What happens if you connect Windows 2000 to the Internet in 2024?

Рет қаралды 110,484

16 күн бұрын

What happens if you connect Windows 2000 to the Internet in 2024?
While researching I also saw this video which was similar, but he used real hardware: • I Exposed a Windows 20...
Follow me on Twitter - / atericparker
Disclaimer: The content in this video is for education and entertainment purposes to showcase the dangers of malware & malicious software. I do not encourage any form of illegal hacking, nor do I encourage the usage of game cheats, cracks or hacks.
Cracks are sometimes shown to highlight the dangers of software piracy, my content is not intended to teach anybody how to pirate, or maliciously hack.
More Malware Investigation Videos:
→ Cyberpunk 2077 Highly Compressed: • Video
→ The latest "NORD" Malware - Nordsecured: • The latest 'NORD' Malw...
→🧧VIRUS WARNING🧧 NEW Optifine for Minecraft 1.16 SCAM: • 🧧VIRUS WARNING🧧 NEW Op...
→ The wilkreate KZbin stealer virus that started this whole trend: • Fake sponsor DESTROYS ...
Much of the music in my videos comes from the KZbin audio library, especially this amazing music creator: / @patrickpatrikios2050 .
Outro Music
Track: Lost Sky - Where We Started (feat. Jex) [NCS Release]
Music provided by NoCopyrightSounds.
Watch: • Lost Sky - Where We St...
Free Download / Stream: ncs.io/WhereWeStarted
(C) Eric Parker 2024

Пікірлер: 478

@Umbreedon 13 күн бұрын

> connects to the internet > immediately gets infected by a 20 year old worm

@dadsa-yf6mq 11 күн бұрын

rahhh wheres the dirt🪱

@therealfox 2 күн бұрын

Where does the 20 yr old Worm lives? Is it cloud Based?

@hn1f 14 күн бұрын

Next up: What happens if you expose Red Star OS to the internet

@ozzie_goat 14 күн бұрын

A pizza delivery van will be parked outside of your house for a couple months

@EricParker 14 күн бұрын

I like where this is going, although it'd probably be more focused on trying to browse the internet than malware.

@Sectonidse 14 күн бұрын

@@ozzie_goat Flowers by Irene*

@ozzie_goat 14 күн бұрын

@@Sectonidse Solid reference

@JakeStreisand 14 күн бұрын

You cant. They specifically made it so that if you connect it to the internet it will brick itself.

@skycaptain95 14 күн бұрын

Wow. You get hacked and infected with the Sasser worm literally within two minutes even with SP4. I'm not sure what i expected.

@nullkid10 14 күн бұрын

More likely Blaster, due to all the crashes and only one lsass termination.

@skycaptain95 13 күн бұрын

@@nullkid10also possible, but blaster gives a registry entry OP can check (if the VM isn't completely bricked)

@Knaeckebrotsaege 13 күн бұрын

this is the same dude who farmed 320k views with the fake XP video before, putting it on the internet with NO firewall (which is not how the vast majority of people are connected to the internet) and because that STILL didn't work he googled for malware to infect the system with and accidentally left the browser window of him searching for it in the video

@wHXpanD 13 күн бұрын

@@Knaeckebrotsaege Got a timestamp? EDIT: Nevermind, 2:50 on that video, oof.

@socar-pl 13 күн бұрын

Most interesting is how it got hacked - anyone could suggest a path of infection ? Back in the day I recall servers got infected from one each other - so having pool of Win2k and one got infrected you had to deal with each separaterly before you got them back online. Its 2024 and I cant imagine anyone still having Win2k online that is infected and just waits for another Win2k to go online. Second thing which is bothering me is how does one get infected behind NAT at this point. Any comments welcome

@widar28 14 күн бұрын

Your Win2k was infected from the get go.... man that brings me back. I can't believe that the Sasser is still active after over 20 years... this was also my first contact with Computer Security ^^ A freshly bought brand new computer from the local store, and as soon as the 56k modem finished, 20 seconds later I got the "System is shutting down" message. it is crazy how vulnerable Windows was (and partly still is)

@davel4030 14 күн бұрын

Yep, got blasted.

@Jesus.Christ106 14 күн бұрын

most commonly used OS in the world, actually not that crazy to constantly have found vulnerabilities in it.

