Confessions of a Teenage “Hacker”: Part 2
by Drew -Gaiiden- Sikora · 03/16/2009 (9:05 pm) · 15 comments
So, I've already confessed to the evil deed of stealing my father's internet password, now as promised I will declassify the operation codenamed... uhm... crap I never thought to give this project a code name. How lame is that? LAME!! Well, anyways it was an operation that took place in my high school AP Computer Science class derived from a little snippet of information I gleaned out of Andre LaMothe's Tricks of the Windows Game Programming Gurus book of waaay back in the day (way back). I don't have the book with me anymore - at least I can't find it - I'd like to think I sold it but how the hell I managed that I have no idea so it must be lost somewhere. Anyways in one of the chapters discussing Windows messaging Andre made a little note about the WM_CLOSE message. Specifically, he revealed that if you intercepted the message but failed to handle it, the application would simply not close. Like, at all. He then proceeded to issue a casual challenge: if anyone could think up a use for this little loophole, to send him an email about it.
Well, I did. On both counts. I don't have the email I sent him anymore, so we'll just focus on the use of the message loophole, since that's more interesting anyways.
I'll first set the stage by explaining that my AP Computer Science class was taught by my math teacher, Mrs. Simes, who had to have seriously been like 60 years old at the time. In the years since, I have grown to pity her and even appreciate the effort she put in trying to teach out of a book while attempting to stay at least a chapter ahead of her students. Of course, at the time I held pretty much nothing but contempt for this wizened old lady attempting to teach me things I had learned two years ago on my own. The fact that she was also my math teacher, and I hated math (still do, mostly) didn't help matters in the slightest. So here I am, stuck in this AP class bored out of my skull listening to Simes bumbling along and cooperating as best I could only because my lack of interest in school in general meant that this AP course would probably be the main thing that lets me graduate high school.
Okay so, back to the WM_CLOSE message. Upon learning of this feature, I immediately created a Win32 application that implemented it. Sure enough, no matter what I tried (Esc, Alt+F4, context menu, Close button) the window failed to respond and just sat there. Ctrl+Alt+Del was the only solution. I'd like to think that at this point I laughed maniacally and rubbed my hands together with manic glee - so I'll just say that's what I did. The next question was where to unleash this wonderful weapon of doom and who to target specifically, since it would need to be placed on a certain computer. Well, the where was pretty obvious: the AP CS class was just ripe for pranks. This narrowed down the who significantly since the classes were small and many of the students were actually technically savvy (whodathunk?). So of the few students who did not have any real technical know-how, I of course chose the most volatile. I won't mention her name here but her initials are Lisa T. (I wimped out and kept her full last name private. I must be getting nice in my old age)
And let's just pause for a second here so I can say that I held no ill will in particular towards Lisa - she was just the ideal candidate for my prank. Sorry Lisa.
Sort of.
Right, so with my target chosen I had to properly spruce up my weapon, which I did by including message handlers for pressing the Esc key, exiting via the context menu, pressing Alt+F4, clicking the Close button and even pressing Q and X. All these handlers pointed towards a dialog box which read from a resource of messages that became incrementally more taunting as the user (target) tried more and more means of attempting to close this window. I then made the window start up by filling the entire width and height of the screen. Then I removed the Minimize and Restore buttons. Finally, I gave everyone a fair warning by titling the window "The Window That REALLY Won't DIE". Just as I thought I was done my plan took an even more devious turn, and I added a dialog box to pop up when the program is first run - but more on that later.
Weapon completed, I then had to assemble my delivery system. Fortunately, we all had assigned computers, so I knew which computer Lisa would be logging into. Unfortunately, she had class in a different period than me so I had to recruit an evil sidekick, my friend Andrew Owendoff. I gave Andrew a disk with the program executable on it and he walked into class early, turned on Lisa's computer, inserted and copied over the file to a specific and highly strategic location, ran the app, cleared the opening dialog box, and then turned off her computer monitor.
Showtime. (Note that the following is based on second-hand reports from Andrew since I couldn't (unfortunately - dammit!) be present, with minor dramatization for effect)
Poor unassuming Lisa comes to class and turns on her computer monitor. Lisa: Oh my! What is this window on my screen? Oh well, no matter, just shrug and hit Close... wait... wait what? Why is this message telling me I never learn? Oh well just close this and... why is this window still open?? I must have made a mistake. Click on Close and... another message?!? What's happening? Help! Mrs. Simes help!!
