[Story] "Hacking" my poorly configured dial-up ISP to play MUDs for free
[Story] "Hacking" my poorly configured dial-up ISP to play MUDs for free
There's a MUD I used to be into back in the day (it's actually still online, and my characters still exist!), and I got several of my friends into it. Unfortunately, most of us didn't have internet at home and could only play it in the school lab.
This was a fairly rural area, and it was the mid 90s. CompuServe and AOL existed, but local access numbers did not - long distance was still quite expensive, and internet time was strictly monitored and enforced even if you were using your infinite free hours on your 12th AOL screen name.
In about '97, a local ISP set up a dial-up point of presence in our town, so the long distance problems were solved. Whoo! However, some of my friends had parents who weren't on board with this whole "internet fad" and so remained offline.
Little shit that I was, I figured out that if you used a terminal client to dial the ISP's number instead of the dial-up networking client, you'd land in a shell; that typically wasn't supposed to happen. Hmmm.....
Normally that console shouldn't even be accessible via the customer dial-up number, but it gets better. You didn't have to authenticate to access that shell, either; just dial the number, wait about 5 seconds after the handshake completes (it's expecting you to start a PPP session at that point), and bam, you land in a shell. From that shell, you could telnet to anywhere on the internet, including the MUD server.
I'm not exactly sure what piece of telecom equipment acted as our game server for so many years, but I want to say it was the router connected to the modem bank. Whatever it was, it was misconfigured in a very advantageous way.
Once I figured that out, the six friends I'd gotten into that MUD were all set as well as a few more people they brought in. HyperTerminal was no zMUD for sure, but it was better than not playing at all.
Looking back, I kinda feel like an ass now. That modem bank was fed by two T1s, one for the modems, and one for the data backhaul, and could support up to 24 simultaneous connections.
It was very common to get the "all circuits are busy now" error message on most days. Making things worse, almost half of the total capacity was us playing MUDs without even being subscribers to the ISP (well, I was, but still).
That worked up until about 2002 when that small ISP was bought out by the local telco who apparently had their equipment configured correctly.
Love this!
I also have a MUD story... back in 1993 I lived in Brazil, and there were no commercial ISPs, so you couldn't have internet even if you wanted to pay for it. Only universities were connected to the internet.
A friend of mine was in college studying computer science, and he had a "special number" that he could dial to get access from home. The number was unlike any other I've seen before. He shared the login ("students") and password ("students93") with me, and told me I could use it sparingly.
I was 15 at the time, and I started playing a MUD. The first day I played for 30 minutes. The second day, for a couple hours. Soon I was spending 8 hours a day playing MUD, and I started dreading the phone bill. Long distance calls where super expensive back then in Brazil, and even a landline would cost as much as a car!
After a month, no bill came. I waited another couple weeks, and I finally decided to call the phone company and ask how much it would cost to call the "special number".
"Sir, this number doesn't exist", was the answer.
Well, it worked for me! I kept using it, playing that MUD for 8-12 hours every day. Eventually, when 1994 arrived, my password stopped working. I tried "students94" and I was in. I only had telnet and ftp access, but that was enough to play MUDs and discover a whole new world.
Eventually in 1995 the password stop working again, and trying "students95" didn't work. I started using BBSs, and eventually ran my own for a few months. In 1996 I went to college, and the first commercial ISP opened in the city where I was. I was one of their first clients.
“Sir, this number doesn’t exist”, was the answer.
That's fantastic. Like a...happy ghost story.
@beto Universities were so important enabling things back then. I used to have accounts in several labs for nearby universities (UFSC, UFPR, etc.) - all hacked, and so did many others. We'd leave our files hidden away in the filesystem, create accounts with plausible-looking names, etc.
I always wondered if the sysadmins knew anything about what we were doing. A decade later I met an ex-lab admin and asked that. He said "know about it? We even added your secret directories to our tape backup."
know about it? We even added your secret directories to our tape backup.
That's the hacker ethos right there! Love it! ❤️
Awesome story!! :D
I suspect someone hacked something at the local telecom company to make this work the way it did.
