Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Navy story continued.
And continuing from the arp poisoning and boredom, I started scanning the network...
So I found plenty of WinXP computers, even some Win2k servers (I shit you not, the year was 201X) I decided to play around with merasploit a bit. I mean, this had to be a secure net, right?
Like hell it was.
Among the select douchebags I arp poisoned was a senior officer that had a VERY high idea for himself, and also believed he was tech-savvy. Now that, is a combination that is the red cloth for assholes like me. But I had to be more careful, as news of the network outage leaked, and rumours of "that guy" went amok, but because the whole sysadmin thing was on the shoulders of one guy, none could track it to me in explicit way. Not that i cared, actually, when I am pissed I act with all the subtleness of an atom bomb on steroids.
So, after some scanning and arp poisoning (changing the source MAC address this time) I said...
"Let's try this common exploit, it supposedly shouldn't work, there have been notifications about it, I've read them." Oh boy, was I in for a treat. 12 meterpreter sessions. FUCKING 12. The academy's online printer had no authentication, so I took the liberty of printing a few pages of ASCII jolly rogers (cute stuff, I know, but I was still in ITSec puberty) and decided to fuck around with the other PCs. One thing I found out is that some professors' PCs had the extreme password of 1234. Serious security, that was. Had I known earlier, I could have skipped a TON of pointless memorising...
Anyway, I was running amok the entire network, the sysad never had a chance on that, and he seemed preoccupied with EVERYTHING ELSE besides monitoring the net, like fixing (replacing) the keyboard for the commander's secretary, so...
BTW, most PCs had antivirus, but SO out of date that I didn't even need to encode the payload or do any other trick. An LDAP server was open, and the hashed admin password was the name of his wife. Go figure.
I looked at a WinXP laptop with a weird name, and fired my trusty ms08_067 on it. Passowrd: "aaw". I seriously thought that Ophcrack was broken, but I confirmed it. WTF? I started looking into the files... nothing too suspicious... wait a min, this guy is supposed to work, why his browser is showing porn?
Looking at the ""Deleted"" files (hah!) I fount a TON of documents with "SECRET" in them. Curious...
Decided to download everything, like the asshole I am, and restart his PC, AND to leave him with another desktop wallpaper and a text message. Thinking that he took the hint, I told the sysadmin about the vulnerable PCs and went to class...
In the middle of the class (I think it was anti-air warfare or anti-submarine warfare) the sysad burst through the door shouting "Stop it, that's the second-in-command's PC!".
Stunned silence. Even the professor (who was an officer). God, that was awkward. So, to make things MORE awkward (like the asshole I am) I burned every document to a DVD and the next day I took the sysad and went to the second-in-command of the academy.
Surprisingly he took the whole thing in quite the easygoing fashion. I half-expected court martial or at least a good yelling, but no. Anyway, after our conversation I cornered the sysad and barraged him with some tons of security holes, needed upgrades and settings etc. I still don't know if he managed to patch everything (I left him a detailed report) because, as I've written before, budget constraints in the military are the stuff of nightmares. Still, after that, oddly, most people wouldn't even talk to me.
God, that was a nice period of my life, not having to pretend to be interested about sports and TV shows. It would be almost like a story from highschool (if our highschool had such things as a network back then - yes, I am old).
Your stories?8 -
Wrote my friend Sam a letter when I was still working in support. I think it still holds up today.
---
Dear Sam,
I understand that you will join us in our overseas office. Congratulations on landing that job. It’s good steady work. I’ve been doing it for the last ten years.
Your still young so maybe I can give you some little wisdom that will help you in your working years to come.
Let me begin by shedding some light on phone calls.
I try. I really do try Sam. But it is getting so hard for me to hold back the rage that builds up during certain phone calls. Especially the ‘Sorry, I just don’t know anything about computers! -giggle-’ ones.
Those are the times that I have no access to what they see. I’ve no team-viewer, can not take over that screen in any other way. And why-oh-why can I not take over that terminal session dear Sam? It’s because the caller can not double-click an icon or find a terminal session number.
