O O Ø O O O O
Kiddie Revisited
If you’ve missed all the kafluffle, it all started back in 2002. A script kiddie took a poke at my server, and made use of a valid email address. Not having anything else to rant about that week, I chased the kiddie down. Much to my surprise, I got a reply.
Even more surprising, four years later I got another reply, this time from the author of the script. Ironically, he likes to call himself “Slikk.”
Well now, Mr. Slikk just won’t go away.
From: Slikk
To: kj
Subject: RE: LMAO LOLOLOL
Date: Tue, 25 Apr 2006 16:43:53 -0400“If only there was some kind of magical remote-control-software…”
Actually, drop the SubSeven talk. Me nor my running partner never infected anyone with that formmail scanner. I simply knew Spaz (Hince [sic]: SPAZDialer.com), or as Mr. Salay. I didn’t infect it with a virus, adware, spyware, password stealer, or anything to that sort. Nor did Mr. Salay get infected unless he infected himself of course. That’s something I could care really less about right now. The fact remains though the formmail scanner has one goal set in mind and that’s to find formmails. Whether or not the formmail got used for spamming purposes or not, you still got owned. Your server was vunerable [sic], and spaz accomplished what he wanted to and that was access your cgi script formmail. Like you stated in the original rant, it is considered a hack attempt or hacking accomplishment with formmails. I remember the email you sent him and I remember him using that message he sent you to shut your fat face. It was rather amusing at the time, and it’s great to have idiots like you in this world. Honestly, are you computer illiterate or just a “I wanna be l33t so i repeat the same shit over and over again!” type of scenario for you? Idiot.
I got owned, did I? Did you even look at the log entry that you so happily quoted in the first place?
141.152.245.82 - - [25/Mar/2002:18:42:40 -0700] "GET /cgi-bin/ formmail.pl?email=formmailed%40yahoo%2Ecom&subject=www %2Ecodetalker%2Ecom%2Fcgi%2Dbin%2Fformmail%2Epl& recipient=spazdialer%40spazdialer%2Ecom&msg= slikk%20and%20drew%20owned%20you%2E HTTP/1.1 Content-Type: application/x-www-form-urlencoded" 404 3682 "-" "Gozilla/4.0 (compatible; MSIE 5.5; windows 2000)"
Take a look at the response code, Mr. Slikk—404. You are familiar with HTTP response codes, aren’t you? If not, let me refresh your memory. A 404 is a “Not Found” error, commonly occurring when the page (or script) in question doesn’t exist. This leads nicely into the subject of skills. Over to you:
“Wow. You sure are l33t…”
What makes you think of an assumption like this? I never said I was l33t, never assumed I was, and never have assumed I was. Why would you think it? Probably, because you’re a pure hater. You’re still pissed your server got hacked in to. Simply, because you failed to accomplish your Administrator duties and protect the server, but you didn’t. You got owned. So, shut up and get on with your pathetic life, kid. As far as my reading comprehension… Why don’t you establish junior high or high school. I’m sure you’re going to use skills you learned from high school than junior high. Junior consist of 6th to 8th grade here. Whether you knew it or not, you failed to get your facts straight before you opened your roach infested, cum-crusted face, kid. Plain and simple, I don’t think I am leet [sic], but know my skills are advanced. It worked on your server didn’t it?
Concentrate, Mr. Slikk. Read before you type. You are making this far too easy. If your skills were truly as “advanced” as you claim, you would know the difference between a 404 and a 200. You would also know not to brag about breaking into people’s computers, from your own IP address, and using your real name.
“First off, wow! It was a formmail scanner!…”
Yes, it was! I thought I would point that out to you seeing as I am talking to someone who uses fragments, run-ons, and repeat of the same words (see word: and) like a million times per sentence ( This is exaggeration by the way). I took reading and I actually aced it. What you failed to comprehend is all the information I sent was false. I did make the scanner, but mixed up your details on purpose to see what type of anger-related reaction I would get from you. Again, I or something I created set a goal to accomplish something against you, and it worked! Nothing gets by you, does it Sherlock Holmes? I also notice and was really impressed with the “Georgia” comment. You are obviously the racist type, huh? Again, you didn’t read up on your facts, because despite I have visited [sic] Georgia, I don’t reside in Georgia. Where I reside is none of your concern, but you take me to be some sort of “redneck” as you would probably call it, but you choose to talk smack on the internet. I bet you don’t get in fights, you run when trouble arrives in your direction, and you hide behind your computer screen. I guarntee [sic] you also dim your lights on your monitor so your mom doesn’t think you’re up past your bedtime either, huh?
