【Funny story】An attack launched by a network cable

Not long after I entered college, I encountered a headache.

The second generation of rich people brought their laptops with them when they first arrived, which made us, the losers who could only play with our phones, envious and jealous. But the terrible thing was that there was a power outage at night, but the Internet was not disconnected, so the laptops could still be used after turning off the lights.

Unfortunately, there is one in our dormitory. He often turns off the lights and uses up all the batteries. He plays games and music at the same time, which is very annoying. Although he has changed after persuasion, he will return to his old ways after a few days.

In order to change this situation urgently, but not wanting to argue with the new classmates, I decided to use a technical solution.

But at that time, the only thing he had was a Nokia slider phone. Without equipment, everything was just talk. The only feasible way was to secretly set up a scheduled task on his computer to automatically shut down at night. But if that was discovered, it would be even worse, and there was no technical content at all.

I have no choice but to turn my attention away from the computer and onto the Internet. If I can't get online, even if I can use the computer, I won't stay up late playing stand-alone games.

Since his network cable socket was working when he first arrived, I guess there must be a signal here. The previous class must have opened it, so it wouldn't be blocked after they left. One day when there was no one in the dormitory, I dragged the network cable of the laptop to my side and tried it. Sure enough, there was a signal! I immediately became excited and felt hopeful!

Maybe you will say, it is impossible to connect the Internet cable to the Nokia and then use some spoof software ~ Of course it is impossible, the mobile phones at that time were not so advanced.

In fact, we don't need any software! Or even any hardware! -- except an Ethernet cable.

To talk about how to use network cables, we can start from the day when we installed the set-top box a year ago.

There was a time when digital TV became popular in many cities. We were no exception, giving away set-top boxes door to door and installing them for free. Wasu TV is originally a company with Netcom, so digital TV of course shares Netcom's broadband.

Since I had already activated Netcom before, and I needed to connect the set-top box to the Internet this time, I thought I would at least get a switch. However, when the installer came in, he didn't take out a switch or even a hub, but instead cut the network cable with a pair of scissors!

I was shocked at the time. What on earth was going on? Although I had some knowledge of network link protocols and had written some free Internet access programs using WinPCap, I knew nothing about the physical layer. The technician said calmly that only four network cables were enough, and the rest were just spare. So I removed four cables from the previous ones for the set-top box.

​​

This was beyond my expectation. I was able to connect the set-top box without using any equipment! So, I started to have wild ideas again. . .

Are these two branches two independent users from the switch's point of view? If they are connected together, will the effect be the same as plugging one line into two ports? Can it short-circuit the LAN in the same way?

I tested it with excitement, and it really worked! It really brought down the network of the entire community!

​​

After the recovery, I couldn't dial the number for a long time. I found many neighbors were also dialing the number through the sniffer. Apparently, the two 4-wire cables just connected also forwarded the external STP packets, resulting in the community network being isolated from the outside.

This day, I changed my previous view. It turns out that a VLAN storm can occur with just one network cable!

Why does a storm occur when a network cable is plugged into two ports of a switch? Because the switch will forward packets sent to the broadcast address to all interfaces. If there is a loop between two interfaces, once a broadcast packet appears, it will be sent to each other in a loop, exhausting the bandwidth of the entire device. Don't underestimate the switch, it is designed for packet transmission. The storm can fill up each interface and consume the backplane bandwidth. The STP protocol is designed to solve this problem and perform loop detection.

Although I learned this new skill, the knowledge at the physical level was basically useless and I forgot about it - until I came to university and found a signal under my seat in the dormitory.

According to my recollection, we played LAN games among the dormitories. Obviously, this was not an independent network segment, so I was even more confident!

I immediately found a network cable, cut off one crystal head, scraped off the outer skin, and then glued the corresponding four strands together in pairs. Sure enough, the nearby dormitory began to hear - no, there was silence for a few seconds, and then screams and roars came one after another. "It's stuck!", "Who lost it?", "What's going on?", "Damn, the network is down~~~". . .

I ran out to the corridor and saw that the whole building was in turmoil! It turned out that this dormitory building didn't have any VLANs, and all the hundreds of dormitories were connected together!!!

At this time, I was both excited and worried. I was excited because I could capture thousands of people's traffic with a computer. I was worried because I only wanted to prank my own dormitory and didn't want to involve everyone.