Over toddles Mrs. Simes, who squints through her bifocals at the screen and suggests "Well why don't you hit the Close button". Oh yes. Fabulous success!! The pair continue to be taunted by the application as Mrs. Simes grows increasingly confounded and poor Lisa reportedly just resorts to crying. Finally Simes gets completely fed up and simply restarts the computer. However, due to my foresight and the aforementioned strategic location in which the executable was placed, upon the restart of Windows a message box pops up:
Yes. I had Andrew place the program in the Startup folder. I know. Genius. Erm, evil genius, that is.
The next step was of course to call down the school's network and computer supervisor, who seriously didn't know much more than poor old Mrs. Simes. Some time later and after continuous frustration from trying to eradicate this program from the computer or even close it, they turned at last to their final remaining option: Consultation of the student who was rolling around on the floor laughing hysterically, who just so happened to share the same name as me. Coincidence? They thought not. After threatening Andrew with suspension he finally gave up that you have to task-kill the application and that he theorized the executable was in the Startup folder. However he maintained he didn't know how it got there or who had put it there.
I remember when I stepped into class a few periods later Mrs. Simes made a beeline for my desk, but my "who, me?" face had been well-practiced over the years of my youth, and so I was never officially fingered as the culprit and the crime passed on into the annals of legend.
Best of all? I still have that application thanks to my pack rat nature. If you'd like a gander, feel free to download it (with source) and use it for whatever diabolical plans you come up with - don't forget to write me letters from federal prison either. Swear I'll write back. If I'm inside at the time we can do lunch.
Well, I did. On both counts. I don't have the email I sent him anymore, so we'll just focus on the use of the message loophole, since that's more interesting anyways.
I'll first set the stage by explaining that my AP Computer Science class was taught by my math teacher, Mrs. Simes, who had to have seriously been like 60 years old at the time. In the years since, I have grown to pity her and even appreciate the effort she put in trying to teach out of a book while attempting to stay at least a chapter ahead of her students. Of course, at the time I held pretty much nothing but contempt for this wizened old lady attempting to teach me things I had learned two years ago on my own. The fact that she was also my math teacher, and I hated math (still do, mostly) didn't help matters in the slightest. So here I am, stuck in this AP class bored out of my skull listening to Simes bumbling along and cooperating as best I could only because my lack of interest in school in general meant that this AP course would probably be the main thing that lets me graduate high school.
Okay so, back to the WM_CLOSE message. Upon learning of this feature, I immediately created a Win32 application that implemented it. Sure enough, no matter what I tried (Esc, Alt+F4, context menu, Close button) the window failed to respond and just sat there. Ctrl+Alt+Del was the only solution. I'd like to think that at this point I laughed maniacally and rubbed my hands together with manic glee - so I'll just say that's what I did. The next question was where to unleash this wonderful weapon of doom and who to target specifically, since it would need to be placed on a certain computer. Well, the where was pretty obvious: the AP CS class was just ripe for pranks. This narrowed down the who significantly since the classes were small and many of the students were actually technically savvy (whodathunk?). So of the few students who did not have any real technical know-how, I of course chose the most volatile. I won't mention her name here but her initials are Lisa T. (I wimped out and kept her full last name private. I must be getting nice in my old age)
And let's just pause for a second here so I can say that I held no ill will in particular towards Lisa - she was just the ideal candidate for my prank. Sorry Lisa.
Sort of.
Right, so with my target chosen I had to properly spruce up my weapon, which I did by including message handlers for pressing the Esc key, exiting via the context menu, pressing Alt+F4, clicking the Close button and even pressing Q and X. All these handlers pointed towards a dialog box which read from a resource of messages that became incrementally more taunting as the user (target) tried more and more means of attempting to close this window. I then made the window start up by filling the entire width and height of the screen. Then I removed the Minimize and Restore buttons. Finally, I gave everyone a fair warning by titling the window "The Window That REALLY Won't DIE". Just as I thought I was done my plan took an even more devious turn, and I added a dialog box to pop up when the program is first run - but more on that later.
Weapon completed, I then had to assemble my delivery system. Fortunately, we all had assigned computers, so I knew which computer Lisa would be logging into. Unfortunately, she had class in a different period than me so I had to recruit an evil sidekick, my friend Andrew Owendoff. I gave Andrew a disk with the program executable on it and he walked into class early, turned on Lisa's computer, inserted and copied over the file to a specific and highly strategic location, ran the app, cleared the opening dialog box, and then turned off her computer monitor.
