Wordpress (Automattic) Supports Right Wing "Patriot Hacker" "th3j35t3r" (A Wannabe Jack Bauer of the Internet) Targeting US State Representative and Wikileaks
Wordpress (Automatic) condones DoS, hacking, and cracking attacks, while censoring blogs that publish publicly available information available via a simple Google search.
Related:
http://pastebin.com/vykQ70Ba
Ok. This is a small reminder and message to anyone that claims they have, "dox'd th3j35t3r."
Here is a small list of his older apparent "dox's."
http://pastebin.com/cE6sf2A6
http://pastebin.com/CwRz4zcw
http://pastebin.com/m74tyWuj
http://pastebin.com/a2dksxjc
http://pastebin.com/Uc0xfGp0
http://pastebin.com/XyejCBLC
http://pastebin.com/a51ELVbB
http://pastebin.com/k0XBytWu
http://pastebin.com/ZA3mCmKF
http://pastebin.com/ZAxBWKi8
http://pastebin.com/qnQYF64s
I count 11 ^^^
Yet they're all incorrect.
Or at least I'm sure people have looked into each case, then concluded that it's not him.
Here are a few of the people dox'd as "jester."
Real name:
John Wilander
Real name 2:
Robin Sage
Real name 3:
Stephen Stone
Real name 4:
Casey Gardiner
Real name 5:
Beau Colvin
Real name 6:
Matthew Mullenweg
Real name 7:
Robin Jackson
Real name 8:
Hugh De Luc
Real name 9:
Christopher Barnes
Real name 10:
Zak Knight
Real name 11:
Ryan Thomas
Real name 12:
I call him dork, but he goes by "Elvis" --> http://pastebin.com/iMzUxdhR
Real name 13:
Ryan M Berg
Real name 14:
Eric Kabisch
Claim proving that one of the dox's was indeed fake:
http://pastebin.com/cirqixzT
Get this through your heads, because apparently the message is not clear.
There's no information about "The Real Jester" Here. You do not have any. Apparently "no one" does either.
So quit making these, frankly i'm sure he stopped reading them after they clocked 12 as well.
~ _St0rm
http://reapersec.wordpress.com/2012/03/13/th3j35t3r-and-qr-exploits-exposed/
th3j35t3r and QR exploits exposed
Greetings my children, I have been watching this but it appears no one has commented on the grand th3j35t3r’s epic fails and mistakes in his blog post “claiming” he pwned terrorists. Now, I would like you to refer to this image while we embark on a magickal train ride of fail.
So, you start out with this “highly targeted and precise attack, against known bad guys, randoms were left totally unscathed.” which is rather laughable at best. It appears only terrorists use QR codes and no innocents at all would ever out of curiosity scan it and look? You go one to claim using the “CVE-2010-1807 “ exploit and this is where the epic fail just starts. CVE advisories are numbered first by the obvious CVE prefix, the year, and the exploit number for that given year. So without even checking the advisory, you are telling me you are using a 2 year old, well known by now, and patched exploit? Do you have that such a low opinion and under-estimation of “terrorists” that they are using such outdated software and/or firmware on their “devices”? Should I mention Android devices have the ability to do updates the same as iPhones (newer versions of both can do auto updates)?
Now you claim “iPhone or Android devices” as your “known and narrow vector to exploit”. You do realize that shellcode is OS dependent AND device specific? Right…? This is like trying to force an execution of a windows program on a Tandy TRS-80, it just isn’t going to work. From your post you mention no such device detection is in place, there is nothing in the POC for this, and it just seems frankly, to be made up combination of technical terms with minimalistic grasp.
“Now for the really clever bit…” I almost peed myself at what was next, this is just pure fail on levels I am personally unable to express in words, but we shall try, oh we shall try. Netcat is unable to handle multiple simultaneous connections and it is not in any way a automated tool. Honestly, it would be more believable if you coded your own automated tool to download the phone’s data than this story. Netcat is far from an optimal tool to pull this rather outlandish story that smells rather bad off. So this is the magic command the shell code runs “nc -v -l -p 37337 -e “/bin/cat /etc/motd”". He implies he has a super secret script running in place of printing the motd command. This, as he gives as an example, but he obviously did not read his manual. This would require a “-L” for a persistent connection, assuming he didn’t do “while [1] do jester_elite_netcat_command done”, which he does seem to imply he used. This also assumes that he will not take too long downloading his data from the devices possibly missing some other probably innocent persons cell phone data. I am not knowledgeable as to how such data is stored on such devices, but I have doubts over coding such a script to do the performed functions. This would require extensive research into all the major twitter clients and associated software, not to mention the the email clients, etc.
There is also the issue of the information possibly being stored in binary data and the availability of text processing commands on a embedded device. Then there is how do you extract data from binary data on a restricted/embedded system… The only optimal solution is a native executable installed to the device to do the dirty work, and multiple versions for compatibility/architecture. Either way you look at it, this is a very non-optimized method, and is prone to intelligence being lost.
“EVERYONE else without exception was left totally ‘untouched’ so to speak. This was a Proof of Concept QR-Code based operation against known bad guys, the same bad guys that leak YOUR information, steal YOUR CC nums, and engage in terror plots around the world. “
I don’t really see the proof of concept taking a 2 year old CVE advisory, and exploiting people in mass with it. This rather reminds me of doing the same things the guys you claim fight would do, hypocritical much? How do you define the “bad guys”? How do you know they are “bad”? You seem to imply by listing “Anonymous Members” in the bunch that all anonymous people or related to “leak YOUR information , steal YOUR CC nums, and engage in terror plots around the world”. Are you that bigoted and single minded to classify all anons as credit card stealing terrorists? Granted I am not a fan or support anonymous but I not that full of blind bigoted hate.
Also see:
http://insurgencymod.blogspot.com/2011/06/toni-schneider-ceo-automattic-owns.html
http://insurgencymod.blogspot.com/2011/04/wordpress-censorship-hypocrisy.html
IMSIDC73D2A32BFA44F80738E96FFE95B7BD64CFD8862