Georgia is a race now? And here I thought it was a state.
You seem a little sensitive on the “Southerner” front (what, with all the bother of making up an entire conversation, and pretending that you had it with me). It’s true that from way up here, Atlanta doesn’t look far from, say, Easley, South Carolina.
And furthermore, how about we leave comments like “racist” for conversations that aren’t made up?
“distinction between “me” and “other people”…
I really don’t know, “kj”. Please point me in the right direction, professor. I just don’t know what I would do if you weren’t so intelligent. Well, I would, but you’re really not all that intelligent. You got mad, and posted my email on your poorly design [sic], coded, and disgusting layout you call your “website”. Maybe you call it something else, but if you actually want to go in to education, try brushing up on your english grammaer [sic], and html skills, because they’re very slack right now.
I’ll take that under advisement.
Incidently, attacking my computers is one thing. Attacking Ev’s lovingly crafted XHTML is a whole other level of stupid. You do not want to make him angry. Have you not met Yoda?
Now, I am sure and positive you’ll email me back and run my email text through a spell check and check for grammar errors, because all you know is the old “your english sucks”, “omg, you’re not educated and im [sic] so cool!”, or “ill [sic] post you on my website again, boy!”. Right? No? Ok. Lets predict how your next email will look like. You’ll say I can’t read, then try to change your story AGAIN, and you’ll end it with telling everyone how you’ve been a homosexual for years and would love to come out the closet? Oh, I forgot. You’ll also rant about how you think you’re so much better than everyone else, nerd. Grow some balls, and do something. Don’t run your mouth on the net like a pussy.
Let me get this straight, Mr. Slikk: you are against people who “run their mouths on the net like a pussy”?
Last I checked, you send an unsolicited message to a random address you found on the internet, so that you could “laugh in the face” of a “newbie.” That sounds to be the very definition of “running your mouth on the net like a pussy.”
And I like the homophobia, by the way. It adds a nice credible touch to your comments.
ACTUALLY: I’d like to request my personal informaton, email address, and IP address be removed from the website or I will report you for posting my information without given permission. If you don’t think it will work, try me, because if you don’t remove it within the next 3 days, it will be reported over and over until something is done about this. I don’t need spammers spamming me or anyone knowing my IP, because I am scared you’ll hack me! LOL. Peace, newbie.
Whatever gave you the impression that information sent to a random email address somewhere on the internet would offer you any expectation of privacy? You initiated this, Mr. Slikk, first by attempting to penetrate my machine, and then by writing me to brag about this fact: “Slikk and Drew owned you,” said the log message. “I, John or my handle, Slikk, and my friend drew, alias Split, created that formmail scanner,” said you. That’s a pretty damning confession, Mr. Slikk.
And as for reporting this incident: that’s a wonderful idea! What’s the statute of limitations on computer crime, Mr. Slikk? I think both the FBI and Homeland Security are quite interested in computer crimes, especially those committed across state lines. Was your formmail scanner ever used against US government machines, Mr. Slikk? If so, the PATRIOT act considers you a terrorist, and you know what happens to terrorists in your country. You have already admitted to authoring a tool designed to exploit vulnerable machines on the Internet. What are the chances you have never used it youself? Are all your machines clean, Mr. Slikk? If not, I suggest you start deleting things. In fact, I’d recommend taking a nail-gun to your hard drives and buying new ones. Erased data has a bad habit of coming back to haunt you, especially under Federal scrutiny.
So thank-you again, Mr. Slikk, for your damning confession, your empty threats, and your hilarious homophobia. Please feel free to write again anytime!
Kiddie, Escalated
Oh, Mr. Slikk. Why do you want to draw so much attention to yourself? And the lying—”tons of spam”, “contacted three times”—what would your mother think?
The following is an exchange that just occured.
To: abuse@telus.com
From: kj
Subject: Re: Notice Of Complaint - 142.179.159.199
Hello Telus.
We are writing to inform you that TELUS has received a complaint alleging that your TELUS Internet Service account has been involved in unlawful activity. This complaint was traced back to your account based on the IP address used at the time of this activity.
