March 2001 Doc: How long have you been programming? WHY: I never learn coding in school or do i code before. I start learning Delphi by myself on April 2000 and end it six months Later with 711 and a lot other Tools i made. The last 8 weeks i try to learn coding with ASM by myself. ------------------------------------------------------------- Doc: What was the hardest thing to program or the hardest part about programming? WHY: Hmm, I think the first tI’me I open a ASM Source Code and try to read hI’m, lots of numbers *bg* The hardest thing is actual my ASM project, Delphi was all tI’me easy to learn, because there are a lot tutorials + tips outside. For ASM there is only 1 great page (Thx to Iczelion) so I have to make the most by myself and I often get a blue screen or I crash my HD by testing functions. All tI’me I search a way to change an exe Icon, but cant find info and I don’t have the tI’me to think by myself how this works. ------------------------------------------------------------- Doc: What makes you think open source is good? WHY: Hmm, hard to explain for me ;) Open source is a great idea and I can’t understand why most people don’t Publish sources. An Example... I like to code a Pop3 Reader...in Delphi...so I search first a Component for pop3 or a readymade pop3 reader. If I found one I change the things I don’t like or I mean who have to make better. So I don’t spend a lot tI’me making a pop3 reader from crap. The only thing I have to do is, writing some credits like: Original source From blablabla The free tI’me I now have, I can code something new to this pop3 reader or make another tool for open source. So open source is a great idea for me. But I have to say, other coders often say : open source is shit, you have to code all by yourself. That’s big bullshit! Because the one who say this, often use Delphi, Vb or so, but they are no real coders and use ASM. Second, if you learn in school or from a book programming, you start learning what people told you and don’t search by yourself. So for me the people learn from others, like from books and than they cry and say :open source is bad Open Source are not only Source Codes, for me. All kind of information has to be Open Source. The source of the info has to be open for public use. If I found 1 think and you found then the second.... that’s what I mean. The ones, who change only the name in a source and publish it as own work, are not the ones making problems. If they have ever code something from rap, they loose. So I don’t understand why people say: If I publish anything the lamer’s will use it! Do it like me ;) I publish 711-source code, but I’m sure no lamer can use it and compile it. Because they don’t find the mistakes I make inside *bg* a coder will find what I make and can fix it or learn from what I do. Doc: I know you are pro open source what info do you have for others who aren't or are unsure about open source? WHY: SI’mply publish your work and share info with others ;) If more do so, the coding community will grow faster and the technology will become better and safer. Small example: I searched months for a way to change a exe icon or how to decrypt some passwords... No one told me where to find it, no one told me how to do this.... If you search the web, you find million password crackers or icon changers... Only coded for FAME! That’s the real shit for me. Coding for fame is the worst thing you can do! A lot people are outside and waiting every day to get some new stuff to play. If you make something for the lamas, you are the hero for a short tI’me. Like mobman is for most Trojan users. No one knows mobman, all say only bullshit. But a lot others like to become so popular like mobman, so they code shit for fame. I don’t like to tell you what you have to do; I sI’mply like to say what I think of this. Doc: How do you feel about sub7 and its popularity? Do you feel it shuts out other better or equal Trojans? Hmm, I use Trojans, too. But all the tI’me use: secret service and der späher3 when I take the first look at sub7, I thought I should play outside with little remote cars ;) I know Trojan business after reading info on back orifice. Sub7 I think it is for the masses, a good example of how much lamers the world has. Because, before sub7 there are a lot of other Trojans, but not so easy to use like sub7. That’s the only goal sub7 has. For me it’s a great idea to give the lamas something to play and use this for my own fun, like some settings only for the author. What I cant understand is: The most tI’me other coders like to code a tool sI’milar to sub7 to get the same fame. Do not forget the million questions about how to infect someone or how to do this and that with sub7. If you see my 711, the server is smaller, there are hundreds of functions more and a lot of ideas inside I never seen in other Trojans. I’m sure if I ever publish 711 for public use, I blast sub7 away ;) But that’s not what I like to do. I code 711 to learn Delphi to code my own Trojan for hunting child porn traders, that’s all. So there will never a public version to use of 711. Doing this makes me a lamer for the most others, its ok, I know who I am and I publish the source. You see, it’s easy to code NOT for FAME! Open Source rules. ------------------------------------------------------------- Doc: What Trojan do you think is most underrated? WHY: My