My Black Hat Didn’t Really Fit
I’ll never forget my first time. I was thirteen and playing at a friend’s house. They had a computer, with a modem. A 300-baud connection to another world, and I was hooked.
Prior to discovering BBS’s, war dialing, and hacking, I was just a kid who liked computers. I liked to take them apart and look inside. I liked to play cheesy 8-bit graphic games. I liked to type.
After watching intently as my friend’s older brother dialed into a Houston BBS, read some messages, downloaded some files, and played some sort of network game (Trade Wars FTW!), I couldn’t stop thinking about how his computer was actually a connection to other worlds. I begged my parents to get a modem for the NEC 286 sitting on the desk in our study. My dad took me to a computer parts auction in Houston a couple weeks later and I came home with a 1,200-baud modem.
I was just a scrawny nerd, but with my new modem, I could connect to other computers, meet new people, and create a new persona! I still played basketball everyday with my friends, but even on the court I longed to be at home connected to a BBS. I was a closet nerd, but could still cross you up and Air Jordan reverse you on the playground hoop.
The BBS world was crazy and it didn’t take long to stumble into recipes for bombs and guides on how to hack. The instructions on how to make bombs didn’t really interest me, though I actually printed a hard copy of The Anarchist Cookbook and sold it to some guy at my school for a few bucks. The how-to-hack stuff drew me in.
I wasn’t interested in doing anything malicious, but for the first time in my life, I had a unique power that no one else in my real-life community even knew existed, so I did what any kid with power would do, I used it.
After weeks of reading and trying various hacking techniques; not limited to generating false credit card numbers, hardwiring a phone into my neighbors underground land line, and war dialing for hours every night, I obtained a pretty comprehensive list of accessible computers in the Houston area. With that list, and a pretty good understanding of UNIX operating systems, I found myself hacking into computers and obtaining access to encypted files.
Accessing the files was the hard part, the encryption part was easy. I couldn’t decrypt a file, but I could encrypt words, or more accurately, every word in the English language (from a “dictionary file”) and then compare the words I encrypted to the encrypted words in the file. When the strings matched, I knew what the word was!
Before network security was a thing, most UNIX computers kept an encrypted file containing all of the users names and passwords in a directory that was easily accessible if you gained access to the system and knew where to look (/etc/passwd).
I hacked passwords. It was easy, it was fun, and it made me feel powerful. The problem was that I had no one to boast to, no one to share the glory with, no one to recognize and validate my l337 h4c|<1ng 5k1ll5.
I hacked a big list of passwords from Houston’s first, and at the time, only Internet Service Provider (ISP). The Internet was in its infancy so not many people knew about it, but I did, so I hacked the shit out of it. After hacking and generating a list of account names and passwords from this ISP, I tried them out. I logged in as other people, but it was pretty boring, so I decided I needed to claim my fame.
I sent a message to every account registered on the system containing all the account names and passwords I had hacked.
I sent the message from my account. In hindsight, being a smart hacker and having common sense apparently don’t operate on the same frequency. I remember sending the message and feeling like a god… until I received a reply a few minutes later from the systems administrator saying my account was to be deleted and I would be blacklisted from any future ISP in Houston.
They did delete my account, but it didn’t take long for other ISP’s to spring up and I never had any problems getting back online, but I never hacked another passwd file.
I was a curious kid and I don’t regret hacking. Despite making some dumb decisions, learning how to hack taught me about computers, networks, and maybe more importantly, how to learn new things by doing, screwing up, and trying again.
That said, I never got the hacker cred I deserved. #l337