Some weird random anecdote about Back Orifice 2000 (BO2k) that nobody asked for:

We were goofing around in high school with this. Putting it on computers in school and messing around. We sent it over to a classmate. Her father was teachter and we figured she might open it on their home PC. (we were 14 at the time, by the way).

Anyway, we made a fake hotmail address in the name of another classmate. These two people didn't share any classes and were not in eachother little social circle. We sent a couple of emails back and forth pretending to be the other guy but lost interest along the way and nothing happend.

Now for the strange part; forward 18 years or so. I'm in the city, I run into the person who we were sending the messages to... with the person who we were pretending to be. Married and 3 children together.

I'd like to think we brought them together in some strange way.

In AOL Instant Messenger when I was in middle school I bulk messaged a ton of accounts in some teen chat saying “Hi Sarah.” Most of them responded “I’m not Sarah” or similar but a few replied “who is this?” I said “It’s Josh.” Most of them said “I don’t know a Josh” but one of them said “Hi” like she knew a Josh. I then started talking to her and slowly got around to telling her that I had a crush on her. She actually seemed interested and she said she was going to come over to my house to talk about it. Don’t know how that ended but I hope it’s like your story.

I had many 'randoms' added on MSN messenger. Usually acquired through everyone inviting his complete contact list to one conversation. We used to discuss all and sundry back then.

I was always slightly more nervous messaging the girls (obvious from their elaborate emoticon-saturated screen names).

Curiously, one of my friends had a contact named 'korea@hotmail.com' who was always online but never replied.

I sometimes wonder how many of them are doing now.

> Usually acquired through everyone inviting his complete contact list to one conversation.

Man, those were the days... Most of my contacts disappeared one by one (except for 2 which are my oldest friends now!), and it seems like that kind of atmosphere (just adding random people to chat) doesn't exist anywhere anymore, does it?

Smaller Discord servers are close

+1

Some of my favorite random people I’ve met, I met playing in various games then gave them my Discord channel.

Good, good times.

Back at MIT I had a script that would use "finger" to check who was logged into various machines on Athena clusters (MIT public computers) and occasionally send Zephyr messages to two adjacent people, one saying "look to your right" and another saying "look to your left" causing the two people to look at each other.

I like to think a lot of inadvertent introductions and friendships might have been created by the script.

This is great. It’s like the nobler version of trolling.

This is wholesome hacking :)

I’m a bit older and when I was about 14 or 15 I got into assembly language DOS virus writing. This was in 1992 and 1993. It’s actually how I learned x86 ASM. I was involved with an old school hacking (sense 2) group called Phalcon/Skism. Did other fun stuff like “wardialing” with a program called ToneLoc.

Anyway I wrote some viruses and dropped them in my high school computer lab. Several ended up getting loose on the local Cincinnati area BBS scene. One ended up in McAfee antivirus pretty quickly so I assume it spread further. There was basically zero security to stop such things back then.

None of my viruses were designed to do real damage. They would print stupid messages or change your color scheme to funky colors, stuff like that.

This was back when hacking (sense 2) and the computer underground was about a mix of pranks and exploration. It’s not like today where it’s all about serious crime and espionage and the penalties are also serious. It’s definitely not fun anymore.

This reminds me of when I first discovered the Win32 API and used it to write some silly annoying apps in Borland C++ Builder. This was around 1998 and the worst I ever came up with was a persistent pop up that was difficult to remove due to some registry obfuscation. It had a single button that would open the CDROM tray. I put it on every computer in the lab. Good times. You’re right—it used to be playful to hack around. I miss those days.

We played a lot of counter strike during my uni days and at one point I created a prank program that disguised itself as system.exe and listened for mouse movement. It would then inject random but smooth error into the mouse movement. I installed it on a friend's PC and it drove him to white hot rage. I think he destroyed a couple of mice before I owned up and bought him a new high end Logitech laser mouse (which was a novel thing at the time).

That's clever and awesome, in the true spirit of hacking.

I just wanted to write it was a crime still back then and take the example of the first worm in 1988 : https://en.m.wikipedia.org/wiki/Morris_worm TIL: a Harvard student named Paul Graham was quite close to Robert Morris. It is a small world.

you might be interested in seeing the founders of yc https://www.ycombinator.com/people/

Immediately searched for dang when I saw there were portraits there. He seems to be the only one who doesn't show his face!

The ghost in the shell

I never really looked at this page before. Wow, I still kind of think of YC as a small company but the reality is that they have more employees than I thought.

Have you ever happened upon the youtuber danoct1? He plays with old DOS and Win32 viruses.

https://m.youtube.com/user/danooct1

Perhaps one of yours has been featured!

Upvoted. Whoever downvoted you has likely never attended certain universities, and clearly has never been in the military. Doing things that are wrong and fun while still being harmless requires creativity.

For it being called hacker news this place is very conventional. It’s better than /r/programming though.

Burning a 0-day exploit on changing people's backgrounds or color scheme would be a good bit in 2021

There just was little to no security back then. The entire system was a permanent zero day.

Computers were mostly not networked so the threat surface was small, and like I said most hackers in the sense I described were pranksters. Big money and power was just not in it unless you were going after serious specialized targets, and there were less of those and they were pretty much all air gapped.

Air gap was the only real security back then. Just don’t connect it and guard it physically.

Cincinnati was a lot of fun in those days. I was nearby, though most of my "hacking" friends were in Cincy.

Ever meet a guy who went by PADMaster?

No, but there was quite a 2600 group around here back then. A big “elite” (slang of the time) BBS scene too.

