Posted by htsbackup on December 10, 2007
Problems. This is what actually has happened in the time that I have been admin for HackThisSite, and all of it's subsites. HackThisSite is a community of (dare I say it) "hackers." Mostly wannabe hackers. This is where the 'noobs' come to learn to hack. This has always been the case, and every single person has been there at one point. I've been with the community (mostly irc for the large portion) for over 3 and a half years. Long time members know me, and know how I act and respond. I am making this statement in regards to multiple... beliefs of other views of me. I "took over" the hackthissite project in September of 2006. Everyone involved at that time was happy that I was taking over (literally unanimous). There was a team of admins, developers, irc opers, moderators, and all the like working together just as anyone would have wanted. Then the first problem arose... Wells, the lead HTSv4 developer, and a highly skilled programmer, had written a trojan horse program. He was using it (named "Mailcrack") to infect HackThisSite members by linking people on irc to the download site. When I found out, I was literally outraged at this. Does this make me crazy? Or a 'bad' admin? I proceeded to ban him from irc in an attempt to prevent spreading of his trojan. This event (me banning the lead dev) caused an uproar against me. Shockingly, not one person was on my side that morning. I was appalled to realize this, but reluctantly removed his ban. Later, I talked to one of the long time developers and current root admin of HTS, "html." She's been with the site as long as I have, but admin/dev on it far longer. I told her what happened with Wells. She had the exact same view as me. Later, I reinstated the ban, as well as 'censoring' his website from being spoken on the irc, in order to prevent spreading of this "Mailcrack" trojan. This naturally caused another bit of an uproar. html and I agreed to make a front page news post apologizing for Wells and his actions. Later, in a private channel, Wells agreed to stop spreading the trojan, and come back to working with the team. The news post was immediately deleted. A day or two later, I noticed some funny action between Wells and another member on irc, named "pacifico." I messaged pacifico, and proceeded to...interrogate him. I found out Wells had lied to html and I, and was still spreading his trojan...just more quietly. Again, banned. Now that I'm typing this up, I really don't see what could have inspired me to allow him to ever come back...Keep reading. During this whole ordeal, Wells has had full root access to HTSv4. At this point (being banned again, 'caught') he proceeded to perform a command "rm -rf /" on HTSv4. That means every file on the server (technically that "jail") was deleted. He then used his acquired 'bots' (from the trojan horse) to DDoS hackthissite.org. He knew of a coding flaw on the main site that would bog the server down to the point that it would start denying access. He did this. Lasted for quite awhile... html finally rewrote the script to not even allow it to 'check' unless implicitly called. In the end, after this 'problem'... Wells came back to work on HTSv4, and apologized (to me), stating that he realized my actions (banning him) were actually exactly what he would have done, and commended me for them. Here comes number 2... One night, I get home and hop onto irc. My client is always connected, so I was able to see recent events. The first thing I notice is three users "having a go" at each other, 2 vs 1. On one side, scenestar and Codewebs, using racist slurs and whatnot (which at the time were specifically listed in the rules as a 'no-no') against a newcomer, who in fact was a black man, and truly disliked racial slurs. I silently watched as the first two berated this newcomer, named "blackatk." In the end, scenestar (who had op) kickbanned blackatk. At this point, I'm severely angered. One of my own ops just banned someone, while being a complete racist to them? Not in this community. I immediately banned scenestar from the channel, just like he did to blackatk, and removed the ban on blackatk. I removed scenestar's access from the channel as well. This sparked a conversation with this "blackatk." Once he realized my position on HTS, he wanted to talk, on the phone, immediately. We talked for the next couple hours... He lead me to believe that he ran a somewhat secret company in the computer security field. He explained that he has many 'hackers' that work for him, as well as ties to the federal government. What interested me about this character was his interest in hackthissite... HTS is well known for being the starting place, or otherwise "n00b infested." So what would an 'elite' group want with HTS? I'm not sure. But I'm not stupid either. I played it out Over the course of either weeks or months, I'm not sure, blackatk had a small