And what is the reason for this? Because they ‘just don’t know anything about computers! -giggle-’. This is a sort of get-out-of-jail-free card. Beware of these callers Sam.
There is nothing so nerve-wrecking then finding yourself at the mercy of people describing Internet Explorer (do not even get me started) as ‘the big ‘E’, if they use Chrome for their webmail then they most likely will say ‘Mail’ if they mean Chrome. There is no logic Sam. That is just the way these people work.
They will suck all enjoyment out of your work. They will make you want to hunt them down in dark office hallways and show them your tears Sam. Because cry you will.
Sure, I understand that not everyone can be tech savvy. Why, if everyone would be, where would that leave us? No. I love the technologically challenged. They put the fiber in my internet. They make me LOL for real. After the initial anger subsides anyway.
But just below that well-willing folk, on the other side of that border… there they dwell: Management.
Nice cars, suits and iphones Sam. First thing a new manager will require is a brand spanking new business-card. It will hold his/her new title. Then an iphone or overpriced android model will follow suit.
Then they will barge into your office, holding it like it’s the next best thing since sliced bread.
Any manager will automatically assume that you will drop anything you are doing at the present moment to acknowledge the presence of greatness. Failing to do so will result in awkward yet fulfilling situations. I recommend that you do not take your hands of the keyboard and give only the slightest of nods after 5 minutes of complete silence and glaring.
Well… you feel the glare. You do not glare yourself. You do not break eye-contact with the monitor. It does not even matter if you are typing for real or not. I once clicked away happily for 5 minutes. I just typed ‘he is still there’ over and over again. Do not break down Sam. This moment will decide your relationship with this individual.
After the nod there will be a flood of words aimed in your general direction. You can disregard anything that is said. It boils down to ‘can not operate device’.
You then take the device from this person and put it next to you on your desk. You’ll ask the name of this simpleton, write it down on a sticky-note, slap that on the phone. Then you’ll write a random date in the not so near future on another sticky and hand that to the bewildered person in front of you.
It will usually utter some incoherent words about ‘needing, time or but’ (I find that ‘but’is a word they like. They tend to use it three or four times consecutive before you usher them through the door).
Now you’ve won Sam. Well… not really. But it will feel good, I can guarantee that.
This must do for now. A new suit is glaring at me for the last five minutes.
Felt good to do something productive with this time.
Take care,
Baltasar
P.s. I just noticed that there is some foam around his mouth. So if you encounter this, don’t worry: it seems to be perfectly normal.13 -
Had this with a relative. His laptop wasn't turning on, with or without charger so he brought it back to the store to fix it. It ran elementary os by the way (detail for later). Then he got it back after a week and we booted it and it had windows 8 installed (wtf indeed). So we called the service desk to ask about it since the issue was a broken charger (!!!). Their reply: oh yeah there was a weird system installed on it so we thought we'd reset it as well for you.
SERIOUSLY, THAT'S NOT YOUR FUCKING JOB!!
He is not tech savvy and he didn't know much about backups so that was literally about one year of work GONE. Yeah, I setup a cloud backup sync thingy for him right after that.7 -
Buckle up kids, this one gets saucy.
At work, we have a stress test machine that trests tensile, puncture and breaking strength for different materials used (wood construction). It had a controller software update that was supposed to be installed. I was called into the office because the folks there were unable to install it, they told me the executable just crashed, and wanted me to take a look as I am the most tech-savvy person there.
I go to the computer and open up the firmware download folder. I see a couple folders, some random VBScript file, and Installation.txt. I open the TXT, and find the first round of bullshit.
"Do not run the installer executable directly as it will not work. Run install.vbs instead."
Now, excuse me for a moment, but what kind of dick-cheese-sniffing cockmonger has end users run VBScript files to install something in 2018?! Shame I didn't think of opening it up and examining it for myself to find out what that piece of boiled dogshit did.
