Interview with Tom.

ecksor

In an effort to gain more insight to the enigmatic security guru Tom, I wandered down into the dark depths of Phishy to gain more insight into this mysterious character.

[06:55] *** Joins: sysTemT [] has joined #openbsd
[06:55] <sysTemT> lo
[06:55] *** sysTemT [] is now known as ToM
[07:02] [#OpenBSD] Names: (3 total)
[@ChanServ ] [@ecksor ] [ ToM ]
[07:02] <ecksor> Hello.
[07:09] <ToM> how are we
[07:11] <ToM> I wish some body would bring him for a walk it would losen the lad up
[07:11] <ecksor> Right.
[07:12] <ecksor> I was reading your stuff on boards.
[07:13] <ToM> yep
[07:13] <ecksor> I see you work in security.
[07:14] <ToM> no I dont
[07:14] <ToM> I work in Iomega Ireland
[07:14] <ecksor> I see.
[07:14] <ToM> I lied on the boards
[07:14] <ecksor> Why?
[07:15] <ToM> notting else to do
[07:15] <ecksor> I see.
[07:15] <ToM> I work in Iomega and Client Logic as a hardware linux spealist
[07:15] <ecksor> I see.
[07:15] <ecksor> How did you end up at that craic?
[07:16] <ToM> I started off doing security for shell companys back about 2 years ago
[07:17] <ToM> done a few sites ran a shell provider and hosting company with an american lad named adult shells ..
[07:17] <ecksor> What's a shell?
[07:17] <ToM> www.theboxnetwork.net
[07:17] <ToM> thats my new company
[07:17] <ToM> not fully up at the moment
[07:17] <ToM> a shell is a user account on a linux box
[07:17] <ecksor> Is it now.
[07:18] <ToM> I own 2 linux boxes go-dedicated in new mixico and france and I resell business hosting for darklite.com
[07:18] <ToM> I was a jockey for the past 3 years
[07:18] <ToM> but I always knew I would end up in computers
[07:18] <ToM> so I went for a test and an interview and got the job
[07:19] <ToM> simple as that ... I started off doing tech support
[07:19] <ToM> and worked my way up
[07:19] <ecksor> I thought a shell was a command line user interface to a unix like environment (not
necessarily linux), that provided things like job control etc, and not related to an account at all,
apart from the last entry in /etc/passwd.
[07:19] <ToM> I am only 18 btw 19 in june
[07:19] <ecksor> What do I know I suppose.
[07:19] <ecksor> That's an excuse I guess.
[07:20] <ToM> a shell is a user account on a unix box no matter how fancy you make it out to be
[07:20] <ecksor> No, it's a program such as sh/csh/ksh/bash/whatever that does what I just described.
[07:20] <ToM> specialist even
[07:20] <ToM> its not a program I am afraid
[07:20] <ecksor> An account could be made to just run a menu interface or lynx etc, not necessarily a shell
on login.
[07:21] <ToM> yes you mean unix system V or somthing like that
[07:21] <ToM> an interface which lets a users use selected services
[07:21] <ecksor> I mean any unix.
[07:21] <ToM> bbs, *****x etc..
[07:22] <ToM> yes but the main G.I for a menu interface is system V
[07:22] <ecksor> G.I ?
[07:22] <ToM> Graphical Interface
[07:23] <ecksor> System V is a type of unix, originally developed in Bell Labs, latest and last version
being System V Revision 4, developed with Sun Microsystems around 1989, which forms the core of Solaris,
HP/UX, Irix and may more obscure unix variants.
[07:23] <ecksor> It is not a Graphical User Interface.
[07:23] <ToM> are you reading this from some where
[07:23] <ecksor> Nope, I've studied quite a lot about unix.
[07:24] <ToM> yeah right
[07:24] <ToM> who the hell remembers dates like that
[07:24] <ecksor> I do.
[07:24] <ecksor> I've a good memory, ask anyone.
[07:24] <ecksor> Anyway, I might be wrong.
[07:24] <ToM> give me a sec I will go to ilug to be as smart as you
[07:24] <ecksor> It might be around 1988 or 1990.
[07:24] <ecksor> I was being approximate on the date.
[07:25] <ecksor> I unsubscribed from ilug, too much junk.
[07:26] <ToM> ilug is good for hardware problems etc but there should be certain parts you can subscribe to
[07:26] <ToM> rather than the whole freaken mailing list
[07:26] <ecksor> Perhaps.
[07:26] <ToM> what is your profession btw ?
[07:27] <ecksor> Programmer.
[07:27] <ToM> in what ?
[07:27] <ToM> c ?
[07:28] <ecksor> C, Java, Perl, python, VB, JavaScript, VBScript, SQL
[07:28] <ecksor> I know a little bit of Scheme also, currently learning Haskell.
[07:28] <ToM> c would interested have you made anything interesting ?
[07:29] <ecksor> I'm also a good shell scripter.
[07:29] <ecksor> What do you find interesting?
[07:29] <ToM> I have done a few good pices of shell code not released yet but soon
[07:29] <ecksor> I really only use C for unix systems programming exercises, manipulating log files etc.
[07:29] <ToM> huh
[07:29] <ToM> such a waste I am studying c at the moment
[07:30] <ecksor> good for you.
[07:30] <ToM> learned most so far from studying exploits etc..
[07:30] <ecksor> Right.
[07:30] <ToM> but I hope to go to collage at some stage
[07:30] <ecksor> And what do you plan to do with C ?
[07:30] <ToM> to study c etc..
[07:31] <ToM> what do I plan to do with c ... I will start off coding exploits then buy my way into a top
security firm for a few years then open my own
[07:31] <ToM> he he
[07:31] <ecksor> Coding C isn't the most important part of coding exploits.
[07:32] <ToM> want to see a pscanner I edited the c on to make it detect redhat 7
[07:32] <ecksor> More important is a good understanding of ABIs and assembly, followed by an ability to find
the vulnerabilities in the first place.
[07:32] <ecksor> Not really.
[07:32] <ToM> k
[07:33] <ecksor> You haven't asked what an ABI is.
[07:33] <ecksor> Btw, go to whatis.com and look up the word "shell"
[07:35] <ToM> hmm you where reading all your answers from a web site
[07:35] <ToM> lameo
[07:35] *** Parts: ToM [] has left #openbsd



