Caught hacking, doing time in prison -- post your stories

[IAMZOMBIE]

I see what seems like a lot of young tech savvy people, not necessarily here, but in general, posting about how to 'audit their network'. I've actually had some users at work ask some crazy questions.

I'm just curious if they realize it's a felony, and I'm curious if anyone here has any stories they would like to share with the new members before they destroy their lives.

[Gitsnik]

Prison time is a bit of a stretch, considering we all do this legally with our get out of gaol free documents.

Right?

I had a severe talking to when I once accidentally mistyped an IP address range, and scanned a government installation rather than the small company I was meant to be auditing.

Nowadays I set my firewall every time I start a pentest - permit private IP ranges, and the IP range I am attacking, and nothing else. I can do most of the initial auditing stages (DNS, WHOIS, etc.) from another machine, and it makes sure I don't make that mistake again.

[b3r00tb4ck]

well when i was a junior in high school, my teacher lets me on his account to do a legible assignment, and as the computer person i am, i look through all the teacher-account-only folders i could....soon after i stumbled on a file called student_passwords.xls on the school network, and copied it to my flashy. i joked about "having your password" to some of my friends and after 5 months they got me to mess with someones account, so i go in, change a kids background, then all hell breaks loose! i get suspended for 8 days and had to come in to school for detention on a saturday! aparently rumors fly (long story short). and how could i deny i had the file, when they made me give up my flash drive while the so called "network admin" looked through it. i tried to explain i did nothing except copy and paste, but im lucky i didnt get expelled! makes me wonder what would of happened had i done something that required starting up command prompt...or even a c compiler! =o

and hey, why even let me on the computer, with full control while you walk out of the room!

lol well whatever, i dont even think about messing with the school system from now on...:/

[fastboi]

Mister Gitsnik,

what a story... did you manage to recover from such a shock/psychological trauma? Most people after a blow like that, never get back to normal life. They usually suffer mononerd syndrome, which is practically incurable...

[Gitsnik]

Mister Gitsnik,

what a story... did you manage to recover from such a shock/psychological trauma? Most people after a blow like that, never get back to normal life. They usually suffer mononerd syndrome, which is practically incurable...

Sure - you live and learn, after a while they figured out it was an accident and the misunderstanding was acknowledged - no big problem.

The school post reminded me of my own days in school, back when 98 was rife and admins were a little more intelligent, I was bored and (having a mother who worked in the main office), I used to print to her printer to say hi and other such bits of information.

My headmaster was amazingly annoyed at this, until I pointed out that I hadn't actually breached any security and his admins (math teachers) were unqualified for the position.

I was the only student to get a "file" related to "hacking" at that school - my interest at the time in iptables/ipchains was counter-intuitive to denying this because we happened to have a linux based system (of which I was not informed).

[IAMZOMBIE]

I had a severe talking to when I once accidentally mistyped an IP address range, and scanned a government installation rather than the small company I was meant to be auditing.

lol. I almost did that yesterday. My current pen-test has 4 ip ranges. I was typing in the second range into a nmap scan, and I looked at the middle number for the first few numbers, looked up at my screen, looked back down at my paper and typed in the remaining ip from the top line. No idea who owns the resulting ip I ended up having on my screen, lol. Luckily I double checked it before hitting enter.

Although also to that same point, on this current job the client knows his main ip range, he knows his DR ip range, and his remote office range. But then he gives me another range and he can't seem to communicate what the heck it is(if they own the IPs or not). Also his DR site is hosted inside a 3rd party data center. So does he have the legal right to give me permission to scan his server there? Ugggg.

[streaker69]

lol. I almost did that yesterday. My current pen-test has 4 ip ranges. I was typing in the second range into a nmap scan, and I looked at the middle number for the first few numbers, looked up at my screen, looked back down at my paper and typed in the remaining ip from the top line. No idea who owns the resulting ip I ended up having on my screen, lol. Luckily I double checked it before hitting enter.

That was me. Expect a call from the FBI shortly.

[Barry]

That was me. Expect a call from the FBI shortly.

Good thing he didn't hit enter. He'd have a lot of shit on his screen.

[ReV1500]

I have a friend robert moore AkA Moorer he got in some big time stuff and did a few years in prison him and this other guy broke into telecommunications companies and stole voice over ip services and resold them under a fake company i learned alot from him and also learned to no go to far while playing on my computer now he is out and cant get online for 3 years

you can read more on the story at America's Most Wanted dot com

[theprez98]

Good thing he didn't hit enter. He'd have a lot of shit on his screen.

Literally...