Ogenstad.net

Hours later when n3m0 left the server room, he felt like a plague bearer. Almost everything in the server room had been infested; the sysadmins would still believe they were in control. They needed to be secure in that belief for the time being. n3m0 didn’t want anything to happen while he still worked there. After leaving his employment, n3m0 would be glad to enlighten the network guys and show they who was in control.

He had copied several gigabytes of corporate information, along with the customer database, to Peter’s desktop. Now all he had to do was to transfer it to his external USB drive. It was far too late, or early, to go home. Even if he had the time he would have to use his access card to leave the building and that kind of log entry was unacceptable. Fortunately n3m0 had brought extra clothes in his rucksack, so he changed into “tomorrow’s” clothes. Can’t do much about the smell though, n3m0 thought as he unplugged the USB drive and shut down the computer. Again he headed for the storage room and settled in to sleep.

An hour and forty minutes later he woke up as he heard people talking outside the room. He gathered his things, when the conversation died out he headed for a toilet. His mirror reflection told him he had made a good call going there first, his hair was pointing everywhere. I could star in a zombie movie!

He tried to fix his hair as best he could and headed for his workstation. n3m0 spent the day trying not to fall asleep, he would hand Jennifer his resignation tomorrow. Not having a clue what Exibice offered in terms of employee exit policy he didn’t want to risk being escorted out by security guards, at least not when he had the USB drive in his rucksack.

The second reason he wanted to stay was that he wanted to see if anyone had noticed his nocturnal activities. During lunch n3m0 saw several of the network staff who were smiling and chatting away. They don’t have a clue.

n3m0 crashed in his bed when he came home and slept until morning. He woke up starving, he didn’t have any kind of food at home. As he was going to quit his job today he didn’t feel a pressing need to show up in time. He stopped by McDonalds on the way.

“Good luck in the future, clear your desk and leave.” n3m0 hadn’t expected tears from Jenifer, but perhaps more than ten words.

[tags]security, security fiction, fiction, insider threat, disgruntled employee, physical security[/tags]

n3m0 inserted the power cord again and started the machine. He placed his CD in the tray and made sure the server booted from it. The boot process seemed to take forever. He jumped when a tape robot came alive behind him and started rotating tapes.

“Damn”, n3m0 screamed. If he was lucky, and the sysadmins sloppy, they might not notice that the server had “crashed” during the night, but if the backup failed someone would check it out. I have to get the server back up again.

Finally the system was done loading, he configured the network, opened up a command prompt and typed:

c:
cd temp
md temp
cd temp
copy c:\windows\system32\cmd.exe

He opened the Opera browser and downloaded srvany.exe which he placed in the C:\temp directory. n3m0 grabbed another tool and double clicked on the application, RegistryEditorPe. When the registry loaded, he browsed to the HKLM\_REMOTE_SYSTEM\ControlSet001\Services key. He added a new key and called it revenge. Under his revenge service he filled in Type, Start, ErrorControl, ObjectName, ImagePath. This will be perfect, n3m0 was humming to himself as he added a new key; Parameters.

Under it he created two entries Application with the value ‘C:\temp\cmd.exe’ and AppParameters with the value ‘/k dsadd user “cn=root,cn=users,dc=exibice,dc=com” -samid root -pwd Password13 -memberof “cn=Domain Admins,cn=users,dc=exibice,dc=com”‘

n3m0 closed the registry editor and clicked start, shutdown options, reboot (eject CDs). Again the boot process took an eternity. He wished he had a blue pill to feed the server. When Windows was done booting, n3m0 issued the three finger salute, and entered root and password Password13. The instant he hit enter he was presented with a message box.

Logon Message
The system could not log you on. Make sure your User name and domain are correct, then type your password again. Letters in passwords must be typed using the correct case.

n3m0 just stared at the message box, this is not happening. He knew he had typed it in right, but tried again anyway. The same message was returned.

Something inside n3m0 clicked and he started swearing and shouting at the server. After a few minutes he calmed down, he was sitting on the switch again talking to the server.

“You know, I wish someone would develop artificial intelligence. That way you’d understand how much I hate you.”

In his imagination the server answered him. “I might be slow, but you’re not the sharpest tool in the box either.”

Slow, of course, n3m0 pulled the power cord and booted from the CD again. He added a parameter to his revenge service; DependOnService with the value; dns netlogon.

After another long reboot n3m0 logged as root, the newly created domain administrator on the Exibice network.

0wned!

[tags]security, stories, fiction, insider threat, disgruntled employee, physical security[/tags]

The humming servers seemed to sing to n3m0. He walked around the server room watching all the different LEDs. This is what my apartment should look like, n3m0 smiled as he grabbed the CD from his backpack. He was whistling as he began to spin the disc on his index finger, the label read ubcd4win.

On the previous occasion he had had a quick peek inside the server room, this time he walked around and really absorbed his surroundings. He found himself yawning and feeling a bit cold, he only had his t-shirt and the cooling system was a bit too effective for his liking.

n3m0 saw a lot of equipment that he wanted for himself. Thoughts of his own economy were returning to him, if he didn’t take the “job” at Beateval he would be broke. I’m already broke. n3m0 took a seat on a disconnected switch.

I’m not working for Jennifer, he just sat on the switch and stared at one of the racks. n3m0 missed the adrenaline rush he usually felt when breaking into systems. He started seeing images of his land lord kicking him out and he was still pissed at orion’s inability to get him some sort of job. The taste of the coffee felt sour in his mouth.

The spinning sound of a bad fan woke n3m0 up an hour later, he had fallen asleep sitting on the switch. With a severe pain in his neck, he turned his head to see that his pillow had been a server. It had a sticker which read “Exibice Forest Root 2 – EXDC02”.

He inhaled sharply and felt his heart beating faster. Just watching the sticker made him feel the same way he had when Jennifer made eye contact with him that first time. He laid his hand on the server.

“We are going to have a good time.”

While dreaming, n3m0 had seen himself as a powerful man with thousands obeying his will; his worries about his financial situation had vanished.

He felt a moment of panic when he realized the CD had disappeared; n3m0 wiped of some drool on his sleeve and stood up. He saw the CD under the switch, picked it up and carefully wiped away the dust.

He felt the rush coming and sweeping him up, he wondered if Thomas would get any blame for what he was about to do. n3m0 found the thought very amusing. Thomas’ idea of living wild went as far as solving sudoku with a non erasable pen.

“Don’t worry dear, this won’t hurt a bit,” he told the server as he pulled out the power cord.

[tags]security, stories, fiction, insider threat, disgruntled employee, physical security[/tags]