Your worst security blunder

Networking/Security Forums -> Exploits // System Weaknesses

Author: chrisLocation: ~/security-forums PostPosted: Fri Feb 07, 2003 12:42 am    Post subject: Your worst security blunder
    ----
Embarassment time

Please post your worst security blunders here, either first hand or that of a friend / colleague

Smile

Author: b4rtm4nLocation: Bi Mon Sci Fi Con PostPosted: Fri Feb 07, 2003 12:54 am    Post subject:
    ----
Leaving a linux server unfirewalled on the net with wu-ftp enabled.

only took 3 weeks b4 it was 0\/\/n3d

Embarassed Embarassed Embarassed Embarassed Embarassed Embarassed Embarassed Embarassed Embarassed

4 years ago tho! Smile

Author: NetworkguyLocation: UK PostPosted: Fri Feb 07, 2003 1:47 am    Post subject:
    ----
Not me but very funny

The night shift in a certain data center were getting bored one night. Of course they could not access any of the hard core porn on the net due to the corporate firewall rules.

But hang on, somebody realises that the data center is also a core node on our Internet backbone with several 9.6-GB feeds to it Very Happy

So they head off down to a pair of very large and very expensive Juniper routers and patch into a spare gigabit ethernet port (this is a core internet transit router).

Next they build themselves a nice little proxy server and plug that in and from there route it back onto the corporate LAN.

You may have noticed that I didn't mention a firewall. Thats right. they didn't bother.

So for a few nights, they have the time of their lives surfing the darker side of the net and even help themselves to some spare space on a customers EMC storage array.

In 4 nights, they managed to use up half a terrabyte of storage with pictures, videos and mp3s Very Happy

But then somebody notices during a routine security check that there is an unsecure web connection on the corporate LAN so the investigation starts.

So here we have guys who have the intelligence to configure a Juniper transit router, build themselves a proxy, configure this onto the corporate LAN and even reallocate an EMC storage array.

BUT

What they didn't do (and this is what got them sacked).

SWITCH OFF THE LOGGING ON THE PROXY Surprised

Just how much evidence did they think HR would need to sack them?

Author: flwLocation: U.S.A. PostPosted: Fri Feb 07, 2003 2:38 am    Post subject:
    ----
saxo shouldn't you have started this with a example of your own. Just to show we all f*ckup sometimes. Here's two for me:

1. I forgot to shutoff sshd when under a active bot attack that looked for a open issue with ssh1 when we were using ssh2. I got it the next day. Oops Embarassed

2. I also excepted a job from a jack of all trades and master of none when it came to IT and security. Confused

Author: squidlyLocation: Umm.. I dont know.. somewhere PostPosted: Fri Feb 07, 2003 4:12 am    Post subject:
    ----
Ive not had anything as bad as that happen.. Just a friends was routing though my pc and he was dling some stuff from Kazaa. Well some script kiddie tracked it back to my ip and tired to attack me. At the time I had no firewall up, and no realy integerity checking. My schools firewall caught most of it.

On the other side of the fence I was playing around with arp-spoof and I killed one of the local cisco routers. Knocked apx 400 people off the net for a couple of hours. Embarassed Thanks goodness they didnt look at the logs and see where the fake arps were comeing from Smile

Author: myhatisred PostPosted: Fri Feb 07, 2003 4:31 am    Post subject:
    ----
leaving port 23 open on my firewall when I closed everything else and had a nice linux box running until someone decided to take control of it. it's alright, that was 2 years ago, i've grown up since then.

Author: Mongrel PostPosted: Fri Feb 07, 2003 7:57 am    Post subject:
    ----
FTP site on my win2k - local user account - upload AND admin rights - script kiddie - rooted -

fortunately I noticed the machine was rebooted in the AM, tracked down all the goodies for posterity and study sake - wiped 'er clean and re-installed.

