This is teh story of how Royal Caribbean should rethink their IT security. lel. Prepare for some atrocious grammar. Engineer just don Kare.
First day on the cruise, Guandi97 and I were forbidden from bringing our laptops. This was a family vacation they said, no laptops! Doesn’t matter, Guandi97 don’t give a shit. MacBook Prestige level 9001 appears out of nowhere. Engie was blocked from bringing his powerhouse W530. Too bad, Raspberry Pi to the rescue. If you can’t bring it…build it.
Even before everyone had gotten on the ship, we were already set up for launch at the onboard Starbucks. Attempting to get some “Free Internet”.
Because of the lack of time and knowledge, we had decided to hit their Internet Cafes first. Scout out some vulnerabilities and attempt to access the internet through the Ethernet ports. Unfortunately, we were met with login paywalls again and again. This needed to be dealt with! But not before we fudged up their desktops. IT Department can’t stop us! hueh hueh huehcopter incoming.
All of the desktops were lockdown hard. But we did find that some old tricks still worked. Including systemCMD.COM and Windows + R shortcut key. We were able to launch Paint. Havoc ensued. We still can’t believe people believed our shit paint job. “IT Working. Do not use.” Might sound legit. But…lenny face? lolwut.
These signs stayed up for at least 3 days.
*Backgrounds courtesy of Guandi97’s OP Paint skills
We even attempted to create our own IT badges. But once we saw the real IT guy, who actually wore a uniform with a legit looking badge, we threw ours out. For obvious reasons.
We managed to get “free internet” heuh heuh
That’s not to say we didn’t have any trouble along the way. Several times we had to instigate operational room lockdown. Too many a times, random bystanders would walk into the room. Two people even had the galls to ask us if we were “hacking”. Dafuq, monica. At one point, we even had to go on full red alert, abort mission and run around the cabin corridors like SHTF.
Much of the technical is documented here: https://github.com/Jyang772/MacSpoof
The script was created afterwards, borne out of extreme laziness.
- Ethernet ports are unprotected. You can access the printer control station from any port conveniently labeled with the IP range 10.0.0.0…
- No one batted an eye when we took out a Raspberry Pi and started exploring their network at the Starbucks. Cables everywhere, screen flashing with text, looking like l33t haxxors. Even though we got plently of looks on the airplane to Florida.
- Need to plug in an HDMI port to stateroom TV? Just unhook the HDMI cable used by Ship TV and plug in your own device. No need to call IT for an adapter or use a universal remote to bypass the menu lock.
- There’s so much to explore on the ship, particularly with IT.
- IT guy works in card room on deck 14 of Oasis of the Seas. Broken mesh panel allowed us to access one of the desktop’s towers and plug in a Fedora live usb. “Prepare thy anus” was announced. IT guy didn’t even notice, probably on Reddit or Imgur.
- Woman next to us didn’t understand the one device logged in only plan she purchased. ( ͡° ͜ʖ ͡°)
- wpa_cli reassociate doesn’t seem to work properly for protected networks. Doesn’t matter, “royal-wifi” is unprotected anyway.
- Computers in Internet Cafe are pretty locked down. Nah..
- black hat stuff.
- Once we had access to Google, it was game over GG. Ship’s IT security stood no chance against our Google Fu.IT Guy works