I spotted a pretty funny story over at Digg today about a teacher who gave a wannabe “uber-hax0r” a lesson.
It’s from a guy who teaches some Linux IT lessons to high school students during the summer. He talks about “Pima” a 17-year old kid who considers himself an uber-hax0r and constantly interrupts the lesson with silly remarks like “OMG you are not using teh Debian!”
According to the professor the “Pima” guy was always doing all kinds of stuff on his PC like writing poorly constructed bash scripts or trying to download stuff from a non-existing Internet connection. One day the professor announces he will be going around to each PC during the lunch break to “break” something that the students will need to fix when they got back.
So when he gets to the PC of this Pima guy he discovers that the root password has been altered:
Let’s keep in mind that this kid is NOT the ripest banana in the bunch by a long shot. Let’s think about this, shall we?
1) The PC reboots to an image. Changing the root password is effective for the current ‘session’ only. I reboot the machine, I get a fresh load. Kapisch?
2) SSH is running on all of these boxes. Did I mention that I authenticate using a certificate to all of these machines? I don’t NEED the password.
3) In /etc/passwd, there’s this really cool user called (and I kid you not) “backdoor”. Backdoor is authorized for ‘su’.
Curiosity was killing me. I tried to login as “backdoor” and sure enough it worked and I could issue commands as root. Duh.
I wandered back to my instructor workstation and ssh’d to his box as root with no problems.
I had a decision to make. Do I just reboot the machine and carry on? Or do I teach this kid a lesson?
Oh yeah, he’s getting a lesson.
And that’s where the fun starts:
I whipped out my microphone from my laptop bag and plugged it into my workstation. I recorded a few choice sound files and scp’d them to his workstation in a directory I made called “/tmp/…/lmao”.
I then made sure that ‘sox’ was installed on the workstation. It was. I ran back over to Pima’s workstation and made sure that the speaker volume was turned to 75% on his speakers. Just to be a jerk I used my trusty pocketknife to pry the volume knob off of the speakers. There will be no adjusting these bad boys!
The clock said that I had half an hour left before the students returned, so I quickly returned to breaking the rest of the students’ workstations.
A half hour later it was show time.
The students filed back into the classroom. Pima was five minutes late as usual.
I instructed the class not to touch their keyboards until I gave them their instructions.
After I prattled on for five minutes with the assignment I sat back down at my workstation and acted like I was busy. I noticed that Pima had a big grin on his face after he logged into his machine with his root password. The grin said “haha you didn’t break MY stuff!”.
I brought up the xterm that was ssh’d into Pima’s workstation and issued the following commands:
$ cd /tmp/…/lmao
$ play haha1.wavAt that moment a loud booming voice commanded its way from Pima’s speakers:
YOU SHOULDNT HAVE CHANGED MY ROOT PASSWORD BOY!
There was dead silence in the room. Pima jumped back about half a foot from his PC.
Laughter ensued.
I glanced up from my screen and glared at Pima.
“Is there a problem? You should be working on your assignment and not goofing around.”
Pima squeaked out a “It wasn’t MEEEEE!”
I glanced back down at my screen and waited another few minutes.
I then issued this:
$ play haha2.wavThe class was treated to a very high-pitched chimpmunk version of “MY HUMPS! MY HUMPS! MY ITTY BITTY HUMPS!”
At this point the class was dying in laughter.
I continued with my straight man act.
“Pima, if you interrupt this class one more time I’m walking you out. Have some respect.”
He sat there and didn’t say A WORD.
A few more minutes go by and Pima is typing like a mad man on his keyboard trying to figure out what the heck is going on.
It was now time for “Le Finale Grande”.
$ play haha3.wav
Pima’s speakers blared the following in my own God-like voice:
“ATTENTION CLASS. THIS IS WHAT HAPPENS WHEN YOU DONT PAY ATTENTION TO THE INSTRUCTOR, CHANGE YOUR ROOT PASSWORD AND COMPLETELY DISREGARD YOUR ASSIGNED WORK. THAT IS ALL.”
At that moment Pima figured it out and was treated to his classmates (and me) laughing hysterically at him. He stood up, put his arms up in the air and proclaimed “YOU GOT ME. YOU GOT ME. OKAY.”
Pima has been a perfect gentleman since.
He even shows up to class five minutes early every day.
😆
Source:ITtoolbox Blogs.