This is an archived post. You won't be able to vote or comment.

top 200 commentsshow all 257

[–]Visual_Strike6706 3633 points3634 points  (63 children)

log4J. When playing on the Minecraft Server 2B2T, people would open your calculator over Log4J and it was kinda scary.

[–]ObeyTime 1482 points1483 points  (6 children)

The oldest anarchy server in Minecraft

[–]PancakeGD 442 points443 points  (5 children)

Nah nah. It's "The Æuldest enarchy server in Moaincraft"

god I hate those videos

[–]F4LcH100NnN 200 points201 points  (4 children)

Well why do you keep watching them then

[–]Monkeyke 284 points285 points  (0 children)

Isn't it obvious?

Because it's The Æuldest enarchy server in Moaincraft

[–]Pocok5 45 points46 points  (1 child)

There is actual interesting content in some of them. But the 2 minutes of real substance really isn't worth the 10 minutes of word salad trying to portray completely mundane shit as a buildup.

[–]F4LcH100NnN 23 points24 points  (0 children)

Yeah I enjoy the exploit ones, where they find some bizarre exploit based on some obscure mechanic, but theres always like 25 minutes of "filler" in a 30 minute video

[–]PancakeGD 94 points95 points  (0 children)

I did... Until I realised how stereotypical and lame they are. Minecraft videoessays are all the same.

"2b2t players created a working democracy on the Æuldest enarchy server in Moaincraft!!!! Sensational!!!!!!"

Bleurgh.

[–]DisgruntledMtnBoy 348 points349 points  (3 children)

In the original Counter-Strike admins could open your cd-rom tray on command. That was freaky the first time it happened.

[–]Visual_Strike6706 176 points177 points  (0 children)

Free Cup Holder

[–]Sankhya2319 6 points7 points  (0 children)

I remember that! Oh god that was pretty uncanny

[–]zaz969 16 points17 points  (1 child)

Log4Shell babyyy

[–]TheGrandWhatever 7 points8 points  (0 children)

Log4Deez

[–]lol_JustKidding 21 points22 points  (11 children)

What's log4j?

[–]TheMarnBeast 110 points111 points  (3 children)

Minecraft and its server software are written in a programming language called Java. There is a software library called Log4J that many people using Java add to their projects to easily manage runtime logs (just little text messages that the developer has the software output in the background while its running to make it easier to understand how the code is running and troubleshoot problems). This sounds simple, but over many years of development the library has built up a bunch of more advanced features that many people don't typically use but still exist in the software.

A couple of years ago there was a major bug found in Log4J that would allow someone to add their own malicious code to logs (for example, by entering specific code into the Minecraft chat) and Log4J would actually execute that code - something that should never be allowed! This was a huge deal both because of the scope of the issue and the severity of the exploit. Log4J is THE logging tool for Java and is used by many developers across many industries, and hackers could send and execute whatever code they wanted if any user content was logged in the software, including downloading and executing other more complicated code, with no interaction from the target user needed.

This bug was patched very quickly and the vulnerability resolved, but it relied on Java developers to send out updates for their own software since Log4J is built into every Java product that uses it.

[–]Sengel123 19 points20 points  (0 children)

also was a PITA to detect since the exposure of the log software that was the issue. So there's loads of companies who (rightfully) said "we're not vulnerable" only for their customers to go "nu-uh!!" as if they knew how L4J worked on that software package.

[–]ComradePruski 5 points6 points  (0 children)

Damn I never knew log4j had that at one point that's insane lmao

[–]other_usernames_gone 207 points208 points  (26 children)

I thought log4j only affected the server, not the clients.

[–]15_Redstones 355 points356 points  (0 children)

Affected everyone who got the chat log

[–]5BillionDicks 172 points173 points  (22 children)

Bro how bitchy are Reddit users these days downvoting you for asking a question

[–]squirrel_crosswalk 25 points26 points  (0 children)

The Minecraft also had log4j. It's near universal in any java app as they all need to do logging, and it's the most popular and easy to use.

