I'm wondering these days if you can be any sort of hacker at all without finding some kind of vulnerability in your college's network.
For me, it was a way to steal the AFS space of the previous user (basically, they didn't expire the token... oops). I actually found the initial vulnerability by accident (something crashed due to network problems, reconnected and went, "WTF, those aren't my files!"), but I did find a good way to reproduce it on demand (yank Ethernet cord at proper time). Thankfully, I had read enough stories like this way back then and submitted the bug anonymously. This was ~2000 or around then, mind you.
I also tried to get university management to switch people over to using SSH way back in 1998, but it was something like 4-5 years before they eventually did so. I'm guessing they had no idea what I was talking about or why it even mattered back then, even though anyone could see everyone's passwords going over the wire with all the people who had to telnet for various reasons. Maybe they assumed that log file they were writing our activity to would catch anybody doing anything weird? It was cleverly named "resugol"--read that backwards if you're confused.
For me, it was a way to steal the AFS space of the previous user (basically, they didn't expire the token... oops). I actually found the initial vulnerability by accident (something crashed due to network problems, reconnected and went, "WTF, those aren't my files!"), but I did find a good way to reproduce it on demand (yank Ethernet cord at proper time). Thankfully, I had read enough stories like this way back then and submitted the bug anonymously. This was ~2000 or around then, mind you.
I also tried to get university management to switch people over to using SSH way back in 1998, but it was something like 4-5 years before they eventually did so. I'm guessing they had no idea what I was talking about or why it even mattered back then, even though anyone could see everyone's passwords going over the wire with all the people who had to telnet for various reasons. Maybe they assumed that log file they were writing our activity to would catch anybody doing anything weird? It was cleverly named "resugol"--read that backwards if you're confused.