own *rofl* Hmm, hard to say, I do not look at other Trojans. But an old Trojan which is sI’mply the BEST Trojan EVER and who cant beat Is… SHADOW THIEF from the real masters of coding TRUEREAL. No one speak about this today and most don’t know that it exist. It’s before Blade make his The Thing 1.6 and even much better. WHY? Its full coded in ASM, server is 8kb and options are: Upload/download - screensaver pass. - Icq uin - remove server - file start, delete, rename - delete registry - list all task - kill task and much more... All in 8kb. Cool PE infector and server editor inside, also a keylogger. Notify is in IRC and you also have some irc commands... What do you need more? I use actual this source code to make 711uk and learn a LOT from this great source. You can say that I steal the code, wait if you see the new source code I code, then told me a thief *bg* Or tell me why others, like SlI’m or Blade code such a tool when there is all ready a better one? Don’t talk about sub7 or tools who are bigger then 10kb ;) Hope this sounds not arrogant, but look at the source and you understand what I mean. BO is shit, sub7 is shit, Netbus is shit, my own work is shit! Fall down and pray TRUEREAL master coders ;) (Me like to know if they still exist-if yes I like to spend some beers or joints) Doc: How do you feel about Trojans in general? WHY: Hmm, since I’m a big James Bond fan, I sI’mply like them ;) A Trojan never infects me; I never start to interest my system and myself in coding. Today I know a lot about my system and I often ask myself: why is this possible to a lamer like me? Because, professionals code windows or the other stuff we all use today... If you look closer to this you find all tI’me bugs, errors and security holes.... Or the Linux scene, a new system and also infectable by Trojans. They did the same mistake like windows, but they are saying that Linux is much better. HA HA HA, the same mistakes in Linux like in windows and now better? When came the first Trojans out? (I found sources from 1992) why is it actual possible to use Trojans? (10 years later) why did no one close the hole? (Is it so big?) And why did they sell such a shit as security soft? Like Norton, Mcafee, the cleaner and so on... All tools only to get money from people who don’t know enough about the system they use. For me they fooling others and sold false security. For me it was a shock to find out that i can disable all security soft by changing easy a reg key or the data file! A tool that cost more then hundred dollar and then such a shit! I’mpossible to believe. So Trojans are a good thing for me. Often others find security holes by coding a Trojan or for coding a Trojan. If they do not so, only a handfuls people know about this bugs and you can be sure, they use them and don’t told you! Or think on the remote sector. Next tI’me we have refrigerators who shop over Internet and so on.... There is needless of people who code this; spy soft also is a new business. Look at the million security pages admins... most of them search nothing; they are waiting that some one make a tool and show them how it works. Little example: I told often how to disable firewalls...(half a year back I start) in security board, people told me that it will not work, because you have to connect first and this will the firewall block. big bullshit! If you visit a homepage, I set a sI’mple reg key and your unprotected... If my server starts the first tI’me, your soft is disabled.... a lot more ways to do so... So what I want to say is: I warn often, no one understands it so there is today no protection against my way ;) They need a ready made tool who show them how this works and what they can do, if no one code this, there will be no protection. Isn’t it lame? Last example: rezmond the coder of Bionet. He’s able to code a Trojan, but unable to use his brain, it’s curious. Gee has fun flaming me and told me I was a lamer, because he don’t understand how this works. After getting my sample project, he insert it into his Bionet Trojan, copy paste is sooooo easy. That’s what I mean, people cant cook today, they need a ready made meal from McDonalds. So that’s why there are so many Trojans making the same...not enough cooks outside and more eaters. Doc: What future goals do you have? WHY: My goal is to code my own Trojan to bust child porn traders. Because the police is unable to do something against this and real hackers told me that its "ILLEGAL" to hack a child porn traders pc, HA HA HA really 31337 hackers. I start a year ago to search those bastards by using secret service. But I only reach the little fishes and the rest detects my Trojan. So I need my own undetected Trojan, that the only reason why i started to learn to code. No one likes to code the Trojan so i have to do it on my own ;) That’s why 711 has functions to spy on remote telephone call’s, I like to know all of them and what they do the whole day. First i have some dreams: Server should be a xyz.JPG or bmp, sI’mply I’mage and not a exe file. I’m a million kilometer away from this ;) I dream often about a stealth server, but i think first its I’mpossible to hide something from windows. I’m proud to say actual the 711uk server is totally stealth from task programs (I mean not CTRL-ALT-DEL) if you use The Cleaner Active or tools like this, you cant see the running task. This method i found