And here I thought I was funny when I renamed the internal DOS command “dir” to “duh” on my boss’s computer.

This made my day.

That is a beautiful anecdote

Kris?

Isolde?

Hi party people, this is Sir Dystic, author of the original 1998 Back Orifice. Great to hear all of you reminiscing about my software!

One thing that I did not predict when I released BO: The distribution ZIP contained three files, a readme.txt, the BO server and the BO client. In retrospect, the BO server should probably not have been distributed with the original .EXE extension as a LARGE portion of people apparently downloaded the ZIP, unzipped it and just double clicked on the BO server, immediately infecting themselves.

Keep disturbing shit please.

..--oo] ooM [oo--..

An interesting bit about the internals and development of the BO code: The BO server was written in C and consisted mostly of a single while(1){ switch(command): ... } loop, the only functions were where callbacks were required, and it reused the same 5 variables in main() for everything. I got feedback from more than one security professional that this made it very difficult to reverse engineer. I think when I was writing it my concern was minimal overhead, and not using the stack must save SOME important resources?

When Dildog wrote BO2k I gave him the BO source to start with, he claims he rewrote everything from scratch and seemed a bit horrified by my code, which was never intended for distribution.

..ooM? ..ooM!

The only bug I recall being reported on BO was in the built in HTTP server (which I wrote from scratch in C), if you shared a specific directory with the HTTP server, on Internet Explorer it would not let you click through to sub-directories because of a missing slash at the end I think. I only ever tested it with Firefox which seemed to not care if the slash was present. I found out about this from people who thought it was a feature, and were horrified to find out that anyone COULD access those sub-directories if they manually added the trailing slash or used a different browser.

.ooM.ooF.

Was Firefox around in 1998?

He probably meant Mozilla

You single-handedly made me interested in computers deeper than playing Doom and Duke Nukem 3D. You made a 12th grader who didn’t have a decent computer at home start learning DNS and saving his dollars for a Pentium to start programming on.

I got into so much trouble my Senior year of High School with your software, but it put me on a path.

Your software and NetBus was all I needed. We owned EVERYTHING, and I mean EVERYTHING in our town until we got found out. Naive me at the time thought it was really cool, until the Detectives showed up…

Here’s to you. Thank you.

You're literally the reason I got into IT in the first place. I'd messed around viewing source and writing static HTML for local businesses etc but it was never enjoyable, it just got me extra money towards rent (I had flunked out of highschool and couldn't get a job)... then a friend and I discovered BO and started infecting friends on IRC/ICQ/etc, it blew our freaking minds.

Still got my cDc/l0pht/etc stickers on my old laptop and it led to my entire career. Thank you. I owe you many beers (or glasses of milk I guess).

You're... you're still putting l33t sigs at the end of your messages, like it's still the late 90s and this is USENET.

Frickin' love that.

I bought my first computer in April 1996. I learned a lot about network thanks to BO. I remember always being cautious about client vs server but I managed not to infect myself. Fun times. Thank you, sir.

Thank you for bringing additional fun into our teenage nerd lives. We got in some trouble in those days with BO!

Big fan of yours Sir Dystic, thanks for all the fun and games. All the best and hope you and yours are well.

Thank you for your service

Sy^

Oh man, yeah also adding to the list of people that abused their highschool computer labs with this. We had so much fun, but we eventually drew the ire of the school IT admin. After class one day the teacher took us aside with the admin and asked if we had installed BO on the computers, which we of course denied... they "believed" us, heh, but gave us a stern warning that whoever was doing it should stop. We would have all probably ended up with felony charges these days.

The next year, so 1999, we actually got approval to attempt to change our grades as an exercise. We actually managed to do it by sneakily copying a floppy one of the teachers used to store their grades with a program called Integrade. We took it home, reverse engineered the password protection to disable it, changed our grades on the copy, re-enable the password protection with the original password, and turned that in as our proof. Our teacher was impressed and super sketched out/nervous at the same time. I guess they never considered we'd succeed and get access to the whole class's grades...

Tangentially related but, back in the late 90s in my first year at BSc Software Eng. I got in trouble because I cracked the password of a Win98 program called Protect-Z which put some user controls I my Uni's labs machines.

The funny thing is that when the person in charge of all the labs found out I had the password, he asked me how did I get it. When I explained to him about how I attached to the protect-z process and debugged it to get the password , he didn't believe it was possible.

Great times... as someone said, these days you'll surely get suspended or worse.

At Oxford in 1989 or 90, some kid in the Math+CS program got caught running some password cracking software (reversing the hash on /etc/password) and I think he was expelled for that.

Hex-editing Intergrade at certain points allowed you to bypass authentication and go RIIIIIGHT in.

I didn’t know what that meant at the time, but my buddy sure did.

He was kicked out of school a few weeks later for editing his grades.

Oh wow, yep, that's exactly what we figured out. Their save file format stored the password hash, but didn't actually encrypt or obfuscate the grade data beyond just whatever serialization they were doing. We were starting on figuring that format out when we noticed that creating a new save file with or without a password changed a byte right before the password off and on... flip it off and the app no longer prompted for the password... edit/save in the app, flip it back on, and that was that. edit: I should add, rather than get expelled we got a ton of extra credit for it since it was at least sort of sanctioned.

I ran some training labs full of desktop PCs around the time that BO was released and it was a fantastic tool. It was free and offered a wide range of features for remote administration that win95/98 didn’t have. I could power cycle, re-image, push install .exes, control user accounts, etc all with a free tool. With BO I had complete control of all systems in the lab at a time where that sort of tooling for “legit” uses was prohibitively expensive.