@KyanoAng3l0 12 күн бұрын

Sasser was prolly the first time my PC got infected by something from the Net. It was also one of my early years of using the Net. Ig that's one way of learning the Net isn't safe.

@widar28 12 күн бұрын

@@Jesus.Christ106 hmm... not so sure about that. Supercomputers, servers, embedded/IOT devices, most smartphones, routers modern switches, some gaming consoles, microcontrollers all run on unixoid systems. Only the PC Desktop is dominated by Windows.

@HVinduction 10 күн бұрын

Lol not if you use a good firewall, if you use Windows on the public internet with only the Windows firewall without a hardware firewall such as a good modem or router or with wrong settings such as DMZ you WILL get hacked...

@Mihot7 14 күн бұрын

4:00 sasser joined the game

@lezlienewlands1337 14 күн бұрын

Damn, Sasser is still active on the internet? That's crazy.

@xanlord2k 13 күн бұрын

Bro got infected with blaster/sasser in under a minute 💀

@MickmickWashesThings_Official 14 күн бұрын

4:30 Actually this happens when an attack fails. There is a similar video of exposing a real machine running Windows 2000, it kept rebooting and blue screening

@RandomGuy37 14 күн бұрын

Might be the WannaCry virus that went around back in 2017. If I remember correctly, if it tried to infect a Windows 2000 machine, it wouldn't be able to do anything else to it but crash it

@MickmickWashesThings_Official 14 күн бұрын

@@RandomGuy37 Yeah, those things are bots

@silly_putty_enjoyer 14 күн бұрын

my guess is it wasMS17-010, aka the infamous EternalBlue vulnerability in SMB

@JackSeries44 14 күн бұрын

He literally just connected to microsoft and google. Not even a sketchy website, that says a lot.

@silly_putty_enjoyer 14 күн бұрын

@@JackSeries44 indeed. win2000 with default configuration is basically a glowing target

@diamondman1543 14 күн бұрын

This is such a good series

@mirrorportal1587 14 күн бұрын

I agree

@Knaeckebrotsaege 13 күн бұрын

if you like people faking their way to clicks and views then sure lol. this is the same dude who farmed 320k views with the fake XP video before, putting it on the internet with NO firewall (which is not how the vast majority of people are connected to the internet) and because that STILL didn't work he googled for malware to infect the system with and accidentally left the browser window of him searching for it in the video lmao

@Shredddddy 11 күн бұрын

super cozy nostalgia trip of giving all my early OS's literal aids when I was a child....but now its like we have a security wizard here to show and explain to us all about the aids we were giving our pc's back in the day :3

@lillywho 14 күн бұрын

7:22 If you wanted to revive Windows Update in earnest, you could install Legacy Update which redirects it to a community-hosted reverse-engineered server.

@averyplote7148 14 күн бұрын

Hacked% Speedrun world record

@MudkipOnYT 14 күн бұрын

This series is really fun, I don’t know how much more content you can make with it because there aren’t many more versions of Windows but great work!

@KK-bk8kj 13 күн бұрын

Virus mentioned around 5:15 which destroyed motherboards was called CIH or more commonly "Chernobyl" it did override bios memory corrupting it.

@lethav.delphi 14 күн бұрын

I just found your channel because of a german article on a website. It's really interesting to see how the old systems "perform" in 2024. :) please go on with the series!

@MIKE_ 14 күн бұрын

I saw somebody write an article about you showing what happens if you connect Windows XP to the internet, it bought me to your channel to see more interesting videos :)

@yeahhhhhhhhhhhhhhhhhhhhhhhhhh 14 күн бұрын

do you have a link to it?

@TheCynicalJedi 14 күн бұрын

@@yeahhhhhhhhhhhhhhhhhhhhhhhhhh Can't post links in YT comments, PCGamer have an article that specifically talks about Eric's video though, popped up on my phone's news feed last night so might be that one, but it's literally just a written summary of his video, they didn't add anything particularly interesting themselves, just reporting on the facts I guess

@henson21 14 күн бұрын

Nothing happens. I work with WinXp every day. Runs perfectly and without any problems. Current viruses are 64bit and target systems from Win 7 onwards. The web browser My Pal 68 has been adapted and compiled for XP so that you can use KZbin, Twitter and all the other modern websites without any problems.

