For me, it was boredom and cheapness. Once my trial copy of Win2k ran out and it confronted me with it, I tried hitting ctrl+alt+del. To my surprise, it worked. So from there I was just able to launch explorer.exe.
I was a kid then. Kids these days are finding these sorts of "exploits" in phones and whatnot all the time.
You have to understand the data at a structural level and how it flows through the application. Then you can identify entry points to access that data using non-traditional methods that the developers may not have considered when implementing security features.