Author: ThePsykoLocation: California PostPosted: Fri Feb 07, 2003 9:48 am    Post subject:
    ----
Ugh.. I wasn't thinking and I didn't think to sanatize the HTTP_REFERER variable when tracking how people were getting to my page... a friend of mine injected a bunch of javascript into my tables and flooded me with popups when I went to view the logs.. Although since then I've found that HTML & scripting injections can be fun Smile

A worse one though.. not my domain, & was never responsible for it.. but one night I was poking around her server.. just reading and browsing.. went to her hosts support page and saw something about a webcontrol panel that you access via the cgi bin.. so of course I took a peek.. but not only did I take a peek, I 0wned that domain in under 10 seconds.. damn scary.. since there wasn't an account configured, it took whatever u/p I put in there and made me the administrator.. Now for the lucky part... she says that was supposed to have been taken down about 2 years ago and she had been told it was... during that 2 years, that domain was (at first anyway) despised by almost everybody in alt.hackers.malicious - a couple of them SWORE they were going to r00t it.. two years they tried every brute force, apache exploit, cgi exploit.... but they never bothered to stop and read the 'site owners manual' on the hosting companys support page... 2 years they tried and didn't see the open door right in front of them LOL

Author: Mike PostPosted: Tue Feb 11, 2003 7:41 pm    Post subject:
    ----
on my freebsd server
i putted a copy of master.passwd in it
some users noticed it and decrypted the passwd so they could login without a notice Razz

but now i still see stupid wheel users what do that Wink

Author: chrisLocation: ~/security-forums PostPosted: Tue Feb 11, 2003 8:20 pm    Post subject:
    ----
Ive been caught out by classic social engineering

A few years back on irc, when there was the usual tonne of flaming and abuse, I accepted a file from what I thought was a trusted source. Checked the ISP(which at the time had dynamic IPs) and the ident / nickname / realname matched up so I accepted the file. I ran it, mcafee said it was fine.

Since it was from a trusted source (or so I thought) I didnt suspect anything. It opened a funny image, and a dos window spawned quickly at which point I knew something was wrong but not quite what. After analysis later turns out it was sub7 binded to a picture and editted slightly to bypass most signatures at the time Sad

Noticed a stack of connection attempts after which were denied by the software firewall I was using at the time, conseal, so pulled the plug and reformatted


Last edited by chris on Tue Dec 09, 2003 11:27 pm; edited 1 time in total

Author: browolf PostPosted: Tue Feb 11, 2003 11:16 pm    Post subject:
    ----
only last week i made a cunning bat file with delprof to delete all the bazillions of local profiles created on our win2k boxes. I was just using net view to get a list of computer names.

it was a honest mistake i didnt think about ppl's laptops. luckily i only wiped out one person's profile who had their laptop on the network but not logged in. that was certainly a close one.


about 9 months ago. something went wrong in the switch cabinet (8 stacked switches) i was trying to fix it by myself in the evening. there was a night class on. unfortunately i didnt do a very good job. and i think i inadvertently unplugged some switches from each other. in the morning no-one could remember how they were supposed to plug together. we had to get someone from the firm that put them in to come and sort us out. it was a hideous mess b4 i made it worse. so they just unplugged everything and put them all back in again in a better order and made us a diagram. Smile

Author: WHISP3R PostPosted: Tue Feb 11, 2003 11:24 pm    Post subject: Irc Screwup
    ----
Opening a telnet connection with my IRC channel eggdrop and finding out that through /msg IDENT password the bot had set my hostmask to *bob*@*.undernet.org And I was on the Auto Op list, Allowing anyone with bob as a username logged into X to be Auto-oped
Embarassed Embarassed Embarassed
Moral: ALWAYS Always Add your eggdrop hostnames manually. Or ident and then change them.

Author: ComSec PostPosted: Wed Feb 12, 2003 2:24 am    Post subject:
    ----
dont laugh ,an EX AOL member through work.......till i got booted and lost me job Very Happy Very Happy........even had a spam collection box called e-mail LOL

"thank you aol"

Author: tutaepakiLocation: New Zealand PostPosted: Wed Feb 12, 2003 3:23 am    Post subject:
    ----
I was asked by a collegue to scan his ADSL connection to see how secure he was. Turned he wasn't at all, the ADSL modem was wide open, and it took all of 5secs to google to turn up his config password.

The trick was when I showed him how easy it was, and left his work PC connected to the config screen of his ADSL modem, with auto-refresh enabled. In a classic case of timing, he'd just upgraded to a 10MB connection with a very low data cap.

He still blames me for the $600 bill he got from his ISP Laughing

Author: Zilker PostPosted: Sat Apr 12, 2003 9:53 pm    Post subject: NT blunder
    ----
So I'm sr. sysadmin on a NT 4.0 network of about 8,000 users. I get a call from the helpdesk that "no one" can login. Hmmm. That's strange? I check and I can login, seems everyone around me (sysadmin team) can login. What could the problem be?

Everyone who has admin privledge can login, but no one else can? What could it be.

