I was in second grade when the school district started thinking about providing internet access for a few computers. You could just add a period at the end of a URL to get around the filters. No idea how or why it worked, but I told everyone. Those were the days.
My guess is that it’s because of the root zone
This is genuinely really cool. I worked IT at a school for a bit, and for anyone who doesn’t know, having a good web filter is extremely important for legal reasons. The people in charge of implementing it can get into a lot of trouble if it’s done improperly, hence why they always seem to block things so aggressively.
All of the current offering are complete garbage, with Lightspeed being the worst offender. An open source alternative could do a lot of good. I hope this kid is successful.
This remind me of my school. At the time they used some software to block sites. So I searched for the name of that software, and found an executable file with that name plus config.
I executed it, and much to my surprise, I could now configure the filters for the whole school. I tested it by entering the URL of a game my classmates was playing at that moment. It was a very weird sensation to see his game getting closed by the software the moment I added it to the blacklist…
So:
- I and every other students had read and write acces to the directory where the software was installed.
- The directory was indexed to make it easier for students to find.
- There was no extra password or authorization.
I showed a classmate. Told him to not show anybody else. A week later, he added the startpage to the blacklist. As a result, if you opened Internet Explorer, it would close immediately. Obviously, this caused admins to check out what was going on…
It was fixed later, but it was fun while it lasted.
You never ever share the exploit that you intend to leverage for personal gain. Sorry you had to learn that the hard way.
I made thousands of dollars in World Of Warcraft with a couple of gold and xp exploits that let me build chars that were super leveled and loaded with gold and sell them. Never ripped anyone off, just exploited a game mechanic that I think was unintended. Saved some people some time in exchange for dolla.
And no, I’m not fucking telling you what it is/was—I don’t think they’ve been patched; I just don’t have time to play or the need for that money anymore. Too busy and well paid with my real job :).
When I was frustrated by very early internet filters being turned on at school, I installed keyloggers and distributed the admin password to disable the filters altogether. Good times, probably much harder to do that now.
Not too much more difficult. I did exactly that about a decade ago.
Antivirus didn’t really exist in my script kiddie days in the very early 00s. It was awesome to put Sub7 on someone’s PC, fire up their webcam, pop the matrix screensaver type hack on, chat to them, then open their CD drive. Freaked some friends out really good that way.
After they would log off, I’d pull their AIM credentials and hop on their screen name , message one of their buddies, and ask them to “test out this screensaver I just made”. I’d get their IP from the AIM direct connection used to send the file. Rinse and repeat with the next list of AIM contacts. I had a dozen infected people across the country I didn’t know at all. Never did anything particularly malicious but man it was fun.
Now that I’m thinking about it, I did nuke the HDD of a friend of a friend with a .bat script called hard drive killer pro, that was malicious. That’s the only one I regret doing in retrospect. I just wanted to see if it worked, they didn’t get back online for a year or so.
Edit: I found the hard drive killer, wow. Munga Bunga’s Hard Drive Killer Pro Version 4.0. I’d love to know how this worked, apparently it could cause physical damage. Not sure how valid that is, but it did completely screw up the PC.