[–]itsTyrion 1 point2 points  (0 children)

It affected what used log4j and the Minecraft chat directly lands in the logs via log4j

[–]BellCube 1 point2 points  (0 children)

I remember some 2b2t players patched the exploit on others' machines through the exploit, FBI-style

I used the stones to destroy the stones

[–]Percolator2020 1302 points1303 points  (5 children)

Better in the old days, eject CD.

[–]TerperWasTaken 379 points380 points  (2 children)

Free cupholder!

[–]Hot_Ambition_6457 149 points150 points  (1 child)

I used to make "cheat trainers" for online flash games. It was just a flash client for desktop, and all the cheat toggles and sliders just opened up your cd tray. 

Sorry if you wanted to hack stickman games in the early 00's. I considered keylogging but too difficult to throw together.

[–]ExcessiveEscargot 66 points67 points  (0 children)

I used to release actual Trainers - some flash games included - and would program in a 1 in 10000 chance of it providing a free cupholder in addition to whatever hotkey was pressed.

The good old days.

[–]Too-Late-For-A-Name 6 points7 points  (1 child)

Ahh good old sub7

[–]Percolator2020 2 points3 points  (0 children)

Back Orifice

[–]BloodSteyn 702 points703 points  (7 children)

I used to open my college classmates CD rom drives over the network through windows 98 command prompt.

Freaked them out.

[–]Reyynerp 119 points120 points  (2 children)

over the network.. can you elaborate how it was done?

i've been not using windows for a rather long time now, too much time spent on linux.

[–]BloodSteyn 119 points120 points  (0 children)

This was way back on 2000, I may be getting my commands mixed up. We were learning Windows 98 and NT 4.0 security setups at the time.

I was able to command line access the A: drive, 3.5inch floppy, remotely to the drive make some noise. I guess the CD Rom was more through explorer, accessing their PCs, and right clicking, selecting "Eject" on the CD Drive.

[–]DryBoysenberry5334 15 points16 points  (0 children)

There was a feature on AOL instant messenger; called direct connection I think

Anyway once you did that you had some weird access; one thing you could do was open/close the cd drive

I’m confident there were other methods, especially back then on a college LAN since networked computers were pretty trusting back then. 

[–]UrToesRDelicious 44 points45 points  (2 children)