Then the "HOLY CRAP!!!!" moment hits. What would allow me, an administrator, to login but not anyone else? "Access this computer from the network"

Well, it seems one of the other administrators (read client) had decided to build themself a test domain controller. He wanted to secure the system so what does he do? He removed everyone except "Administrators" from the "Access this computer from the network" on his "test DC".

Of course, any policy change on a Backup DC is actually performed on the PDC and propogated. So in effect, by trying to secure his system, he had blocked everyone from accessing the NT domain.

Author: ThePsykoLocation: California PostPosted: Sun Apr 13, 2003 3:02 am    Post subject:
    ----
?? he put an unauthorized DC onto an existing network for "testing" purposes?? without realizing the impact or notifying anybody?? holy smokes... did you take him out back at the end of the day and beat the crap outta him at least?

Author: Zilker PostPosted: Mon Apr 14, 2003 5:54 am    Post subject: Biff
    ----
I really would have liked to, but he was one of the clients. This pud added unauthorized DCs, attempted to redirect the WINS replication and make his WINS box the primary and troubleshot web development problems by adding the "everyone" group to the admins group on his web server (which also happened to be a domain controller.)

When i was told by management I could not remove his admin priveledge, I polished the resume and found another job.

The fun part is: in a couple months my new job will be pen-testing that company. VENGANCE IS MINE.....

/Zilker

Author: squidlyLocation: Umm.. I dont know.. somewhere PostPosted: Mon Apr 14, 2003 6:33 am    Post subject:
    ----
Zilker how many holes are you gonig to tell them right off the batt. All of them or just the ones that the moron would open up.

LMAO what company was that... I'll "assist" the pen-test Twisted Evil

Author: Zilker PostPosted: Mon Apr 14, 2003 8:32 pm    Post subject:
    ----
I figure I'll hit his personal box first, use that to attack the rest of the network. That should be embarrasing enough.

I appreciate the offer, maybe I'll let you know after I've delivered the report. You can then "verify" they have made the appropriate changes...

/Zilker

Author: Hackmo PostPosted: Sun Jun 22, 2003 1:24 am    Post subject:
    ----
This didnt do any harm but was extrememly stupid. When I was in irc awhile ago I used the /nickserv IDENTIFY command to log in but instead of putting a / before the command I put a . so everyone in that channel saw my password Embarassed luckily no one done anything with it and I changed my password quickly but still was pretty stupid.

Author: bknows PostPosted: Fri Jul 11, 2003 5:39 pm    Post subject:
    ----
Immediatley after giving a family member a lecture on how stupid most users are and how little they understand about security, I left my laptop and briefcase in my driveway and drove to work (I put it down to move something else in my driveway).

Pride goeth before a fall Wink

Author: Guest PostPosted: Mon Jul 21, 2003 11:19 pm    Post subject:
    ----
I've done something really bad when I tried linux for the first time:

It was 1996, I had bought a old box and I wanted to try linux so I borrowed a Redhat 5.* (don't remember the version correctly) disc of a friend and started to install a webserver (full install with all applications and they were put in init.d). After 3 weeks I got a call from a sysadmin from Sunet (it's a big gigabit network in Sweden(www.sunet.se)), and he said that I had killed alot of their boxes, I had no idea what he talk about but as you can imagine at this point I got hacked really quickly. That was about what I had to say about it Embarassed.

Author: tutaepakiLocation: New Zealand PostPosted: Mon Jul 21, 2003 11:29 pm    Post subject:
    ----
Remebered this in the sdfc irc the other day...

I was doing a vulnerability scan using Nessus for work one night, and kicked of the scan 'bout 10PM. I was doing it over a dialup link, and I kept getting disconnected, so I stayed up all night baby sitting the scan, and cursing my ISP. (Staying up all night is no mean feat at my age Sad )

The next day, I realised that I'd forgotten to disable the ATH0 exploit!

DUH!

Author: thehulky1 PostPosted: Tue Jul 29, 2003 6:55 am    Post subject:
    ----
Mine is when dialing my ISP I trusted the DUN app and had a BO flashed into my bios by an ISP idiot.

see new topic, FW Rules for PC.

Author: whacker_mole PostPosted: Tue Aug 12, 2003 9:29 pm    Post subject:
    ----
Good old PHP mistake...

Threw it together early in the morning as the last item on my todo list... (This will always get ya) I simply made the mistake of taking a HTTP passed variable and issuing it directly to a local linux app...

