Script Kiddie Leaves Photo ID Behind After Wreaking Havoc
Please understand: The information on this ID has been verified against the user's PayPal data to confirm that is indeed the real McCoy. The person who did this has access to the bank accounts and credit cards. In addition, he has a personal website that features the same username as what he used on our system and has his real name all over the domain records. This person is not framed. It's really him.
UPDATE: As if that wasn't enough evidence, he's come out and admitted on his personal website that the ID is indeed his. In addition, the IP that was used to execute the UDP flood perl script matches the IP he contacted me with on IRC. Please, for the sake of my sanity, stop telling me he might have been framed.
As the administrator of a free shell account provider, I see all kinds of questionable activity on a regular basis. Some people try their hardest to root the server they've been given access to, shut it down, or to wreak havoc on a remote server from ours. In any case, they usually try to cover their tracks before trying anything stupid. Not so in the case of Mr. Machelesen of the Netherlands. Before uploading and executing a perl script designed to send a flood of UDP traffic to an IRC user, he was kind enough to upload a scanned copy of his official government-issued photo ID to his public_html folder.
Meet the script kiddie of the year, Mr. Machelesen:
Please take this moment to make a mental note: It's not a good idea to upload photo ID before bringing down a shell service.
Tuesday, September 19th 2006 at 7:14 pm
That’s truly brilliant, A-grade stupidity. It depresses me to see that people my age are capable of this crap. Thanks for sharing, though.
Tuesday, September 19th 2006 at 10:43 pm
Bumma!
Tuesday, September 19th 2006 at 10:59 pm
Aye, this scurvy dog be not the brightest!
Tuesday, September 19th 2006 at 11:07 pm
Perhaps it might be a good idea to obscure some of this guys details to prevent identify theft and fraud?
Tuesday, September 19th 2006 at 11:14 pm
You have to be kidding….Did this person want to get caught, what the hell is up with that. Anyways, yea thats just plain ol’stupid…
Tuesday, September 19th 2006 at 11:55 pm
Perhaps a quick visit to his home with a soft club would be appropriate.
Tuesday, September 19th 2006 at 11:55 pm
Brunner is making history…all you guys that think hes making a mistake and what not….i admire him for doing something different from anyone else…and having the courage to say “look i did it, what now” type of scenario. Ill see you in heaven man…….grats.
Tuesday, September 19th 2006 at 11:56 pm
[…] You can see the the sysadmin’s blog post here. […]
Wednesday, September 20th 2006 at 12:34 am
Maybe this is a new “trend” for criminals? Leaving their ID behind just incase someone would like to prosecute them for what they did.
Wednesday, September 20th 2006 at 3:11 am
Oh dear…….the first time I looked at the photo I thought it was Macaulay Culkin. Div of the year surely.
Wednesday, September 20th 2006 at 3:46 am
He deserves it, looks really young - probably like 15-17 years old
Wednesday, September 20th 2006 at 4:31 am
Well… being that it says his DOB is April, 1988 we know he is 18.
Wednesday, September 20th 2006 at 4:58 am
As you have said it, he’s a kiddie; unless he is some kind of a youth expert hacker, then you won’t get to see so many kiddies trying to mask themselves while “vandalising” the server.
Wednesday, September 20th 2006 at 4:59 am
[…] Der Qbi scheint eine neue Kategorie in seinem Blog zu haben namens “Scriptkiddie des Monats“. Da hat doch tatsächlich so ein Kiddie sich einen Shellzugang bei Chris Brunner registriert, als erstes eine Kopie seines Ausweises hochgeladen und dann versucht ein paar Kiddiescripte zu starten. Das gehört wahrlich in die Kategorie “ich bin blond”. Mir bleibt nur zu hoffen, das der Qbi das Ernst meint mit der Überschrift und so etwas jetzt monatlich veröffentlicht. […]
Wednesday, September 20th 2006 at 5:05 am
Nice one online tv, “probally like 15-17″ why don’t you ask for his id…. oh wait.
Wednesday, September 20th 2006 at 5:08 am
errrrrm, count down to when he was born…
besides, keeping track of everything WE do, now THATS a crime! GRRRR
Wednesday, September 20th 2006 at 5:22 am
I know it is illegal to display an offenders image and details if he or she is under a certain age……however im assuming this guy is 18.
Wednesday, September 20th 2006 at 5:26 am
oh my god I can’t believe you just wrote that online tv.
You might have noticed that Identity Cards give a date of birth
Wednesday, September 20th 2006 at 5:27 am
@ Online TV…. yeah.. it’s photo ID? It has his birthdate on it. 04/10/1988.
