Hackety-hack-keeps-yakking-back

Post date: Jul 08, 2011 8:21:57 PM

PART 1: July 8, 2011

Seems like this could be worth saving. One never knows though. Sigh. It is about The Gesture. He said this:

th3j35t3r JESTER ✔ Genuine

RT - @SecMailLists Full Disclosure: Re: XerXes DoS tool Leak. not so 0day now! bit.ly/nz6DSD - lol very amusing. Try harder. #thanks

4 minutes ago

The Jester sure has a spiffy looking Twitter insignia. Not verified, but it is Genuine!

The following is the content of Jester's bit.ly URL, hosted on Secunia's site.Here's the un-shortened link to the following snippet of unpleasant code https://seclists.org/fulldisclosure/2011/Jul/93

Re: XerXes DoS tool Leak. not so 0day now!

From: Laurelai <laurelai () oneechan org>

Date: Fri, 08 Jul 2011 14:42:57 -0500

On 7/8/2011 1:58 PM, anonymous-tips () hushmail me wrote:

Laurelai, nice of you to join us.

How this tool seems to work is it just routes via a literal ton of TOR servers to

open connections to the target... Reminds me of Anonoctopus.c except using TOR.

It does seem to be just as effective as the j35t3rs "modified" version

(read as: he added a GUI) version...

Fellow Full Disclosure Users, I apologise if my CC'ing method is incorrect,

just trying to ensure we all get it :) On Fri, 08 Jul 2011 19:55:02 +0100 Laurelai Storm <laurelai () oneechan org> wrote:

Oh snap.

On Jul 8, 2011 1:52 PM, <anonymous-tips () hushmail me> wrote:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hey guys, thought the world needed this leaked, if only so j35t3r cannot continue

his nonsense with his "31337 0day tool"

http://pastebin.com/raw.php?i=MLFs5m1K Thats the sauce :)

Have fun, and I will be watching this to see when it is patched.

BTW, H.D. Moore, and Fyodor, if you read this, we love you guys :)

~LulzSec

Hmm, well I have just been told by @Sanguinarious that he (or she?) wrote this code, NOT Jester... idk

I found this part from LulzSec on pastebin.

/* The sauce behind the faggotry */

/* This is the original C source code fo the tool that faggot, jester, added a GUI to */ /* and renamed "XerXes". It does stuff. Like use TOR to rape sites... Kinda. */ /* Read the source to understand how it works */ /* Kinda lame. */ /* ~LulzSec */ /* 176LRX4WRWD5LWDMbhr94ptb2MW9varCZP */ /* SET SAIL FOR FAIL! */

PART 2: JULY 23, 2011

For some reason, I thought that LaureLai was the author, uh doxxer, but I could be mistaken.

"I have obtained th3j35t3r's dox! After analyzing twitter traffic from Twitter and also his wordpress blog, I was able to match his email address on both Wordpress to his Linkedin account. I work for Twitter, and officially I am not able to discuss my role or title in this matter. Here is the relevant information of The Jester aka "th3j35t3r". Real name: John Wilander Job: Software Developer at Handelsbanken Last IP login: 212.97.132.112 Email: john.wilander@gmail.com Self described security expert but not a military man (papers on his website). website: http://www.johnwilander.se Education: Licentiate Computer Science, Linköping University (2002-2006) M Sc Computer Science and Engineering, Linköping Institute of Technology, Sweden and Nanyang Technological University, Singapore (1996-2002, one year on leave)"

via pastebin again, see http://pastebin.com/cE6sf2A6.

PART 3: Eight long years later, in July 2019

WHY was I so fascinated by this silly stuff?!

LulzSec with that wine glass has passed into obscurity; maybe The Jester has too.

LauraLai still seems to be around in a new incarnation, having written Stuxnet (she says)

but could there are two LauraLai? Again, idk.

The only person who might ever read this is AsherahResearch. She used to have a blog,

and would analyze these sorts of events in fastidious detail, with lots of explanations.

I still wish I could work for her one day, doing whatever exactly it is she does

in the exciting world of infosec.