Realized the mistake the next morning, when the *thoughtful* intruder snagged dir structures of all of my home/office machines through an 'ls' of my /mnt dir.

doh!.

Author: uncletomLocation: Isle of Man PostPosted: Tue Aug 12, 2003 9:44 pm    Post subject:
    ----
Not necessarily my worst security blunder, but one made by a co-worker that I discovered one bored saturday night.

Netbios was being exported to the world, as was LDAP/ Active Directory and a copy of surf control with a tree recursing bug in.

My what a shock they got when they read the e-mail I has sent them over the weekend with full details of the user names, shares, etc on the mail server (the one that was exporting all the above things).

Made myself very popular! Laughing

Author: cisco studentLocation: SFDC USA: Chico, California PostPosted: Thu Oct 16, 2003 5:48 pm    Post subject:
    ----
typing my password into the username field.

Author: chewiepmLocation: hellbound PostPosted: Thu Oct 16, 2003 8:46 pm    Post subject:
    ----
Leaving that porn on my hard disk unencrypted...
________
TOYOTA TS010


Last edited by chewiepm on Sat Feb 19, 2011 4:57 am; edited 1 time in total

Author: TXLeXTCLocation: The Great Republic Of Texas PostPosted: Thu Oct 16, 2003 9:28 pm    Post subject:
    ----
Forgetting that I still have big brother in other offices....

And assuming that the latest version of IIS was secure and leaving the webserver out there unattended...

Author: LÓm GravecryerLocation: Holland!! PostPosted: Tue Dec 09, 2003 11:17 pm    Post subject:
    ----
Im living in Holland, and KPN (our phone company) is very weird...
they know about the follwing and yet wont do anything against it Confused

My cousin and a lot of other ppl here in holland got hacked by some company, wich went calling sex-lines with their phone account Exclamation
luckily my uncle read the phone bill and saw SOMEONE had called a sex-line for over 12 hours!! (he first blamed his kids RazzRazzRazz)

Author: cyn1c4lLocation: Canada PostPosted: Sat Jan 17, 2004 12:13 am    Post subject:
    ----
LOL to all of you. I think we've all made mistakes, and hopefully some of us (at least I have) learned from them.

My worst blunder ever I commited about a year ago. I was setting up Windows 2K Advanced Server, and before I did updates or ANYTHING I hooked it up behind the router. I got distracted, as my g/f wanted me to come home, etc. So, I left this unprotected box, chilling behind the router, IN FRONT of the firewall, because I didn't notice where I was placing it. I also had the Telnet service running, with Guest and Guest (UID and PWD) with full r00t access.

I was pwnd in under 8 hours. Call it a lucky strike, or an act of God, but I lost EVERYTHING. It wasn't even a good h4ckz0r who wants to use my comp to attack someone else... NOOOO, it was a frigging l4m3 kid who formatted everything, Evil or Very Mad

*sigh*

Let's just say I didn't do that again.

-Cyn

Author: ToblopoLocation: Australia PostPosted: Wed Feb 04, 2004 12:23 am    Post subject:
    ----
At the school i work at we had a program called Networx. Or something to that extent which was a remote network admin program. It was good. and kept the average user inline. There were ways to exploit it but most of the students arn't that smart. Anyway the main thing was it worked. until browsing the network one of the students stumpled across a shared folder that contained the Networx install file. now that wouldn't have been a problem apart from the Txt file that contained the password to disable it.

There was another instant of shared stuff being leaked and that was an Excel spreadsheet containing the teachers usernames and passwords.

Both these mistakes were made by the old It tech when i was a student here.

Author: goddessofsnarkLocation: New Jersey PostPosted: Tue Jun 08, 2004 3:03 am    Post subject:
    ----
This wasn't me, this was someone at compusa....

At compusa they have the macs on display, and someone had thought they could check their @mac.com email from the store, so they put in their username/pass combo on the page....realize it's not connected to the 'net, and leave it up, with his username and pass!

I copy and pasted it into appleworks, and i can't quite remember what it was, but it was certainly password-ish...that's pretty stupid, if you ask me...

My personal worst is adding a spywear/virus laden comp to the network without even firewalling it...i had to go through and take all the stuff it had spread through the network off the other computers....and i did that knowing that it was probably full of spywear/trojans/virii...

Author: PhiBerLocation: Your MBR PostPosted: Tue Jun 08, 2004 8:01 am    Post subject:
    ----
::sigh:: I am VERY ashamed of this...