There is also Sub7 from the same period: https://web.archive.org/web/20050401072114/http://www.hackpr...

I remember this - and using the same CD opening closing joke on people in the college lab. The technicians had no idea what was going on. I don’t think they really knew anything about computers - we once found a word doc on one of the computers with every password for the entire college / website etc.

Did this to my Computer Programming teacher in high-school while he sat in the other room and we could watch him visibly confused. Probably the most vivid memory I h ave from high-school.

And NetBus https://en.wikipedia.org/wiki/NetBus

A former "friend" of mine in high school deleted my documents including due school work with netbus or BO (don't remember which one). It really was a shitty thing to do and he was proud of it that I lost weeks of work.

I got revenge couple of months later with a "screensaver" that I've made in Delphi. In reality it would just "crash" with some random error, but actually copy itself on multiple places on the hard drive with windows sounding names, run both as a service and some innocent sounding files etc. It wouldn't show up in task manager. I could send and execute whatever commands I liked. I've deleted his Diablo saves a week later or so, and man he was livid as he wasted months playing. He had no idea what happened as he had two AV programs installed and he was confident it would detect a trojan.

Windows security at that period of time really was a contradiction in terms.

I love that the NetBus website is still online: http://www.tcp-ip-info.de/trojaner_und_viren/netbus_pro_eng....

All hail Netbus. It was so much fun. Those were good times. Pranking and harmless fun.

Wikipedia would seem to disagree:

> “ However, use of NetBus has had serious consequences. In 1999, NetBus was used to plant child pornography on the work computer of a law scholar at Lund University. The 3,500 images were discovered by system administrators, and the law scholar was assumed to have downloaded them knowingly. He lost his research position at the faculty, and following the publication of his name fled the country and had to seek professional medical care to cope with the stress. He was acquitted from criminal charges in late 2004, as a court found that NetBus had been used to control his computer.”

https://en.wikipedia.org/wiki/NetBus

And C:\con\con. Ah, memories.

<img src="C:\con\con">

Sub7 was hilarious with all of it's UI features like custom skins.

I can remember one called Code Red causing a bit of mayhem at work not that long after.

Interesting to read on Wikipedia that work on Sub7 resumed in June this year.

I remember packing jpegs with sub7 payloads and sending to my friends on AIM. The opening and closing on the CD tray is such a classic prank. Best part was that given I was usually the guy my friends and their parents called to fix their computer trouble, I was getting IMs from all of them saying “my cd tray keeps opening and closing”. The reveal of the prank was great except for when I must have done it for like 3 hours while my friend’s mom was using the family computer. She wasn’t very happy with me.

The most fun I had with Sub7 (or maybe it was Netbus?) was opening the CD-ROM drives of computers in the computer lab and watching people's reactions. Good times....

NetBus.

NetBus was the GREATEST Win95/98 remote admin/spying software outside BO.

Network scan? Don’t mind if I do. Huh. So many machines. Let’s see what windows they have open.

alt.sex.grannies (or whatever it was back in the day)

Fire off a message “NO. Turn that off. C’mon, man.”

Actually got a reply back.

“OK. I’m sorry.”

Do the title bar refresh and see it’s closed.

That was my favoritest random memory of NetBus in the wild.

Second popular one was Schoolbus.

Sub7 was a lot of fun. So many options. I will add to the computer lab anecdotes. I gave this to my buddies at school who were in the same crew(we mostly made VB 'proggies' for AOL,) but of course two of them install it in the library computer lab. I told them it's not illegal to have but is to use. They mess with students even doing things like deleting essays being written. The IT people figure it out and my buddies get arrested and cut ties. They are expelled for a whole year and when they come back can't use any school computers. Did anyone ever figure out if there was a backdoor in the backdoor from the maker?

But that kind of stuff is what got me interested in computers and programming back in junior high. Learned the basics of control statements and OOP in a fun engaging way. I made an AOL chatroom mailserver with sendkeys :D and later became more advanced using APIs. These were very much like mIRC but AOL hosted all the files so even better. There were private chatrooms based on just making these things and prewritten libraries floating around. Who remembers genocide.bas?(hey I didn't name it) Anybody have these? I have copies somewhere on a zip drive.

Remember punters? In dialup days you could flood a person with chat messages containing html heading tags that would slow them down rendering to the point they could never catch up. Others eventually found exploits that could crash the app on one message.

The Trojans for AOL were also pretty good. Would capture the password field and once connected open an email in the background and send it wherever, then delete sent. Back then though you could as easily just say you are an admin and ask someone for their password. Your whole neighborhood probably openly sharing through netbeui.

I think it's long enough ago to say I ran an FTP on mirc and the password was like the 5th word on the xdrive free account confirmation page. They started at $2 a referral and I bought a nice 17" ViewSonic monitor to play Quake on in the 8th grade. Other friends bought whole computers. Shut that down when the FTP got hacked and I got a cease and desist letter for 3d studio max, thought the law was coming to break down my door. After that I mellowed out.

"genocide.bas" sounds familiar what is it?

I remember reverse engineering a malicious Internet Explorer VB script to download and execute sub7.

Also, NetBus ...

This brings me many good memories of my script kiddie humble beginnings. It all started with backoriffice and mIrc and slowly it evolved to me wanting to run bitchX and eventually getting into linux. It probably took me an year to go from being a windows user to exclusively run Slackware and poring over Phrack :)

Very much exactly my story! I also did mIRC scripting :)

Seeing the title of post I immediately felt sentimental. It so funny to understand actually understand that so many people were socialized with the same tools. I recently found the tools compilation CDs my brother used to assemble with all those tools. Having Back Orifice on a random computer on the internet was somehow the first feeling what the internet ment without knowing actually what to do with that. I additionally remember spending hours on SoftICE (My biggest success was to discover that the only license key to the Siemens webwasher adblocker was 'Mr Nuts'.) I wonder if is there similarly innocent things today's script kiddie's do.