[This message has been edited by DeVore (edited 18-04-2001).]

Hobbes

lol

spod

bless his socks

Lenny

f00

logic1

Ah proof of what we all knew Tom actually was. Full of manure. (see my clever way to avoid the boards censor but still seem like a double hard *******? oops....)

.logic.

Gerry

Hmm, I'm starting to think maybe I'm not the dumbest ******* around here. "A shell is a user account on a unix box" hahahaha

Koopa

heh, fair enough

just in his defence (dunno why im doing this but anyway im bored) a shell does not have to be an interface to a unix system, windows command.com is also a shell, a shell is really just jargon meaning "interface", you can have graphical shells too..

<font face="Verdana, Arial" size="2">
<ecksor> An account could be made to just run a menu interface or lynx etc, not necessarily a shell
on login.
</font>

well in this case, lynx, or the menu interface, would be the shell.. by definition

ecksor

Hm, how come Tom didn't point all this out?

It depends on context. A shell is generally a "command processor" rather than just a user interface. Windows explorer and command.com are considered shells because they generally allow you to execute any commands on the systems that you have permissions to execute. The first instance I came across the term was on an Amiga system years ago.

A menu interface or web browser will not necessarily allow that functionality. Lynx or the "menu interface" would only be regarded as shells due to being in the "shell" field in the /etc/passwd file.

Anyway, you could pick out a few other inaccuracies in what I said if you looked hard enough, for example svr4 was released in 1990, not 1989, and went up to svr4.2 in 1992, so it wasn't the last relase. And for quite a lot of exploits, an intimate understanding of a system's ABI (application binary interface) isn't that essential either, but then again, for the type of exploits that Tom seemed to be talking about I'd recommend any budding hackers to become familiar with it

[This message has been edited by X_OR (edited 17-04-2001).]

Lenny

hmm I wonder if Tom has seen this at all yet

and why hasn't he replyied

Hobbes

<font face="Verdana, Arial" size="2">

shell [orig. {Multics} n. techspeak, widely propagated via Unix] 1. [techspeak] The command interpreter used to pass commands to an operating system; so called because it is the part of the operating system that interfaces with the outside world. 2. More generally, any interface program that mediates access to a special resource or server for convenience, efficiency, or security reasons; for this meaning, the usage is usually `a shell around' whatever. This sort of program is also called a `wrapper'. 3. A skeleton program, created by hand or by another program (like, say, a parser generator), which provides the necessary incantations to set up some task and the control flow to drive it (the term driver is sometimes used synonymously). The user is meant to fill in whatever code is needed to get real work done. This usage is common in the AI and Microsoft Windows worlds, and confuses Unix hackers.

Historical note: Apparently, the original Multics shell (sense 1) was so called because it was a shell (sense 3); it ran user programs not by starting up separate processes, but by dynamically linking the programs into its own code, calling them as subroutines, and then dynamically de-linking them on return. The VMS command interpreter still does something very like this.</font>

So Koopa is correct, however I have never heard the term shell used in a windows/dos environment only really in UNIX.

ecksor

As I said, it depends on the context, which in this case corresponds to the first definition offered there. Number two corresponds more to what Koopa was describing.