@blazzer73553 12 күн бұрын

Yes and it's a total crock. These videos are pure trash, crazy how uninformed people are.

@Sophix_37 10 күн бұрын

I've seen the same article!! I like that person wrote about Parker so now I can watch his videos

@the2323guy 14 күн бұрын

suggestion: what happens if you connect windows vista to the internet in 2024

@mor4y 14 күн бұрын

No one knows, because even people who would run ME for 'fun' would turn their nose up at running the Vista binfire 😬😆🤣

@terrorBanana 14 күн бұрын

Chaos😂

@newaccount877 14 күн бұрын

I tried it using Supermium and it runs well

@hockypockies 14 күн бұрын

@@mor4y i like vista, take that

@nov2263 14 күн бұрын

You wouldn't know if it was Vista that crashed or because of a hacker attack. Same same.

@RC-nq7mg 14 күн бұрын

Neat to see. Everyone always talks about XP but Win2K was my daily driver untill xp sp2 was released. Win2k was always one of my favorite versions of windows.

@raven4k998 13 күн бұрын

windows 2000 is pre windows xp not 98 or 95🤣🤣

@timhartherz5652 5 күн бұрын

Never switched to XP, never had a reason. Win2k could do anything XP could do, while not looking like a Kids toy. Kept Win2k until Win7 came out. Of course i was missing out on a additional taskbar icon, who's only purpose was to tell me whenever my antivirus was running or not, what a loss. :-D

@RC-nq7mg 5 күн бұрын

@@timhartherz5652 I don't recall why I switched to XP. I did use to turn off the visual styling so it looked like W2K though, also used less resources.

@PhantomWorksStudios 14 күн бұрын

Back in 2015 Microsoft released an emergency update going as far back as windows 2000 bc 2000, XP, vista, etc had this exploit. It was released after wanna cry was spawned and had to do with the rdp of I remeber correctly. Anyways all I can say is to install that update and then trying this again. I was amazed that Ms not only quickly released that update but for Windows XP and especially 2000...

@o0Donuts0o 14 күн бұрын

Wannacry was an SMB v1 exploit if I remember correctly. We were in the midst of a full scale company wide disaster recovery test when I was given the green light to disable SMB v1 across the board. Rolling out GPO’s at that scale are always fun. We had some heart sore Linux admins the next morning who couldn’t connect to shares anymore with their outdated Red Hat distros 😂.

@xTh1eFx 14 күн бұрын

EternalBlue (SMBv1 exploit) appeared in 2017, BlueKeep (RDP exploit) in 2019, for both beginning from WinXP patches has been issued. Never heard about any patches for 2000, guess its market share was extremely tiny to bother with even back then.

@PhantomWorksStudios 14 күн бұрын

@@xTh1eFx yea they even issued the patch for 2000 too

@TheCynicalJedi 14 күн бұрын

If I were to guess it's probably because WinXP and older are still in very regular use within industrial fields among other arguably more important ones, like nuclear facilities and Microsoft probably know how dumb people can be, after all this video is proof that all it would take is someone to connect it to the network with internet access for a couple of minutes lol Edit: Then again saying that, you'd hope if someone were stupid enough to connect it to the network that things like NAT or a firewall would save it, but I ain't gonna build a 2000 box to test that theory lmao

@xTh1eFx 14 күн бұрын

@@PhantomWorksStudios hm, I failed to locate that one, only some unofficial patch from MSFN forums based on backported library from XP...

@brandnewkutta 14 күн бұрын

Eric Parker on a generational run rn, been here since a couple hundred subs keep it up man

@YS_Production 8 күн бұрын

Hi Eric! a) the Win2k startup sound is absolutely the best one! b) the fact you keep closing the Tip of the Day window every time and not unclick the tickbox at the bottom of it is so funny :D Thanks for the vid.

@Darfk 14 күн бұрын

This stuff is so interesting, it's amazing how fast you're pwned. Are there bots just nmapping the entire v4 address space 24/7 or something? Who's doing this for 20 year old OSes? Any chance you can get a packet capture for one of these experiments?