Actually, from my reading, the complainant here has alleged no such thing. He may have mentioned the word “legal,” but he has described nothing which could be construed as breaking any law I’m aware of.
On the other hand, in the posting he seems to be concerned about, he describes a great deal of illegal activity that he has been involved in. Perhaps this is the unlawful conduct to which he is referring, though it sure seems silly to engage in legal action when you’re the one breaking all the laws.
Excerpt from complaint:
Hi, my name is x, and I am requesting a removal off [sic] a website you’re providing hosting to. Whether you’re a internet service provider or a domain hosting service, I need a removal of information or I will be forced to take legal action on further notice. I am allowing up to 5 days for removal or the legal action will be further on-going.
There’s not really much point in protecting his identity here. Mr. Slikk is well known to me. He has been involved in attacks against my website. He has admitted to writing software that scanned for vulnerabilities against my server (and many others, no doubt). And now, he appears to be trying to get me “in trouble.” Funny.
The website http://www.pintday.org and http://www.wooding.org both resolve to the same ip address and hosting. It displays a rant of an email from my email address. However, I have received tons of spam, hack attempts, and people calling my house with no answers due to this post. It contains my email address, ip address, and personal information (first and last name) on permissions [sic] I never granted to this administrator of the website. I have requested to this person to remove it three times now. So, now I am taking actions in to my own hands using the legal system. If I can’t get a response from you or your staff, then I will continue my legal approach towards this server. I wish no harm, but do wish only for my information to be removed instantly. It’s caused quite a disturbance in my lifestyle as of late. Thanks, x
Of course, this is all garbage. The only contact between the complainant and me is reproduced in its entirety on the website in question (for a condensed version, just visit the most recent post.)
But thanks for the heads-up! By all means, keep me posted of any further contact from Mr. Slikk.
Kiddie, Surrendered
And then, as suddenly as it began, it was over.
From: Slikk
To:kj
Subject: RE: LMAO LOLOLOL
Date: Wed, 26 Apr 2006 14:42:14 -04001 . I didn’t realize you were canadian. I am French-Canadian myself (Ottawa).
2 . It’s not a crime to create something, but to use it for abusive purposes it is. Think of Sub-Seven it’s created to yes harm others, but the ones who get in trouble and the people who use this in an abusive way. Beside, I wasn’t stupid. I made it for educational purposes only and users were forced to agree upon the license agreement. I stated the user would be held responsible.
3 . I have actually been caught before in my life of the whole formmail access thing, a bit after that formmail checker was released. Since then I have faded away from the AOL scene, and no longer even condone nor persuade users to do the same. I was caught and luckily for myself received a warning from my ISP at the time (Charter Communications). Next, it would of been a lawsuit. I was 16 at the time of both the program and being caught.
4 . These days I keep it cool. I code and tamper with my website, and play a few of my pc games.
Again, I’m not scared of you or the government, but it’s a mere fact of showing respect. I started the whole parade and I feel I should apologize and not allow it become some internet war. We’re grown-ups so I think it’s time I show the attributes of one. Again, I am sorry for the bothersome and unnecessary comments, and do hope you will accept my sincere apology. Sorry for the trouble. If you would be kind enough to at least bring down my information, but keep your posts as you wish, but at least remove my name and email, and ip too, because I like to play my games without a notification of break in attempts. Good luck on your website as well.
I’ll tell you what—you’ve asked nicely, and you’ve apologized, so I’ll remove the more incriminating of details. But in return, I’d like to make sure I never see any, say, “special” kinds of traffic in my logs from South Carolina.
Thanks, Mr. Slikk. It’s been a slice.
Kjell Wooding
April 25, 2006
OOØOOOODCCLIII
April 26th, 2006 at 1:40 pm
This is just fantastic. Go Kjell!
April 27th, 2006 at 1:17 am
wow! someone learned how to perform a whois lookup by city on possibly dnsstuff.com? you are a sad little aol nerd lololol [x]
April 27th, 2006 at 9:48 am
[x]?
Did you just try to kiss me?
April 27th, 2006 at 12:35 pm
maybe it’s ascii goatse
April 27th, 2006 at 12:54 pm
Actually, that’s the international symbol for Laundromat. Technically he is trying to “Fluff n’ Fold” you.
April 28th, 2006 at 8:34 am
Surrendered? But I haven’t even berated him for attacking my xhtml!
Damn. I was going to call him Jar-Jar and everything.