Showtime. (Note that the following is based on second-hand reports from Andrew since I couldn't (unfortunately - dammit!) be present, with minor dramatization for effect)
Poor unassuming Lisa comes to class and turns on her computer monitor. Lisa: Oh my! What is this window on my screen? Oh well, no matter, just shrug and hit Close... wait... wait what? Why is this message telling me I never learn? Oh well just close this and... why is this window still open?? I must have made a mistake. Click on Close and... another message?!? What's happening? Help! Mrs. Simes help!!
Over toddles Mrs. Simes, who squints through her bifocals at the screen and suggests "Well why don't you hit the Close button". Oh yes. Fabulous success!! The pair continue to be taunted by the application as Mrs. Simes grows increasingly confounded and poor Lisa reportedly just resorts to crying. Finally Simes gets completely fed up and simply restarts the computer. However, due to my foresight and the aforementioned strategic location in which the executable was placed, upon the restart of Windows a message box pops up:
Yes. I had Andrew place the program in the Startup folder. I know. Genius. Erm, evil genius, that is.
The next step was of course to call down the school's network and computer supervisor, who seriously didn't know much more than poor old Mrs. Simes. Some time later and after continuous frustration from trying to eradicate this program from the computer or even close it, they turned at last to their final remaining option: Consultation of the student who was rolling around on the floor laughing hysterically, who just so happened to share the same name as me. Coincidence? They thought not. After threatening Andrew with suspension he finally gave up that you have to task-kill the application and that he theorized the executable was in the Startup folder. However he maintained he didn't know how it got there or who had put it there.
I remember when I stepped into class a few periods later Mrs. Simes made a beeline for my desk, but my "who, me?" face had been well-practiced over the years of my youth, and so I was never officially fingered as the culprit and the crime passed on into the annals of legend.
Best of all? I still have that application thanks to my pack rat nature. If you'd like a gander, feel free to download it (with source) and use it for whatever diabolical plans you come up with - don't forget to write me letters from federal prison either. Swear I'll write back. If I'm inside at the time we can do lunch.
About the author
#2
03/16/2009 (10:37 pm)
lol
#3
03/16/2009 (11:44 pm)
I ain't 'fraid of no ghosts! 
#4
03/17/2009 (1:38 am)
*ROFL*. Comment is priceless. 
#5
so how would you go about getting it to do the same thing, but on a networked computer?
Because I want it to do the same thing on guy in my year who is realy annoying :)
I can easily gain access to his account...so i could put it in his my documents folder, but i need a way of autorunning it :)
from max
PS. Happy hacking!
please reply to me directly at macz_202 <at> hotmail <dot> com
03/17/2009 (1:40 am)
that story is quite hillariousso how would you go about getting it to do the same thing, but on a networked computer?
Because I want it to do the same thing on guy in my year who is realy annoying :)
I can easily gain access to his account...so i could put it in his my documents folder, but i need a way of autorunning it :)
from max
PS. Happy hacking!
please reply to me directly at macz_202 <at> hotmail <dot> com
#6
If you have access to both computers and they're on Windows, I've had many a laugh using the command-line "shutdown" command under Windows.
You can shutdown a remote computer and even present a user-interface with a custom comment from another computer.
... should do it! ;)
The other is to share the desktop of the remote computer and dump hundreds of bogus shortcut there periodically. Nothing better than someone closing their app to find that their previously clear desktop is full of shortcuts to bizarre Internet web-sites.
If the victim is not very computer literate then a screenshot of an application placed convincingly on the desktop, especially with lots of windows, buttons and messages gets very confusing for them, especially if merged with their previous desktop! bwwwarrrrrrrrrrrrrrrr.
Melv.
03/17/2009 (6:21 am)
Maximillian,If you have access to both computers and they're on Windows, I've had many a laugh using the command-line "shutdown" command under Windows.
You can shutdown a remote computer and even present a user-interface with a custom comment from another computer.
shutdown /i
... should do it! ;)
The other is to share the desktop of the remote computer and dump hundreds of bogus shortcut there periodically. Nothing better than someone closing their app to find that their previously clear desktop is full of shortcuts to bizarre Internet web-sites.