I started programming with mIRC scripts too.

I fondly remember writing an anime news bot, that scraped a anime news site and spammed it into one of my channels.

I didn't know what HTTP, HTML, loops, or even arrays where. I copy-pasted everything from countless sources I found.

Good times.

I played with ircii scripting, one time I made a bot (probably copied some script from somewhere) that would op folks with a hardcoded irc usermask list.

I then ran one with just a mode that would op anybody upon joining and then when I'd run into folks who were all into bots, I was like "yeah I have one you can borrow for your channel," and then they'd invite it and op the thing, and then it would start opping everybody who joined and the prior owner of the channel would get all ornery about it.

lol irc was like the crackhouse of the internet to me.

mIRC scripting is why I'm a software developer today.

+1 to that.

mIRC was far more accessible to me than programming anything more simple than a text based adventure in BASIC. Then I got into Perl :D

Asynchronous message based programming before it became hip. In an ungodly language nevertheless. :)

Me too. Started writing bots that offer mIRC file downloads and then I had to learn Linux because that was what our only server had installed.

For those not from the NT era the name derives from Microsoft Back Office https://en.m.wikipedia.org/wiki/Microsoft_BackOffice_Server

Back in the good old days we were sending this to random ICQ users saying something like "hey I'm a game developer and made this game, would you like to try it?". I'm not very proud of that tbh.

Yes, now if you do that you end up with a 2000 word threat analysis write up by a network security startup that claims you’re using sophisticated social engineering.

And a warrant for your arrest, probably.

What you could do was embedding the BO exe inside another exe disguised as a jpg picture. When executed it would extract and run BO in the background and also display a jpg. ICQ conveniently didn't display the end of long filenames, so you could send it as "xyz.jpg[20spaces].exe" and it would seem like you just shared a picture. Worked like a charm the one time I tested this technique on an unsuspecting friend during a LAN party.

I used to do this exact same trick with Sub7. Good times.

Or use silkrope to bundle it with any other .exe

Apparently people still do this on Discord.

if I recall correctly, you could attach this to other binaries via silkrope so the receiver would be unsuspecting.

I think we did it to a classmate once :)

I’d bet there’s more than a few people here in respectable places now that learnt to code through VB6, Delphi, python, Perl, PHP to write rats and exploit code.

Yep in highschool it was all VB6 and back orfice shenanigans

it was mainly delphi7, because the executables didn't require suspicious dll dependencies. If you statically linked midaslib, msvcrt was all you needed.

Ahh the good old days. Learned to program with VB6 writing progz for AOL.

tcl scripting for eggdrop bots too :)

A “fell off the truck” version of Delphi :)

Marco Arment (Overcast, Instapaper, Tumblr) on AOL proggies, most of which were built on popular VB6 libraries made for that purpose: http://articles.marco.org/44

We used Back Orifice on a co-worker’s machine in a call center I worked at. While he was working we would open and close his CD-ROM drive randomly. Restart his machine. All the while we’re four seats down just cackling and he’s turning redder and redder as his machine does all these weird things while he’s trying to work.

I worked a call center over xmas season one year. During training they had us call each other and place fake orders for practice. I got call from the "hot chick" in the group, took down her info and asked if could call the number later. She responded in the positive. I never followed up 'cause I already had a GF. But hey, pranking people is fun too!

Here, have a free cup-holder!

We did that too. Someone almost got fired for it.

now-a-days i just put a wireless keyboard mouse adapter and giggle as i move their mouse around and type on their screen.

At university our computer labs were full of SGI Indy's. For most people at the time it was the first computer they'd used with a webcam.

Every student could log into all the machines.... and access the webcam remotely.

Lots of messages to people telling them things like to stop picking their nose when they were sitting somewhere they thought nobody could see them.

People learned to use the privacy shields on the cams very quickly.

Even as lately as 2016, at the office we would pair apple's bluetooth mice to multiple laptops when their owners were AFK. Then later on we would connect to their mouse from our own computer and either watch them battling the cursor or wait for a message to come in on HipChat/Slack.

This story sort of relates to BO and/or possibly other backdoors. If anyone can help me understand the mystery of what happened to me back around 2001 I would be forever grateful:

I believe I was in 4th or 5th grade and one night, I was playing Diablo 2 online with my cousin. My family was still using dial-up at the time so I was using one line to play and the other line to talk to my cousin on the phone. It was getting late and I was getting tired so I told my cousin I was going to call it a night. I exited Diablo 2 and continued talking to him on the phone. All of a sudden, I noticed a window pop up on my screen and it read:

"MASTER: what are you doing?"

I immediately asked my cousin if it he was messing with me. He proclaimed to not know what I was talking about and for a little bit I didn't believe him. I clicked in the chat box and asked:

"SLAVE: who is this?"

Anytime I messaged back it labeled me as "SLAVE." Anyways, the chat continued and the person told me to "look behind me." Mind you I'm in the basement and there was nothing behind me besides my dad's computer desk. This is where it got spooky:

"MASTER: who are you talking to on the phone?"

At this point, my cousin swore it wasn't him and I believed him. I looked up at my monitor and chills were sent down my spine. My mom had just given me a webcam for Christmas (I guess they had just become popular) and it was at this point I realized this person had been watching me this entire time. I panicked and immediately pulled the phone cable from the back of my Dell. It was hard to sleep soundly that night.

