~~ th3 cryptome.org d3f4c3m3nt ~~ th3 c0nsp1r4cy th30rist [PHC] hi. as you know already cryptome.org was defaced 2/26/03. the defacement stated: hacked by bighawk of hackweiser (bighawk@kryptology.org) later this same bighawk sent email to the cryptome maintaner, denying any involvement in the hack. his initial (published) mail can be read at: http://cryptome.org/cryptome-hack.htm in it our hero (bighawk) states: "Since a few months, a few individuals have been constantly trying to bring me into discredit. I believe this was their next step. Until now these attempts were relatively innocent and could be easily ignored. criminal actions as these i did not expect." ok since most of the people reading this don't understand wtf bighawk is talking about, let me elaborate. for some time people have been somewhat tolerant of this blowhard's egotistical ranting and criticism of others (who are often much more technically skilled and much better looking than the very unattractive Jogchem), until at some point people got sick of him and told him he needed to shut up. since this time, almost every statement made by bighawk on ircsnet has initiated brutal verbal (well, at least typed) ownage of bighawk. bighawk feels he has a lot to prove to the world. why is this, you ask? first let us examine the following urls to defacements of bighawk: http://safemode.org/mirror/2000/08/26/www.goldenvillage.com/ http://safemode.org/mirror/2000/08/26/www.post509.org/ http://safemode.org/mirror/2000/08/26/www.jmpmusic.ch/ these urls, along with others, are often pasted during conversations with the intentions of infuriating bighawk, because he is so ashamed of his previous actions as a scriptkid (or, as he would phrase it now, in his elegant speech -- a malevolent cracker) and would like to be acknowledged as no longer being lame, but as a full-fledged hacker. in his second published email on cryptome.org, derogatory labels are assigned to those "members" of the Phrack High Council that he listed; cracker is often used to described "less skilled" individuals -- he would like to be known as being better than those members of PHC. because of bighawk's past affiliations with cracking groups (World of Hell, HackWeiser, and recently Fluffy Bunny) he wishes to seperate his current actions from his previous, and to show off that he is no longer a "kid". bighawk likes to show off that he finally learned how to program. examples of his emerging programming abilites can be seen on the packetstorm site, i've gone ahead and listed a few links to some various stellar pieces of code (and various errata) that he has written. http://packetstormsecurity.org/0005-exploits/allmanage.pl.txt - brilliant advisory / exploit for a lame cgi http://packetstormsecurity.org/UNIX/utilities/ipgen.tgz - bighawk is learning perl, a scriptkiddie tool for generating ip lists, to be used by scriptkiddies for scriptkiddie purposes http://packetstormsecurity.org/UNIX/utilities/ipgenv2.tar.gz - an updated, more robust version of the previous http://packetstormsecurity.org/UNIX/misc/squirtv1.2.tar.gz - lame perl tool for local stress testing / automated exploitation (known to have never once worked, but bighawk is learning how some of those exploits gov-boi gives him work) i would have liked to have shown you some examples of his "look i read a phrack article on writing shellcode and wrote my own based off the examples" shellcodes, but because of continual ridicule he has removed the links on his website to them, and i really can't be bothered with searching for them. since he's now capable of writing shellcode after reading tutorials, and writing these nifty perl scripts he believes he is a hacker. recently our friend, the big hawk, has received some fame from his software "aesop" that was featured in some article by some guy from cisco or something. bighawk evolved into bigego, because his tool (designed for "bouncing" between those .kr mailservers he owned but didn't install apache on for defacing), to hide his online presence while hacking. ok so anyhow we need to get back to our conspiracy theories about the defacement and the big hawk. it was important to first establish some history of this criminal. bighawk isn't exactly well liked. he does have a big ego, thinking that certain people occasionally "picking on him" is a massive conspiracy agains him. anyhow, moving on . . . th30ry #1: bighawk is tired of being mocked for his past defacements and decides to deface cryptome.org in a way that he can easily disassociate from (it has my name on it, do you think i'd be that stupid?) and then can "frame" those who mock him so frequently for "framing him". a little farfetched? th30ry #2: crytome.org was defaced by a PHC supporter, aware of the level of hatred for this large fowl from some PHC members, and thought it would be a good way to win some kudos from the PHC by causing certain levels of grief to the big hawk. th30ry #3: bighawk defaced it then got cold feet, and decided to blame it on someone else. th30ry #4: some random person did it to be funny and joined #phrack because that seemed like something fun to do. th30ry #5: the author of this document is responsible for everything. this is a stupid game of dick wagging and finger pointing. and ultimately it isn't that important. interesting though. . . th30ry #6: bighawk feels the need to promote himself and his software (aesop) and then draw negative attention to those who crush his big ego, have an excuse to publish his real name in relation to his nickname to draw recognition to himself (look at me mommy, i'm sticking up for myself against the big boys). "i'm a former hacker turned whitehat" blah blah blah. ok this isn't interesting enough to write anymore, so i'll leave this to you to draw your own conclusions from. personally i think bighawk sucks prepubescent penis and should be shot in his sleep. signed in the blood of whitehats, - m3l g1bs0n p.s: bighawk is quite possibly the dumbest nick ever.