Results 1 to 10 of 10

Thread: Caught hacking, doing time in prison -- post your stories

  1. #1
    Junior Member IAMZOMBIE's Avatar
    Join Date
    Jan 2010
    Posts
    81

    Default Caught hacking, doing time in prison -- post your stories

    I see what seems like a lot of young tech savvy people, not necessarily here, but in general, posting about how to 'audit their network'. I've actually had some users at work ask some crazy questions.

    I'm just curious if they realize it's a felony, and I'm curious if anyone here has any stories they would like to share with the new members before they destroy their lives.

  2. #2
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Prison time is a bit of a stretch, considering we all do this legally with our get out of gaol free documents.

    Right?

    I had a severe talking to when I once accidentally mistyped an IP address range, and scanned a government installation rather than the small company I was meant to be auditing.

    Nowadays I set my firewall every time I start a pentest - permit private IP ranges, and the IP range I am attacking, and nothing else. I can do most of the initial auditing stages (DNS, WHOIS, etc.) from another machine, and it makes sure I don't make that mistake again.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #3
    Junior Member
    Join Date
    Jul 2009
    Posts
    37

    Default

    well when i was a junior in high school, my teacher lets me on his account to do a legible assignment, and as the computer person i am, i look through all the teacher-account-only folders i could....soon after i stumbled on a file called student_passwords.xls on the school network, and copied it to my flashy. i joked about "having your password" to some of my friends and after 5 months they got me to mess with someones account, so i go in, change a kids background, then all hell breaks loose! i get suspended for 8 days and had to come in to school for detention on a saturday! aparently rumors fly (long story short). and how could i deny i had the file, when they made me give up my flash drive while the so called "network admin" looked through it. i tried to explain i did nothing except copy and paste, but im lucky i didnt get expelled! makes me wonder what would of happened had i done something that required starting up command prompt...or even a c compiler! =o

    and hey, why even let me on the computer, with full control while you walk out of the room!

    lol well whatever, i dont even think about messing with the school system from now on...:/

  4. #4
    fastboi
    Guest

    Unhappy

    Mister Gitsnik,

    what a story... did you manage to recover from such a shock/psychological trauma? Most people after a blow like that, never get back to normal life. They usually suffer mononerd syndrome, which is practically incurable...

  5. #5
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by fastboi View Post
    Mister Gitsnik,

    what a story... did you manage to recover from such a shock/psychological trauma? Most people after a blow like that, never get back to normal life. They usually suffer mononerd syndrome, which is practically incurable...
    Sure - you live and learn, after a while they figured out it was an accident and the misunderstanding was acknowledged - no big problem.

    The school post reminded me of my own days in school, back when 98 was rife and admins were a little more intelligent, I was bored and (having a mother who worked in the main office), I used to print to her printer to say hi and other such bits of information.

    My headmaster was amazingly annoyed at this, until I pointed out that I hadn't actually breached any security and his admins (math teachers) were unqualified for the position.

    I was the only student to get a "file" related to "hacking" at that school - my interest at the time in iptables/ipchains was counter-intuitive to denying this because we happened to have a linux based system (of which I was not informed).
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  6. #6
    Junior Member IAMZOMBIE's Avatar
    Join Date
    Jan 2010
    Posts
    81

    Default

    Quote Originally Posted by Gitsnik View Post
    I had a severe talking to when I once accidentally mistyped an IP address range, and scanned a government installation rather than the small company I was meant to be auditing.
    lol. I almost did that yesterday. My current pen-test has 4 ip ranges. I was typing in the second range into a nmap scan, and I looked at the middle number for the first few numbers, looked up at my screen, looked back down at my paper and typed in the remaining ip from the top line. No idea who owns the resulting ip I ended up having on my screen, lol. Luckily I double checked it before hitting enter.

    Although also to that same point, on this current job the client knows his main ip range, he knows his DR ip range, and his remote office range. But then he gives me another range and he can't seem to communicate what the heck it is(if they own the IPs or not). Also his DR site is hosted inside a 3rd party data center. So does he have the legal right to give me permission to scan his server there? Ugggg.

  7. #7
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by IAMZOMBIE View Post
    lol. I almost did that yesterday. My current pen-test has 4 ip ranges. I was typing in the second range into a nmap scan, and I looked at the middle number for the first few numbers, looked up at my screen, looked back down at my paper and typed in the remaining ip from the top line. No idea who owns the resulting ip I ended up having on my screen, lol. Luckily I double checked it before hitting enter.
    That was me. Expect a call from the FBI shortly.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  8. #8
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by streaker69 View Post
    That was me. Expect a call from the FBI shortly.
    Good thing he didn't hit enter. He'd have a lot of shit on his screen.

  9. #9
    Just burned his ISO ReV1500's Avatar
    Join Date
    Sep 2009
    Posts
    23

    Default

    I have a friend robert moore AkA Moorer he got in some big time stuff and did a few years in prison him and this other guy broke into telecommunications companies and stole voice over ip services and resold them under a fake company i learned alot from him and also learned to no go to far while playing on my computer now he is out and cant get online for 3 years

    you can read more on the story at America's Most Wanted dot com
    Just your friendly neighborhood cracker

  10. #10
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by Barry View Post
    Good thing he didn't hit enter. He'd have a lot of shit on his screen.
    Literally...
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •