Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy. This forum is not for asking programming related questions.
So here I am, sat at a windows PC in my lounge, VNC'd into my Mac upstairs, typing in XCode. Then suddenly random code started appearing the editor which I wasn't typing, so I sat and watched. They were trying to run windows commands form inside my editor (screwing my YAML code up too!).
Here's wht they managed to type before I very quickly killed VNC.
Scary. I'm in a DMZ on the Mac so I'm gonna have to get it firewalled pretty quickly. I don't run the VNC service all the time. I just turn it on for the hour or so I sit in the lounge but that's put me off running it full-stop
That's pretty scary, but if I was you I'd of had some fun. While they were typing you should've typed "Hello Stranger, I can see you're in my Mac. Stop typing now or I will burn your house down you #'][#';89^*&%%^$!". Haha.
astions wrote:I have to wonder what the point of entry was. I would assume it was the Windows PC. That is strange though.
No, the Mac is in a DMZ so it's totally exposed to the web. The PC is behind the router so for anyone to get to the PC they'd have to hack into my Mac then go to a LAN IP from there. Usually all I'm running is SSH (root disabled) and Samba (only on the LAN). It's only because I was running VNC at the time that they go on so easily. VNC isn't known for being the most secure protocol in the world. I'm curious if they had visual output or just command line because if they could see my Mac's screen I have no clue what they thought they'd acheive by typing in my text editor --- windows commands on a mac
Sure it was a person and not a time-delayed script? A lot of scripts used these days have time delays between transmissions to avoid security alerts. Especially on RD hijacks and/or terminal hijacks.
No idea. It was appearing in front of me at the same sort of speed as a human would type. I sort of wish I hadn't killed the session now because they were going to do little harm in a plain-text editor really. It could have been quite amusing to figure out the remote IP whilst they were connected and see if I could wind them up myself.
Reet, I'm off to an egg painting competition and BBQ in Manchester to have a few drinks (and ermm... paint some eggs) (Aqua Bar for anyone in the region who's wondering).
If your Mac is accessible over the web, then it was probably an automated script searching for servers with certain Windows exploits... there are tons of them running, and not much you can do about them other than kind of giggle and move on. If you run a server, you know what I'm talking about...
Though why it'd show up in XCode I dunno... that part is a bit strange.
Buddha443556 wrote:d11, did you eliminate the possibility this was an inside job? I vaguely remember your flatmate pranking you on New Years.
Happy Easter!
Forgot about that. Nah, she's a chick who's not computer savvy and she was getting changed in her room (no computer) at the time so i can rule that one out
dreamscape wrote:If your Mac is accessible over the web, then it was probably an automated script searching for servers with certain Windows exploits... there are tons of them running, and not much you can do about them other than kind of giggle and move on. If you run a server, you know what I'm talking about...
Though why it'd show up in XCode I dunno... that part is a bit strange.
Yeah. Well, when I check my server logs a get *a lot* of "POSSIBLE BREAK IN ATTEMPT" in the logs but they're almost always dictionary-bots trying passwords over SSH. I guess it probably was a bot. Just gonna firewall VNC off on my router so it can't happen again in future. I never use VNC from the web to get to my Mac, I just use it within my house.