Wednesday, September 20th 2006 at 5:27 am
Whoops. 19 april***
Wednesday, September 20th 2006 at 5:51 am
[…] read more | digg story […]
Wednesday, September 20th 2006 at 5:58 am
If you looked on the card it tell’s you the birthday, no need for guessing age.
Wednesday, September 20th 2006 at 6:22 am
He’s 18 years old.
Old enough to be extraditet to the us.
Wednesday, September 20th 2006 at 6:23 am
He was born on april the 19th 1988, that makes him 18 years old. His ID is dated October 2001, back then he was 13 years old.
Guys like this make me feel ashamed to be Dutch.
Wednesday, September 20th 2006 at 6:27 am
Dumbass
Wednesday, September 20th 2006 at 6:29 am
Was his username skyrim?
Wednesday, September 20th 2006 at 6:30 am
what a n00b, hopefully he will be put in the same hall of shame as the worst hacker ever
Wednesday, September 20th 2006 at 6:30 am
Well he’s only 1.60m tall, which means he’s some sort of smurf.
I can’t be really suprised because Marvin is from Roermond, that’s a town located deep in a rural dutch province called “limburg”. A lot of redneck retards are from limburg.
With all the details found on his ID card a lot of nice things can be done.
Thanks for sharing!
Wednesday, September 20th 2006 at 6:31 am
Priceless!!!
Wednesday, September 20th 2006 at 6:33 am
I’m from the Netherlands and I would like to say that I am in no way affiliated with this dork of dorks.
Wednesday, September 20th 2006 at 6:36 am
lol thats just hilarious
Wednesday, September 20th 2006 at 6:43 am
Well I saw some of the conversation he had on that serverchat….
The chat-admin gave that idiot the IP of his local host…. (A real hacker should know that…even I do lol) So
1)he made his computer chrash…
2)after returning he deleted his own drives…by his own local host address ofcourse…
I’m gonna write the goverment to give his province to Belgium…
Wednesday, September 20th 2006 at 6:51 am
Wow man,hes a real nice person.
Has done his job real good.Real good…..
Wednesday, September 20th 2006 at 6:56 am
LOL, this has been taken over by one of the most popular websites in the Netherlands, www.geenstijl.nl…
This kid needs plastic surgery now
Wednesday, September 20th 2006 at 7:03 am
He is 18, born in 1988
Wednesday, September 20th 2006 at 7:06 am
Hahaha classic.
I bet Mr. Machelesen will think twice in future.
Wednesday, September 20th 2006 at 7:17 am
As a dutch security aware IT professional I’m feeling deeply ashamed
Mr. Machelesen’ future reputation is definitly good for a few laughs though, some people just have to learn the hard way.
Now that i think of it, I believe I do actually had a copy of my passport floating around on the unix shell of a server I have running somewhere, perhaps now is a good time to see if I already got rid of it, you never know
It doesn’t really matter anyway, with the current and future laws around here, its only a matter of time before some (h/cr)acker or government employee (dutch inteligence agency’s system administrators and employees are known to randomly throw usb-sticks with sensitive unencrypted information around in subways, cabs, and other public locations) finds a way to (un)intentionally expose all data in this country’s dataretention and personal information databases for all to see.
At least we still have this unique dutch softdrugs policy
Wednesday, September 20th 2006 at 7:18 am
Smiiillleeeeeeeeeeee
Wednesday, September 20th 2006 at 7:31 am
OMG this is F*cking hilarious… how stupid can you be. I’m ashamed it is a Dutch kid since I’m Dutch myself!
Wednesday, September 20th 2006 at 7:33 am
Thanks for giving me the best laugh sofar this year…!
Wednesday, September 20th 2006 at 8:15 am
From http://forums.phoenix-hosting.org/viewtopic.php?t=516&view=next&sid=0faba19cba286a1d8dc4e354e4f3fe9a:
“I’m Marvin Machelesen, and come from the Netherlands. (…) I’m into coding perl scripts, and just hanging around on IRC (might just drop by on your irc server Wink )”
Wednesday, September 20th 2006 at 8:26 am
He made a statement on his own site:
Mijn verklaring hier:
Ik heb ooit mijn ID-kaart geupload naar mijn eigen server, en waarschijnlijk ook naar silenceisdefeat.org
Ik heb nooit een perl-script om iets te flooden geupload naar de server.
Translated:
I’ve uploaded my ID-Card to my own server and probably also to silenceisdefeat.org
I’ve never uploaded a Perl-Script to flood something to the server.
Wednesday, September 20th 2006 at 8:26 am
Wow what a moron - Thats a top 10 dumbest script kiddie story fosho
Wednesday, September 20th 2006 at 8:50 am
Brilliant.
Wednesday, September 20th 2006 at 8:56 am
ROFLOL!, he’s stupid.. probably because he’s from Roermond!