I love this story. Also, TIL Avatar is still around. We had a build (or something really similar) running on one of our college servers and it got hacked into the ground / used as a staging area to hack other things.
Yep, sure is. I logged in and did a few runs for old time's sake last year. It was only by muscle memory that I could remember any of the aliases and macros I set up forever ago. Lol.
The admins are apparently still maintaining and adding new content, which is awesome. I'm so lost diving back in after literal decades that I may just have to start a brand new character. When I joined some runs last year, i got a lot of weird "looks" because my equipment was completely antiquated.
I have a similar story. Back in the 90's I'd go to the library and one of the terminals available auto dialed and logged into gopher (being that this was MN and gopher was home grown). One of the menu options eventually ended me up at another college that had muds in its telnet link sections. But you couldn't really sit and monopolize a terminal at the library. I did see though the phone number written on the modem. So I dialed it from home with my 2400 baud modem. It would just land me at a > prompt. No regular commands worked. But I had remembered that the gopher server was consultant.micro.umn.edu . So I typed that in at the prompt and voila I was connected. The curses client for gopher loaded up the mother gopher site. I found my way to that college with the mud list and played quite a bit. Later I discovered by accident I could just ^C out of the curses client and be dropped to a limited privilege command shell. but it had telnet. So I could just go straight to the muds.
Later I learned from the U of MN gopher site that I could get an alumni account for a few bucks a month. Well, they offered alumni accounts anyway. I hadn't actually attended. I printed out the paper form and mailed it in, just checking the box that said I was an alumni. apparently they didn't check if I actually was, because from then on I had an alumni account. Which didn't really give me anything new except an email address. And I could "officially" dial in like I had been. but I felt like I should at least be paying something.
That's awesome. Now I'm wondering how many people I MUDded with back in the day were also connecting through equally backdoor methods. lol. The answer is probably "a lot".
I also had a 2400 baud modem in my very first laptop (an old 486, 25 MHz, "if you can fix it, you can keep it" model), and would typically MUD through the method I described in my post. It was faster than connecting "officially" since it didn't have to deal with the overhead of TCP/IP and the PPP encapsulation which was very noticeable on that anemic modem. Ah, good times in simpler days.
I always wanted to "war dial" back in the day, but living out in the sticks, it wasn't really feasible since long-distance charges were crazy expensive. Probably for the best, though.
Awesome support mate, thanks for sharing!
Great story, thanks for sharing! 😊
takes notes please don't do this to 2600.network - and if you do, tell me please.
Awesome story, thanks for sharing. Takes me back to the day.
This is epic! Thanks for sharing!
wow that takes me back!
back in the early to mid 90s, I was also into MUDs - (this one mostly, realmsofdespair.com, but some others that used the same codebase). I was really into computers and then the town got access to the Internet in 1993 - the school got it in 1994. in 1995, one of my friends (who I had introduced to MUDs) landed a TA spot at the school's library, more as a "helper" when it came to computers so the actual librarian wouldnt have to learn anything - she was cool but reeeeeally old, and not a luddite but the closest thing to it (she had a giant hardon for the dewey decimal system).
so - and my memory is really hazy since this was close to 30 years ago - there was this browser that had DUN (dial up networking) built into it - maybe mosiac or a really early version of netscape. I forget. I had figured out that it didnt hash the password, so I passed a copy of it off to my friend and he put it on all of the library's computers, then got the librarian to "set up" the library's various accounts on those computers.
lol. back in those days, access to the internet was metered per hour - I want to say we'd get 40 or 50 "free" hours every month with the basic package - enough for my parents to check their email or download clipart so my sister could print up banners on the printer, but for hardcore gamers the basic internet package was like offering a canteen of water to someone lost in the desert. woefully, even criminally insufficient. heh, criminally...
but the school had an education package so it was unlimited!! my group of friends ended up racking up, easily, hundreds of hours of internet access each month on the school's dime, and we did that for a few years. free internet - basically unheard of, at the time. the passwords would occasionally get changed but the librarian never wanted to learn computing so nothing ever got "fixed". eventually she retired and they hired someone who at least knew enough to institute a modicum of security. by then I already had a dedicated phone line for my computer and an unlimited access account.
ah, fun times.