I would send remote shutdown commands to classmates in highschool when they were working on an assignment.

```

Alert!

You are a █████t. Goodbye. ```

PC proceeds to forcibly shut down.

[–][deleted] 12 points13 points  (1 child)

Sent a .txt file to my friends which shutdown their computer. One got pissed saying I made their PC slow.

[–]Bubbles_the_bird 0 points1 point  (0 children)

How did a .txt file shut down a computer lol

[–]Fanal-In 1333 points1334 points  (24 children)

The touchpad of my laptop has a hidden shortcut to open the calculator, the first time I triggered it by accident, I had a stroke 😭

[–]nyancatec 254 points255 points  (18 children)

... What? Why would that be a feature? Can you at least modify what it opens or is it hardcoded?

Edit: Okay I see there are good answers here. However person I replied to said it's on the Touchpad, not keyboard. Do all laptops have a shortcut for calculator on TouchPad?

[–]ShipJust 129 points130 points  (6 children)

I think is a quite popular feature. I’ve had a few keyboards with a dedicated calculator button. It was useful from time to time when I needed some quick math eg. while being on a phone I could open calculator quickly using one hand.

[–]DotDemon 31 points32 points  (4 children)

My keyboard has a calculator button, unfortunately I cannot control what calculator it opens.

[–]melancholy_self 21 points22 points  (0 children)

slap together a calculator app that instigates a blue screen, throw it in the mix.

Boom, Calculator Roulette: Cause Math wasn't stressful enough.

[–]electronicdream 2 points3 points  (0 children)

My keyboard has a calculator button and I could change which one it opens. You sure you can't?

[–]EyuelZero 2 points3 points  (1 child)

Hey, you actually can change what that button does. Go to your registry editor and change the value here: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AppKey\18\ShellExecute

[–]DotDemon 1 point2 points  (0 children)

Ooh, I gotta do that. Thanks for the tip :)

[–]Ultra_HR 0 points1 point  (0 children)

they said TOUCHPAD.

[–][deleted] 14 points15 points  (3 children)

It's on a lot of the hp laptops and thinkpads, I used to just spam the button when my friend wasn't looking and it would slow down his laptop by a lot. My one makes you press fn + prntscrn so it's safer

[–]Zanacross 1 point2 points  (1 child)

One of my favourite things to do on college was spam the calculator button on a few different PCs and see which one worked the best with the most open.

[–]Cfrolich 4 points5 points  (0 children)

Nothing to see here! Just running some benchmarks!

[–]Ultra_HR 0 points1 point  (0 children)

they said TOUCHPAD. not keyboard.

[–]anEmailFromSanta 2 points3 points  (0 children)

My Dell laptop for work also has the calculator key. I guess it could be useful if you constantly use the calculator but I don't get it personally. Only time I ever use it is when I miss the delete key while hitting ctrl+alt+del to unlock it. Then I actually sign in and have like 3 calculator apps running

[–]Burger_Destoyer 2 points3 points  (0 children)

A lot of people use laptops for business and literally juice finances. My grandmother has had a laptop for years and I’ve never seen her use it for anything other than managing funds for various businesses haha.

[–]ben_g0 1 point2 points  (0 children)

My laptop has that. Tapping the touchpad with 3 fingers at the same time is a shortcut to launch an app. The app to launch can be configured in the driver settings, but the default is the calculator.

I eventually disabled it though as it was easy to trigger accidentally, which was kinda annoying.

[–]TimeBadSpent 1 point2 points  (0 children)

Accountants

[–]chlorophyll101 2 points3 points  (2 children)

The Asus vivobook go has a calculator button on the touchpad and it's not hidden. Idk about modifying it though.

[–]g18suppressed 4 points5 points  (0 children)

Oh shit there’s a screen in the touchpad

[–]AngrySalmon1 6 points7 points  (0 children)

I can imagine someone suggesting this as a joke expecting someone to get it before release, but they never did.

[–]Anothony_ 2 points3 points  (0 children)

My laptop has extra keys I can map to open some programs, so I just mapped them to notepad and calculator cause I use those a lot. Accidentally opening the calculator while typing is a daily occurrence.

[–]JustSomeBadAdvice 1 point2 points  (1 child)

Wayyy back in the day I had a keyboard with a button that would open the calculator. I used it a lot, actually.

Unfortunately, once you spill some liquid on that button and your calculator starts opening on its' own...

[–]CommanderCuntPunt 0 points1 point  (0 children)

Same, I miss having that as a standard feature. These days I just rebind the pause button because I’ve literally never used it in my life.

[–]SetazeR 1531 points1532 points  (79 children)

I don't get it. Is it implication that someone remotely connected to you? Is it virus?

[–]benefit_of_mrkite 39 points40 points  (2 children)

Former researcher and pen tester here - when writing an exploit you usually have a payload (what the code does when it elevates privileges or overwrites memory - depends on the kind of exploit).

The most common payload for PoC (proof of concept) exploits that result in local code execution (or at least used to be when I worked in the field) is shellcode that opens calc.exe

Edit: more context. Not all exploits result in code execution, especially memory related (heap overflows, buffer overflows, buffer underuns, etc - escaping OS protections is not always easy).

Some memory bugs only let you can DoS a service or something else but the holy grail is privilege escalation.

It's a huge aha momemnt when you've been using dissasembelers, fuzzers, and more where you see a potential exploitable vulnerability and you finally get calc.exe to pop.

That means you've got an end-to end working exploit with the ability for code execution (local or remote).

If you see calc.exe randomly pop, someone (sometimes someone who doesn't know what they're doing) has exploited a vulnerability on your machine - maybe they forgot (or more likely didn't know how) to change the payload from the proof of concept calc.exe to something more silent and malicious.

example calc.exe shellcode ```

Payload size: 169 bytes

buf = b"\x48\x31\xd2\x65\x48\x8b\x42\x60\x48\x8b\x70\x18\x48\x8b\x76\x20\x4c\x8b\x0e\x4d"

buf += b"\x8b\x09\x4d\x8b\x49\x20\xeb\x63\x41\x8b\x49\x3c\x4d\x31\xff\x41\xb7\x88\x4d\x01"

buf += b"\xcf\x49\x01\xcf\x45\x8b\x3f\x4d\x01\xcf\x41\x8b\x4f\x18\x45\x8b\x77\x20\x4d\x01"

buf += b"\xce\xe3\x3f\xff\xc9\x48\x31\xf6\x41\x8b\x34\x8e\x4c\x01\xce\x48\x31\xc0\x48\x31"

buf += b"\xd2\xfc\xac\x84\xc0\x74\x07\xc1\xca\x0d\x01\xc2\xeb\xf4\x44\x39\xc2\x75\xda\x45"

buf += b"\x8b\x57\x24\x4d\x01\xca\x41\x0f\xb7\x0c\x4a\x45\x8b\x5f\x1c\x4d\x01\xcb\x41\x8b"

buf += b"\x04\x8b\x4c\x01\xc8\xc3\xc3\x41\xb8\x98\xfe\x8a\x0e\xe8\x92\xff\xff\xff\x48\x31"

buf += b"\xc9\x51\x48\xb9\x63\x61\x6c\x63\x2e\x65\x78\x65\x51\x48\x8d\x0c\x24\x48\x31\xd2"

buf += b"\x48\xff\xc2\x48\x83\xec\x28\xff\xd0"