group of people "involved." Information about him spread around, and Jeremy, founder of HackThisSite, found out. He merely heard that blackatk was related to the federal government, and immediately wanted him gone. I couldn't care less, but that would ruin my plan on finding out the truth about this "blackatk". blackatk stuck around for quite awhile. He was silently recruiting people (apparently) and just waiting for *me* to tell him what to do. Or something like that... I'll pause this problem for now... Lovely lucky lady number 3. Scenestar. Ironically, his nickname actually explains pretty much everything I'm going to divulge about this unique character. scenestar had been a developer for hackthissite for a long period of time. When I "took over", it was OutThere and scenestar running RootThisBox. OutThere had a problem of lacking to be around...like...ever. Finally, I gave the word to scenestar that he was running the RootThisBox subproject of HackThisSite. There were problems with this before we even started. RootThisBox has always had the address of http://www.rootthisbox.org . The problem was, during the period of time before I "took over", we had lost access to the registrar that held this domain. We were, at the time, using http://rtb.hackthissite.org. This starts the 'real' problem that came out of this situation. A few days before the expiration of 'rootthisbox.org' scenestar and I talked about it. I had a plan to 'snatch' it right as it expired. scenestar managed to muster up enough cash to buy a new server, and unbeknownst to me at the time, a new domain, rootthisbox.net. Ahh yes, some of you have heard of it. Let's continue... The night before the expiration of rootthisbox.org, scenestar told me he has ordered the server, as well as the domain. I told him not to worry about the domain, but it was already too late. Well, alright, I guess we can prevent people from attempting to pull off a similar site, like hackthissite.com (this site frames the real hackthissite with ads, but I wrote a script on hackthissite to skip past it). At this time he's telling me this, I had checked the registrar for 'lost password' info (for rootthisbox.org). I then noticed on the WHOIS record that the email address was actually @hackthissite.org, which I had access to. I set up a working email server that night, just hours before expiration of the domain that we had for a few years. I got the pass, logged in, and bought the domain again. Saved. scenestar had claimed he wanted to run a hosting site on his server, as well as possibly using it for a roothisbox 'box' (user submitted boxes are used for rootthisbox as a challenge to hack into). scenestar had made it apparent that he did not like FreeBSD, which was the current OS on the server hosting the sites. That was part of his wanting a new server, for him to work off of, using Debian. Again, cool, whatever. The problem itself begins to manifest itself. At this time, we're using the original, and official, rootthisbox.org domain. It had been this for years, and was under my control, which as my position I'm the main system administrator. I suck at being a dev :( Anyway, scenestar made it known that he wanted to move 'rootthisbox' to his server. At this time, I felt that it was ok, because scenestar seemed like an ok guy. criticalsecurity.net was being hosted by Sid/WhiteAcid. I had the IRC in my bedroom (don't ask, long story). I had hackthissite.org on the main server, DNS on another server, etc. My thoughts for doing it like this was in the event of a DDoS, only one portion of the community goes down. Wow did I make a mistake allowing scenestar this... One day, I notice on the front page of HackThisSite.org, that scenestar has made a news post stating the rootthisbox is moving to .net, and not .org. That right there is a breach of trust and security in my opinion. He did not tell or talk to any of the other admins/devs of this 'move'. We all felt that it was inappropriate for a single person to make a decision like that. At this time, I pointed rtb.org to hts.org. scenestar and I faught about it, and in the end, I called all the admins together with a list of reasons as to why scenestar should no longer be a part of this team. He had tried to 'officially' make a major decision without talking to anyone, and that's a pretty damn big decision he made. Also, on his server, he had implimented ads. I personally didn't want ads on any of the sites (special conditions for the ones on hts.org) but it was just google ads. Then I hear he also signed up for a 'firefox' click ad that got him money on each click. Annoying, but fine. Then I hear he installed "IE Destroyer" if I remember correctly. It was basically a popup, that happened on EVERY page load while using Internet Explorer. This means that more than half of the users to the site get a popup on each page. What did it say? It said to download firefox, with a