Misstep 26: The Keylogger that Couldn’t

Windows 98 Login Screen

Today, I take you back 20 years to the year 2000 — I’m in highschool now, taking a Visual Basic programming course. By this point, I had already been building applications (such as key loggers, spamming tools, and music players). The keyloggers were to capture keystrokes and trigger “hacks” or “mods” in games, not to be nefarious.

Anyways, Back then we were using Windows 98 on the school domain, we had a share directory where our personal data was stored. Since I was in a programming course, I could have my own EXEs in there. So I made a few fun programs:

  • A calculator program that also accepted commands in the text box, so you could trigger “sol.exe”, for example.
  • A small chat app that used a common shared folder with text files to persist data instead of opening and closing ports.
  • A fake login screen to capture credentials from teachers to breach their accounts and change my grades.

Wait — what?

Actually, the last one was a complete miscommunication. See, back in 2000, computers were slow (I remember watching 3D Maze screensaver running in the computer lab in 8th grade and being amazed at how well it ran compared to what I was used to).

I hated getting to class, logging in, and then sitting there while I still had a passing period to go get water or socialize. So, I screenshotted the login page for Windows 98, that way I could log in, wait a few moments, then pull up my fake login screen and dip out of the class. Other students then would not mess with my account.

One day, I get called to the “Technology Center”… That’s what they called it back then, it was buried in the library. They started asking me about the files I had in my student folder. I figured they had found my calculator app that let me start Solitaire… Or maybe they seen that I figured out that Internet Explorer 4 could be changed to Windows explorer by browsing to this URL:

 about:<a href="c:/">Hello</a>

Instead, it was about my fake login screen… They said it was developed clearly to steal credentials from teachers and students.

Thankfully, I didn’t make it accept keystrokes. I demoed it to the “Technology Center” folks that you couldn’t even click in the text boxes, and that clicking the top, right hand corner of the screen allowed you to close the form and use the computer like usual. I explained my desire to lock out after I logged in.

They made me delete the executable, and let me go back to class unscathed. Pretty nerve-wrecking for sure, but props to those folks in the high school tech center for knowing about this!

About Author

Robert Lerner

Leave a Reply

Your email address will not be published. Required fields are marked *