@dingokidneys 14 күн бұрын

There literally are systems scanning the whole IP space; legitimate ones like Shodan for analytical and security purposes, botnets searching for new infection prospects, nation state actors looking for footholds and kids at colleges or universities learning about computer security who will probe you from their campus IP in another country so they don't get bothered by the cops. If you actually watch the traffic on an open port it's really quite interesting. I had a secure SSH host open to the internet and watched the traffic in real time as well as capturing the packets with Wireshark. It was really amazing to look into who was doing what and from where.

@egg_addict 13 күн бұрын

since it was intended for businesses, it probably is a high priority or something. a lot of businesses are probably still using windows 2k, but who knows.

@bouncypear_net 13 күн бұрын

@@egg_addictI know there's a Windows NT4 PC hanging around the HVAC lab at my college for sure, but I doubt it's networked

@KaitouKaiju 13 күн бұрын

@bouncypear_net it's crazy to think you're one ethernet cable away from malware city

@Daniel15au 10 күн бұрын

It's possible to scan the entire public IPv4 address space in less than 15 minutes with modern tools like masscan, so there's definitely a lot of bots that are just scanning for open ports. There may also be old systems that are still infected with the worms, still spreading them all these years later.

@eyelmejor1388 14 күн бұрын

i just discovered your channel, its great, keep it up!

@LeeZhiWei8219 13 күн бұрын

Man, this is awesome content. Saw your "What happens if you connect Windows XP to the Internet In 2024." Intriguing!

@LeeZhiWei8219 13 күн бұрын

Perhaps you might wanna use Legacy Update, newer replacement for the good ol Windows Updates. Then patch the system to it's latest.

@HarrybertKunifax 6 күн бұрын

Someone with a normal mind is sitting behind a router with a firewall and has closed the ports. What are you trying to demonstrate here?

@FFusioNN 13 күн бұрын

You were at like 5k subs just a week ago, loveee your content man!

@leemack4562 14 күн бұрын

you made my day with this video! the trivia was a nice touch

@vladislavkaras491 14 күн бұрын

Well, that was quite fast! :D Thanks for the video!

@jjjacer 14 күн бұрын

@3:40 i remember seeing that live back in the day via the Blaster worm, basically if you had your windows 2k system directly on the internet with no firewall, there was a good chance that the worm would eventually hit your IP causing this shutdown popup, and then it would start DDoSing windows update. Man viruses back in the day always were memorable, Nimda, Code Red, Blaster, ILOVEYOU, Melissa. Now days its all just generic trojans and cryptolockers

@teekatas 14 күн бұрын

boy I miss that old school right click menu animation at 5:28. They don't do that anymore.

@RadiatorTwo 14 күн бұрын

So ... completely exposed host? All ports from router directly forwared to the VM? I´ve been using Retro systems online for years now. Behind NAT they don´t get hacked....

@EricParker 14 күн бұрын

Correct

@Loudness84 13 күн бұрын

The video title describes exactly what has been done here. This is just how you connect a host to the internet. LAN is a different story and it requires a gateway to forward traffic to remote hosts. There are different applications involved, if you access the internet from inside a LAN. Its never been a good idea to connect Windows directly to the internet, lookup how old Norton Internet Security (just naming this popular example) is and you'll see...

@TheDragShot 13 күн бұрын

@@Knaeckebrotsaege well, if he didn't do that, it's unlikely something interesting would happen unless he went to look for malware manually. Oh wait, he did that in the WinXP video.

@dawson6294 13 күн бұрын

@@Knaeckebrotsaege Why does this upset you exactly? He's not hiding this, it's made pretty obvious that you have to go out of your way to expose yourself this much. It's just a fun demonstration of what happens if you do

@alkimos55 12 күн бұрын

@@Knaeckebrotsaege He explicitly explained this fact in an earlier video in the series.

@jeevannair393 14 күн бұрын

Love your vids man keep it up and you'll get big one day 👍

@eduardoroth8207 13 күн бұрын

found your channel, and immediately subscribed after seeing what your content is like

@vrekt8702 14 күн бұрын

So is the sasser worm just still running somewhere in the wild looking for machines to infect? Or is somebody hosting it and doing it that way

@howdoiexitvim-i686 12 күн бұрын

some script kiddies probably hosting it somewhere

@rossstewart9475 11 күн бұрын

If not script kiddies, there's plenty of internet connected appliances out there running 2k/XP; ePOS machines, ATMs... Their chances of infection should have been reasonably low, but given they've been running for decades at this point, that's a lot of chances to roll those dice.