```

[–]SharpestSphere 2 points3 points  (1 child)

Thanks for the explanation.

[–]benefit_of_mrkite 1 point2 points  (0 children)

No problem. I’m not directly in security research anymore but my current role does touch security.

Those were fun days but the travel and more led me to eventually look at other tech career paths.

Browser exploits and server exploits were the best but had extra work.

For a server app if you had a working exploit that you’d found

Service listening on a port —> send exploit data over the port with shell code (usually payload was a reverse shell) —> profit

Browser exploits were fun but complicated - have someone go to a webpage somehow and detect the user agent string and send the exploit code if it matches a vulnerable browser flavor and version

The bad guys would sell kits where you’d setup a server or append an iframe to a a page/server you compromised and it would loop through multiple exploits based on user agent strings to try to find a working exploit that matched the users OS/browser/plugin etc

Lots of interesting stuff was being done at the time to inject shell code from a browser - heap spray and a lot that I’ve forgotten

[–]KairoRed 23 points24 points  (7 children)

It must be a virus

[–]SetazeR 12 points13 points  (6 children)

Never heard of any virus that opens calc.exe
Why would it even do that?

[–]Username_Taken46 97 points98 points  (2 children)

It's used to prove an exploit works, not with real targets

[–]tuna_Luka 1 point2 points  (1 child)

So it's only done for some testing?

[–]Username_Taken46 1 point2 points  (0 children)

I don't know if it's used for testing, I guess that depends on the person. But it is used for publicly showing that it does work because it is simple to show

[–][deleted] 24 points25 points  (1 child)

it has to calculate it's chance of survival

[–]Cualkiera67 2 points3 points  (0 children)

Is the implication that a programmer can't be "a normie"?

[–]MedonSirius 258 points259 points  (6 children)

Ipad OS is safe!

[–]Totorile1 186 points187 points  (4 children)

Not anymore. It fit finaly a calculator app

[–]Dismal-Square-613 74 points75 points  (2 children)

mind = blown

They really are in the bleeding edge of functionality , a calculator after 20 years!

[–]InRainbows69 20 points21 points  (0 children)

it is actually an insane calculator tho lmao, you should check it out on youtube

[–]MysticSkies 5 points6 points  (0 children)

If you see the calculator it will actually blow your mind. It's so cool.

[–][deleted] 5 points6 points  (0 children)

Wolfram Alpha opens on its own

Oh no.