Believe it or not, I'd like to think this person gets partial credit for sparking my interest in computer security. From that point on, a chain reaction started and I began to immerse myself in security and became fascinated with learning about its history. Today, I happily have a career in the field :), but I still think back to this story from time to time and wonder what exactly happened.

Could it have been a Diablo 2 exploit? Maybe I joined someone's hosted game, they were somehow able to get my IP address, and then possibly exploited Windows XP? The chat window mechanism seemed pretty unique to me (maybe I'm wrong) like this person created it themselves. I'd be curious to read other people's theories. Maybe the person that executed the attack reads this post and can explain it all... :)

There were a lot of trojans with chat like that. An even nicer chat was with The Matrix green letters behind it or just plain black/green.

The most common way to get infected is running infected applications.

As for your webcam, did it not have a light when on?

Also, very likely it was your cousin or someone you know.

I don't recall mine having a light. It definitely wasn't my cousin. It may have been something malicious I installed without knowing. Maybe I downloaded and installed something from Kazaa or whatever the current P2P file sharing network at the time. I thought it was weird that it happened right after I exited Diablo 2 though.

> I thought it was weird that it happened right after I exited Diablo 2 though.

I'd suspect you were playing with someone you know Diablo 2 and they just decided to mess with you a bit.

Hundred to one, it was NetBus or BO. You could view active windows and get window freeze frame.

The message dialogue would have looked like Windows 95/98, with a reply option. BO was more extensible; ButtTrumpet would run and announce to the person who installed it that you had come online. Another BO plug-in allowed you to change how the message interface worked. My guess is someone saw your IP, and someone checked out your IP to find you open.

I’ll tell you, when I found someone who had open BO/NetBus, I would assign a password to their configuration so they weren’t open to anyone other than me. I have to imagine that hash was was easy to crack, but at the time, I thought it was a solid way to keep people from getting messed with by anyone other than me.

Are you saying it could take a snapshot of the webcam view? The message dialog was an un-closable window and it was very plain from what I remember.

What do you mean someone checked my IP to find me open? I had a certain port open?

People may not remember but the name was a pun on "BackOffice" which was a Microsoft product at the time.

https://en.wikipedia.org/wiki/Microsoft_BackOffice_Server

Back Orifice was basically a rootkit avant la lettre.

The Back Orifice logo was also a play on the MS Back Office logo but with a goatse twist. CotDC were a cheeky bunch :D

cDc (I'm not being pedantic but by stylizing it in another way you're missing the penis joke)

I can't believe there's only one mention to Beto O'Rourke here...

https://www.reuters.com/investigates/special-report/usa-poli...

When I was in highschool in the late 90’s, I was really into exploring networks and systems I wasn’t supposed to be in, but it was always about learning technology for me. I found this tool to be extremely creepy.

I discovered that my local ISP had the finger port open on their dialup gateway. Since usernames were first letter + last name I could look up any ip addresses I found in my local firewall logs basically by name.

I saw someone trying to connect to this port and knew exactly who was scanning for this and eventually found a honeypot listener that would allow attackers to connect, but let you control the data sent back. I can’t remember exactly what I sent, but I called out the attacker by name when he connected to my machine and he never scanned me again

Like so many others here this really helped me gain an interest in computers at a young age. It's sad to think that the shit most of us did as kids for fun and learning would land today's children in hot water. I lucked out in Jr High, after getting suspended for 'hacking the school computers' as the computer lab admin caught wind and really encouraged me to learn and provided me with a lot of hands on experience that I may not have gotten otherwise. Novell, thick net, etc. Good memories for sure.

I lived a very similar story. I fondly remember dialing up to the local BBS on my 2nd grade library computer (92,93) with ATT or ATDT [phone number]. And throughout elementary and middle school getting in tight with the sysadmins, eventually starting a class at my high school of sys admin interns (98-01). What a grand time. So many rules bent via admin rights throughout the entire school's network...so much fun. Basically just helped image and setup/fix like a 300 computer deployment. Def. set the stage of my life's career choices.

Not only that, but some in the modern generation seem to genuinely see hackers as the scum of the earth

I know it’s a movie, but in Hackers they were also seen as the scum of the earth: “Hackers penetrate and ravage delicate public and privately owned computer systems, infecting them with viruses, and stealing materials for their own ends. These people, they are terrorists.”

Agent Richard Gill! You're hacker enemy number one, man. You're a boner!

Woah, totally! I feel the need to write this one down. I was in high school when BO arrived. We had such a blast scanning the local dial-up ISP since we know the subnet block they always used, it was fast because it was all within their hardware. Anyway, we noticed a webcam on a computer we discovered, which was very rare at the time, but it was turned off. So we sent a pop-up window that said something like. "system configuration required, please power on all peripherals". And it worked! We were able to capture a short clip and download it. Well, it was uncompressed AVI and a 6 second clip was like 1.6 MB, so it took tens of minutes to get it. When we played it, it was just some dumpy guy with his dumpy wife sitting in the background mumbling stuff; but to us, it was totally 31337...

I used to use this tool to mess with my college computer class professor. Me and a buddy installed it on the teachers computer that she used to instruct the class. We did mostly innocent stuff like closing windows or messing with the browser a bit. Occasionally we would reboot her computer when it was close to the end of class and we didn’t want to start something new. We’re both still coders to this day.

I was 13 when it came out, and my targets of choice were my peers rather than the teacher - I eventually got caught and had my account locked for 6 months as punishment. I don't recall exactly how I got caught, but no doubt it was something dumb and avoidable like talking about it.