When I first got into computers many YEARS AGO, I thought I was so cool because I knew how to use sub7. I didn't know anything about TCP/IP, true hacking, not even hardware. So i installed it and tried to send people the trojan. (I was probably 14 or 15 years old)

I couldn't figure out why I couldn't connect to certain people so I decided to install the virus on my own machine because I thought I could find out what port it used and so on. Yup, I couldn't figure out how to delete the virus and I had a VERY vulnerable machine.
Crying or Very sad


Last edited by PhiBer on Fri Jul 16, 2004 8:49 pm; edited 1 time in total

Author: AntiThesis PostPosted: Fri Jun 11, 2004 11:19 am    Post subject:
    ----
Many many many moons ago when I first started using IRC (read extreme newbie Laughing ) They told me that alt+f+a+x would pop up an easter egg. Bastards. Very Happy Embarassed

Needless to say, I've progressed a tad from those dark days... Rolling Eyes

Author: Phrekie PostPosted: Fri Jul 16, 2004 8:36 pm    Post subject:
    ----
A coworker of mine brought a laptop to the office from one of our users. The user had the described the problem as "having trouble using Internet Explorer". Fine he thought, just some adware-removal and we're set. He proceeded as usual by connecting it to our intranet and booting it. The moment he launches Internet explorer he gets an lsass crash. As an innocent bystander the first thought that crossed my mind was "man, we're screwed". Luckily the sasser virus started sending its load to some nonexsistant subnet, so it was all fine.

Later that day the same coworker decided to do a little sniffing on our lab-net to check if everything was behaving as it should. The only problem was he did it from the firewalled gateway (freebsd-box) bordering to our intranet, forgetting to specify which nic to sniff, resulting in arp-poisoning the whole admin-subnet Laughing

Let's just say we've had a couple of laughs during our coffee breaks Wink

Author: piccolo_21Location: NYC, USA PostPosted: Fri Jul 16, 2004 8:58 pm    Post subject:
    ----
wow that is some crazy stuff well i guess mean would have to be let me see... (i had so much eh he) I met someone on one of those pc forums who told me he had a copy of kav antivirus with a good key, so i told him to email me it and man!! i got like 4,000 and more viruses from that file when i installed it. dont know how but man i have to do so much, and i was out of town that weeken with my laptop....

Author: amadkowLocation: Bakersfield, CA PostPosted: Fri Jul 16, 2004 10:22 pm    Post subject:
    ----
the worst I have done so far is when I was first getting in to running a web server I set up IIS on a windows 2000 box and didn't get any updates. That server was hacked within the first few weeks of being up. This was years ago

Author: sim0n PostPosted: Fri Jul 16, 2004 10:22 pm    Post subject:
    ----
The worst I've ever had was a trojan and a buffer overflow exploit...

I've had a few virus situations, but nothing serious...though at times, it's difficult dealing with others mistakes. Smile

Author: UVLocation: Leicester, England PostPosted: Sat Jul 17, 2004 3:00 am    Post subject:
    ----
AntiThesis wrote:
Many many many moons ago when I first started using IRC (read extreme newbie Laughing ) They told me that alt+f+a+x would pop up an easter egg. Bastards. Very Happy Embarassed

Needless to say, I've progressed a tad from those dark days... Rolling Eyes

go on then, im thick. what does it do?



Also my worst would have been 4-5yrs ago back when i thought trojans were cool. No clue how i got infected or who it was but one day sitting in an old irc phreak channel and talking to my cuz on icq. Up pops a stupid chat window saying "thats right. im watching u ben".

ive never felt so sick and completely gutted!

and yesturday, every connection to the net was directed to http://outbreak.ntli.net/ . After scanning and being completely confused as to how id be infect by this, i realised i was flooding someones email earlier. Obviously enough to get ntls attenion! My bad, lame but fun.