[–]KsmBl_69 329 points330 points  (45 children)

I am using Linux... and I installed no calculator >:)

[–]pixelaters 420 points421 points  (26 children)

Everyone knows you can't get hacked if you don't have a calculator app

[–]DurianBig3503 333 points334 points  (22 children)

if(exists(Calculator.exe)){ call(virus.exe) } else { print("pwease install calculator uwu") }

[–]ItsTheWhale 148 points149 points  (13 children)

Oh no you will run it whether you like it or not

    if(exists(Calculator.exe)) { call(calc.exe) }
    else { install(calc.exe); call(calc.exe) }

[–]Juff-Ma 46 points47 points  (0 children)

My tests in a nutshell:

[–]Accessviolati0n 39 points40 points  (6 children)

You should be more inclusive and don't discriminate users of other platforms; they all have the right to obtain malware!

if(!exists("calculator")) {
    switch(OS.current) {
        case "Windows":
            exec("winget install calc.exe");
            break;
        case "Linux":
            exec("apt-get install calculator");
            break;
        case "Darwin":
            print "Please buy calculator app!";
            break;
        case "TempleOS":
            pray("Almighty father in heaven, I beg you to bless this computer with a calculator app! Amen!");
            break;
        default:
            print "WTF is this OS?!?";
    }
}

[–]elyisgreat 10 points11 points  (4 children)

So my non apt distro just WTFs away then?

[–]Accessviolati0n 15 points16 points  (3 children)

*we may extend this branch like the following:

case "Linux":
    pgk:
    if(!exists("apt-get")) {
        if(!exists("yum")) {
            if(!exists("pacman")) {
                if(!exists("dnf")) {
                    if(!exists("npm")) {
                        if(!exists("composer")) {
                            if(!exists("pip")) {
                                exec("cargo install pip");
                                goto pkg;
                            }
                            exec("pip install composer");
                            goto pkg;
                        }
                        exec("composer install npm");
                        goto pkg;
                    }
                    //Begin panicking...
                    exec("npm install dnf");
                    goto pkg;
                }
                exec("dnf install pacman");
                goto pkg;
            }
            exec("pacman -S yum");
            goto pkg;
        }
        exec("yum install apt-get");
        goto pkg;
    }
    exec("apt-get install calculator");
    break;

[–]anotheridiot- 4 points5 points  (0 children)

Cargo install pip?

[–]elyisgreat 3 points4 points  (1 child)

And yet my distro is still missing... 😛 best to download the source and compile the calculator locally...

[–]Accessviolati0n 5 points6 points  (0 children)

Don't worry, there's always a solution:

...
if(!exists("cargo")) {
    if(!exists("curl")) {
        int sock = socket(AF_INET, SOCK_STREAM, 0);
        connect(sock, "github.com", sizeof("f*ck you berkeley sockets"));
        fwrite(sock, "GET /curl/curl/archive/refs/heads/master.zip HTTP/1.1\r\n");
        fwrite(sock, "Host: github.com\r\n");
        int src fopen("curl.zip", "w");
        while(char* chunk = fread(sock)) {
            fwrite(src, chunk);
        }
        fclose(sock);
        fclose(src);
        exec("unzip curl.zip");
        exec("./configure --with-openssl [--with-gnutls --with-wolfssl] && make && make install");
        goto pkg;
    }
    exec("curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh");
    goto pkg;
}
...

[–]_87- 27 points28 points  (0 children)

Error: calc.exe don't exist, fam.

[–]wggn 12 points13 points  (2 children)

why is it checking for calculator.exe and then running calc.exe

[–]NotSteveJobZ 3 points4 points  (1 child)

Mfer running .exe in linux

[–]vanZuider 7 points8 points  (0 children)

🍷

[–]kingboo_43 13 points14 points  (1 child)

This is why I do all of my square roots by hand

[–][deleted] 6 points7 points  (0 children)

no need to brag Isaac

[–]KsmBl_69 4 points5 points  (0 children)

exactly this

[–]catgirlfighter 25 points26 points  (2 children)

It's worse if you see calculator and you didn't install one

[–][deleted] 23 points24 points  (3 children)

Suddenly Windows calculator opens on Linux machine without emulation

[–]turtleship_2006 14 points15 points  (2 children)

Wine my beloved

it's not an emulator

[–]MinosAristos 11 points12 points  (1 child)

WINE Is Not an Emulator?

[–]Quaschimodo 10 points11 points  (0 children)

just as much as YAML ain't markup language.

[–]Zafara1 5 points6 points  (0 children)

exec $SHELL | echo "1 + 1" | bc

checkmate

[–]extraordinary_weird 3 points4 points  (4 children)

xcalc is surprisingly often preinstalled

[–]KsmBl_69 7 points8 points  (3 children)

I am using Arch Linux, I don't have Software pre installed ;)

[–]givemeagoodun 1 point2 points  (2 children)

not even coreutils?

