December 2, 2004

Boxocide interview

Session Start (AIM - torque:boxocide): Thu Dec 02 11:43:33 2004
torque: are you the boxocide of boxocide and esx?
boxocide: possibly

torque: only possibly?
boxocide: yes, only 'possibly'

torque: Well, assuming that you are, i have a couple of questions... I run a little blog that was recently defaced (actually, my entire domain was defaced). It took some time to recover, but I quite appreciated that most everything was left intact. I'm interested in interviewing you for the blog, as well as understanding in more detail what the holes were in my setup.
boxocide: sure.

torque: Tell me about yourself.
boxocide: I'm young; still in my 'teens'. I have been programming multiple languages for quite some years now and have aquired a great knowledge of computer hardware and software. Not only do I like computers, but I play bass, and I love taking apart my toys :-)

torque: That's fun. In my (minimal) spare time I enjoy jamming on my acoustic guitar. Haven't quite picked up the bass yet though. How did you get started in computers?
boxocide: I started playing Quake2 when I was in grade 5, and I started trying to learn HTML to make my clan a website. From here I slowley started getting into "border-line" illegal activites.

torque: Wow, I feel old now. I remember when Quake1 was introduced. I was a Doom junky in college. What is your long-range objective? Where do you want to be 10 or 15 years from now?
boxocide: Hopefully not behind bars. :) I'd love to become a security teacher, However; I'm not the most motivated in my school work as I should be to get a computer science degree, or something of that nature.

torque: Are you currently working on a college degree?
boxocide: Nope!

torque: What do you think are your greatest strengths? You mentioned teaching, have you been able to do anything informally?
boxocide: Some people say I'm quite the 'social engineer', I love talking to others; I teach my friends how to do certain things with computers and even my teachers!

torque: I'd like to jump back to your statement about "border-line" illegal activities, how did you get started? Was it experiment on your own? With a group of people?
boxocide: Hahaha, I was defently a little script kiddie; playing around with trojans. Until I started getting more in depth with computers and they internet -- Learning protocols and seeing how I could manipulate systems into doing something they shouldn't/or be stopping.

torque: What is the most interesting thing you have done in terms of making a system do something it shouldn't be doing?
boxocide: That's a tough question, I generally tend to just expierment with different applications and try to make them do silly things! Especially gaming, I love 'hacking' the game! I'm going to have to say the most exciting thing I did though would have to be ... I couldn't tell you, I'm not even sure! :-P

torque: So, why "boxocide"?
boxocide: haha, because I couldn't think of anything else! I use to go under an old alias; which I won't reveal even though a lot know ;p -- however, it means "to kill your box" -> box as in, your computer: icide, to terminate. I just used ocide instead of icide because it sounded funner ;)

torque: Clever :) Are your activities politically motivated?
boxocide: Hahaha, not at all! I just like having fun! Making people think I'm some crazy nazi or something!

torque: So you aren't a crazy nazi then. :)
boxocide: ... Unfortunatly!

torque: How do you select which sites to attempt? (Read: Why me? :))
boxocide: I havn't said I attack sites. :) But if I were probably random sites just for fun! *cough*

torque: Of course, :).
boxocide: ;)

torque: My site, as I alluded to, was recently defaced. Given your knowledge and interest in computer security, what sort of steps can I take in the future to protect myself?
boxocide: Well, you want to be a frequent researcher. The best step to take is knowing what services/applications are running on your box and make sure you always have the latest patches! And when your bored; Much around as if you were a client to your server and try to mess around doing random things some silly kid could do! Much=Muck :)

torque: Sounds like a reasonable suggestion - though most sites these days, including my own, are hosted by a third-party. Is it usually the host being sloppy or the preson putting up websites? Should I find a more secure host?
boxocide: It can be both, if you are running a web-based application off your hosting it's probably started by you (with full access)... If someone can manipulate that application to doing something such as running system commands on the system; you can end up in a big mess, as you said you've expierenced.

torque: In my domain, i run a number of different open-source suites, e.g., Mambo, phpBB, MovableType, Gallery, etc. Having experienced the said "big mess", is there a simply way to backtrack where the vulnerability was?
boxocide: You would have to look through your web browser logs and try to find some unusual query strings sent by the 'suite'. for example, if you are running a version of phpBB 2.0.10 or lower you are very vulnerable.

torque: Hmmm, I can see that now.
boxocide: There is a exploit in the viewtopic of phpBB which allows an attacker to gain privelages of phpBB, and if your webserver is hosted by a 3rdparty application it probably has the same access as you.

torque: Looks like I've just been exploited again.
boxocide: I wouldn't doubt it if you still havn't fixed the same whole! err, hole*

torque: Ok, enough about this. I want to know more about you. You mentioned earlier that you were not very motivated in school. Is there any particular reason?
boxocide: I find it unnessacary, I find the best knowledge is gained through expierence. It's ridiculous the fact that I need a piece of paper to tell me if I'm qualified for a job or not.

