These were the days when nothing had SSL, so you could just intercept and rewrite traffic!
My only requirement was: do no actual damage
It was implemented as a Debian live CD that you could drop into any school computer. It would boot up, then Ettercap would MITM the whole network by spoofing the router. It routed all HTTP traffic via Squid and a custom ICAP server that did the actual rewriting. If you removed the live CDs, the network just went back to normal within a couple of minutes.
Routing the whole school's network through one old Pentium machine wouldn't work though, so I figured out a way of doing distributed load balancing: it would do the ARP spoofing slowly and randomly. So, as you added more machines, it would just magically balance between them.
It worked great for about an hour then whole network mysteriously stopped working for the rest of the day. I left all the live CDs in the computers as a calling card.
Sorry, school network admins.
I'm not sure I quite understand the details, though. I assume there was only one gateway for the segment, so were the spoofed ARP replies unicast instead of broadcast? Otherwise, wouldn't all clients just switch to whatever machine announced their spoof for the gateway IP last?
There were several subnets at the school, each with its own gateway. I remember having to set up live CDs in several computer labs to cover each of the subnets.
When I was in high school I was a huge Linux fan and had a side job as a network administrator for small companies in my town. I don't know if I would have gotten the "random ARP load balancing" idea, but overall it seems well within the knowledge admins of the days had about TCP/IP.
When I was between 15 and 17 or so, I wrote small HTTP, DNS servers etc. in C++ for fun (straightforward implementations and not better in any way, so in the end just learning exercises), and I definitely had friends who did similar things.
Something has to be "the leader" and you need a system for choosing a new one once the old one is offline for a certain amount of time.
Add in a sprinkling of how to figure out if you have more than one leader active at a time.
A couple friends and I pulled off some stunts of comparable non-digital complexity. (This was the 80s, schools didn't have networks.) They were more of the logistics and misdirection sort; for instance, having your own version of the printed graduation programs delivered, instead of the boring, official one.
Even the ARP balancing thing is the kind of too-clever-by-a-half solution a naive youngin' would come up with since it would lead all the nodes thinking each other are the gateway and crushing the network with routing loops.
For example, I use AutoHotkey to implement my JKLmouse program, which turns certain keyboard events into mouse movement for precise control. It's similar to the MouseKeys that comes with Windows, but made for laptop keyboards without numeric keypads.
And yes, you could definitely do that Minesweeper hack in AutoHotkey! :-)
https://github.com/geary/jklmouse/tree/master/AutoHotkey/Sou...
One thing to note is that I wrote this to use on my ThinkPads, which have physical mouse buttons. On a laptop where the touchpad itself is the mouse button, it may be difficult to avoid nudging the mouse position when you click.
I've been thinking about adding support for using other keys as "mouse buttons", but haven't done anything about it yet.
https://superuser.com/questions/1467313/mouse-pointer-moving...
This is just pure evil.