by searching months the web, after playing with the source I now understand what happened. So the result is, I use the same way to hide my server Port. So if you use netstat, you can’t see the listening port. It came from an old source (1999) and i don’t understand why today people try to make a tunneling Trojan or so.... It’s so easy and you have only to search.... Now my goal is: hiding the task, hiding the port and last hiding the reg entry. The first two things are working and I’m sure i get the last working, too. Maybe not today or next week, but someday its done ;) and then there will be come some bad days for some child porn traders and not lucky days of public Trojan users. Because i don’t like to make this public, maybe I publish a sample of the hiding functions. Hehe, I all ways send some samples out, but no one understand what happens, rezmond say it wont work. I’m sure he don’t know what it makes and so he sI’mply say it wont work... But enough of the big words, must sound very strange what I wrote... Doc: Who has helped you the most in programming? WHY: The ones who flamed me all tI’me! I often want to stop coding, because it’s not so easy to learn and I have a lot other things to do. But when i read what others say about me, I often get angry and think I will show you what i can do... So i start coding again and again ;) Some MEGA THX goes out to the readers of Spotlight.de, they help me a lot when i have some questions. Also Bogard send me some samples (don’t know why we have today no contact) and Blade told me some tips Tuvok send me some samples he make Mastercoder Nico spend tips, too ;) And then they are some small people who answer to my questions in message boards. While coding ASM, my best help is Iczelions Message Board, I’m sure its the only ASM place. But all in all, I found all by myself. There was no tutor or friend who help me, more people who fight against me. The best friend helping me often while coding was: Weed *rofl* He give me the feeling i need to spend hours and hours on my ass and try to understand what’s going on. Legalize it and don’t drink Beer! SI’mply: fuck the DEA Doc: What do you feel the future of Trojans has in store for it? The tI’me of glory and sportsmanship has ended. Today a handful of real Trojan users are outside, I mean. The rest are lamers searching for fun. I mean, most are childish or have no future in the real life. So they play good in the web and use tools from others.... Often they don’t know what the tools make. Look on the millions of Trojan pages... All the same I know only a handful of real pages that have news and info. The rest is sI’mply faked shit.... You often read: hey i know coder xyz, beware of me. Or: hey, don’t mess with the best... Like team virus like to do *rofl* Or look at the Trojans the last tI’me are coming out... I know only one who has new things inside.... the rest is old stuff with new look. (711 has also a lot old crap and is not the one I mean) SI’mple example: Fraggle Rock When i read first about this... I think: hmm, funny name, hope it rocks and sounds cool. And then i see the screenshot: ARRRRRRRGGGGGGGGGGGGG *megarofl* coded by a 12 year old asylum member (nothing against the asylum Trojan) who watched too much TV. Is this Trojan made for the ones coming new to school, I mean the 6 years sold? There is nothing new to find, only new I’mages *rofl* and the best i read is: cool function = server wait for Internet connection Wow what a great stuff!!!!!! I’m sure you spend years to find the registry key where says that you are online.... Next, the author is known for me as one of the biggest flamers i know. Often he says bullshit or deletes postings from real coders, like rezmond. Last example: gobo (or homo) has a message board.... sotmesc some day i read a post from some one asking for port scanners... I post a link to a great page where the author has made a stealth port scanner(source available, too). What happens, gobo da homo deletes my posting. I’m sure he don’t understand what a stealth scanner is. If these are the peoples who make the Trojan tradition new, I flee and never look back to the old days. It’s a shame to all the ones spending a lot tI’me on coding or searching for info. I really miss people i never know, like: TrueReal, Cold, Blade, MaD, ChaoZ, MasterOfDisaster......... the hero’s of the first days ;) *bg* I wish i were some tI’me earlier here, to have the chance to meet one of them ;) A class of its own! May the source be with you ;) Doc: Do you feel Internet security against Trojans is going to be a big issue? WHY: For me its becoming a big business! First you code some tools to make trouble, next you code tools to protect you from this. But no one like to close the security holes. Examples: Tlsecurity, first a great page i think lots of it, cool info and so... Today I’m angry about the way they go... Selling tools (next coming t-shirts?, like mobman. Like I want to order a pair of sub7 socks) As the biggest page on this business, I’m sure there is a better way to show the newbies then this. When i speak with others about tl, no one told me if the page is for fame or education. Lets say this: if its education, tell me where are the source codes? If its for fun and flame, then you have a lot of Trojan exe files or ready made tools. Tlsecurity is only a big archive of ready-made exe files but no