Slashdot Mirror

← Back to Stories (view on slashdot.org)

Practical Jokes on Co-Workers?

Posted by Cliff on from the lighten-up-people dept.

leprasmurf asks: "Here I sit with Administrative rights to a public computer at work, and I'm trying to think of how I can have fun with my co-worker's profiles. I'm running low on ideas. I've done the 'copy 50 million folder shortcuts to their desktop' one and if he forgets to lock his terminal one of these times I'm going to do the print screen and hide all his icons one, but what else is there? Surely there are some harmless pranks an administrator can do without resorting to downloading programs for assistance. Any suggestions?"

4 of 430 comments (clear)

  1. Re:Schedules by innosent · · Score: 4, Interesting

    Do what I did, find the latest MS exploit, (when I did this it was the ping one in 95/98 that locked up the computer, but didn't BSOD, just sat there) and every once in a while, lock his computer up. We actually used this to fire someone, since we suspected that he was sitting at his desk doing nothing most of the time. We locked it up, and asked him an hour later what he had been doing for that hour. He told us he had done quite a bit of work, at which point we asked him to show it to us, and he realized that his computer was frozen. We then informed him that it had in fact been that way for an hour, and that he could use the next hour to pack his things.

    --
    --That's the point of being root, you can do anything you want, even if it's stupid.
  2. A few modest ideas by Piquan · · Score: 5, Interesting

    Most of these are Windows-specific. Call it a hunch.

    Take a screenshot and make it their desktop, then close all windows, hide the taskbar, and move some (only some) of the desktop contents to somewhere other than the desktop.

    If you use VNC, then set up a full-screen vncviewer to a secondary victim's desktop. Watch them fight it out. (Be very careful; privacy issues crop up in this one.)

    Download the original hampster dance. (Note: website makes sound.) Use the ActiveDesktop feature to make a copy of that as the victim's desktop. Turn the volume to max, and immediately shut down or suspend. For maximum effect, do this on a laptop just before the victim leaves for a flight.

    Depending on the OS version, add about eighty folders at the top and bottom of the "Programs" menu. Doesn't matter what you name them; some versions of Windows make it a pain to open a folder in the middle.

    Set their Internet connection to, instead of using the LAN, auto-dial their phone.

    If you can get an X server running on their box, then run greasymouse against their display. (You mentioned not downloading anything, but since it's on the X contrib tape, you may already have it on a local Unix box.) I find a factor of 1.8 or so works well. The good news is, this works on some rootless X servers for Windows. Of course, if your victim runs Unix, no such need.

    Fun with fonts. Set the fonts and colors to something terribly garish, and just barely useable. Then export the relevant parts of the registry, and set things up to merge that in every boot.

    Setting sounds is a good one, and there's a lot of ideas already posted to get you started.

    All this is assuming your friend isn't a coder. There's much better ways to get at coders, such as #define struct union or other ideas from here for more ideas.

    And the number one way to ensure to drive them mad at the office computer:

    Force the victim to use Windows.

  3. Outlook signature seen by *some* co-workers by lute3 · · Score: 3, Interesting

    Embed a mildly embarrassing image in a user's Outlook signature. The kicker is to only have it display for a select few users.

    Step1 - Create a folder on a webserver with ASP or PHP support that will host the script.
    Set the folder permissions such that the only authorized users are the people you want to be in on the joke when it happens.

    Step2 - Create an ASP script (PHP is even easier) that will host the embarrassing image and place it in the folder from Step1.

    Here are some examples of ASP/PHP scripts (please note that Slashdot will add spaces in anything appearing like a URL)..

    <%
    embarrassing_image = "embarrassing_image.png"
    fake_image = "white_one_pixel_square.png"
    userfull = Request.ServerVariables("LOGON_USER")
    look = inStr (1, userfull, "user_to_goof",1)
    If 1 > look Then _
    Response.Redirect (embarrassing_image) _
    else _
    Response.Redirect (fake_image) _
    end if
    %>

    <?php
    $embarrassing_image = "embarrassing_image.png";
    $fake_image = "white_one_pixel_square.png";
    $userfull = $_SERVER["LOGON_USER"];
    if (eregi ("user_to_goof", $userfull))
    {
    header ("Location: " . $embarrassing_image);
    }
    else
    {
    header ("Location: " . $fake_image);
    }
    ?>

    Step3 - Set the Outlook editor to HTML
    HKCU\Software\Microsoft\Office\<Office Version (9 is 2K)>\Outlook\Options\Mail\EditorPreference
    10000 = Plain Text
    20000 = HTML
    30001 = Microsoft Word
    30002 = Microsoft Rich Text

    This step may or may not work.
    Also, you'll need to find the user's hive under
    HKEY_USERS (there are typically only a couple) while he's logged in since you can't access HKCU remotely (unless you use a .REG file that the user can enter himself in a login script or something).

    Step4 - Edit the stationery and reference the ASP/PHP script as an image within the body.
    <img src="http://webserver/directory_with_permissions_s et/harmless_filename.asp" border="0">

    Copy the stationery over..
    C:\Program Files\Common Files\Microsoft Shared\Stationery

    If the last step didn't work (like in my situation) and the user has Word setup as the email editor, you'll need to edit his "document.dot" file instead of an HTML stationery file.

    Step5 - Set the stationery..
    HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging
    Subsystem\Profiles\JBrewer\0a0d020000000000c000000 000000046\001e0360\Blank

    Sit back and wait for the user to send out an email to the group.

    NOTE:
    I still have not overcome the "Anonymous" problem.. If an unauthorized user gets the email, he will be prompted for a login.
    With PHP, there's a possibility of doing this without using NT permissions at all (look at the "Accepted Answer"). I'm sure there's a way to use this technique with ASP, too.

  4. Re:Run the jokes on YOUR computer by Anonymous Coward · · Score: 3, Interesting

    There is plenty that you can do to demonstrate your 1337 hax0r skillz and sense of humour on your own machine.

    That can get you fired too. My employer has an IT staff that is grossly incompetent to say the least. Many of them are nice guys, but they know shit about securing or maintaining computers.

    Well to cut to the chase, I got sick of my computer freezing and crashing when I was working so I decided to poke around and see what unnecessary services they were running on the machines. I shut down most of the unnecessary services that were running on my machine.

    One of the things that I shut down was "Remotely Possible", which happens to be the program that management uses to monitor our activities. My boss's boss's boss went apeshit. I was called on the carpet for "tampering" with my computer system. I held the line that I was only turning off unnecessary services to make my system faster and more stable.

    I was let off with a warning, and I still have my job, but the point is clear, IT and management doesn't think it's funny in the least when you know more than they do about the capabilities of your system and the limitations of their skill.

    -Guess why I'm anonymous...