But no matter what, the action continues.

At this point, the technology is fine, and the only thing left is implementation. How can we do it calmly and covertly?

In order to avoid exposing the absurdity of having an Ethernet cable plugged in without a computer, I tried to run the cable along the covered cabinets, from behind the wardrobe to the bed. The remaining horizontal part was buried in the gap beside the bed and covered with a mat.

If you don't look closely at the whole layout, you can't find it at all~

​​

After lights were turned off that night, the night owls started to get excited again, and I couldn't wait to start experimenting. Like several other classmates, I pretended to play with my phone, but actually started to connect to the phone quietly, feeling like an underground intelligence agent.

​​

When the last wave was connected, the smooth game sound immediately became stuck. After all, the whole building is in this LAN, and the number of broadcast packets is quite large.

I can only hear the background music of the game, but no sound effects!

Thinking about the 100 Mbps traffic passing through the network cable in my hand, it seemed as if I could see dense ARP and NetBIOS flashing in the darkness - and the pitifully few game data packets that were squeezed out.

​​

The commotion in the afternoon broke out again. Although it was much less after the lights were turned off, it was obviously more distinct in the night environment.

Most of those who were disconnected were unwilling to accept this and wanted to continue playing. This time, I didn't plan to be so violent. If the loop detection was triggered, the whole building might be blocked.

So, I changed it to connecting for a few seconds, then disconnecting. Connecting again, then disconnecting. The game could run, but it kept getting stuck. Soon, I heard a series of warm shut-down sounds, and everyone went to sleep.

The first battle was a success! I finally had a good sleep.

Improved v1

In the first few days, the effect was very ideal and everyone went to bed early.

But they soon found that the network would be restored after a while. The reason was simple: the brother had released the line before falling asleep, so they started to go crazy again.

It is much more difficult to reconnect the network cable when you are half asleep, and often irrelevant parts get tangled together, which results in no effect.

Therefore, an improvement in user experience is needed.

In fact, three of the strands are pre-glued, and you only need to control one strand. It is better to hide the three strands in advance and leave only one strand by your side, so that you will not make a mistake in connecting them.

I changed the network cable and made it again. This time, I taped three of the strands together and hid them behind the closet, leaving only one strand hanging up. The line was also much thinner.

​​

This is just like a circuit breaker. There are only two wires in total, just touch or separate them.

Even in your sleep, you can easily disconnect from the Internet with just a few taps!

Improved v2

However, with such simple equipment, there will always be operating errors.

In the middle of the night on a weekend, after being woken up by the all-night noise, I plugged in the internet cable and went back to sleep. I didn’t expect that I was too sleepy this time and fell asleep directly. It was not until after 10 o’clock in the morning that I was awakened by a rapid knock on the door.

I thought it was my classmate next door who was harassing me, but it kept going on, so I had no choice but to get up and open the door. After I opened it, I found a middle-aged man with a tool bag on his back. At this time, I suddenly realized that I forgot to disconnect the network cable!!! It was disconnected for the whole night, and they came to check!

It was too late to clean up, and I thought I was finally going to be exposed. But the master took a quick look and found that our table was clean and empty. There was only a laptop open, and it was not turned off. So he went up and unplugged the network cable, and then left.

Luckily escaped this disaster, and improvements are urgently needed.

It would be ideal if it could be turned on before going to bed and automatically turned off after falling asleep. No more having to use your mind to turn it off in your dreams.

So I decided to make a flexible switch that would turn on when pressed and turn off when released. This way, it would automatically turn off when the body relaxes after falling asleep.

​​

After some improvements, the switch was made extremely concealed: the two wires were stuffed into a sock with cotton or other elastic materials stuffed inside. Normally, the lines are separated, but if you press down lightly, they will overlap, and they will return to normal after releasing them.

But the socks felt weird in my hands, so I hid them behind my feet. From then on, whenever there was noise at night, I would just tiptoe a little and the atmosphere around me would immediately become extra quiet.

So far, I have spent two dollars to build a device that can control the network status of thousands of people with my toes. It is such a great sense of accomplishment :)

​​

Soon, everyone seemed to have discovered a pattern: the Internet would be blocked if the sound was too loud, but they could not find the cause. So everyone became quiet and went online.

Of course, the device was only put into use for half a year. In the second semester, everyone installed a computer and happily stayed up all night surfing the Internet.