The context that Tom was talking about would suggest a shell such as a sh/csh/ksh etc program on a unix like machine, as distinct from a user account, which Tom seemed to think.

Talliesin

<font face="Verdana, Arial" size="2">however I have never heard the term shell used in a windows/dos environment only really in UNIX.</font>

It doesn't come up as much since you generally have only the one shell, or two if you count the command line as a seperate interface. Since you've the one shell and you're stuck with it you don't spend that much time thinking about it. Even if you are making calls to shell.dll windows coders don't think in terms of "shells".

I have heard it mentioned quite a bit in relation to Win9x and WinNT40 sharing the same shell, although the rest of the OS is quite different, but I've only really noticed it when I accidently deleted a dll on cormac's machine which meant he briefly didn't have one

ecksor

<font face="Verdana, Arial" size="2">Originally posted by ToM-theboxnetwork.net:
Cliph from #hackers_ireland anit he the guy who runs csd.dot-ie.com and dot-ie.com which is an hosting company which was hosting a hacking site for Bedlam for Garda Scanner codes ?</font>

Nope. I'd go into more detail, but none of that is accurate, so no point in bothering.

<font face="Verdana, Arial" size="2"> Since then Bedlam as changed his name servers but if any one from any law firm would like the web logs 3 admins have them logged for future business in these matters.
</font>

Law firm? I thought you'd be threatening people with the Guards or something considering the above reference to scanner codes. Anyway, they know where to find me, and are always welcome.

Dude, what is with your spelling and grammar? anit is supposed to be ain't? No punctuation, it's terrible.

ecksor

Oh, btw, there are three lines missing from the log just before the line that makes reference to taking someone for a walk, which is why that bit is a bit out of context (my mistake, had to copy/paste in several chunks from my eterm window and wasn't careful).

fisty

grow up and stop trying to out do eachother with jargon.
I know a shell definition blah blah shut up like? - you are all like children.
and you are the people in charge of websites and servers, admining and stuff?
its not a competition on who knows the more l33t crap - this board is for security issues not painting someone in an ugly light.
keep your poxy logs off here - nobody cares.

[cut (Admin) - because we are gay]

ecksor

I should point out that that post was made from <snip>



[This message has been edited by DeVore (edited 18-04-2001).]

Hobbes

Tom, X_OR was pointing (and I may be wrong) that Fisty has that IP address, not you (we know you do though from another thread).

fisty

The moderator should have more sense than to be putting my companies firewall address on the board -
im going to lodge a complaint to the boards.ie admin as the ip logging is for your ADMIN use not - to be posted up on the boards for the public to see.
you can say we use the same firewall but TAKE DOWN THE ADDRESS.

Hobbes

erm, while it's true that the IP's can only be seen by the admins, there is no reason they can't post it publically if they feel so. the fact you splatter your IP address anywhere you go on the net means it's not exactly top secret.

As for complaining to the admins, well Devore + X_OR are pretty much as high as you can go.

fisty

My complaint has already been sent to the people who maintain the boards overall.
I'm sure they will look on the postings distainfully.
Posting someone's details in this fashion is UNACCEPTABLE and I am sure the people who moderate this board will agree.
The IP of a user is for the ADMINS use - Nobody elses.
As for your comment Hobbes: That just goes to show that your feelings on other people details are as lax as X_Or's.
I just hope this gets cleared up fast.

Celt

You really shouldnt post people's ip's publicly on the board .

fisty

I appreciate the support WhiteLancer but the longer that address stays there the more likely it is someone will save it to file and possible do something malicious with it.
Could you remove it please as X_Or doesn't seem to give a ****.
Cheers again,
Fisty.

Hobbes

We don't normally. It is really only posted when you have someone acting the muppet in certain ways, like oh say threatening the boards.

DeVore

Sending emails "demanding" certain actions isnt a good start to getting on my good side after people from your location are threatening the site.

Frankly, you're mailed arrived as I was ringing directory enquiries to get the number for Client Logic. Given that we are at least involved in SOME communication, I'm happy to take this offline and solve it privately.

I dont respond well to threats and demands. Ask around. I'm funny that way.

Tom Murphy.

ps: for two people so ardently into their security... why are you concerned that anyone knows your firewall IP???

Surely the reason for *having* a firewall is to keep bad people at bay... anything else is security-by-obscurity...

Hobbes

<font face="Verdana, Arial" size="2">Originally posted by fisty:
I appreciate the support WhiteLancer but the longer that address stays there the more likely it is someone will save it to file and possible do something malicious with it.</font>

But I thought you guys were masters of security? So you should have nothing to fear.