I used to do the exact same thing to friends over AIM and various computers at my HS.

I now manage a massive HPC cluster for a world renowned university. ¯\_(ツ)_/¯

Doubt it. Those are introduced by your next seat hip frontend developer

Nah, some of us now use the knowledge gained to defend against real threats.

Netbus and BO got me in so much trouble as a kid (though honestly I probably should have gotten in a lot more trouble).

At school, all the windows machines were locked down with a "security" application called Fortress. I started selling boot floppies that would disable Fortress to teachers, and might have loaded a few of those up with the aforementioned toys.

At home, I don't think I paid for internet access at all until well after college. A port scan of local ISP networks usually yielded someone infected with netbus or bo, and I could snarf their dialup credentials.

While those exploits probably should have landed me in jail, the worst that happened to me was an expulsion as a result of somebody else bulk changing logo.sys across school.

That really is mischievous, as a kid I'd play around on the schools computers which I felt were fair ground, though the headmaster would probably disagree. The only time I was really confronted was when I was warcycling around town, found an open WLAN and just browsed for a little while, and then the owner of the house came out and chased me away haha.

I'd often read phrack even though I didn't really understand programming yet, but there was this one issue that detailed how to trick a bottle recycling machine into giving you unlimited receipts, my local supermarket had the exact machine and I was thinking about doing it to see if it would work, but chickened out because I realized I'd actually be stealing from the owner of the supermarket who everyone in the town was on first name basis with. I always believed everything in the digital was sort of fair play and was really shocked when people started going to jail even for the dumbest thing like grey hat url injection.

There were tons of windows 95/98 computers with network shares exposed to the internet with no or weak passwords. It was really convenient to get their stored password list.

Def. kept a list of us/pws for the local dial-up. Totally was at a good friend's house years later and discovered his dial-up username was one of my list I used often. rofl, that killed me at the time. I never told him!

OK I have to say this: reading some of the comments here makes me think I was actually friends with you back in 1998/1999 because that's about when I was doing this same shit in my high school computer lab. Small world.

Completely agree. Its like a very specific point in time where not a ton of people experienced the same wonder.

A few friends and I managed to install this on target machines by starting a chain email and claiming the attached .exe was a “virus patch”.

We would then port scan known IP ranges for our ISP to find a machine we could connect to and play with. It was always fun trying to determine who actually owned the machine we found. I grew up in a small, rural community so it was actually possible to figure this out.

This lasted maybe a year or two around 98,99. A very nice memory on a lazy Saturday morning, thanks for sharing!

Yea, same 98,99 window for me doing the same shit. This thread is crazy.

Bots to scan all users for BO on IRC were common. I even was a bit mischievous with it myself. Karma was served when I self-owned - was playing with running the server to experiment but forgot I left mIRC running, and in a minute my computer was hosed.

Mannnnn the nostalgia. I loved programs like this and Sub7c my favorite was DivineIntervention 3 I just liked the interface and thought the name was cool lol. I’d love to see what all the devs of these things are up to today. Pri$m, if you’re out there let it be known that your work on DI3 is what got me into programming!

I can't recall if it was Back Orifice, or another "root kit tool" of the time, but these tools are absolutely where I first saw the allure and call of a custom telnet shell. I remember telnet-ing into the control port and aggressively open/closing the CD-ROM drive on my brother in the other room (among other pranks).

Something about telnet-ing into a service gives that Great Hacker Feel. You're at a command line! But it's not bash, or cmd.exe, it's something specific to that rootkit. There's little easter eggs. Some common escape codes might work, they might not. The prompt changes as you use it.

These days, I don't get many opportunities, but if I can add a very simple line-oriented protocol to a side project I sure will.

This brings back fun memories of teenage mischief. Used sit around IRC channels with mIRC scripts looking for people who had the default BO port open.

Between that and unsecured smtp relays that didn’t limit the from address, we had lots of fun.

And Winnuke, when you knew an unsuspicious user without a firewall (which was a necessity on IRC those days) saw his Windows crash when the user left with error message: "connection reset by peer"

My University had public, non-firewalled IP addresses in the dorms... all one had to do was scan the IP ranges for the default port for Back Orifice to have some fun. (The good old days)

My first year at university I took over the student radio program and found such a computer had been left online for months directly connected to the internet. It was so pwned the mouse would struggle to move.

I wish to this day I’d imaged the hard drive before formatting it. It’d have been so much fun to boot up in a VM to play with today.

I installed this on a bunch of school computers when I was 15 only to open and close the CD-ROM bays to freak out the teachers. This was the golden days of computing!

More fun was popping up obscene dialogs on the computer the teacher was using to present to the class on the projector.

I had a big zip file of all my HPAVC files in one place from the early nineties. Fast-forward to about 2005 when I was working in corp and I needed a Win32 Disassembler for a particular task and I knew where it was. As soon as the still-compressed zip file hits my computer... well, my boss said my computer had 490 viruses on it and counting. A VERY bad look that only trust got me past.

BO was a must-have tool for crackers and to have fun with friends and colleagues. I had my tiny share of those days. In late 1999, I was part of a 50-60 odd team company in one of my very early jobs. I was in the non-internet department while learning to write ASP, JavaScript, and ActionScript on the side. So, our team had access to the Internet for about an hour each day.

I was friendly with the Admins or those people who have access to the Internet and LAN thing. I helped them out quite a bit. Well, I dropped in BO, and the only thing I did was turn on the Internet for our team.

I also found out that the boss goes around poking other people's computers across the shared network, and his first look was the "temp" directory. I remember masking or creating shortcuts for all standard windows directory names to go to a pre-defined directory with a set of pre-defined contents.