If the victim is not very computer literate then a screenshot of an application placed convincingly on the desktop, especially with lots of windows, buttons and messages gets very confusing for them, especially if merged with their previous desktop! bwwwarrrrrrrrrrrrrrrr.
Melv.
#7
03/17/2009 (1:10 pm)
Vicious Melv. I used to share the desktop and then copy paste shortcuts from nearby. I had the tremendous pleasure of hearing that good priceless "WHAT THE..." bang bang bang on keyboard
#8
If they damage the computer too much then it's get to the point where you can't tell them.
03/17/2009 (1:30 pm)
oh the sweet sound of frustration...If they damage the computer too much then it's get to the point where you can't tell them.
#10
Cain and Abel installed on a workstation will attract attention if the tech people are even half aware of what is going on.
03/17/2009 (4:11 pm)
I would be a bit careful about poisoning ARP tables. If you are caught that is a legitimate hacking procedure and can be rather nasty if they decide to throw you under the bus. It is one thing to remotely shutdown some workstation, it is another to be disrupting or moving data packets around.Cain and Abel installed on a workstation will attract attention if the tech people are even half aware of what is going on.
#11
I can see the Headlines now:
Frequent website poster on GarageGames.com caught illegally trying to gain access to a computer.
I am sure this guy will have some available room with him, after all it was just for fun:) Some companies/schools/governments have a no tolerance level on this as well.
blog.wired.com/27bstroke6/2009/03/more-charges-fo.html
GG should lock this thread, not game related and has crossed the line I believe.
03/18/2009 (12:15 pm)
I can see a whole host of laws suggesting being broken. Identity theft, illegal access to a computer (which is a serious crime now). I can see the Headlines now:
Frequent website poster on GarageGames.com caught illegally trying to gain access to a computer.
I am sure this guy will have some available room with him, after all it was just for fun:) Some companies/schools/governments have a no tolerance level on this as well.
blog.wired.com/27bstroke6/2009/03/more-charges-fo.html
GG should lock this thread, not game related and has crossed the line I believe.
#12
Especially when running and developing an online game.
MITM techniques are also useful for debugging with Wire Shark when changing bit sizes of network packets in the engine (ie. going above 1500 MTU and fragmenting the packets).
There are many security websites that may seem very scary to some people, but like with all networking/programming it is our responsibility as developers to educate ourselves and act appropriately.
I would never recommend using any of these techniques on an system that didn't belong to the budding techy as it is illegal and creates more work for a possibly already stressed out administrator.
But it's fairly common for the young bucks to experiment with technology (a double edged sword), that's why admins like me have jobs and are very patient with the next generation.
In fact, that's how us White Hats are usually born... ;)
03/18/2009 (2:10 pm)
I'm an administrator (White Hat) for a wireless broadband company and being aware of such techniques and tools is VERY important.Especially when running and developing an online game.
MITM techniques are also useful for debugging with Wire Shark when changing bit sizes of network packets in the engine (ie. going above 1500 MTU and fragmenting the packets).
There are many security websites that may seem very scary to some people, but like with all networking/programming it is our responsibility as developers to educate ourselves and act appropriately.
I would never recommend using any of these techniques on an system that didn't belong to the budding techy as it is illegal and creates more work for a possibly already stressed out administrator.
But it's fairly common for the young bucks to experiment with technology (a double edged sword), that's why admins like me have jobs and are very patient with the next generation.
In fact, that's how us White Hats are usually born... ;)
#13
Lock the thread? Maybe if we were discussing how to build a dirty bomb or even worse a dirty game engine. :)
03/18/2009 (2:21 pm)
BTW: The Victims here were my dad, my friend Craig and my sister. I don't mind if I "break the law" playing pranks on my family and close friends, I just hope they don't do worse and take it too seriously. ;)Lock the thread? Maybe if we were discussing how to build a dirty bomb or even worse a dirty game engine. :)
#14
*is happy*
03/19/2009 (12:05 am)
Quote:Sweet! I really will have fan mail coming from Federal Prison someday
I can see a whole host of laws suggesting being broken. Identity theft, illegal access to a computer (which is a serious crime now).
*is happy*
#15
03/23/2009 (10:35 am)
wow....... This is way too funny! lol (Totally ninja), but I have to say that being 15 years old and reading all this with the link for the program(don't need to make it myself! >b)This is one of the best places to put bad thoughts in kids heads! So way to go, you have just corrupted yet another kid! lol (jk) but I have to say I was laughing my @$$ off 
Mrs. Simes