Being the serious investigative journalists we are, we decided to track down and find out who was behind the “Hole Seekers” hack this time. We got our hands on the source code (all 7000 lines of it!) and followed the rabbit hole as far as we could go until we finally got in contact with someone who called themselves barbarianbob. barbarianbob is the leader of the “Hole Seekers” hacking crew and agreed to meet us in a dark parking garage outside of the Mt. Gox headquarters and grant us a brief QA session.

This is the story of the BitcoinTalk Hole Seekers hack, told from the man who made it happen.

Who are “The Hole Seekers”?

Psy-do code.

A team of like-minded security-savvyists who enjoy finding security holes and exploiting them. We seek out and penetrate any holes we can find, no matter how tight the security, and we won�t stop until we�ve filled them with the long-arm of thick-headed justice.

What motivated you do this?

Have you read the forums? Why wouldn�t you want to fuck with them? The Hole Seekers are always looking to plant a pole into whatever cracks we can find, and if we can have some fun doing it then why not? The Hole Seekers will be a bigger name than Kirk Johnson someday.

Did you do the Cosbycoin thing too?

Due to pending litigation, I cannot comment on such matters.

How did you do it?

In 2011, Bitcointalk was taken down by the CosbyCoin Crew. They found a blind sql injection to get the password hash for a forums administrator by the name of ‘satoshi’. This allowed the CosbyCoin Crew to log into that account. Since SMF is such a piece of shit, admins have the power to edit the php code. Using this fact, a backdoor was placed onto the site that allowed basic run of the site. A dump was made of mod/admin hashes. That�s when CosbyCoin was unleashed on the site via some basic javascript. After thermos took the site down, he put it back up 3 times before he finally found and deleted the backdoor. The admins were all told to change their passwords but some of them never did. For whatever reason, back then you only needed the hash to login as someone. We just made a quick script to supply the one cookie, the username, and password hash, and it would output the data to put in hackbar to login as that user. We used method to re-add the backdoor which has been there ever since.

After the site was moved from the Mt. Gox. servers to a new server with nginx+phpfpm, the backdoor was still there.

Did you or thermos bring the site down?

Either he realized what happened and brought the site down or his server couldn�t handle it. We didn�t bring the site down ourselves, we worked too damn hard on it. Use Cloudflare next time!

Did you steal any personal info?

No, what would we do with any of that crap? Renew their subscriptions to Reason magazine?

How long did it take to make those amazing graphics?

I slaved away in front of a hot mining rigs for weeks making those. My undying love for buttcoin is never truly recognized.

Will thermos actually fix the exploit or is he an idiot?

Sounds like he actually found everything, but who knows. SMF is full of bugs and holes, it�s what you expect from a free forum software. What ever happened to that $600k thermos collected for a new forum software?

Are you going to turn yourself in for the 50 BTC bounty?

Turns out thermos is so smart he claimed he found the exploit so he�s paying himself, way to go buddy

Thermos being smart as hell.

Why do you hate bitcoins?

I don�t, but man the community is fucked up.
YOSPOS, bithc

Missed the hack the first time around? Click here to see what it was like!

The post EXCLUSIVE: Interview with barbarianbob of “The Hole Seekers”, hacking group that took down BitcoinTalk forums. appeared first on Buttcoin Foundation.