@mrmcguru163 14 күн бұрын

ok, now use windows 11 without a firewall

@bwack 14 күн бұрын

From what I remember from 20+ years ago, playing around with Windows 2000 installs on my pc, at some point in time, the machine got infected like yours by simply pluging the ethernet cable. I remember that the service packs fixed it, back then. ca 2001-2002 :)

@lemonadesnake 14 күн бұрын

7:18 Updates can be downloaded with Legacy Update

@ZacharyNoah 10 күн бұрын

That's exactly what i did on my Windows XP Professional guest VM in VMware Workstation Pro, which is now free for personal use.

@mainfalsedata 14 күн бұрын

Happy to see you doing all these!

@Masterix. 14 күн бұрын

Hi, I'm sure you've already somewhere answered this question, but what distro are you using?

@cryptoafc7655 14 күн бұрын

I love your videos man.

@upthebuffer1921 14 күн бұрын

What I dont understand is how did the exploit happen? I mean how did the "hacker" get the ip & port for the win 2000 machine? Do they just scan IP's? How does that work as everything is pretty much behind a NAT?

@lemagreengreen 14 күн бұрын

Yep, port scanning entire IP ranges. As far as I know this guy has the machine completely exposed, bypassing NAT and no firewall running. Also I think I remember him saying it's an Amazon AWS IP or something, a particularly spicy target IP range for anyone port scanning. That said it is still quite surprising that the worms (likely Sasser or Blaster) are still out there and still apparently infecting hosts given there has to be basically no new Windows 2000 hosts exposed to the internet.

@BlueSheep777 12 күн бұрын

except this isn't behind a NAT, it's a view farm.

@GhostGlitch. 11 күн бұрын

@@BlueSheep777you act like he's misleading viewers. He repeatedly makes it very clear that he is exposing the system directly to the internet. And in his xp video he said it's to emulate how most users were hooked into the intent back in the day when security was significantly weaker.

@rossstewart9475 11 күн бұрын

@@BlueSheep777 did you... did you honestly think someone would make a video about Win2k security in 2024 for any reason other than idle entertainment? C'mon, now...

@BlueSheep777 11 күн бұрын

@@rossstewart9475 to check if servers running on that version of Windows aren't safe anymore

@JustJassCat 14 күн бұрын

Old style malware was a lot more fun indeed. I remember getting myself infected when I was ~10yo (11 years ago) trying to activate windows 7 using shady links on Google. The malware that infected me did nothing but infect exes to make them say "File corrupted! This program has been manipulated and maybe it's infected by a Virus or cracked. This file won't work anymore." And over a day, every program said that. Didn't get any of my accounts stolen or anything, just made my system unusable in an amusing way haha

@PaulFisher 13 күн бұрын

ah the times when people were in it for the love of being assholes, or industrial sabotage, or occasionally disrupting an entire country’s nuclear program

@min3craftpolska514 14 күн бұрын

Do Windows 7 RTM. I wonder how vulnerable is it in 2024 since some pc's probably still run a retail unpatched windows 7.

@justina1909 14 күн бұрын

The chances that someone is still running 7 unmatched but deliberately running on the exposed internet is probably low, as those who are unaware about computer security are using home routers with built in protections

@GabrielFurryPhone 13 күн бұрын

I done this and it worked fine I guess but outdated :(

@pcb_404 9 күн бұрын

@justina1909 yeah, the average person needs to put in a considerable amount of effort and bypass a lot of intentional roadblocks to face the internet ass first and get the results seen in this video, which is a good thing. Run any competent modern firewall (built in to basically every router/switch/even service provider....) and you shouldn't be able to get the results seen in the video without going even more out of your way. It's very impressive how hardened computers are now.

@TetrisMaster512 14 күн бұрын

It'd be interesting to see older versions of NT, like 4 or even 3.x, and whether they're still actively targeted (or vulnerable to the same exploits that target 2k and XP).

