messages. We eventually communicated this way even under the strict librarian and I eventually hatched a plan to annoy everyone. I put together a crappy batch file that iterated through every computers name and just mass sent messages but screwed up the iterator and it went forever. I think we had to restart all the computers but no one figured out it was me except my friends.Miss those days and also miss playing soldat on those crappy PCs.
by xeromal
4/1/2025 at 8:21:36 PM
Though no further work is being done on the original and the FLOSS forks aren't ready yet (soldank++ and opensoldat) the game is still playable on modern PCs and even free on steam ;) (Disclaimer: former maintainer)by shoozza
4/1/2025 at 8:50:10 PM
I had no idea it was in steam but we used to play that game all the time. We had probably 10 or 15 guys playing in the library lol.Thanks for making such a fun game!
I'll check it out
by xeromal
4/1/2025 at 6:54:38 PM
Once swapped the system disc of a netware server live. Can't remember why exactly, I think it stared to count bad sectors as we watched and we needed to keep it alive copying the data to the new, to-be system disk. Then we made sure, nobody was logged in, it was about midnight, hit Alt-LeftShift-RightShift-Esc and while Netware paused in the kernel debugger, swapped the disks. Continued the debugger and - it worked :)by jeffreygoesto
4/2/2025 at 1:34:15 AM
A bunch of NET SEND stories in this old thread: https://news.ycombinator.com/item?id=28844101As I said there, back in the day I wrote a C++ program that was basically an IM interface on top of NET SEND. Fun times.
by Cyphase
4/1/2025 at 9:00:29 PM
We used to pull similar shenanigans in middle school. Teacher computers were finally on wifi, So I'd pull out my little android tablet and USB Wi-Fi card. Run an evil AP, deauth, downgrade to HTTP, and put whatever I wanted on the web page. Good times.by _bin_
4/1/2025 at 6:24:59 PM
Oh, wow, Novel Netware. That takes me back to high school.Our computer lab had Novel Netware, I forget which version. Every once in a while, our regular programming classes (Pascal in first two years, C and Assembly Language in third year, Prolog and Theory of Relational Databases in fourth year) would be held in the lab, instead of the classroom, and we would get to put what we learned to use and do some actual programming.
Now, some of us had computers at home and had been using them since before the high school, so we tended to finish our work really fast and then get bored. And just like a lone sharpie cap is the most terrifying thing a parent can stumble upon, so a bored high school kid is the worst thing for your computer security.
Each student had their own account, but teachers shared a limited number of teacher accounts, with special privileges, such as monitoring other students' screens, having full write access to every student's files, etc.
For some reason, I don't remember why, teachers would occasionally go to a student's workstation and log in as a teacher there, to fix the problem. I honestly can't remember why, but it was a common enough problem that it wouldn't raise any brows even if one of us "advanced" kids did it.
So, of course, I eventually came up with the idea of writing a really small and simple program that would look exactly like the Netware login prompt, with one small difference: when you entered the password, it would write it to a file on the filesystem spit out whatever the "incorrect password, try again" reply was, and then execv the actual login program.
The ruse worked perfectly: I called the teacher, they tried to log in, thought they mistyped the password, tried again, succeeded, did whatever it was they were supposed to do, and logged out. Now I had the teacher account password, and so did my best friends in mischief.
We had some innocent fun by pulling a couple of very minor pranks on our fellow students that flew under the radar, so none of the teachers realized that the security was compromised.
But then the annual programming competitions came, and those went all the way from school level, to municipality, to city, to republic, to federal. I was one of the people who qualified to the city-level competition, and what do you know, that year it was hosted in our school's lab.
I finished all the problems with plenty of time to spare, which is how I came up with the "brilliant" idea of helping some of my peers by sharing my solutions with them using the teacher account. Now, one thing they neglected to teach us was the importance of testing, but I'll be honest, even if they did that, I was a typical teenage "gifted kid", which meant I was overconfident and lazy. As a result, everyone who I shared my solutions with happened to have the exact same bugs in them.
A few days later, they called me to the teachers' room in the computer lab, and said that they knew I cheated, that I was already disqualified, and that I should save myself some trouble and explain what I did. So naturally, I came clean and I thought that was the end of it.
Indeed, it was the end of it for me. Nothing else happened, at least nothing of consequence for me. Years later, I found out that I almost got expelled. They held a teacher assembly or conference or whatever it's called when you get all of them together to make a decision, and the decision was whether to kick me out of the school. Fortunately, they decided to let me off with a warning and the official reprimand from the headmaster.
My mom didn't think that was funny at all.
by CodeMage
4/1/2025 at 9:40:21 PM
On Windows these messages are created using SMB IPC and you'd think this would mean the "sender" (user and host) are authenticated, but nope, the sender name is just a string field that can be anything. You'd also think the host would be based on something like the client IP and a reverse DNS lookup, what with the whole Active Directory thing, but nope, it's also just a string field that can be anything. And with SMB IPC you'd think only some privileged component can invoke it, but nope, any user can send those message popup commands to any machine pretending to be anyone on any other machine. I did not make wise use of this knowledge back then.by formerly_proven
4/1/2025 at 10:02:17 PM
In my high school, we put SETI at home on the image used to ghost all the PCs, and set it to run at night. Our high school had a few hundred PCs so we were climbing the leaderboard for a while until the District IT department found out and did not approve of using that much bandwidth...by VirusNewbie
