Welcome to the MacNN Forums.

brapper · Apr 12, 2006, 01:10 AM

Alright, so I had Remote Desktop running the other day without a password because I couldn't get it to authenticate from the other end. Then my icons in the toolbar disappeared the same day after a restart, and without the Remote Desktop icon up there to remind me it was running, I left it on until just now.

I was talking to a girl on MSN when my mouse started acting on its own, and then when I clicked back on the message window, someone started typing "suk my dick" to the girl I was talking to and hit return...
(I know, charming.)

So ya, three things. One, anyone know how (if) I can trace them? Two, I know I'm retarded for having left an open door to my computer, but do you have any idea how they could have found it? And three, any ideas why Remote Desktop won't accept my password when sent from RealVNC?

Oh, and the girl just laughed and wrote, "well that was unexpected..." so no real harm done.

goMac · Apr 12, 2006, 01:14 AM

It's possible Remote Desktop's VNC implementation is bugged.

If you live in a dorm or have a roommate, check with them. This was a prank I usually pulled on my roommate. I'd sneak VNC on this machine, leave to the next room with my PB on WiFi, and wait for him to log onto World of Warcraft. My roommate could never figure out why his rogue would just sit down mid battle.

jamil5454 · Apr 12, 2006, 01:15 AM

Originally Posted by brapper

Oh, and the girl just laughed and wrote, "well that was unexpected..." so no real harm done.

There's a hint... take advantage of it.

brapper · Apr 12, 2006, 01:22 AM

Originally Posted by goMac

It's possible Remote Desktop's VNC implementation is bugged.

If you live in a dorm or have a roommate, check with them. This was a prank I usually pulled on my roommate. I'd sneak VNC on this machine, leave to the next room with my PB on WiFi, and wait for him to log onto World of Warcraft. My roommate could never figure out why his rogue would just sit down mid battle.

No one else was home actually, and the first thing I did was check my wireless log to see if anyone else was connected to my router. Nope.

Originally Posted by jamil5454

There's a hint... take advantage of it.

hahaha all I can say is:

goMac · Apr 12, 2006, 01:36 AM

Originally Posted by brapper

No one else was home actually, and the first thing I did was check my wireless log to see if anyone else was connected to my router. Nope.

Right, but someone could access your machine remotely over the net... Someone could locally plant a program and connect remotely over the net (which had to have been done anyway if no one was on your network). Your VNC password being changed is another sign. It sounds like someone was physically at your machine and reconfigured your VNC.

Do you live in a dorm? Do you have roommates? If anything I bet you weren't remotely hacked and it was in an inside job. Someone typing "suk my dick" to a girl doesn't sound like malicious hacker, that sounds like roommate. Also, VNC isn't usually a common attack vector for hackers.

brapper · Apr 12, 2006, 01:50 AM

Ya, sorry I realize I left that a bit ambiguous.
I don't live in a dorm and neither of my housemates has any idea what VNC is - they're pretty computer illiterate.
And about a password change, I actually didn't have a password in place (hence me calling myself an idiot.)
Moreover, I set a password on my computer whenever I'm not around it with no evidence that anyone's tried to crack it yet. It's rarely out of my site if it isn't locked in my room.
So I'm left to conclude that someone was able to (and I'm guessing here) scan some IPs and determine my comp had an open VNC door.

PacHead · Apr 12, 2006, 02:31 AM

You should be glad that somebody hacked your machine and interrupted your boring asexual conversation with that girl, 'cause that's when it got interesting. Are you a monk or something ? She was probably disappointed when you told her that somebody else was responsible for writing that message. Send a JPG next time.

Nebagakid · Apr 12, 2006, 02:34 AM

dude, this seems to be less about getting hacked and more about getting sacked

GENTLY BONE this lady
and thank who ever hacked you to help you with your love life

brapper · Apr 12, 2006, 02:43 AM

haha I love the assumption that this guy did me a favour...

The reason "suk my dick" is unexpected to her is because she's used to a bit of charm out of me.

This guy takes care of business, rest assured.

Anyway, WTF HOWD THIS HAPPEN?? (back to my three questions...)

Andy8 · Apr 12, 2006, 03:30 AM

No one else was home actually, and the first thing I did was check my wireless log to see if anyone else was connected to my router. Nope.

How do you check your wireless log? - I want to see if anyone is using mine

Demonhood · Apr 12, 2006, 03:47 AM

all they had to do, if they were on your subnet, is run the Remote Desktop admin app. then they can search the entire subnet and see what responds. boom, up pops yours. hey, they can login without a password. then they take it from there.