link to the download right there. A download that would give scenestar money. At this point, he has literally tried to steal the rootthisbox project away from ALL of the hackthissite admins, without telling people. He is also attempting to make money off of it. This is a non-profit group. That means no money making required. I myself removed the paypal donation link from HackThisSite, because it's non-profit. The admins, and some others, relevant, held a vote. It was a unanimous decision to remove scenestar. Now somewhere in here I forgot to mention that he rm -rf / the rootthisbox (on my server). It was during our 'fight' about the domain and moving servers. I also forgot to mention that when he was working on rootthisbox, he managed to 'code' a layout that wasn't too bad. Except he didn't code it. Someone found where he stole the layout from, which later he confessed to. Now, during this whole issue... I found out that some time in the past, scenestar had managed to rm -rf / hackthissite.org. Had I known that, I would not have given him control over such a large portion of the community. He was eventually removed. This 'problem' isn't over. People have told me on many occassion that scenestar was crazy. I knew he wanted money, and enjoyed power. I didn't quite know how 'crazy' he was until after this. After this, he started hating me. And I mean truly hating me. I received multiple death threats from scenestar, stating that he would kill me, and/or make my life miserable, and everyone in my personal life as well... He's on the opposite side of the planet... I felt no harm coming from a drug addicted lunatic(this is a fact). He continued to try to persuade people to come to his rootthisbox.net site, which at the time was just another premade downloaded script. Let's put this one on pause... Problem 4, or problem 1, again. Wells, once again a nice working developer for the site. A short time before this incident, the last remaining 'core' admin, html, had decided to quit. -----BREAK----- Before I took over, there were 4 admins. IceShaman, html, Jeremy, and archaios. I replaced IceShaman - Silent-Shadow, html, Jeremy, archaios. archaios 'left' - Silent-Shadow, html, Jeremy Jeremy was sent to jail - Silent-Shadow, html scenestar was 'removed' After a bit, html and I treat Wells as a core admin - Silent-Shadow, html, Wells html quits - Silent-Shadow, Wells (kinda) -----BREAK----- So now that html is gone, there is no one working on the current HackThisSite. No one really doing anything with RootThisBox. Wells was kind of working on HTSv4, but as he recently got a job, that was more and more...put off. IceShaman was also working on HTSv4. A few days after html quits, I get desperate. I have 0 people. I start grabbing people I trusted, people I knew wanted to help, etc. Wells messages me one day about an issue with HackThisSite (coding problem) that he wanted to fix. At this point, I needed help. I gave him access. This was the same day a public transit bus (full sized) ran me off the road in my new (used) car. I was stressed. Near wreck, no devs, etc. I gave him access. What happens? Less than an hour later, Wells has zipped the hackthissite source, as well as the database, and uploaded them to his server. Then he said he quit. I had just filed for vacation due to the stress from the near car accident. And now I get this? There goes my vacation. One day passes. scenestar, with rootthisbox.net, has downloaded the copy of hackthissite, and is now running a broken clone of hackthissite. I saw this as somewhat of a problem, just because scenestar has been trying to accomplish what his name suggests, for the last several months. He's quite a pest. I now have a small dev team that is very eager to work. First thing done is some bug fixes. Over 40 of them. Including some mission fixes. And then some new features. At this point, we're 6 months into my 'term' as admin. Things are happening on the site, etc. Wells claims that if things stay good, he'll come back. scenestar, of course, is just causing problems because he *hates* me. Back to problem two... blackatk and his 'crew' of elite hackers for his 'company'. At this time, nothing could have made me happier than to see rootthisbox.net go down. Now, blackatk, having said 'federal' ties, should be able to accomplish this. Hell, scenestar is running a site identical to hackthissite.org, which at the bottom states this, and I quote "This site is the collective work of the HTS staff. Please don't reproduce in part or whole without permission." I gave blackatk all ISP and host provider contact info. blackatk informed me he also contacted someone at the FBI. Now remember, I've been 'dealing' with blackatk for nearly 5 months at this point. Not once has anything he said actually been proven. This is the first thing I've asked him to do. So what happens? We go into a private 'meeting' channel, #0ps. Inside are 4 