[Full-Disclosure] NGS Software Admits to Having Written the Saphire Worm

From: Day Jay (d4yj4y@yahoo.com)
Date: 01/31/03

  • Next message: Simon Richter: "Re: [Full-Disclosure] The worm author finally revealed!" 
    From: Day Jay <d4yj4y@yahoo.com>
To: full-disclosure@lists.netsys.com
Date: Fri, 31 Jan 2003 13:23:55 -0800 (PST)

    BREAKING NEWS!

    I have attached part of the latest official press
    release from NGS. You will not believe it.
    ----------

    Next Generation Security Software Ltd
    Friday, January 31st

    NGS Software co-founder David Litchfield, has
    announced today that he wrote the MSSQL Saphire worm.
    The Slammer worm however, was a hoax worm written by
    ISS.

    David descided to unleash the worm last week while
    "wardriving" (A popular activity among computer
    stalkers). He simply parked in front of someone's
    house and hopped onto their home network with a
    spoofed MAC address. "Should I?" David asked his best
    friend T0rn. T0rn replied, "*** it man. You only live
    once." David then released the critical packet that
    sent all the whitehats into their offices over the
    weekend because they forgot to include a deny tcp port
    31337 on their cisco firewall.

    "Yes, I wrote it," David admitted yesterday during an
    interview with the UK Bee. He continued, "I wanted to
    let everyone know how powerful I am and that if I ask
    people to bow down to the Westside, they should. I
    would like to encourage people to see how bad ass my
    Windows Shellcode really is. " David was quite happy
    with himself and on top of that, cocky. He told the UK
    Bee that he would bitch slap anyone who talked *** on
    NGS.

    Shortly after the release of the worm, David claimed
    immediatley that it wasn't his. In an offical
    statement, he said, "Naw, man that ain't mine. They
    just used my shellcode. Oh, and then they used an
    engine to generate random IPs." But the other part of
    the worm source code that generated the random IP
    addresses, was taken from Packetstorm security which
    was also authored by David, under the alias of "divaD"
    which is David's name spelled backwards for those that
    are slow.

    David also stated that he is not going out like a punk
    and that no one should *** with him or he would
    release more stuff. In another statement he said,
    "Man, I got cron jobs that'll explode some crazy ***
    onto the net if I don't stop them. As long as I stop
    them, things will be fine. If I die, or if I forget,
    everyone's going down. " He also then stated, "Heh."
    Which is apparently a popular term among modern day
    cyber criminals which is the equivalent to someone
    snarling.

    =====

    For more go to their official website.

    day to the motherfucking jay

    Disclaimer:
    The above e-mail is entirely fictitious. Any
    similarity to the history of any person, living or
    dead, or any actual events is entirely coincidental
    and unintentional.

    __________________________________________________
    Do you Yahoo!?
    Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
    http://mailplus.yahoo.com
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html