@KaliRoseWolf 14 күн бұрын

Id like to see some older/unsecure linux distros & malware/viruses that can effect linux servers

@ph7947 14 күн бұрын

great video lets see more pls :D very intresting seeing effects and explorer the virus

@DavidFRhodes 14 күн бұрын

i hooked up a windows 2000 server machine direct to the internet back in 2003. it was just for a few minutes to download drivers before i moved it to an air gap net. I went to lunch. when i got back it was already fubar'd

@thebearjew8463 12 күн бұрын

New to your channel but I’ve enjoyed the windows to internet series. Can I make a request? :) Windows 7,8,10,11 Linux Mac All directly to the internet! I would genuinely love to know how safe newer consumer OS are.

@narcs. 12 күн бұрын

You were just featured on some ordinary gamers channel, came racing back to check your sub count to see if it’s risen and it has quite a bit

@lemagreengreen 14 күн бұрын

Holy crap, sasser is *still* this fast? haha I remember this was about the time it took for any Win2k/XP machine to get hit by sasser back in the early 00's! You can halt the shutdown process after lsass.exe crashes if you really don't want it to reboot, the crash does indicate that it is being exploited though. I cannot quite remember what the payload/purpose of sasser was though. Windows 2000 had the event viewer didn't it? that would be where to look for more information on your bluescreen.

@ZorogamzREAL 8 күн бұрын

this is the type of channel where it answers questions before we ask them and then it makes you feel smarter after the video ends

@PCTUTORIALE1337 14 күн бұрын

Sasser still lives, probably due to some kids running it to this very day, there's no other reason why it would be still running :p

@howdoiexitvim-i686 12 күн бұрын

i mean, maybe those kids are like dannoct, but instead of just seeing what it does, they want it to still live

@zenniththefolf4888 12 күн бұрын

Now imagine all the devices we have in the current day that require an internet connection will likely be vulnerable 20 years later.

@layneburkhead3220 14 күн бұрын

Who tf builds random virus bots for specifically Windows 2000 machines connected to the open internet?

@ognjenjakovljevic494 12 күн бұрын

Microsoft did

@thedylansang 11 күн бұрын

All these kinds of videos have been interesting to me, as long as I've believed that nothing could go wrong connecting an older version of Windows to the internet.

@beftlidev 12 күн бұрын

3:05 This smile was personal 😅

@bmkhalidhasan 10 күн бұрын

Do you use virtual machine or you screencapture using display output?

@gitshell 14 күн бұрын

Parfom my ignorance. But what is the network config of the machine? Did you made it public to the Wan? Like, the web can basically initiate a "talk" to it? From my little knowledge, as long as a LAN network is safe - every computer in it is safe- connecting a fossil to it wouldnt be a problem.

@howdoiexitvim-i686 12 күн бұрын

he's directly connecting it to the internet, no router, no NAT, no firewall, his ip is his computer, not the router just routing ports

@thereisacow1337 14 күн бұрын

there are sasser/blaster bots online in 2024? lmfao

@lemagreengreen 14 күн бұрын

Surprised by that too. Maybe it's not specifically sasser/blaster worm but just a general exploit, I mean the lsass.exe vulnerability could be used to install anything (would have liked to know what those files were that he saw were dropped) but yeah, still surprising.

@Spong388 10 күн бұрын

After learning some basics of cybersecurity i must say these videos are so scam and pointless, i'm surprised to see the reactions to them.

@Awesomium3 11 күн бұрын

what linux distro are you using? i think of switching to linux, and i'll use wine on that distro if it's available.

@TheJonathanc82 14 күн бұрын

I love these videos 😊

@MatthewCenance 14 күн бұрын

Are you hosting malware on the host PC, or is the VM actually getting infected from real websites?

@frankbucciantini388 14 күн бұрын

The VM is exposed to the internet with every port open. There are bots scanning the whole IPv4 address range 24/7, mainly from Russia and China, trying to infect vulnerable targets automatically. In this case, they succeeded. TL;DR you don't need to browse the internet and visit malicious websites to be infected, the IPv4 address space is so little in today's terms that those bots will find you and will infect you, it's just a matter of time.