Spliff · Apr 12, 2006, 04:35 AM

*Nevermind* [post deleted]

24klogos · Apr 12, 2006, 09:01 AM

Originally Posted by Nebagakid

dude, this seems to be less about getting hacked and more about getting sacked

GENTLY BONE this lady
and thank who ever hacked you to help you with your love life

I agree, would you mind if she hacks my ports too?

ghporter · Apr 12, 2006, 09:09 AM

What Demonhood said. Plus, whatever you have between your computer and your broadband connection needs attention. It's quite possible to get through most gateway routers (wired or wireless) if the user hasn't changed the admin username/password. And "all in one" modem/router/wireless boxes are no exception. if the bad guy can get into your LAN from the outside, he can do ANYTHING that any other computer on your LAN could do, including very destructive things that don't bear discussion here.

I'd IMMEDIATELY reconfigure that box with a new, completely different username and password, change its device name and SSID/wireless network name, and close any ports you have opened unless you're actively using them.

And hope the young lady you were chatting with understands your goof with Remote Desktop. Let her laugh at yoru oops, and make it an "endearing little incident" in your relationship. It never hurts to look a little falible; ladies like to take care of guys that aren't quite perfect.

production_coordinator · Apr 12, 2006, 09:24 AM

It isn't tricky at all to scan a LARGE network looking for passwords. In my hacker youth, I would scan for port 548 (afp) to see what other Mac users were out there. I would find a number with no password... it was rather funny.

I could turn it on and come back a few days later with hundreds of potential people. The same goes for ARD. They simply target a specific port and keep trying them until someone doesn't have a password.

rickey939 · Apr 12, 2006, 10:04 AM

Sorry about that, I won't do it again brapper.

jamil5454 · Apr 12, 2006, 10:18 AM

I had a nightmare last night that some hacker broke into my PC and installed the new Yahoo Messenger. I was trying to remove it, but new files kept popping up all over the desktop.

True Story™

B Gallagher · Apr 12, 2006, 10:52 AM

Originally Posted by jamil5454

There's a hint... take advantage of it.

Please man, for the love of god, do!!

brapper · Apr 12, 2006, 01:18 PM

Originally Posted by rickey939

Sorry about that, I won't do it again brapper.

RIICCCCKKKKEEEEEEEEEEEEEEY!!!!!!!

brapper · Apr 12, 2006, 01:28 PM

Thanks to ghporter and Demonyhood for the tips.
I'm all locked down over here now (knock on wood)

And to the rest of you, like I already said, THIS GUY takes care of business with the ladies. I'm a good guy like that.

Nebagakid · Apr 12, 2006, 04:30 PM

you're making THIS GUY seem like a pimp

brapper · Apr 12, 2006, 06:18 PM

actually, I believe that it's the crowd of beautiful ladies surrounding him that make This Guy appear to be pimping.

brassplayersrock² · Apr 12, 2006, 09:35 PM

takin care of the ladies online doesnt count. you DO know that right?

ironknee · Apr 12, 2006, 10:32 PM

Originally Posted by brapper

haha I love the assumption that this guy did me a favour...

The reason "suk my dick" is unexpected to her is because she's used to a bit of charm out of me.

This guy takes care of business, rest assured.

you mean she expected, "Please my dear, may i ask that you give me an oral exam of love."?

jk

historylme · Apr 13, 2006, 03:14 AM

Originally Posted by Andy8

How do you check your wireless log? - I want to see if anyone is using mine

Anyone with a quick answer?

Andy8 · Apr 13, 2006, 03:16 AM

Originally Posted by history1me

Anyone with a quick answer?

Ditto

Todd Madson · Apr 13, 2006, 11:03 AM

This is the best thread I've read all week: some guy portscans his machine, sees
that it's wide open, hacks in, sees he's chatting with a young lady and types what
he thinks is some kind of offensive remark.

Next thing you know our friend has this young lady "all upons" and happily ever
after occurs. The best!

brapper · Apr 13, 2006, 12:49 PM

Originally Posted by Andy8

How do you check your wireless log? - I want to see if anyone is using mine

Just log into your router (type 192.168.1.1 into your browser of choice) and there should be log tab. Check the outgoing log and take note of the IP addresses being used.

I've only ever used Linksys routers, but I imagine it's similar for most.

robfarri · Apr 13, 2006, 03:27 PM

Originally Posted by PacHead

You should be glad that somebody hacked your machine and interrupted your boring asexual conversation with that girl, 'cause that's when it got interesting. Are you a monk or something ? She was probably disappointed when you told her that somebody else was responsible for writing that message. Send a JPG next time.

lol