Intervjun är gjord över Internet Relay Chat (IRC) av Anti Online. Då vissa delar av intervjun skulle bli mer eller mindre obegripliga i en översättning, publiceras den på sitt originalspråk.

WHH = White House Hacker
AOL = Anti Online

WHH - it was just phf/ufsrestore
WHH - :P
AOL - vulnerable to phf
WHH - it was.. yeah..
AOL - they are running Solaris??!?!?
WHH - yeah
WHH - www1 is solaris7
WHH - there isn´t much email on the system
WHH - this is /var/mail
WHH - # ls -lFa
WHH - total 18
WHH - drwxrwxrwt 3 root mail 512 May 10 04:30 ./
WHH - drwxr-xr-x 26 root sys 512 Apr 27 10:00 ../
WHH - drwxrwxr-x 2 root mail 512 May 7 18:57 :saved/
WHH - -rw-rw---- 1 root mail 6079 May 10 04:30 root
WHH - #
WHH - root just has some crontab sheet in it
WHH - they have tripwire running on the boxes...
WHH - it seems to be an insecurity for them
WHH - cause its ftping over between the boxes
WHH - and the password is sniffable..
AOL - what time was the box hacked
WHH - -- TCP/IP LOG -- TM: Mon May 10 00:50:04 --
WHH - PATH: =>
WHH - STAT: (ftp)Mon May 10 00:50:05, 10 pkts, 57 bytes [TH_FIN]
WHH - DATA: USER webadm
WHH - :
WHH - : PASS pavar0t%
WHH - :
WHH - : CWD /TripWire
WHH - :
WHH - :
WHH - :
WHH - :
WHH - --
WHH - box was hacked about 11:30 or so PST last night I think
WHH - wait no.. it was before that..
AOL - last night meaning May 9th ?
WHH - like.. about 9 pm PST
WHH - I missed x-files cause this was more important :P
AOL - May 9th 9 PM PST?
WHH - yeah
WHH - that tcplog was 8:50 PST.. so it must been owned slightly before that..
WHH - ya
WHH - k..
AOL - the www1 server is linked to www ?
WHH - its one of two servers hosting the page..
WHH - # nslookup
WHH - Server:
WHH - Address:
WHH - Name:
WHH - Addresses:,
WHH - #
WHH - the two IPs are www1 and www2
WHH - okay..
WHH - the page should replace for over 1/2 the people at 6am pst..
WHH - I´ll have it try to steal www2´s ip..
WHH - so a few people who dns www to the other server will get this one anyways
AOL - ok
AOL - why the particular attack on
WHH - because it was easily exploitable... and was pretty high profile
AOL - Were there any political reasons? personal reasons?
WHH - okay... well the thing is..
WHH - altomo and lyp0x came to me telling me that they found a phfable site w/ my scanner
WHH - and that it was
WHH - so I rooted it..
WHH - and am posting thier html...
WHH - so.. the message is mainly altomo´s.
WHH - it wasn´t specifically targeted for an attack, so it wasn´t a political reason.
AOL - oh okay
WHH - as for personal reasons.. it always feels good to get into a high profile place.
AOL - alright
WHH - well, pretty much.. once it known that that site was vulnerable, it was already rooted to me.. at least, just a couple minutes away.
WHH - since it was solaris 7, and vulnerable..
WHH - I just assumed that they recently upgraded thier software, and that they assumed it would be more secure with recent distobutions of thier OS and server software
WHH - which is normally a big mistake
WHH - everything was pretty much a default installation
WHH - the main problem was deciding when to post the page... wait to long... you might lose access when the admins gain a clue... to it too fast, no one will know.. everyone would be a
WHH - sleep... and we would also miss out on a great sniffing opertunity..
WHH - being on a network w/ lots of .gov and all.. could possibly lead to something like the president´s email address password
WHH - (the mail exchanger is on the next class C)
AOL - yeah okay
WHH - heh.. looks like someone else is trying to own them by guessing passwords
WHH - -- TCP/IP LOG -- TM: Mon May 10 07:40:33 --
WHH - PATH: => oa00005851(ftp)
WHH - STAT: Mon May 10 07:41:42, 18 pkts, 101 bytes [TH_FIN]
WHH - DATA: USER administrator
WHH - : PASS white
WHH - : USER ftp
WHH - : USER administrator
WHH - : PASS whiteadmin
WHH - : USER admin
WHH - : PASS ftp
WHH - :
WHH - --
WHH - hah :P

Hackaren bifogade även en lista över de användare som existerade på vita husets webserver.

bing: Bing Feraren
orion: Christopher Adams
webadm: Web Administrator
cadams: Christopher Adams
bartho_m: Mark Bartholomew
monty: Monty Haymes
debra: Debra Reid
connie: Connie Colabatistto
bill: William Hadley