Author: dadragon PostPosted: Mon Dec 13, 2004 6:33 pm    Post subject:
    ----
Anyways as the best man for the job i installed the 2 firewalls in HA at the data centre and went through all the configuration and decided that the last thing i was gonna do was to change the default passwords when handing over to the clients before they went live. Half way through my fourth pint in the pub i remembered what i forgot to do....ARRGHHHH!!!! I screamed but luckily for me the reseller was not that dumb afterall he had changed the passwords for the clients and already sent an email detailing my blunder...I will never forget the remaining half of the pint as it was then i realised that larger was indeed BITTER!!!! but let's not tell anyone i made that blunder. Very Happy

Author: SteelValorLocation: Central New York PostPosted: Tue Dec 21, 2004 6:19 pm    Post subject:
    ----
I was ftp'ing the final UT patch from home to a server at work for a co-woker to get. I had zipped it as utup.exe. The upload was slow so I stopped it and went to work. Weeks pass and I was reviewing the ftp logs and see this upload started by admin, uploaded a filenamed update.exe and seconds later deleted it and sign off. I panic! "OMGZ!! We got hacked!!" I yell to the other webmaster and then I start the nslookups and requests for ip stuff. I chase this around for 2 days and finally track down the ISP and their support. They say "You're kidding right? Get ****ing warrant." I then lmao and say sarcastically "Good Game!! Thanks for the cooperation. I'll keep it in mind when the high schools turn on you" and hang up. It then dawns on me that I've been chasing me for 2 days. Embarassed x2

Author: x3n0n PostPosted: Mon Mar 07, 2005 5:32 am    Post subject:
    ----
omg, this one is pretty bad (not in comparison to some, but to me it was bad)...
a long time ago, back when i was a total n00b at computers and the net, i found kazaa, and im thinking "great, free downloads all the time" so after a while i think to myself, "well, besides warez, i could download some porn", so i start a search for "pamela anderson", after about a minute, a full list of results return and there is this one item that is called something like "pamela712351.exe" and i thought to myself "hey, this might be some sort of screensaver with her, or some sort of game" so i download it, and attempt to install it.
suddenly, all my programs start to open slowly and my computer is basically rendered unuseable. because i didn't have a lan, or even a burner, i had to copy all i could onto floppy disks and re-format the whole computer.
that is when i first realised that not every exe is safe, lol

Author: InBan PostPosted: Thu Apr 21, 2005 2:42 am    Post subject:
    ----
One that wasn't me; A site admin wanted to open a port in the primary corporate firewall so he could synch the clocks of his computers with a clock on the internet. He asked the 'firewall admin', a real bright fellow, to open the appropriat port. the guy couldn't remember which port he was supposed to open, let alone that it only needed to be open for outgoing traffic, so he just opened up everything. Brilliant. Since then the firewall has been replaced, and netbios and rpc are closed now.

One time I 'accidently' removed IIS from a production exchange server *doh*. That was a late night rebuild.

Early 90's I infected my home computer with Sub7 because I just wanted to see what the hell it did, dumbdumbdumb.

Author: Colonel_Panic PostPosted: Thu Apr 21, 2005 3:22 pm    Post subject:
    ----
Getting hit with CWS long time ago...

More recently, not exactly security blunder but stupid anyway:

I logged into one webserver I manage for some routine administration. I logged in from my laptop which happens to have same os as the server, and in general pretty much the same 'look and feel'. So, I log in through ssh, do the work and as it was friday night I tought I'll go home early. So I proceed to shut down my laptop

shutdown -h now

halfway through shutdown I realize:
Oh for f#$% sake, I didn't log out from the server!

I dash to NOC to boot the damn thing back up, but unlike almost any other time, the door was not open. So I have to spent half an hour to find someone with a key (my 'going home early' is still pretty late) and of course I had to come up with some reason why. Luckily that server has had some harware issues with boot process (fixed though) so I mumbled something vague about 'testing'.

So much for going home early. Absent-mindedness and root account don't mix well...

Author: eiuolnmuLocation: 127.0.0.1 PostPosted: Tue Apr 26, 2005 6:55 am    Post subject:
    ----
When I was in college I was taking a class in Win2K Server and I gave all the users in my directory Admin rights. Needless to say someone locked me out of my own box. Rolling Eyes


Thanks,
Oz

Author: Cybertrion-Systems PostPosted: Tue May 03, 2005 8:15 pm    Post subject: Cpanel exploit
    ----
1 year back i was working on one of my website and i had seen the webmail for the cpanel can take only 8 characters and is more vulnerable to brute force attack.
I thought it's just a bug in the server but later after few months someone had released the same thing in all the mailing list.
I had reported this to my host admin but that fool don't know what to do?
Then after few months realised that it's was the bug in the cpanel not the server.

