March 5, 2010 at 05:46How they caught me
Inspired by the story "How I Caught a Hacker . " It didn’t work out so dynamically, but I want to share how to not do it.
Well, how nice it is to catch attackers, only the one who caught them knows. But ask those who come across what they feel? And I'll tell you, and share my thoughts about this. If they seem to anyone for granted, I will only be glad.
It happened in 2002. Then I was still a student, studied in the second year of the shipbuilding faculty.
Even then, slowly began to prepare for the diploma, before you sit down - before you leave. The thesis was from the series “Design a ship on a computer”. And, since you can never do this in AutoCAD, the appropriate software was used.
The university then had a purchased license for the specialized SeaSolution software product (it builds a 3D model of the ship’s hull, the capabilities of the mother core were just crazy there at that time). Using a license file, the software product was tied to the corresponding machines in the computer center, where I hung after the pairs until the evening. I’ll add on my own that it was really interesting - to simulate a ship with all bulkheads and mechanisms, a few months later the model grew to 500 MB, I had to beat it into pieces and then articulate them back.
The project was almost complete when a terrible thing happened.
One fine day, all copies of SeaSolution in the VC said
All the work got up. Then it turned out that the great institute men did not come up with anything better than buying a time-limited license. To buy the full version, as I understood later, no one was going to, just like to extend the existing one.
The project killed six months of almost daily activities. Everything got cancer. Let me remind you that this was only the second course, you could start again, use other software, in general, there were several options. I was desperate.
But I had one trump card in my sleeve - at that time I had been interested in the crack scene for a couple of months. There was a minimum of knowledge, but I decided to try to break the program. I still couldn’t buy it - the license cost of 3 kilobax was slightly higher than my scholarship, the "student" version did not fit - export to IGES did not work, without which there was nothing. Kryakov, of course, was not. So I uploaded it to a USB flash drive and took it home.
I tried to open it for more than a month, due to the lack of necessary knowledge. Paradox: in fact, the success of the event would guarantee me a diploma, because the topic “computer-aided design of ships” in the context in which I implemented it has not been raised before by anyone at my institute, as the head directly told me. And the ill-fated software with an expired license was one of its links.
For days I had to sit under SoftIce, digging into the 5 megabyte assembly code. A lot of paper was written with all sorts of offset addresses and other HEX crap. Friends, my head hurts terribly, and later I left the crack community - for me it is too difficult.
But the software nevertheless succumbed - the serial number was hard-wired into the code and several checks were removed. A new feature got out, though - now until you disconnect the network connection, nothing worked. And she began to fly out sometimes. But the patient was more likely alive than dead. I was able to continue further work.
Without hesitation, I just brought the retail version back to the VC. During laboratory work, the network was disconnected and the people worked in a broken program (I was not the only one to use it). Everyone just thought that I had “fixed” it, as if the program didn’t work, and I fixed it, well, did it well? To bring this good back to the institute was the stupidest of decisions.
Then I corresponded with the SeaTech caliper (the developer of this program) for licenses. They had an idea in what educational institution I study. Representatives of the company actively collaborated with the university, and they could easily find out that some kind student had dragged a broken version of their brainchild. And so it happened.
The following message was sent to the email almost immediately:
Cross-query to Google gave me offal .
UPD: The request now issues with giblets me and Habr.
I did not answer, maybe it’ll blow. A languid expectation began, what would happen next. And the prospects were very hopeless - they could have opened a criminal case against me and expelled me from the university. What I felt then could not convey in words. It couldn’t be any worse.
However, it could. In less than a week, the infernal support sent me another letter, where, without unnecessary comments, my home address was just indicated accurate to the apartment. So, the cage slammed shut, I thought, and crossed myself. Now there were not many options. What was waiting for me now, only God knew. To say that it was scary is to say nothing.
By that time, summer had come, the session had surrendered safely and there was a reason (some more) to get out of town for a month or two. By that time, strange calls began to be heard at my home address asking me to call me on the phone. Judging by the printouts, calls from Nizhny Novgorod, damn it . I did not pick up the phone.