people. Me, blackatk, a user name bri3d, and a user named Huggles. Both users are/were HackThisSite members. He proceeds to initiate an "attack" on rootthisbox.net. I waited for anything relevant in the channel. Finally, I just do a port scan, paste in the channel, and go idle. bri3d was afk, so it was blackatk and Huggles. Huggles... isn't exactly what I would call 'skilled'. In any case... nothing got done. This was no suprise to me, because at this time I had figured blackatk was a fraud. Reasoning? Why would the owner of a computer IT security company stick around HTS for 5 months waiting for me? Some had make accusations that he was a "fed". If that was the case... why the hell would the government give a rats ass about keeping someone here for 5 months? There were far too many holes in his story, and after failing to take down rootthisbox.net (which I had the ability to due, as I had contacted the ISP before talking to blackatk). I told the ISP to keep it up, and let me know of any 'problems'. None arose. Blackatk had said he even got the FBI involved. (Why would the FBI care about two feuding hacking sites? Especially if the problem site is international?). At this point, I gave up on blackatk. He had no skill, and his choice of people were shockingly poor (except for a few). Somewhere before this next part, I finally "went off on" blackatk, and told him to never return to HTS. Huggles went with him. I managed to obtain a log stating that I (Silent-Shadow) needed to be 'dealt' with, as well as orders to sieze my computers, and remove my from HackThisSite. (It AMAZINGLY never happened.) Blackatk was a fraud. Damn good with psychology though. So, everything goes quite for a bit. scenestar is still running a clone of hackthissite, and it has it's ups and downs (some dns problem, which ironically blackatk claimed credit for). somewhere in the last couple months, archaios came back, and was given protected op status in the main channel on irc. One of the developers, Truth, had a problem with archaios, and likewise the reverse. It's all just IRC drama, and always will be. One day, while I'm at work, having the usual stressful day, Truth messages me. We talk about something that happened earlier in the day, then he mentions wanting to be unbanned from #hackthissite. I ask why he's banned, as I didn't know what happened. The reason was "cock jokes". He went on to explain that he was making cock jokes, and out of nowhere, archaios kickbans him. He pasted the time that he was kicked as 20:47 (not sure on the '7'), which is 8:47 his time. We have a 3 hour difference, so that's 5:47 my time. At the time he told me this, it was 6:45 my time. This was one hour after he was banned, and we had been talking for about 15 minutes... After arguing a bit, and disputing a few things back and forth, he makes it clear he wants to be unbanned. He made it clear, and specifically noted that he's one of the "last active developers". In other words, he was saying that if I don't unban him, he quits. It's a simple form of blackmail, because he knew I didn't want him to quit. At the same time, I'm not going to bow down to such demands. How would that look for someone in my position? I'm the last remaining core admin, and developers have the power to control me? I told him no. But, I logged into irc from work, and took a look at what happened. <IceShaman> no you were bang on <IceShaman> well, no banging for you with that small thing <Truth[laptop]> My petite cock? <wired> chode <Truth[laptop]> My little rod. <Truth[laptop]> My itty bitty poker. <IceShaman> you don't want a poker <IceShaman> you want a choker <Truth[laptop]> My miniscule wankstick. <Truth[laptop]> My teeny clittickler. <IceShaman> archaios <IceShaman> I think you should stop spelling it misspelt <IceShaman> that past participle was coined by Shakespeare, and I'm going through a hate Shakespeare phase <IceShaman> so, gogo misspelled <Truth[laptop]> My modest muff-pusher. <IceShaman> Truth, honestly, your cock is too small to be adequately described <IceShaman> by your clever witticisms <Truth[laptop]> My stunted babyflute. <IceShaman> babyflute? <IceShaman> paedophile <Truth[laptop]> well I was gonna go for babymaker <IceShaman> PAEDOPHILE <wired> lol <Truth[laptop]> my insufficient spermbus. <archaios> shut the hell up <archaios> you're talking shit <archaios> both of you <Truth[laptop]> my inconsequential vaginastuffer. * Truth[laptop] was kicked by archaios (I told you to stop that undersized loverubber. * archaios sets mode: +b Truth[laptop]!*truth@HTSUser-A32449A0.cable.mindspring.com * Truth[laptop] was kicked by archaios (that was a mistakees, but even the NORMAL stupidity is more sensible * archaios sets mode: -b Truth[laptop]!