I suspend my cringe and run it, and lo and behold, it installs. I open the program and am faced with entering a license key. I'm given the key by the folks at the office, but quickly conclude no ways of entering it work. I reboot the program and there is an autofilled key I didn't notice previously. Whatever, I think, and hit OK.
The program starts fine, and I try with the login they had previously used. Now it doesn't work for some reason. I try it several times to no avail. Then I check the network inspector and notice that when I hit login, no network activity happens in the program, so I conclude the check must be local against some database.
I browse to the program installation directory for clues. Then I see a folder called "Databases".
"This can't be this easy", I think to myself, expecting to find some kind of JSON or something inside that I can crawl for clues. I open the folder and find something much worse. Oh, so much worse.
I find <SOFTWARE NAME>.accdb in the folder. At this point cold sweat is already running down my back at the sheer thought of using Microsoft Access for any program, but curiosity takes over and I open it anyway.
I find the database for the entire program inside. I also notice at this point that I have read/write access to the database, another thing that sent my alarm bells ringing like St. Pauls cathedral. Then I notice a table called "tUser" in the left panel.
Fearing the worst, I click over and find... And you knew it was coming...
Usernames and passwords in plain text.
Not only that, they're all in the format "admin - admin", "user - user", "tester - tester".
I suspend my will to die, login to the program and re-add the account they used previously. I leave the office and inform the peeps that the program works as intended again.
I wish I was making this shit up, but I really am not. What is the fucking point of having a login system at all when your users can just open the database with a program that nowadays comes bundled with every Windows install and easily read the logins? It's not even like the data structure is confusing like minified JSON or something, it's literally a spreadsheet in a program that a trained monkey could read.
God bless them and Satan condemn the developers of this fuckawful program.8 -
Companies who geo block their sites for no fucking reason can go fuck themselves.
So a bunch of retarded pharmacies in India, geo block hits from anywhere outside of India.
A thousands of Indians are living abroad with their parents and family living in India.
Imagine, I have to order medicines for my parents since they are not very tech savvy and I cannot do that because some rotten brained guava thought that it's a good idea to geo block access.
What is the fucking point in doing so? There are many such companies, especially Indian who do so. I have keep toggling my VPN because of this.28 -
My GF is a non-tech-savvy linguistics bachelor who uses elementaryOS as her only operating system on her only laptop. I'm not responsible for this, I only helped her install it instead of Windows when she asked me to do so.
She's a living proof that the stereotype of Linux being "too hard" or "exclusively for geeks" is outdated to say the least. Yes, Ubuntu and elementaryOS are not as kewl as Arch and Gentoo, but they are still better than a popular blue-colored American operating system that sends unencrypted screenshots of your desktop to some unknown IP addresses every 10 minutes.32 -
As a 16 year old, the hardest problem I've always encountered is trying to explain to people that coding as actually more complex than just typing random words.7
-
So, I'm still not certain if it's actually a bug or merely my lack of experience, but I've been working on a 2D platformer game (using only C++ and SDL2) for roughly 2 years now (on and off; sometimes off for months) and I'm extremely embarrassed about this, but for the life of me, I cannot seem to get the player character's movement and collision physics working properly. It's driving me absolutely insane.
I've read articles and tutorials, referenced books, and posted about it in game development communities (e.g., gamedev.com, Discord servers, etc.), but even though the fundamental structure and explanations made sense, getting the code to work has been unsuccessful, albeit not completely so, but if I get one thing working, another thing breaks. It feels like I'm trying to repair a vase that fell off of a skyscraper and turned to dust on the street below.
I've always been a very tech savvy person with a fiery passion for programming, electronics and game/software/embedded/web development, but to be honest, having such a difficult time with things like this that — in theory, at least — seem like trivial bumps in the road have made me feel like I'm never going to be successful in this field. But regardless of the depressing thoughts of worthlessness, my passion doesn't let me stop trying. Who knows, maybe it'll have to remain just a hobby. 😕4 -
Now then... where do I begin 😐
TLDR - fuck charity
A bit of backstory first, I was in my first year of college when I started this project for this charity.