torque: That is a reasonable feeling. Quite widely shared. :) Have you ever had any classes or subjects where this feeling was not the case?
boxocide: It's always the case no matter what! I mean I do learn some things in school but those tend to only be during through my actual hands on expierence... Like my chemistry labs. ;) Sitting on listening to a teacher rant is absurd, the human brain will only interpurt to remember 15% of what is said.

torque: It can be quite frustrating, sitting through a class like that. I've had quite a few. I've found though, that having a "good" teacher can really make a big difference. Are there any teachers that have stood out for you?
boxocide: Oh of course, I have nothing against my teachers most of them are fantastic, caring people. But sitting around living such a repetative life isn't my cup of tea!

torque: What's your favorite food?
boxocide: Haha, potato skins! potatoe*

torque: Do you play in a band?
boxocide: Nope, My rythm isn't the best yet!

torque: What kind of music do you like?
boxocide: classic rock! morrison, zepplin, hendrix! ... and I do love disco, I must say! Beegees!

torque: Your kidding. Really?
boxocide: Yes...

torque: How did you get into disco? That's pretty unusual.
boxocide: My dad, singing aloud. Oh, and defently John Travolta! Saturday Night Fever!

torque: You mentioned possibly becoming a security teacher. I assume you meant computer security. Do you see yourself teaching students in a class? Or helping corporations? Some hybrid?
boxocide: No, I meant home security! Haha, I'm joking! RELAX! Yes, I'd love to teach a class of students but probably corporations... But I don't think I will get there considering I'm not a brick on the wall! I won't have the paper to say I'm eligable for the job!

torque: You don't always have to have a piece of paper. Social engineering and who you know usually makes a huge difference. Do you program for money?
boxocide: Nope! I havn't had a job in my life!

torque: Do you have any hobbies outside of computers and your bass?
boxocide: My girlfriend? :)

torque: :)
boxocide: ;)

torque: How is it that you've never had a job? Not even mowing the lawn? :)
boxocide: Never! I'm one lazy SOB. ;) Unless I was asked to do something with computers, It will be done in a jippy, with high quality work! ;)

torque: Tell me more. What languages are you proficient in? What's the most sophisticated thing that you have worked on?
boxocide: Computer Languages?

torque: French, Estonian, Cuban... Let's start with the computer languages, then we'll move on to the human languages...
boxocide: French, Arabic, English... ;p Looks like I'm 2 steps ahead of you :p

torque: Here's mine for real - English, Mandarin, French
boxocide: Cool!

torque: For computer languages, the usual suspects for me - C/C++, VB, Perl, PHP, some TCL
boxocide: PHP is my favourite! But my full 'suspects' would be: C/C++/Perl/ASM/Java/JavaScript/ASP/Python/VB/Delphi/TCL.

torque: Impressive... all self-taught?
boxocide: Pretty much, but I love talking with others -- I can't say I havn't asked for help before :p

torque: Of course. Are you working on any projects now?
boxocide: Most programming languages revolve around the same structure; it's just learning the basic functions for each. Currently, I am working on a Modular Exploiter.

torque: Yeah, that's what I've found. Especially with the internet, basic functions can be looked up as you go. What is a Modular Exploiter?
boxocide: Well basically it's a base program which exploits can be inserted into and then a full remote system scan can be run to find out common vulnerabilties in a site. And exploits can be added as it will have its own exterior language.

torque: What are you using to write it? Is it a web application? I guess it is all a web application, what I mean is, whether or not it is something that is run locally or on a server.
boxocide: It can be run locally or remotely, and it's a *nix based program runs from shell. Written in C

torque: Are you writing this on your own?
boxocide: Yep

torque: What are your plans for this software?
boxocide: Maybe Public Release, I don't know how people would react though or if it would get me in trouble.

torque: Sounds like it could get you into trouble. Though site admins would probably thank you. Is there software already out there that does this sort of thing?
boxocide: Yes, but not to this far of an extent.

torque: How far along are you on it?
boxocide: 15% :)

torque: Have you had the opportunity to travel much?
boxocide: Not really, I've been around.

torque: Any place of note? I just got back from China.
boxocide: Not really.

torque: Who is "esx"?
boxocide: My friend

torque: Hey, thank you for taking the time to answer my questions. I learned a lot. Thanks, especially, for pointing out my phpBB vulnerability. Are there any questions you would like to ask me?
boxocide: No problem, if you ever need any help let me know. Hahaha, not really any questions but if you post this interview.. let me know so I can see :p

torque: If you don't mind, I'll do just that.
boxocide: Not at all ;p

torque: Take care of yourself. Try to keep out of trouble. :)
boxocide: Thanks! ;)

Posted by torque at 1:58 PM | Comments (6) | TrackBack