*truth@HTSUser-A32449A0.cable.mindspring.com As you can see, he was actually warned, as was IceShaman, for the 'cock jokes'. At the bottom of this, you can see that he was unbanned. These aren't my logs, but I remember the time difference. Truth had been banned for less than 3 full minutes. Remember, we're talking about being unbanned, a full hour later. He was already unbanned before even talking to me. He had been warned. He then threatened me with resignation if I did not unban him. I presented this information to him. He tells me that because I had allowed archaios to come back, and Truth wanted to still help out, that he had /ignored archaios. For me. Thus he never saw the warning. I asked him, repeatedly, who's to blame for this problem today? I never get a straight answer. Eventually, he quits. He has done this in the past, thrown a little tantrum over irc drama, etc. Hell, I do it. The problem was this time he had access to the site. He made a front page news post stating that he quit, and that he couldn't work with me. He also noted that scenestar, for lack of a better word, 'sucks'. I deleted that post. I had not removed Truth's access because I felt he would realize that it was his fault, and come back, and continue working. That didn't happen. Truth rewrote several of the php scripts on the site, including backdooring various locations. He even hardcoded some content into the scripts so that even though it was gone from the database, it was still displayed (which was confusing as hell I might add). At this time, due to security reasons, I had firewalled him from both irc and the site. I didn't want him trying to gain access to anything after what he did. We fixed a couple of the hardcoded 'stuffs' and some random db things. Then 'it' happened. Truth gave Wells (who at this time is wasn't being helpful, and was basically helping mess things up more) access to the backdoor. Wells proceeded to give every user admin, while removing the admins privledges. They overwrote all news items with a link to one of Wells "sites" where he makes fun of both HackThisSite as well as the founder, Jeremy. scenestar finds out every user has admin...including him. He also makes a couple front page news posts. I saw this some time after it happened. I don't know how long it was up like that. scenestar had managed to post his propoganda claiming that I'm crazy or something, and that everyone has moved to rootthisbox.net. I took down the site in less than 20 seconds. It was down for 3 days, mostly untouched. I was waiting. Watching, of course. Hell, my name even implies it. Finally, we work on the site, bring it back up. That the morning of this writing (which has now passed midnight, so I guess yesterday morning). Throughout the day, as I had launched with the same code that might have been tampered with due to the backdoors, I was repeatedly checking the site. Nothing 'bad'. Good. I was also looking at scenestar's site. On the front page, he has this news post... ------------------------------------------------------------ 28/04/07: Silent-shadow fails at life by scenestar Fucking commit suicide already and instantly become an hero. Your life is pathetic meaningless lie and you know it. ------------------------------------------------------------ And I'm crazy? He's pissed off because I took from him the power that he loves so much. As I look, I notice that the comments on this news post have grown quite a bit. I realize that while I had HTS down, people had come to RTB.net. Here's one of the comments... ------------------------------------------------------------ By: Heemlo - 04:12 am Sunday May 06th, 2007 Report this post are there people actually using this site, not realizing it is not the real one? and how did no1 catch on to the fact that silent-shadow is crazy lol ------------------------------------------------------------ how did no one catch on that i'm crazy? Because obviously I'm not. Ask any sane person around, but be very careful if you choose to give scenestar or his website even a moments glance. He also linked to a forum post on his site... Here's some snippets ------------------------------------------------------------ for those not interested to read through all the text here's the summary: -- Founder jeremy hammond is in jail, All active staff were forcefully removed and new staff members are suspected FBI informants ready to arrest members. Current admin silent-shadow is a Fucking traitor Join rootthisbox.net today to rebuild the community we care about so deeply. ------------------------------------------------------------ Founder in jail? True. All active staff forcefully removed? False. scenestar was the only one 'fired'. The rest quit. New staff members are suspected FBI informants? False. I don't even know what to say to that accusation. The only reason I can think of him using that for his reasoning is because of my actions involving blackatk which ironically in the end proved to be that he was a fraud. These FBI staff members are ready to arrest memebers? False. LOL - I actually laughed on this one. Current admin