I installed Netbus on the public computers at my local community library. They ran Windows 98 and were connected directly to the internet via a T1 / frame relay connection with a public IP for each machine, no firewall. So I could sit at home and keylog people’s Hotmail passwords. Those were the days ….

I did set up a keylogger in a internet café.

It used to log keystrokes but also the title of the window.

Well... I wasn't looking for anything in particular, I was to about 12-13 and just into computers and didn't even have internet at home.

Well to make it short, there was a lot of porn websites visiting. At all times of the day.

Which in retrospect is immensely weird considering this was a public place.

Seeing this thread and so many familiar stories makes me feel right at home. Sub7 was my RAT of choice. My brother and friends weren't very technical, but I taught them to use Sub7 so they could spread the exe around to their friends and we could all have some fun. We were all heavy ICQ users at the time. It wasn't long before we discovered the ICQ send file box had a size limit on the file name field. So you could, say, call the exe "pic-of-me-nude.jpg .exe" with so many spaces in the file name before the .exe part disappeared that most of our male friends would accept it from a "random female" and run it without any hesitation. Needless to say, we opened a lot of CD ROMS and listened in on many chats.

Yes, this was the most common use among kids, including me. Name-lastname-profile-picture.jpg .exe

99.99% of the time people ran it. Almost no exception. I spared no friend. :D

I think the audience here would appreciate some stories on the darknetdiaries.com. There are even several interviews with people describing how they got interested in the IT security field in their teens in highschool. Can't really recommend any specific from the top of my head.

My time to shine.

BO and NetBus nearly got me arrested on the Friday before my Prom.

I want to tell the rest of this story, but I worry about the statue of limitations and whether the crimes committed are still prosecutable.

I didn’t, at the time, realize what we were doing outside “near, we’re in the ISP’s computers?” but, uh, I found out when the Detectives knocked on my door and took a 16-year-old me downtown to discuss “what I’ve been up to on your computer.”

That story ends with my friend getting kicked out of High School, The HIPAA law guidelines being drafted around some of his actions, then his passing away of an unknown heart issue at 20.

His naive partner-in-crime going on to having a great career in IT.

Side note: we had almost every teacher’s Netware login before we graduated. =)

The golden era of the internet ;-}

Oh man brings back so many memories of messing with friends. There was even a doom version that modeled monsters after system processes allowing you to shoot and kill the processes and watch them die

My experience with BO:

Me: "I bet I can guess your password..." I said to a close friend.

Him: "No way. $50 says you can't".

Another friend: "Stupid bet".

Me: "eatme8"

Him: <speechless>, turning red with rage.

Another friend: "Holy shit".

Needless to say my late 20's were a lot of fun, very little of which I could do now without serious repercussions.

psdoom still exists:

http://psdoom.sourceforge.net/

Though I'm skeptical it was ever part of a windows root kit.

It wasn’t a part but there was support for the back orifice protocol. https://github.com/orsonteodoro/psdoom-ng/blob/master/trunk/...

Wrote about this as a college senior for my computer security class. Spent a day or two in the TAMU computer lab with that site prominently displayed… that was 22 years ago. I did set up 2 computers to demo how this worked as part of the presentation but never went much further than that. I seem to remember my report including hypothetical ways to use a tool I think was called silkworm or silk wrapper to disguise this as something else for distribution. Time flies.

Saran Wrap (https://www.itconsultancy.org/malware/name/saran-wrap-1-0)

I think it was silkrope[0]

[0] http://web.textfiles.com/software/silkrope.txt

I installed this on a pc at work when it came out to see what it could do.

I must have forgot to shut it off because there was a gang of security people in my office the next morning.

It's interesting that your place of work was loose enough about security to let you install stuff off of the internet as it came out, yet paranoid and skillful enough to actually notice and get you in trouble the next day!

I know what you mean. I recall that installing software from the internet was rather novel in the late 90s.

It seems you've been living ... two lives, Mr. Anderson.

As a 13 year old this was mind blowing and inspiring, likely equivalent to finding a copy of the anarchist cookbook at a garage sale. The amount of pranks I played on the bullies in school over IRC[0] was one of the most gratifying thing i've ever felt in my entire life.

[0] oddly a small town in Ohio with a population of ~3,000 in 1999 was somehow all connected on IRC, this was well before ICQ or AIM or any social network had peaked.

BO was the only malware I got infected with on Windows. Back in 99, some colleague had sent me an executable to try out (supposed to be the portscan tool he developed), it did nothing so he said "hmm ok". Later, my mouse started becoming erratic, I started to make typos. I finally figured out what's going on when the CD drive ejected itself and I shut off the computer. He later admitted messing around.

Yeah I remember one of these would allow you to somehow make a jpg executable and then would download the full payload for the rest of the tool. Image sharing over AIM and the like would make direct connections when transferring so you had to look up their IP address with netstat or something while the picture was transferring to them. And then keep checking to see if they actually installed/opened it.

Ohh, that brings back memories! I didn't use BO, though I knew it existed, but used sub7 and NetBus a lot. The person who taught us (me and brother) to use it did the classic CD tray prank and then rebooted out computer. I remember him telling us to who run a command like arp -a on the Windows terminal and we were shitting our pants, so he triggered a reboot.

Good times getting into friends' computers etc.