archive of info, for me. I’m sure I get lots of problems, because I say all this ;) But its what I mean and like to say, correct me and don’t flame me or you will be the lamer and not me.... If you look behind some companies, like the cleaner or Lockdown, you find well know people. That’s what I say, first coding troubles and next coding tools against this. If they code against this tools for free, there is no problem for me. But they sold them! And as all you know, Lockdown and the cleaner are the biggest shit, but the hole world uses it and pay money *rofl* I sI’mply hate it when people fool others and grab only money. So in my eyes, the scene moves to the commercial sector. Remember, I earn money for my work, too. Its all tI’me correct to get money for the work you do, like coding a game or a real tool. But not a Trojan first and then a anti Trojan tool. Look in the scene....are there more security pages or not? The scene moves the last years from illegal to legal "names", the people are the same like years before. I’m sure the future has some surprises for us, new Trojans are coming and hopefully better security soft. I mean, if a 12 year old can code a Trojan you wont find, what makes a real coder today with your system? ------------------------------------------------------------- Doc: What do you think is the hardest to remove Trojans? WHY: hmm, hard to answer.... for a newbie it’s all to hard to remove. A standard user is most tI’me unable to open the registry or search a file whos is not normally on his system. Often you can beat some pro users by making sI’mple auto start entries ;) Or rename the file to a well known name, like systray.exe or taskmon.exe both are programs windows auto starts every session. If you delete the task, all works fine and you don’t see the differences. So if you sI’mply rename your Trojan to one of this names and copy it on to the system, there is no new reg entry or so.... SI’mply old stuff the user knows. I spent a whole night when i try to understand Weierds Kuang2 Virus. When I’m sure all is clean, I found again the kuang *g* So the hardest way today i think is infecting the whole system with your file, like a virus. But what about this: you have a server running who has no task to see, no port to watch and no reg entry to see. What you know is that your connection lights are flashing, that’s all. Did you think you are infected and start to search the file? Last month, if I don’t find a task or a port, I don’t start searching *rofl* That’s what the future brings us and I’m sure I’m not the first doing this! I’m waiting that someone told me how to find this file, then i have no idea how to find it. Also the sub7 method (starting by every exe start) is a nice way to make trouble. Most users forget that you can bind it to much more then the standard EXE or HTA files. What if you open a MP3 file, a JPG ,get right and so on......you can bind it to mmmmmooooooree and more things you think. Last words: I’m sure if others read my bad English (hope some one like to fix it first) most of them get angry about what i say. Often it must sound that I’m the only cool one here and i know all. That’s false! I say what I think and I don’t think first if I speak about a well-known coder that i can become trouble. If some one has another meaning, he can say this, so we can start a discussion about this. I’m sure you don’t find any kind of flames from me where i not try to explain why i think so. Next, all I think is the result from staying a year in this scene. In this year I spent a lot work in my open source page or I spent time helping others. The last months I don’t have fun helping others or do I like to have contact to others. I’m simply sick of it all. The whole mother fucking Trojan scene is the biggest shit I ever seen. First i think, that i find here clever people, a little underground unity. If i read text files, there stand: you can speak like you want, you can come from where you come, you can be what you are.. You’re welcome. The fact is: if you can’t write those 31337 English your out of the business. If you don’t have those 31337 nicknames you’re out. If you ever make a mistake, you’re out of year.... If you ever help others, you get nerved all the time by lamers who have no brain... If you are German, you are a nazi and not a human.... It’s funny that Americans told me that they beat me in my home language. For me an American has no home language, Americans stole first the land from the Indians and then all criminals from the world went to America. If Adolf Hitler lives today, he will be president of the USA. All this and much more let me think that the scene is full of asylum members. Or maybe I’m the asylum member and that’s why i don’t understand this all. So i say here the same i say on my pages: Hate me and do what you want, but please don’t be ignorant and try to share info. WH¥ -------------------- Doc’s Take On this: I have done many an interview with coders and webmasters. I have not done an interview or seen someone like this. I have known and talked to WHY for a year on and off. Everything he says is backed up to the fullest. I agree with some of his comments and disagree with others. But I have not censored anything nor do I intend too. Don’t hate or ‘flame’ WHY because he is pro source and you think he is a lamer try talking to him and decided for yourself!!