@Ethorbit 14 күн бұрын

these videos are always fun

@HouseOfFunQM 13 күн бұрын

It’s weird because you seem to know what you’re talking about, but… somehow you’ve never seen what Sasser or Blaster look like?

@yotoprules9361 14 күн бұрын

What VPN do you use here? I'd like to experiment myself.

@aonews 12 күн бұрын

Windows ME living up to expectations and crashing whenever anyone wants to run some software on it... even the hackers.

@oguzhankarahan1737 Күн бұрын

The introduction of the video reminded me Windows XP. Ah, I missed that legend too much.

@toddfraser7009 11 күн бұрын

Are you running this 2000 install exposed directly to the internet? or with a router firewall?

@gabrielleeliseo6062 14 күн бұрын

You CAN connect Win 2000, 98, 95 to the internet...but you have to be careful WHERE you surf, or you'll get some fun.

@nathanielcleland6566 14 күн бұрын

Thing is I recently compiled an application and ran it on 2000, but I still haven't managed to get it running on ME (real hardware for both). Windows 2K needed a couple of XP only functions that are used by the modern Microsoft C runtimes. These were actually fairly trivial to implement as stubs if they're not implemented in kernel32 (runtime resolution), things like EncodePointer. But to target 9x is more complex, as you need Unicode support (there is a library for that), and substantially more functions. Plus you have to set the headers correctly, and I can't find any documentation about what 9x actually looks for here! If you don't actively target 9x your malware is unlikely to work on it these days. And who targets 9x!?

@AmperSand666 11 күн бұрын

I'm curious if you have an Windows NT 4.01 to try, as far as I remember was extremely robust - and because of this, not very user friendly.

@UmarBlox5124 4 күн бұрын

bro you literally turned off all the protections

@censoredeveryday3320 12 күн бұрын

My favorite bug in Windows 95, 98, 2000 back in the day was the IP Fragment overlap bug. You could send a packet to a host with a specially crafted TCP ip packet with invalid ip fragments and when the kernel tried to reassemble the packets back together, kernel would blue screen. I used to run this code on a cron job and crash coworker machines, printers, and other stuff on the network.

@skate1 3 күн бұрын

High School libraries still have these old computers to this day. Mine had windows xp, 7, & 8 in 2015 😂

@markshade8398 13 күн бұрын

Win2K was also often nicknamed "Windows NT 5.0" and in some cases would show that when an asked to identify itself (in browsers and for web server statistics).

@sys_key3287 14 күн бұрын

i love these videos please keep uploading

@mixmashandtinker3266 10 күн бұрын

Was it directly connected or via a router?

@laustinspeiss 11 күн бұрын

This reminds me of Novell Netware 4, which was shipped with malware pre-installed. Caused a few problems, the least of which was the demise of Netware. They tried to recover,but Windows NT and Windows 2000 closed that door.

@afandiyusuf04 5 күн бұрын

nowadays virus : It's all about money. 20 years old virus: It's about sending a message.

@youmanyousef 13 күн бұрын

It’s so funny that worms are still circulating from decades ago

@HarrybertKunifax 6 күн бұрын

No, that's not it. The guy is making fun of all of you.

@tomtravis858 13 күн бұрын

How are you redirecting all connections from the vps to the vm? The only option I can see is ssh reverse tunneling.

@thespecialist3608 11 күн бұрын

This was.. insane to watch. Terrifying to know that vital infrastructure is pretty much being maintained with scotch tape and toothpicks. On another note, I cannot possibly pin your accent down. Are you Canadian? British? Aussie? Nebraskan?! (Excellent video also!)

@BarnabasFabian-og9xq Күн бұрын

i really dont understand how they do it so fast. Like you basically type in google, and youre hacked how do they know the ip range and stuff they should be looking for?

@EricParker Күн бұрын

mass nmaps

@user-rf9nm8xd6e 14 күн бұрын

what if you setup a AD server like Win 2012 face with out any updates does it get hacked and how about the win 8 Client

@nosebl33d 14 күн бұрын

windows 2000... the start of the home and pro era

@flashx4526 10 күн бұрын

Waiting for windows 7 getting exposed to the web

@Prism019 23 сағат бұрын

1:40 The CPUID instruction, when called to get the processor branding string will literally move an ASCII string literal into the registers EAX, EBX, EDX, and ECX.