Fortunately for me, I had where to go, and for 1.5 months I rested and did not know grief. This whole nightmare began to be forgotten little by little. But as soon as I returned, I was informed that several people (two in civilian clothes) came and asked me. To the household’s question “why?”, They answered briefly: “We need to talk, he is in the know.” But I was not in the know. Unlike employees of the organs, it is even less likely that the lads became interested in me.
For a couple of weeks I did not dare to appear at home. Time passed, summer was drawing to a close, and hiding forever was pointless. Everything has its end, I thought, returned home, and went to surrender, but the prisoners are not shot?
But first, he made his last attempt to rehabilitate himself. I wrote the most honest letter to the SeaTech support about who I am and why I did it, explained the situation. And a miracle happened. Either they were in a good mood, or they got an understanding support, but I received a letter in response with a question when I have a diploma defense. I replied that for another 3 years, for which they sent me a license file for this period on my home computer. I said that I won’t do that again. So it’s just that aUFO flew in and saved me. Yes, yes, it happens, I didn’t think that such situations are just resolved.
Surprisingly, exactly at this point the story ends. There were no more calls or people. I suppose that they just wanted to intimidate me, and my home address could be obtained at the institute. What it was is not completely clear. The school year began, no one told me a word about what happened. As if there was nothing. But I got a red diploma.
I was lucky tob makes it easy fright. Now, without a smile you can’t remember those adventures, but then, believe me, there was no time for jokes. A few rules:
Rule 1. Do not break.
Rule 2. Try not to conduct open discussions on the Internet about your hacking activities. Lead them from another nickname / e-mail at least.
Rule 3. If you break it, hide as much as possible
Rule 4. If it is clear that you have been figured out and there are prerequisites, better repent, maybe then it will be too late.
UPD: Rule 5. If something is broken, do not tell anyone (thanks XaocCPS ).
Take a look at the list. At the very beginning of the article, I noted that these things may seem for granted. But pay attention to Rule 1, when you decide to punish the unfortunate programmer of a site. Think - perhaps the result will be a criminal record and a ruined career .
Thanks for attention. I sincerely hope that someone will draw conclusions from my story.
UPD Moved to "Information Security".
Well, how nice it is to catch attackers, only the one who caught them knows. But ask those who come across what they feel? And I'll tell you, and share my thoughts about this. If they seem to anyone for granted, I will only be glad.
It happened in 2002. Then I was still a student, studied in the second year of the shipbuilding faculty.
Even then, slowly began to prepare for the diploma, before you sit down - before you leave. The thesis was from the series “Design a ship on a computer”. And, since you can never do this in AutoCAD, the appropriate software was used.
The university then had a purchased license for the specialized SeaSolution software product (it builds a 3D model of the ship’s hull, the capabilities of the mother core were just crazy there at that time). Using a license file, the software product was tied to the corresponding machines in the computer center, where I hung after the pairs until the evening. I’ll add on my own that it was really interesting - to simulate a ship with all bulkheads and mechanisms, a few months later the model grew to 500 MB, I had to beat it into pieces and then articulate them back.
The project was almost complete when a terrible thing happened.
One fine day, all copies of SeaSolution in the VC said
% username%, my license is expired
All the work got up. Then it turned out that the great institute men did not come up with anything better than buying a time-limited license. To buy the full version, as I understood later, no one was going to, just like to extend the existing one.
The project killed six months of almost daily activities. Everything got cancer. Let me remind you that this was only the second course, you could start again, use other software, in general, there were several options. I was desperate.
But I had one trump card in my sleeve - at that time I had been interested in the crack scene for a couple of months. There was a minimum of knowledge, but I decided to try to break the program. I still couldn’t buy it - the license cost of 3 kilobax was slightly higher than my scholarship, the "student" version did not fit - export to IGES did not work, without which there was nothing. Kryakov, of course, was not. So I uploaded it to a USB flash drive and took it home.
I tried to open it for more than a month, due to the lack of necessary knowledge. Paradox: in fact, the success of the event would guarantee me a diploma, because the topic “computer-aided design of ships” in the context in which I implemented it has not been raised before by anyone at my institute, as the head directly told me. And the ill-fated software with an expired license was one of its links.