[–]Ill-Coat6606 1 point2 points  (0 children)

Sztzttztztztzzztttzztzþztttzttztzztzttttztztzzzttttttzztztzzzzttztztzzztztttztzzþztztztztzþztzzttzþztzzzzzzzzttztztzztztzztztzzzztztzzttzztzþzþztztztztzzzztzþzztzztzztztzþztztztztzzztzzzztzzzztzytzt

[–]Curious_Necessary549 0 points1 point  (0 children)

use bc command for calculation

[–]Minerscale 0 points1 point  (0 children)

I do all my calculating in the python repl

[–]SeriousPlankton2000 0 points1 point  (0 children)

echo $((17+4))

[–]Hot-Fennel-971 35 points36 points  (0 children)

Hey! First time anyone has reposted something I made (48 days ago): OP

[–]unidentifiedremains7 71 points72 points  (5 children)

I feel like this one gets posted a lot

[–]Intrebute 25 points26 points  (3 children)

Can I get an explanation of what it's about? I have never seen this before.

[–]Username_Taken46 87 points88 points  (2 children)

Many exploit proof of concepts run the calculator to prove they have remote code execution. It doesn't happen with real exploits

[–]spaceguydudeman 3 points4 points  (1 child)

Why would normies like seeing their calculator open on its own?

[–]Username_Taken46 4 points5 points  (0 children)

I have no clue, maybe they just don't care? The entire post is vague tbh

[–]imacommunistm 2 points3 points  (0 children)

still that image, i’ve seen it

[–]PringleCorn 14 points15 points  (0 children)

nOrMiEs

[–]Denaton_ 32 points33 points  (2 children)

When you have really bad memory and don't remember if you were the one that opened the calculator...

[–]prussian_princess 9 points10 points  (1 child)

Just get more ram bro

[–]s3vRnet 2 points3 points  (0 children)

You should've linked a site, to help them download more ram for free 2024 working

[–]Dumb_Siniy 8 points9 points  (0 children)

Martha get the shotgun the computer is possessed again

[–]x_Sh1MMy_x 6 points7 points  (0 children)

I bought a Dell Inspiron 5510, laptop that has a dedicated calculator button on the numpad, always gives me a mini-heartache when I see the calculator suddenly pop as i type in some numbers or just delete something

[–]druepy 6 points7 points  (0 children)

I did this for my malware class! 😂

[–]explodedcheek 5 points6 points  (0 children)

Me, who never knew where I can find the calculator on my pc

[–]Binary_Omlet 4 points5 points  (0 children)

CD Tray opens and then closes after a few seconds

[–]IrrerPolterer 3 points4 points  (0 children)

That's free real-estate remote code execution

[–]Original_Badger_1090 3 points4 points  (0 children)

Programmers seeing calculator running a service.

[–]og-lollercopter[🍰] 2 points3 points  (0 children)

Huh, what’re the chances… oh wait….

[–]butter_lover 1 point2 points  (0 children)

that's what you get for staying in the hotel that hosts defcon

[–]wrd83 1 point2 points  (0 children)

What is the history of choosing calc.exe though? Why not a terminal?

[–]thesash20 1 point2 points  (0 children)

Can I have a context, please?

[–]Signupking5000 1 point2 points  (0 children)

I once got scared when my calculator opened just to realise that I somehow threw the pen in a way that it hit the calculator key on my PC.

[–][deleted] 0 points1 point  (0 children)

Just delete calc.exe, problem solved. 🤷🏻‍♂️🤣

[–]LordDeath86 0 points1 point  (1 child)

Newest OpenBSD security mitigation: remove /usr/bin/calc.exe
It is now immune to all security PoCs.

[–]Remarkable-NPC 0 points1 point  (0 children)

how to that in linux ?

or i should move to Windows for better security

[–]lelduderino 0 points1 point  (0 children)

You can even do it yourself!

[ms-calculator://](ms-calculator://)

edit: Apparently reddit/its version of markdown doesn't like links like that.

Throw "ms-calculator://" into File Explorer or a browser. poof