It started in December of last year, my tutor approached me and asked if I’d like a project to work on, for my portfolio and what not, I agreed as I thought it would be a great opportunity. Saying yes to that question is my biggest regret so far. Oh boy the pain it has caused me.
The projected started a few days after I agreed. The stack and stuff was already agreed upon by my tutors higher ups. The stack was Wordpress and a theme called ‘X theme’ I understand the use for Wordpress, they are a non tech savvy client, it will be easy for them to manage.
The project was to basically modernise the current site the charity had, simple task you might think... ohhhh no. We agreed upon a deadline, January of 2017 (spoiler, we didn’t make that headline). However the charity wanted change, after change, after change, after change, after fucking change. Every time I’d show them the new revision it was never right, they’d always want another change.
Once we hit the deadline I asked my tutor if we could just drop it. His higher ups said we had to keep going (I could of abandoned my tutor and left him to do it but I’m not a prick). Anyway, we are now in November of 2017, a whole fucking year later and the site has only just been handed off. A WHOLE FUCKING YEAR OF THIS MOTHER FUCKING COCK SUCKING PRICK WHO WOULDN’T TAKE NO FOR AN ANSWER.
Please may god be with me as we have to provide support for this site 😥😥
If anyone’s really curious as to which charity it is or the site. I’ll post it in the comments if you ask nicely enough6 -
In-laws are vacationing in London right now (wife's parents and aunt/uncle), so to keep in touch with the kids, I installed+configured Skype on their phones (these are folks in their 70s, no where close to tech savvy), I think they are good to go.
Last night we try to connect (I 'see' them online)...nothing, so we call.
Me: "Did you see or hear the skype notification?"
Grandma: "Was that you? My phone made a weird sound I never heard before and I saw your picture. I wasn't sure what to do so pressed the red button."
Me: "Its the same sound and picture I showed you before you guys left, remember? That's OK, the kids want to see you and say hi. Hang up and when you hear the sound and see my picture, click the green accept button"
I try again...ring..ring...nothing. About a second later we receive a text "Grandpa hit something and your picture went away. What do I do now?"
So, I try again...ring..ring...they finally pick up (we can only hear them)
Grandma: "Hello...hello? I don't hear or see anything, damn it Fred, what did you hit?"
Grandpa: "Nothing Betty, you aren't holding it right, turn it sideways .."
Wife: "Guys..we can hear you, can you see us?"
Grandpa: "Press this button with the line crossed through it .."
Wife: "Dad.."
Grandpa: "Hey!..See Betty, you had the phone turned wrong. Can you see us?"
Me: "No, you may have hit the video button..it looks like a little video camera, press it."
Grandma: "We did...nothing happened."
Me: "Are you sure? Try it again. The image may be grey or a little darkened, I don't remember."
Then we lose the sound.
Wife: "Oh good Lord they muted us. We're going to have to forget Skype and call them..."
All of a sudden we get video and sound. Cheers all around.
Then I hear in the background..
Uncle: "I thought 'PaperTrail' knew what he was doing? Apparently not."
I heard that and FU you, you old bastard. If you weren't a millionaire and paid for their London trip, I'd take 'knew what he was doing' and shove it up your ass when I see you.1 -
Not so tech savvy family member just asked for the router password to set up a network printer. I just hope they don't fuck up my settings (ip's and port forwarding and such) o_O
-
I was approached by some guy on a project and I need your help figuring out how to go about this.
the project is basically a website where school owners who are not tech savvy can input necessary details about their school and it spins up a site from an existing website template built in react for them.
an extra complexity will be creating custom domain names for each site. will this also be possible ?
I've not done something like this before and I dont know the word for it so making a Google search has been quite hard
my stack is javascript MERN stack.1
Top Tags
Weekly Rant
View