For days I had to sit under SoftIce, digging into the 5 megabyte assembly code. A lot of paper was written with all sorts of offset addresses and other HEX crap. Friends, my head hurts terribly, and later I left the crack community - for me it is too difficult.
But the software nevertheless succumbed - the serial number was hard-wired into the code and several checks were removed. A new feature got out, though - now until you disconnect the network connection, nothing worked. And she began to fly out sometimes. But the patient was more likely alive than dead. I was able to continue further work.
Without hesitation, I just brought the retail version back to the VC. During laboratory work, the network was disconnected and the people worked in a broken program (I was not the only one to use it). Everyone just thought that I had “fixed” it, as if the program didn’t work, and I fixed it, well, did it well? To bring this good back to the institute was the stupidest of decisions.
UFO came to me in a month
Then I corresponded with the SeaTech caliper (the developer of this program) for licenses. They had an idea in what educational institution I study. Representatives of the company actively collaborated with the university, and they could easily find out that some kind student had dragged a broken version of their brainchild. And so it happened.
The following message was sent to the email almost immediately:
You have already appeared enough in various online parties. Calculate your current location a matter of the near future
Cross-query to Google gave me offal .
UPD: The request now issues with giblets me and Habr.
I did not answer, maybe it’ll blow. A languid expectation began, what would happen next. And the prospects were very hopeless - they could have opened a criminal case against me and expelled me from the university. What I felt then could not convey in words. It couldn’t be any worse.
However, it could. In less than a week, the infernal support sent me another letter, where, without unnecessary comments, my home address was just indicated accurate to the apartment. So, the cage slammed shut, I thought, and crossed myself. Now there were not many options. What was waiting for me now, only God knew. To say that it was scary is to say nothing.
By that time, summer had come, the session had surrendered safely and there was a reason (some more) to get out of town for a month or two. By that time, strange calls began to be heard at my home address asking me to call me on the phone. Judging by the printouts, calls from Nizhny Novgorod, damn it . I did not pick up the phone.
Fortunately for me, I had where to go, and for 1.5 months I rested and did not know grief. This whole nightmare began to be forgotten little by little. But as soon as I returned, I was informed that several people (two in civilian clothes) came and asked me. To the household’s question “why?”, They answered briefly: “We need to talk, he is in the know.” But I was not in the know. Unlike employees of the organs, it is even less likely that the lads became interested in me.
For a couple of weeks I did not dare to appear at home. Time passed, summer was drawing to a close, and hiding forever was pointless. Everything has its end, I thought, returned home, and went to surrender, but the prisoners are not shot?
But first, he made his last attempt to rehabilitate himself. I wrote the most honest letter to the SeaTech support about who I am and why I did it, explained the situation. And a miracle happened. Either they were in a good mood, or they got an understanding support, but I received a letter in response with a question when I have a diploma defense. I replied that for another 3 years, for which they sent me a license file for this period on my home computer. I said that I won’t do that again. So it’s just that a
Surprisingly, exactly at this point the story ends. There were no more calls or people. I suppose that they just wanted to intimidate me, and my home address could be obtained at the institute. What it was is not completely clear. The school year began, no one told me a word about what happened. As if there was nothing. But I got a red diploma.
I was lucky to
Rule 1. Do not break.
Rule 2. Try not to conduct open discussions on the Internet about your hacking activities. Lead them from another nickname / e-mail at least.
Rule 3. If you break it, hide as much as possible
Rule 4. If it is clear that you have been figured out and there are prerequisites, better repent, maybe then it will be too late.
UPD: Rule 5. If something is broken, do not tell anyone (thanks XaocCPS ).
Take a look at the list. At the very beginning of the article, I noted that these things may seem for granted. But pay attention to Rule 1, when you decide to punish the unfortunate programmer of a site. Think - perhaps the result will be a criminal record and a ruined career .
Thanks for attention. I sincerely hope that someone will draw conclusions from my story.
UPD Moved to "Information Security".