Back in high school, I had too much free time, so I decided to play a joke on my computer teacher. I created an exact clone of the school's DOS system using QBasic. It would pretend to execute three commands: DIR, DEL *.*, and FORMAT. The simulation was so realistic that during development, I was kicked out of the lab. Usually students would be playing Secret Agent or Jill of the Jungle.
The day arrived when my project was ready to be unleashed upon the world. I waited until the teacher was hovering nearby and then I started my application, running the FORMAT command on the network drive. Some classmates were watching the screen and she hurried over to see what all the fuss was about.
The reaction was immediate. She stared at the screen, eyes wide open, and mouth agape, as the terrible seconds ticked by. At that moment I regretted my deception and tried to abort the demo. But QBasic didn't understand CTRL-C during the SLEEP command. Pressing CTRL-C just interrupted the current SLEEP, so it caused the percentage to advance faster. I had to hold down the abort keys and wait until it advanced to 100% before I could prove that everything was really okay.
But then it said:
That was the closest I've ever come to being murdered.
program that LOOKED like format. Not really format, or command prompt.
Pretty cool prank tho.
It had a simple form of basic, so I wrote an program that emulated the clear memory function. It worked like a charm, the teacher never suspected anything.
Still failed the exam though.
Got me sent to the dean and almost kicked out of school lol! Haha good times with QBASIC :D
I did something similar, but the reason was different. We were using PS/2 machines as dumb terminals to connect to a terribly underpowered IBM RS6000 unix server where our source code, compilers, etc... were stored. Having to use VI to edit code on a machine with not enough memory was ok when only one or two students were connected, but as soon as the 15 of us were connected and compiling, it become a nightmare to edit and save. Easy solution: Run something like the Turbo Pascal editor to edit the Cobol sources, then copy to the unix server, launch the compilation and continue to edit the source code on the PC while it compiles.
Except we were not allowed to save anything on the PC at all, and we were forbidden to bring any floppies. My solution was to reprogram fake dos commands (like DIR and CD) using compiled QBasic, calling the real DIR command (patched to DYR in CMD.EXE) and filter the output to hide the location of a hidden folder deep in the IBM AIX software. I installed that one evening when the teacher was sick, and I've been able to use Turbo Pascal and other cool tools and games (to play while things compiled) for two years in a row :)
Funny thing is that I was storing the output of all commands in a log file, so I was able to see what people were typing on the computer, allowing me to see exactly how the teacher was looking for unauthorized software. One day I noticed that there was a lot of strange command, and remembered that the day before IBM people came to "upgrade the AIX version", I quickly found out they also were looking for unauthorized installations of IBM software, and based on the time stamp they spent about 3/4 of their (expensively billed) time doing that...
Damn, too long a post...
So i wrote a QBasic fake. Once he typed QBasic at the command prompt, the program told him to insert his floppy disk, and when he inserted it, the program did a DIR on his floppy disk, and deleted my program if it found the filename.
The guy looked at me like someone from another planet henceforth...lol
The result was you could delete a file and it would appear to be lost if you entered "DIR", in real DOS, until smartdrive flushed it's cache or you rebooted the machine.
You could also run the actual FORMAT command, running for real, but the disk data would be intact afterwards.
Great times, great fun!
OMPPAC (Ontario Municipal and Provincial Police Automation Cooperative) was rolled out during my tenure. It ran on XT-class PCs connected via token ring to communication servers and then to the tandem via 9600 baud async connections. It was a character-based application with an opening screen that spelled out OMPPAC diagonally across the screen in large letters composed of each character, and a bitmapped OPP symbol.
I wrote a QB4 program in 1989 or so that mimiced this screen in graphics mode. As soon as you hit a key, a pacman character appeared at the top left and started munching the screen up a row at a time, with pc speaker "Jaws" music. When it reached the end, the screen flashed postitve/negative a few times and then was overwritten with OMPPAC-MAN!!!, with accompanying musical "CCEG.EG!!" fanfare.
I installed this on the demonstration machine just before a meeting of some of the top brass, superintendents and inspectors. I subsequently discovered that this is a group of people particularly immune to humour.
Luckily for me as a civilian employee at the time the fallout was not significant, but there were a lot of red faces and blustering, sputtering rage from those accustomed to barking orders and not getting egg on their faces.
The beauty of remote code exploits is that you can potentially use them to do anything.
Our school had a network of Acorn BBC computers that had a ROM for networking, called "Econet". The Econet ROM had built-in routines for copying blocks of data to or from an arbitrary memory location on a another computer and another for remotely executing a JSR instruction to an arbitrary memory location.
In my more constructive moments, I started working on a system that would allow a program to use the the memory of any number of computers on the network. But I never finished it.
so, alt+255 is an invisible, space-like character, but the great thing is, you could name files/scripts alt+255.exe/bat. and if you put them in c:\, you could add them to the autoexec.bat without one noticing it.
i used this to write a mockup virus scanner, that reported a virus (tequila!), then faked a system error and begann formatting. additionally, it set the dir command to search for andiasjd.sdj files by default, so if you just wrote "dir" afterwards, the response was "no files found".
my younger cousin (always my first victim, uh, beta tester then) began to cry. i still feel bad for this.
uh, and i especially love my mockup format:
"really format drive c? all data will be lost! (y/n)"
user types "n"
"warning: are you really sure you want to delete all data on drive c:? (y/n)"
user types "n"
"formatting drive c:"
"format 1% ..."
the look on their face ...!
When I was a kid (10 years old or so), I came across a program called LOVEDOS.
LOVEDOS gave every impression of being the normal DOS shell, except that the directories shown by "dir" clearly weren't your own, the files clearly weren't your own—And the computer was coming on to you, in various subtle and not-so-subtle ways. The only way to exit the program was to type "I love you" at c:\>
I put it in my step-dad's autoexec.bat.
The purpose of the program was to simulate the login prompt, record entered login credentials in a flat file, spit out an "incorrect login" error, and drop the user to the real login prompt transparently.
One of the difficulties was that DCL had no "clear screen" command like DOS, so we got around it by launching and immediately terminating the built-in "phone" application (which allowed you to have a split-screen chat with another luser on the system).
Though there was an extremely momentary flicker of a line across the screen (the split screen divider), nobody was ever the wiser.
Eventually our CS teacher discovered the app, searched the entire VAX for it (by name) and suspended all of the accounts he found it in!
Those were good times.
:)
If you have a web site with a search function, you will rapidly realize that most mortals are terrible typists. Many searches contain mispelled words, and users will expect these searches to magically work. This magic is often done using levenshtein distance. In this article, I'll compare two ways of finding the closest matching word in a large dictionary. I'll describe how I use it on rhymebrain.com
Here's a program to create scalograms of sound files.
A practical, memory efficient way to store and search large sets of words.
How do you measure the "sortedness" of a list? There are several ways. In the literature this measure is called the "distance to monotonicity" or the "measure of disorder" depending on who you read. Here, I propose another measure for sortedness.