For the past two months I’ve been engaging in #FreeHKSaveKorea by hacking printers and Twitter spoofing after I’d been nudged to do so. First one of the printouts ended up on a Taiwanese Lennon Wall.
Along with Twitter spoofings which have @embajadacoreaEC and @unicaccra (from this and this respectively), I intend to make it a Christmas gift as a counter to that of Kim Jong-un’s by having the ends being the idea covered by the media and thus save the day.
However it met a lot of delays ranging from holiday seasons where most reporters are not at work to that of Twitter’s. The latter had an massive automated purge of ‘suspicious’ accounts which saw me caught up in it; after an arduous process I was able to remove restrictions on my accounts.
But, it all seemed so ordinary until Iran’s military accidentally shot down PS 752 just like MH17. I thought the Iranian government would deny their involvement as like the Russians did with MH17 so I moved quickly to avenge the flight once more. I’d even think about a name for it – “Operation Wrath of Anakin 2”.
Hence I defaced the Iranian government website to avenge them and multi-tasked by putting #FreeHKSaveKorea message on that but as they had fixed it, here’s a list of the archives:
- http://web.archive.org/web/20200112141912/http://ganjineh.kwpa.gov.ir/Default.aspx?tabid=672&articleType=ArticleView&articleId=316
- http://web.archive.org/web/20200112144356/http://ganjineh.kwpa.gov.ir/Default.aspx?tabid=693&articleType=ArticleView&articleId=309
- http://web.archive.org/web/20200112155822/http://lib.kwpa.gov.ir/Default.aspx?tabid=294&articleType=ArticleView&articleId=4&language=fa-IR
- http://web.archive.org/web/20200112142343/http://www.tahavol.kwpa.gov.ir/Default.aspx?tabid=551&articleType=ArticleView&articleId=50
- http://web.archive.org/web/20200112155627/http://www.tahavol.kwpa.gov.ir/Default.aspx?tabid=551&articleType=ArticleView&articleId=47
- http://web.archive.org/web/20200112160955/http://lib.kwpa.gov.ir/Default.aspx?tabid=294&articleType=ArticleView&articleId=6&language=en-US
- http://web.archive.org/web/20200112155710/http://ganjineh.kwpa.gov.ir/Default.aspx?tabid=681&articleType=ArticleView&articleId=313
A kind person out there on Reddit has made a photo collage of it:
Surprisingly, President Rouhani manned up and admitted the shootdown thus I made the act a one-time only, so “Operation Wrath of Anakin 2” ended as quick as when it started.
I have an interview with Iranwire.com on my latest operation which is the shortest one so far, and I’m gonna put all the excerpts here.
What made you target the Iranian case involving Ukraine Airlines?
Flight 752 felt too much like [downed 2014 Malaysian Airlines flight] and I had avenged MH17 about 4 years ago [by hacking Russian websites]. I thought the Iranian government would deny their involvement as like the Russians did with MH17 so I moved quickly to avenge the flight once more.
How did you choose your Iranian government targets?
I accidentally came across vulnerable Iran government websites. I thought I’d hack into website backends and deface the front pages that way. But official Iranian websites only had amateur HTML/CSS code that works like XSS but is much simpler. You can introduce HTML code into the comment boxes that corrupt the strings, and ends up causing the site to execute a question and corrupt the page.
Injecting HTML to deface websites might sound amateurish to experienced hackers; but as it happened, that was the technique that gave me an opportunity to put the names of the Flight 752 victims online, to create a kind of memorial.
How many official Iranian websites and servers have you hacked?
All the defaced pages I’ve hacked on at http://kwpa.gov.ir domains i.e. belonging to the Khuzestan water organization. I have listed the defaced links together with an archive on a /r/iran thread at Reddit.
You also participated in online efforts around the #FreeHKSaveKorea movement.
In exchange for China allowing Hong Kong to give in to the demands of its #5DemandsNot1Less protesters – or at least the most important demands, at a minimum – a kind of strategic relief could be offered to #China in the form of a peaceful Korean reunification.
This can be achieved by setting up a Reunification Investment Fund as first described in Professor Shepherd Iverson 2017 book “Stop North Korea! A Radical New Approach to the North Korea Standoff”.
I initially thought that the idea would be very controversial, or unpopular, as it involved a counter-intuitive devil’s bargain; so after I posted it on my blog, I let it sit idle for several months. Before taking a leap of faith, I ardently hate Kim Jong-un very much.
Then in November, I was nudged by the Anonymous collective when they accessed some computer databases in China and leaked these to a breach directory site. In an ensuing ActivistPost.com article they publicized my blog post and revived the idea.
That’s around the time I started so-called printer hackings and Twitter spoofings … in order to prevent more senseless losses. The printer hacking was similar to what was done by Pewdiepie hackers at late-2018, by exploiting open printer ports. One of my printouts ended up on a Taiwanese Lennon Wall. Then I pulled a Twitter spoofing trick on South Korean and UN websites – just to get their attention. These printer hackings and Twitter spoofings show how obsessed I was with #FreeHKSaveKorea before the plane crash.
Describe the way these hacks work.
Printer hacking is easy – here’s how to do it. You need Shodan account, and to download the results of all printers with port 9100, exposed into a json file. Then you download the Printer Exploitation Toolkit (PRET) along with a script that parses all the IP strings in that json file, appending PRET commands before finally putting these in a text file and running it as a shell.
Twitter spoofing? Easy! You just scoop up an empty username that the webmaster neglected on his site and there you go! If Twitter decides to implement its dreaded “inactive account policy” then it’s expected that this kind of spoofing will become commonplace.
Finally, HTML Injection. The Iranian government did not properly sanitize HTML strings in its comment boxes, so it made it possible to executed HTML scripts, making it possible to deface their websites.
I felt that the Twitter spoofings at the South Korean and UN websites are not “attacks” in the classic sense. I just wanted the ideas behind my actions to get mainstream attention so that the situations in Hong Kong and Korea wouldn’t deteriorate.
But regardless of your intentions, “hacktivism” is a crime; how do you justify what you do?
Interestingly enough, there is actually a debate on exactly that issue on the comments section of my /r/iran thread. One user, vatanparast, said: “What is legal and what is morally right are not always the same. Governmental laws should absolutely be disobeyed and actively fought against when the society is fundamentally unjust against the people. If the laws do not allow for freedom for all to have the best lives, with liberty and the pursuit of happiness that the country can provide, then they are worthless and must be disobeyed and thrown out.”
What do you want to say directly to the Iranian people?
I’d like to thank all the brave Iranians who stood up against the Iranian government’s initial cover-up attempt in the aftermath of the Flight 752 crash.
Here’s hoping that the #FreeHKSaveKorea idea can be picked up quickly after this, but with the recent virus outbreak originating from China I sadly doubt that things would go smoothly.
Ironically for North Korea & Hong Kong, the Christmas gift has became a warped Chinese New Year’s gift. Thanks to all the kind people who’ve helped me in the course of all these times.
Cyber Anakin 