Author: monkranterLocation: Texas, USA PostPosted: Tue May 03, 2005 10:42 pm    Post subject:
    ----
A couple of years ago I was researching a problem that was giving me grief. (I can't recall the nature of the problem.) I was looking on one of those tech forum thingys were people post problems and others try to help them. I think most of you are familiar with such sites. Smile

Well, I saw that someone was having the exact same issue as me (I used the Search feature for the forum) and someone else was kind enough to post a reply with a link to a fix. I didn't pay close attention to the URL and when I clicked the link, I was sent to a site that flooded me with popups of some guy's naked back side. There was also an audio loop that said, "Hey everybody. I am looking at g4y p0rn."

Did I mention I worked in a cube environment and it just so happened that I had my speakers at a relatively HIGH volume!!! I was ridiculed for weeks.

Author: Wi1d PostPosted: Fri Sep 02, 2005 7:44 am    Post subject:
    ----
many many moons ago I had heard of this cool OS called Linux and decided to try it out. I went to the book store and found one of those foot deep books that comes with a copy of Red Hat and promised I'd learn in 24 (hours | days) or something like that.

Well I read the book and installed the OS. Unfortunately it was version 3.0.3 and the latest version was 5.0, Hurricane if I remember right, and I didn't get to the part of the book about updating the OS quick enough before I got rooted.

Author: chiawaikian PostPosted: Wed Oct 05, 2005 10:34 am    Post subject:
    ----
Letting a teenager use my computer without supervision in an admin account.

Author: graycatLocation: London, UK PostPosted: Tue Oct 11, 2005 1:51 pm    Post subject:
    ----
not so much of a security blunder but more of a blonde moment:

remote desktoping to our main file server, did what i had to do and went to log off ....... but missed and went with shutdown! Shocked oops Very Happy lol

i'm glad to say i'm not the only person to have done that .... even our expensive "support company" managed to shut down not only the file server but the exchange server too Very Happy lol

I've since added the log off button for my profile Wink

Author: tepster PostPosted: Mon Dec 05, 2005 11:22 pm    Post subject:
    ----
Well, from the age of 10 ive been living in a university halls of residence, as my mum manages the hall. All the networks are restricted, and dont allow important downloads such as security downloads, windows update, even msn messenger. Only the administrator can log on, and allow this updates. Anyway back when i was cocky, i asked the administrator to set up steam for me, but left a keylogger in the background. So when he left, I had the administrator details. I went on a downloading spree, and downloaded a cryptography program for my computer which needed port 23 open. So i did this, the forgot to close it afterwards. The whole network got rooted and took ages to set back up. Although i never got caught, i was deprived from the internet for about two weeks Sad

Author: PSTUBb PostPosted: Tue Jan 24, 2006 2:48 am    Post subject:
    ----
I usually dont do anything without finding out a hell of alot about it first, but sometimes I just cant not try something lol. Like when i found out Alt+F4 doesnt launch a cool game lol. (hey common! just do it!) also back when i wasn't into security as much, just your average user I guess you could say back then.

I was at someone else's house, and he wanted me to log on to MSN. He had just told me about how he got his friend's password by making him type it in the username box.

So as I'm typing my password, I am staring at him to make sure he is not looking. Meanwhile he has clicked inside the username box.

I felt so stupid!

Author: GroundControl PostPosted: Tue May 16, 2006 1:29 pm    Post subject:
    ----
Several years ago on my Win2K-Box, late at night, me and a bottle of wine browsed the mass-downloads from usenet (pictures, from an alt.binaries...-source, you know?).
At that time I had a dozen years experience in computer science, I also already had my master's degree in computer science and I felt fairly confident with that time's security issues.

However, the binary-download-usenet-browser I used ran fullscreen and I did not notice the scrollbar on the botto, when I doubleclicked the .jpg-File with that very, very long name that ended with .jpg at the rightmost end of my window and *panic* my Norton popped up a window that he just blocked a virus-executable and quarantained that file.

What the heck...? Oh, well... it did not end with .jpg but with .jpg.exe, just the .exe was exactly outside the window, thus me not noticing the scrollbar accidently "hiding" the .exe-suffix from me.

ok, nothing bad had happened but when something passes you own attention and only the second perimeter of defence blocks the attack, you feel like being tricked out anyway.

From that time on I stoped to work on the internet or on downloads for the first time when I enjoy wine or feel tired. I doubled the level of attention I spend on my own action and swore to myself that this is not allowed to happen again.

Up to now, it didn't.