@MonochromeWench 14 күн бұрын

Windows 2000 is just too similar to XP RTM to assume anything other than almost immediately getting hacked. 2000 sp4 was released in 2003 meaning it will be vulnerable to anything fixed for xp after 2003. Anything fixed for XP means a public disclosure of what the vulnerability is, effectively zero daying Windows 2000 and is why you never use Windows after support ends it will have known unfixed public vulnerabilities.

@morsecypher 11 күн бұрын

No, it will not be vulnerable to anything fixed for XP after 2003. Mainstream support for 2000 ended on June 30, 2005, and extended support ended on July 13, 2010. Also, there were patches for 2000 published at least as late as 2015.

@MonochromeWench 10 күн бұрын

@@morsecypher Except in this video he is not using a version of Windows 2000 with all updates applied. As he is using sp4 anything fixed after that is a big problem

@aLinuxIce 12 күн бұрын

what distro do you use ?

@Osakarmakun 12 күн бұрын

I feel like this video is kind of false because I have been using Windows 2000 with Extended Kernel on my second machine connected to the internet, and nothing has happened.

@ryoPL2142 12 күн бұрын

This VM is connected directly with ports open, while yours is probably behind router. Thats like having your home front door open all the time. This is to show how weak the security is if exposed to a worst case scenario. Behind a router and functioning brain using old OS is mostly safe.

@marcopisco 13 күн бұрын

Attempted this myself. Kept it up for two hours. Nothing happened (other than a few attempts for port 21 and 80). Nothing hacked it. Gave up because I got bored, but I'm considering redoing it

@thishandle.wasnttaken 13 күн бұрын

I'm fairly certain you're referring to CIH as the "virus that destroyed motherboards", which was written to show just how ineffective AVs used to be. It unfortunately leaked out of the university that it was made as a project for and spread like a plague, spawning stuff such as Magistr, which was that but against people in legal professions, Kriz which changed the payload date from 4/16 (the author's birthday and infamously the date of the Chernobyl disaster) and was famously embedded into some screensavers for a Dreamcast game. The last notable one was Boomerang, which was just CIH across a network. Why he gave it such a destructive payload, maybe you are right in that he wanted some fun. But, that worm wasn't even intended to get out of the lab in the first place. Interesting to note that it would overwrite BIOSes with garbage data through an exploit, though. Made it worse when all the popular motherboards were using that exact vulnerable chipset, unless you were one of the rare few with that write protect jumper enabled.

@ftajmieh 9 күн бұрын

Imagine turning on a very old family computer with windows 2000 to see the memories, and by connecting it to the Internet it is already infected.

@gordonfreimann 14 күн бұрын

in the old ie, you could write some javascript code to make the browser download exe file silently and make it run. I actually wrote a keylogger that is downloaded and run once you open the link years ago. fun times

@saop94 6 күн бұрын

How is it possible to get a virus by just connecting to the internet? I thought you have to enter to some web page and accept adds or install something

@fragalot 14 күн бұрын

I don't understand how random file can just suddenly appear like this and be executed. when you popped over to Virustotal and a lot of the malware was listed as a trojan but isn't a trojan something you have to download (pretending to be something else) and execute yourself?

@lPlanetarizado 14 күн бұрын

that just shows you how vulnerable this old OS is, nowdays isnt that easy the thing is if you have a bug that allows you to execute code, you can allocate code to download and execute that dont need the user to do anything

@BlueSheep777 12 күн бұрын

@@lPlanetarizadothis wasn't even behind a NAT...

@lPlanetarizado 12 күн бұрын

thats true....but even then you could get hacked, just not this quickly

@baumstamp5989 9 күн бұрын

you are correct!!

@mad1538 14 күн бұрын

Lsass crashing and causing a restart dialog is very common as it was well known to be very vulnerable

@astrocent 13 күн бұрын

I just dont understand how. Who found you that fast and how did they see you? Just by simply going to Google?

@qazisnotapeopleperson7167 14 күн бұрын

When it comes to windows update. Microsoft stopped allowing OSes using SHA-1 hashing from updating. So patched windows 7 is the earliest OS that can use windows update. You can update 2000 with legacy update i think.