[LeftTurnSignal]

I found a Windows 2003 server (back in the day) with RDP open directly to it. It wasn't behind much (if any) external firewall. It also wasn't patched, and I got in using some exploit I found within a few mins of googlin.

Here it was a citys (pop 2mil+) water system. I didn't need a name or password to it once I got into the server itself.

I screenshotted the login, the exploit, their water system (it reminded me of MS Paint, which a lot of those system seem to look like), then created a fresh e-mail using Tor, sent a few e-mails to several e-mail addresses I could find for contacting them, and within a few days it was no longer accessible.

For a longer time than I should have, I felt bad for doing it, but at the same time, I doubt they would have done much if I just e-mailed them without showing proof.

I never received anything, threats or thanks, in that e-mail account. So hopefully someone appreciated it.