Author: Xif PostPosted: Fri Oct 27, 2006 12:13 pm    Post subject: Open port 23 + 80
    ----
Yeah me and my friends used to hack each others computers for fun, and I left the ports 80 and 23 on my old Win 98 computer open for something like 2 weeks. Nothing happened, except I kept getting hacked by my friend, again and again. I finally realised my error, and closed the ports.

Yeah, not too bad, but it's still a screw-up.

Author: lm PostPosted: Tue Jun 12, 2007 9:24 pm    Post subject: Hacked
    ----
My worst blunder happened when I first got out of college. I got hired by this media company to set up a web site and do some other stuff. I set up a Microsoft IIS box (lol) and promptly drove it over to the co-location place. They stuck it in a rack and plugged it in, sans firewall.

About 10 hours later, the Nimda worm owned the box. One of my friends emailed me a link to the company web site (fortunately I got this email before my boss found out). When I loaded the company web page, I got a nice greeting "HACKED BY CHINESE!!"

I was a head-in-the-sand IIS admin.

ROFL.

Author: SteelValorLocation: Central New York PostPosted: Wed Jun 13, 2007 4:36 pm    Post subject:
    ----
1) I've locked myself out of MySQL before ... twice
2) In my infancy you could fail my login checks and then hit refresh and be granted a session. Surprised lmao oops

Author: Dalt PostPosted: Tue Mar 18, 2008 1:55 pm    Post subject:
    ----
Knowing that my USB drive had worms, viruses and other stuff i plugged it into my notebook. After this i could not to turn on my machine Laughing

Author: D1g1t PostPosted: Wed Feb 04, 2009 5:19 pm    Post subject:
    ----
Good thread Smile

I have recently lost a flash-drive, that contained my icq, msn, amd gmail clients with all contacts, history and auto-login

Embarassed Embarassed Embarassed

I was running home very fast, to change all my passwords to everything Smile

Author: andybase PostPosted: Tue Nov 24, 2009 1:39 pm    Post subject: Linux is not safe
    ----
There are viruses for Linux too.

Author: KNOWLEDGE464 PostPosted: Wed Nov 25, 2009 1:04 am    Post subject:
    ----
Well in my beginning years I was a Kazaa user and always downloaded everything to do with music this was back in 2000 I think this was a great time for worm viruses and well I so happen to get the loveletter virus and my account information stollen Shocked classic oops and well Norton then and still now sucks didnt catch it and well I lost 1500.00 in purchases to some websites I never heard of

bright side I never used Kazaa again and second got a fix . bat file and removed the virus and all its wonderful exe files it created, and I learned a lot about worm variants and also with a nice phone call to the bank and a letter on the virus information and what it stole I got my money back and bought a civic sweet Very Happy

In the present date this was not me but a user on my network before we went corporate and got bought by a big time company we had a network that was crap and I happen to walk into a job security location where the IT director himself designed the network LOL what a spagetti bowl of cable and weak switches connected to a small home firewall and blah blah you get my drift it was NUB network design 101 full of 10MB connections, partitioned magic RAID 5 servers, and bottlenecks. And well a user surfing the web got a popup said you have 204 viruses on your computer click here and remove LMAO they clicked it.... and kissed their desktop access and wallpaper goodby and hello owned by melware LOL I got rid of the junk and backdoor exe folder with loads of exe's waiting for someone to use them LOL it was good times.

Author: ryansuttonLocation: San Francisco, California PostPosted: Wed Nov 25, 2009 2:06 am    Post subject:
    ----
Surprised I never commented on this thread...

Some ID 10 T errors I caused:
Running the wrong command on our PIX firewall and bringing down the internet.
I was remotely logged in to a server and I accidentally restarted the server thinking it was my own (local) machine
Setup an internet facing server without applying proper security - it promptly got owned

Author: AdamVLocation: Leeds, UK PostPosted: Wed Nov 25, 2009 5:23 pm    Post subject:
    ----
ryansutton wrote:
Running the wrong command on our PIX firewall and bringing down the internet

That's one hell of a command!
Please don't ever key in commands to a military computer...

Author: NonapeptideLocation: Scottsdale, Arizona PostPosted: Thu Nov 26, 2009 12:48 am    Post subject:
    ----
Really simple one for me: I seem to recall walking out of the server room and holding the door open for someone that I didn't know. It was a small enough IT department to where I knew everyone there... but I thought he was a contractor and "surely he belonged there..."

Fortunately he really did belong there, but that was one very stupid thing for me to do. Lesson learned.



Networking/Security Forums -> Exploits // System Weaknesses


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group