Silent-Shadow is a "Fucking traitor"? I won't make a true or false claim on myself. I have been told by some, including html (the last core admin) that I'm the best admin HTS has ever seen. On the other hand, I have a group of people who truly dislike me (Wells, scenestar, blackatk, etc). I will AT LEAST say I'm the most controversial admin. If you read the rest of his forums post, he actually talks about blackatk himself! I talked to Truth about what he did, and he realizes he shouldn't have done what he did. He accepts the responsibility of what he did as well. I have been "running" hackthissite for the last almost 7 months. Things HAVE improved from the time I became admin. Things in the background have gone up and down...a lot. We have devs leaving, admins leaving, and both coming back or being replaced. I know my decisions aren't always the best, or the 'right' decisions. But remember, in problem one, when I banned someone I knew was infecting users with a trojan, I had somehow made myself the enemy because of WHO it was. The long standing members of the community felt that I should have allowed Wells to do as he saw fit because of everything he did for HTS. I thought about that actually... What has Wells done? He coded a very large portion (like 90% or more) of HTSv4. Which has been in the making for over 2 years... Sounds like a lot... but in two years? That's barely anything. What has he done against HTS? rm'd the files for v4 once. People argue because it was HIS code, he should have the right to. Fine. What about infecting users? Or DDoSing the site on a vulnerability he knew about, but didn't tell the people (me or html) where it was (not that it wasn't hard to find...). What about when he released the source code? Which scenestar then used to impliment a clone of hts... Or what about when he used Truth's backdoor to mess up the sit even more? Now, I don't hate Wells. Hell, I like the guy, but I don't like how he has dealt with and handled HTS. He's an amazing coder. Pure skill. But his actions show his character. Wells has the capability of being a 'nice' guy. He also has acted exactly like scenestar. When he used Truth's backdoor, he overwrote every news post. Here's a snippet "Silent-Shadow is a fed. He is destroying hts." That's a copy and paste (I saved a snapshot of the defaced homepage). Ironically... It claims I'm a fed. People have been doing that for awhile now, and anyone that actually pays attention knows I'm not a fed. But let's take a look at the second part... "He is destroying hts." I've been paying for the servers the last 7 months. I've been trying to get people to work on coding new content and missions, as well as fixing the site. I've personally had to go in and fix things that others had broken: I had to rebuild the HTSv4 jail when Wells rm'd it; I had to remove Truth's backdoor, as well has manually fix all of his scripts; I had to set up a new jail because of what scenestar did to rootthisbox. Wells claims that i'm destroying hts, when he's the one that has botnetted (ddos), infected users, released the source, and everything as such? Silent-Shadow is destroying HTS? False. I wanted to end on more info about scenestar. People have gone to his site, and actually believe what he has stated. They believe it to such a shocking degree... ------------------------------------------------------------ By: Heemlo - 04:12 am Sunday May 06th, 2007 Report this post are there people actually using this site, not realizing it is not the real one? and how did no1 catch on to the fact that silent-shadow is crazy lol ------------------------------------------------------------ I can only tell my side of the story. My side is this... scenestar, in the last few months, has done quite a few things to me, against me, personally. I have a voicemail on my cellphone where he claims he wants to kill me, or make me suffer, as well as everyone in my personal life. I plan to host it as soon as I find a better method of recording it than just holding my phone to a mic. He also, after launching his clone of HTS, put the HTS source and database files onto thepiratebay.org, a torrent site. In the comments, he had something like... "And don't forget to give the current HTS admin Silent-Shadow a call to remind him that he is a child molesting paedophile that doesn't deserver to live" Which was followed by my home address and phone number. Because of everything he has done, I finally firewalled him from hackthissite in an attempt to not let anyone succumb to his lies. He evades every wall of protection I can put up. He also had some users from the xelix irc network helping him out. He's managed to convince a shocking amount of people that I, Silent-Shadow, am the bad guy. Am I? His site has a front page news post saying that I should die. I have a front page news post stating the entire story from when I started running HackThisSite. I'll let you decide.