Ah, the memories! I brought this into school and a few of my mates wanted copies. Word got out amongst the teachers that there was some program being used for shenannigans by the pupils. I told everyone do delete it but some didn't realise it'd end up in their recycle bin and the network admin found out. Saturday morning detention material, luckily I didn't got caught :)

There were some fun tools around at that time :) Also there was this Windows bug where by default network sharing was open and of course everybody used a modem so there was no NAT/FW in between. So you could just connect to a random IP and see what's on the disk. (I think there was a tool to find IPs with just that port open.)

And lots of random messages via 'net send'

It's amazing how vulnerable Windows used to be. And despite that it took over the computing world. Ah to live in the pre-internet days.

The BO payload was so large that it was hard to inject or distribute without pretty obviously being suspicious.

A friend developed Fraggle Lite in ASM with separate versions for the network adapter, which became the world's smallest RAT for a while. I never found the Easter egg, but I do remember the original password for our hardcoded users. I wonder if I still have them somewhere...

That fraggle lite?

I guess? Gobo's?

Had a lot of fun with bo2k and friends. cDc zines got me in to hacker culture and probably contributed to my career trajectory.

I wrote a similar tool to mess with my friends at the computer lab at school (since back orifice, netbus, etc. would all be detected by antivirus at this point).

Years later, I was shocked when whatever antivirus I was running detected it as a trojan through heuristics. I realize this is pretty normal these days, but back then it felt like magic.

Wow, so much memories! BO, Nervous, BitchSlap, mIRC scripts... I also remember the famous NetBios hack at this time. Easy to do, and you felt like a real hacker! Command lines instead of GUI! That was an incredible feeling and it later brought me to Linux.. and still on Linux (ok on Ubuntu, I'm a casu now :D)

NetBios… still out there giving gifts. We had a pen test a couple years ago and the hackers were easily able to get NetBios to use some old legacy feature to request user hashes. From there just load them into a GPU heavy cracker and 50% of our company user passwords in a few hours.

The IT company at the time had no idea they shouldn’t enable netbios unless it was actually required for something.

Yep, these apps definitely sparked my interest in linux as well.

Ah, yes. I used that to prank some friends when Windows/MSN Messenger started to be a thing. Good memories :-)

I was suspended from school for things like this circa 1997. It was all relatively harmless but absolutely against the letter of the law. I wonder what would happen today to a young person exploring computer security and getting caught in shenanigans at school. Would they go to prison?

The seemingly unconstitutional - but very common - practice of trying minors as adults makes me uneasy for future security "explorers".

Same as so many others here, I remember messing around with BO with a buddy in high school days. Scanning IP addresses (I think we just started bulk scanning addresses that matched his ISP maybe?), browsing their files, taking screenshots…

And yea, chatting about all this over AIM and IRC… ahhhh.

Pretty sure someone used this to make my CD-ROM eject once, and that was very disconcerting.

You mean the cup-holder? They were just being helpful.

Holy... I had the similar idea and have just implemented it (https://sitemakertools.com/vps-bootstrapper/), but for Linux!

I made a couple of plugins for this back in the day "butt plugs" heh I can't remember what they all did but I think one was sort of a proxy so that you could scan other networks with an already infected machine.

Yes! Wow, I haven't thought about this concept in _decades_

The good old days. I recall hearing the cDc going on the radio to "announce" BO with some trite words about Microsoft. I thought BO was fun but bo2k was really the bees knees of RATs.

Oh boy! We used to have a lot of fun with this back in high school!

Same. Nowadays kids get expelled for this!

As more of our lives have become intertwined with computing infrastructure, why shouldn't they be? If you routinely broke classroom resources or messed with the HVAC you'd probably be expelled too.

Today morning out of nowhere, this came to mind. Back Orifice. I had a smile when I remembered the first time I read about it. What coincidence its on HN today! Or is it?

Oh the shenanigans I had with this at work. IT at the time were pretty clueless.. at least until that time they hired a good consultant who saw what we were up to :laughs:

I want to used BO to prank my mom. Having a background in computers, once she realized what was happening she dove for the network cable. I’d never seen her move so fast.

Following years Sub7 became a monster of its own. Schoolbus master password kind of ruined everything for us young lamers.

I was thinking of it recently. Does it still run on modern Windows? Has anything new arrived as its alternate?

I highly doubt it works these days. For a while there was Cain and Abel (probably spelled differently) and a few other popular RATs running around.

Yes, it’s called Remote Desktop. :)

We used something like this in the early 2000s called Blade Runner. Scary times on the Internet.

when the internet was actually fun, mostly anonymous and almost fully detached from real life.

Classmate got expelled from high school for installing this on school computer

My very first “school computer incident” was so innocent by comparison for most people.

I was maybe 11 and I was learning about batch files and I made one named win.bat that printed “hello”. Well I’m sure most folks know what happened next time the computer rebooted …hello hello hello hello hello…and the computer teacher said I had installed a virus and tried to kick me out of school. Luckily I was only expelled from computer class for the rest of the year.

What an idiot computer teacher you had. They should have catalysed your desire to learn and discover more.

Growing up surrounded by reasonable adults is a privilege, I've learned.

I still remember it because was one of first RAT available.

There was another called something like netbus right after this from what I remember.

Oh Gosh, many many memories of my script kiddie past.

oh I remember this one. opening CD tray remotely

lol we used to use Back Orifice to mess with friends on ICQ, yeah, I'm old. I know.

Was Girlfriend similar to this?

Wow. This brings back memories!

this thread is relevant to my interests.

Ahhh the CDC.

It’s insane to think a CDC member ran in the US presidential election only recently.

wow. this takes me back...

BO reminds me of all new and shiny apps that are meant to "keep an eye on kids&spouses" ... or maybe it's the other way around.

Nothing beats Cabronator