Not that a hacker is going gain some advantage by just knowing an IP address. Btw, I'm pretty sure the firewall gets hit a lot more for exploits then you realise and most from people in work web browsing.

fisty

I never said I was any kind of security guru and never claimed to be
get your facts straight.
I really know f*ck all and couldn't give 2 Sh*ts about security and never said I did.
I just don't want any tom dick and harry coming across this thread and knowing where i work.
Oh and by the way,
I didn't threaten anybody.

fisty

don't you get it.
I'm not worried about my companies security.
other people get paid to take care of that.
I just don't want people knowing where i work.
tom is the security guy.
just get my bloody work domain off this thread.

Hankster

I happen to work for the same company Tom works for and I know his real role in life. He is not a security guru of any sorts, but merely a lad who take phone calls.

This is a statement of fact. Tom does what he does, but he's also a liar.

Talliesin

<font face="Verdana, Arial" size="2">I did not know you where a hacker x_0r</font>

I thought everyone here knew X_OR worked in security and has also done programming.
In fact you were claiming to know about security as well.
Maybe you should learn the definitions of words you use, it's always good to have command of the English language.

Jademan

He's been a very bold lad i hear, misusing co. resources and the like!

Again FACT.

Hankster

I make absolutely no claims to be a secrity guru, ha><0r or anything of sorts. Tom's pulled the wool over your eyes. That's all.

Hankster

Sorry, I'm still asleep.

Gerry

er why do you care so much about your ip being posted here. Why dont you want people knowing where you work? Are you ashamed of it? Is it not an 3l33+ place to work? Does it harm your "net rep"? Is it an offshoot of the CIA?

As others have said, anyone who wants to find out your ip can do it anyway, so posting it up here makes no odds. Unless the firewall machine accepts telnet connections from outside, and its password is password? From my preliminary port scans, it doesnt seem to be that insecure. joking by the way. Really like. Don't call the gardaí on me.

Talliesin

Are you saying that X_OR signed a non-disclosure agreement before entering into the conversation.
If that is the case then you should sue him for breech of contract.
Otherwise any party to a conversation is perfectly at liberty to disclose it in whatever way they see fit.

You aren't one of those people who think the Internet is "anonymous" are you? Jeez, just be thankful you learnt that lesson relatively easily.

Oh, and IPs are not for administrators only, boards.ie decided to only log them rather than posting them, boards can change it's mind on that whenever it wants. IPs are public, that's kinda how they work.

ecksor

Sorry about the slow response, I just got out of bed and into work. Anyway, I see that DeVore has responded to your complaints.

Hankster

Go on punk make my day. Try your best

yossarin

does this topic qualify as trolls board material?

still, a good read. especially the logs.

Jademan

You talkin' to me bud!

Talliesin

<font face="Verdana, Arial" size="2">does this topic qualify as trolls board material?</font>

Yes, but then Tom might realise how stupid he looks and shut up. If we leave it here we can have more fun.

Jademan

To do what j*** **f on? You might hurt youself with a string!

ecksor

<font face="Verdana, Arial" size="2">Originally posted by ToM-theboxnetwork.net:
Well my goal was to make the biggest string ... I feel good now.</font>

I think the word you're groping for is "thread"

Talliesin

<font face="Verdana, Arial" size="2">Well my goal was to make the biggest string</font>

Give him enough rope...

DeVore

I can confirm that Fisty and Tom are NOT the same person.

I have had a conversation with Fisty and clarified the point with him.

Obviously anyone posting from Client Logic will have their firewall as their ip, so its not surprising that they are the same.

DeV.

DeVore

I have edited the ip's out of the log.
I was asked politely to do so and so I am happy to comply. The log itself is X_OR's property. If X_OR asks me to , I will delete it. Pretty pointless as he can delete it himself....

DeV.

fisty

well what do you know!?
the system works!

Cheers Devore.

ecksor

The unedited log has been at http://heap.nologin.net/tom.txt for a while anyway. DeV, I think they wanted their company IP taken off, not Tom's esatclear dialup IP.

fisty

*bangs head against wall*
I give up.

ecksor

Good good.

Lucutus

<font face="Verdana, Arial" size="2">Originally posted by ToM-theboxnetwork.net:
Well my goal was to make the biggest string ... </font>

And have you suceeded? I'm a-frayed-knot, there's longer threads on boards elsewhere, (spend some time on the Trolls board, you'll feel at home there).

Luc

fisty

evil thread - evil!!!!!
kill it!
kiiiiillll iiitt!!!

Jademan

Sore maybe but not evil, even from yourself!