Wednesday, September 20th 2006 at 8:57 am
LOL
Those dutchies x)
Wednesday, September 20th 2006 at 8:59 am
LMAO…that’s incredibly stupid. Only the Dutch…
Wednesday, September 20th 2006 at 9:00 am
“Aangezien jullie de server beetje zwaar aan het belasten zijn,
Mijn verklaring hier:
Ik heb ooit mijn ID-kaart geupload naar mijn eigen server, en waarschijnlijk ook naar silenceisdefeat.org
Ik heb nooit een perl-script om iets te flooden geupload naar de server.”
Lousy translation:
” Since the server is heavily buried, My decleration here:
I have uploaded my ID-card to my own server, and probably also to silenceisdefeat.org
I never uploaded a perl-script to flood an IRC-server.”
Wednesday, September 20th 2006 at 9:10 am
Perhaps Mr. Machelesen would benefit by taking a word of advice from Ron White: “The next time you have a thought…just let it go.”
Wednesday, September 20th 2006 at 9:15 am
I hear the word “slammer”.
Wednesday, September 20th 2006 at 9:46 am
What do you expect, it’s a “Limbo”! (person from Limburg, southern province of Holland)
Wednesday, September 20th 2006 at 10:24 am
Whahahahahah pwn
Wednesday, September 20th 2006 at 11:06 am
lol…what a fucking retard!
Wednesday, September 20th 2006 at 11:22 am
Haha he looks gay
Wednesday, September 20th 2006 at 11:26 am
whahaha, im from holland too, what a fool!!
Wednesday, September 20th 2006 at 12:34 pm
how do you know that is not the hacker trying to fool you into thinking this guy hacked you? no one can be that stupid!
Wednesday, September 20th 2006 at 12:46 pm
whaha! nice job m8!
Wednesday, September 20th 2006 at 2:17 pm
This guy uses no style!
Wednesday, September 20th 2006 at 5:42 pm
“Brunner is making history…all you guys that think hes making a mistake and what not….i admire him for doing something different from anyone else…and having the courage to say “look i did it, what now” type of scenario. Ill see you in heaven man…….grats. ”
script kiddys were already invented.
Thursday, September 21st 2006 at 9:20 am
Statement on his own website: “Aangezien jullie de server beetje zwaar aan het belasten zijn,
Mijn verklaring hier:
Ik heb ooit mijn ID-kaart geupload naar mijn eigen server, en waarschijnlijk ook naar silenceisdefeat.org
Ik heb nooit een perl-script om iets te flooden geupload naar de server.”
Translation: “As you are somewhat overloading the server,
My statement here:
I once uploaded my ID-card to my own server, and probably to silenceisdefeat.org as well
I never uploaded a perl script to flood something to the server.”
Thursday, September 21st 2006 at 10:13 am
this Dutch guy or gay whatever he is calls himself a hacker?
uhhmmm… turning off a firewall is a simple thing if you cant do that your not a hacker, please Marvin give me a break. Uploading your ID card on your own server and than hack some one is very smart, its like going to the police and telling them you killed some one after you killed some one!
Marvin you’ve got allot to lurn but this mistake was so stupit and where ever you go and what ever you do I’ll be watching you and I think others will be to
Thanks www.geenstijl.nl for putting story about Marvin on your webpage, this is great and what he did was so stupit. Maybe he will win the price for ‘most dummest Dutch hacker of the year’ you’ll never know??
kind regards unchain3d (the dj)
Thursday, September 21st 2006 at 10:21 am
duuuuude be smart.
the guy cant be framed for cyber crimes in holland.
neither can you for all kind of other actions that involve computers hacking & cracking.
Friday, September 22nd 2006 at 2:04 am
[…] Hot and Spicy Sauce […]
Friday, September 22nd 2006 at 12:02 pm
Zijn hier ook naakte wijven?
Monday, September 25th 2006 at 7:40 am
I wonder how many people reminded him to renew his identity card early October..
Thursday, October 12th 2006 at 7:51 pm
He probably gave his ID cause he don’t give a toss if you know who he is. If anything he doesn’t want anyone else taking credit for his efforts
Thursday, August 9th 2007 at 2:47 pm
THIS GUY, WHAT A PRO,
no one else has balls as big has his, and brains as small as his…
what a legend ;]
Tuesday, October 16th 2007 at 3:05 pm
I wonder how many people reminded him to renew his identity card early October..
Friday, June 20th 2008 at 4:45 am
no, lewney, it wasn’t. Not funny.
Thursday, September 25th 2008 at 8:08 pm
The guy looks like an idiot and he is an idiot for sure. Goddamn if u can’t think of something like that =P
glad I’m living about 100km away, might not look that far for u guys but I’m glad already =)
ps who are these idiots that keep posting translations of his statement -_-