Hacker News new | ask | show | jobs
by jadams5 1750 days ago
Oh man, yeah also adding to the list of people that abused their highschool computer labs with this. We had so much fun, but we eventually drew the ire of the school IT admin. After class one day the teacher took us aside with the admin and asked if we had installed BO on the computers, which we of course denied... they "believed" us, heh, but gave us a stern warning that whoever was doing it should stop. We would have all probably ended up with felony charges these days.

The next year, so 1999, we actually got approval to attempt to change our grades as an exercise. We actually managed to do it by sneakily copying a floppy one of the teachers used to store their grades with a program called Integrade. We took it home, reverse engineered the password protection to disable it, changed our grades on the copy, re-enable the password protection with the original password, and turned that in as our proof. Our teacher was impressed and super sketched out/nervous at the same time. I guess they never considered we'd succeed and get access to the whole class's grades...
2 comments
xtracto 1750 days ago
Tangentially related but, back in the late 90s in my first year at BSc Software Eng. I got in trouble because I cracked the password of a Win98 program called Protect-Z which put some user controls I my Uni's labs machines.

The funny thing is that when the person in charge of all the labs found out I had the password, he asked me how did I get it. When I explained to him about how I attached to the protect-z process and debugged it to get the password , he didn't believe it was possible.

Great times... as someone said, these days you'll surely get suspended or worse.

link
chihuahua 1750 days ago
At Oxford in 1989 or 90, some kid in the Math+CS program got caught running some password cracking software (reversing the hash on /etc/password) and I think he was expelled for that.
link
grioghar 1750 days ago
Hex-editing Intergrade at certain points allowed you to bypass authentication and go RIIIIIGHT in.

I didn’t know what that meant at the time, but my buddy sure did.

He was kicked out of school a few weeks later for editing his grades.

link
jadams5 1750 days ago
Oh wow, yep, that's exactly what we figured out. Their save file format stored the password hash, but didn't actually encrypt or obfuscate the grade data beyond just whatever serialization they were doing. We were starting on figuring that format out when we noticed that creating a new save file with or without a password changed a byte right before the password off and on... flip it off and the app no longer prompted for the password... edit/save in the app, flip it back on, and that was that. edit: I should add, rather than get expelled we got a ton of extra credit for it since it was at least sort of sanctioned.
link