So Year Twelve in highschool was the year I picked up Linux, and of course, started getting into some
cyber security stuff. So naturally with a nice big network at my fingertips I played around with a few tools.
(Note, in case of legal troubles. I'm lying about everything I'm saying here.)
The biggest tool I used was Responder, basically sending poisoned requests to everyone on the internet,
which could allow me to get hashed passwords and usernames. (Actually used it against a couple friends.)
Technically illegal, but not a big deal, and I dont think I was ever caught.
Otherwise tools such as wireshark, arp spoofing, I had quite a bit of fun with those.
I used the respodner tool quite a bit, it allowed me to see the names of computers connected to the wifi, along with thier private IP adresses. Which then allowed me to do more if I wished, but I was never very experienced enough to really do anything more. I once had access to a friends laptop, so I simply used the responder tool on them, and within seconds had the hash to thier laptop password. (Also being thier school password) Brute forced it since the school passwords have specific combinations. (And I was able to find out a couple of digits) and succesfully got the password. That was really the only time it ever worked however, but it was still fun.
I was never very succesful with arp spoofing, and getting it to do what I wanted to. For a while I was just trying
to get it to redirect people to websites, but never got it to work.
At one point however, I did somehow manage to apr spoof the entire network at once, rather than just specific subjects.
I learned from a random classmate who was aware of my 'hacky' nature. That his computer anti-virus had actually picked up on
it. So that was a little funny, and a little worrying.
I'm actually not sure. I never did very much, and honestly wasn't very good with always using Vpns, or proxy chains, but trouble
never came from it. Except for the one time where I recieved an incredibly mysterius email from the school's tech guy.
The email had no content, the title was simply 'We Know.'
That was very concerning, but I didn't actually notice the
email until a couple months after he sent it. It was ominous, but funny. Nothing ever happened.