Jester, More Questions Unanswered Than Answered.

After all the drama and series of posts about AnonymousLK, I decided to write a post that I was thinking to write for a long time, a post about “The Jester” (th3j35t3r).

Basically Jester is a “patriotic” hacker that launches denial of service attacks on Jihad terrorist websites. If you are someone wondering who’s jester, the wikileaks page about Jester and this blog post about jester gives all the information you need to know about jester’s history from the beginning.

Before writing the post I have to say, I’m not a supporter of jester, nor I’m against him, I’m just an observer on the internet and looking online drama eating pop corn. However I am against Anonymous.

The thing I’m happy about jester is going after the Jihadi websites and taking them down with his DoS tool XerXes, according to Sam Bowne XerXes is most likely a modified SlowLoris tool. Well I’m not going to talk about Jester’s history and what’s he doing, I thought of writing this post after seeing what’s happening with Jester recently.

Jester’s famous quote is,

There is an unequal amount of good and bad in most things, the thing is to figure out the ratio and act accordingly.

I think same can be said about Jester, there is an unequal amount of good and bad in him. Jester has a good side and a bad side, the bad side of him is making people leave Jester and made me write this post.

Some of his former IRC channel ops and some of former Jester fans have now formed a separate movement called ReaperSec that’s heavily criticizing Jester. You can read their blog at

First of all Jester lies more than he should, and takes credit for what he has not done, as reapersec points out on their blog post :

  • Modified LOIC to expose users IP – Never happened, unknowing users where exposed by default.
  • Infected distributed to Anonymous – Never happend, AnonymousDown found the file, th3j35t3r asked Tyrkoil to write his blog post claiming that he (th3j35t3r) had modified the file.
  • Anonops Anope Services dump – Didn’t directly take credit, but did refuse to give credit to individual who performed the hack. Originally performed by HackThePlanet if I recall.
  • DoS’d LulzSec’s Server – Again, never happened, this was later confirmed by Matthew Prince, CEO of Cloudflare, during Defcon 19.
  • Tripoli Post hack – Used a known vulnerability as XSS (Cross-site scripting) to inject a photo that looked similar to an actual article. (Target Site | Image Source | XSS Effect) This will only work if you use the link he provided. No, he didn’t actually hack into the Tripoli Post web servers.

This also includes the TeamPoison arrests. Yes, Jester went on a exchange of words with Trick of Team Poison, but it was actually LeRes that did the important part in identifying the members of Team Poison, however it was jester that really took credit for what LeRes has done.

The QR code hack of Jester :

Yes, when I first read the post about the QR code hack I was like OMG (yes I have to admit that I didn’t went through the code until people started questioning about it), and soon after that many people started to question about the QR code hack, even the people within the jester’s IRC channel still are in doubt about the hack for many reasons,

  • How did jester use an exploit  in webkit to hack in to Android and iOS devices that was patched back in 2010?
  • You need two shell codes for Android and iOS devices, Jester’s code lacked platform detection, and how he used a single shell to hack both iOS and Android devices is still a big problem.
  • The data that jester said he got after the QR code hack which he said he’s going to publish was never published.
  • Some of the people that said who scanned the QR code has actually never scanned the QR code.

Although the Wikipedia page about Jester say that he released an encrypted version of the data from the QR code hack I talked with someone from the jester’s IRC and I couldn’t find anyone who has actually seen the data (from the people I talked at his IRC and people elsewhere on the internet), and although Jester said that he sent the data to the FBI, according to people at his own IRC it’s another big lie.

You can read a more technical explanation about why the whole QR code hack is a fake from these two explanations by ReaperSec:

Where is Saladin :

If you don’t know Saladin is the new mysterious tool by jester that is capable of vanishing websites in to thin air, actually as far as most people believe a tool like that cannot exist. I even talked about this with Sam Bowne, the problem is taking a website down is possible like a mass defacement, however even if you take the website down the administrators of the site should be about to use the domain name of the website because there is no problem with the domain names. This is a question that nobody is capable of answering.

The only best explanation came from ReaperSec itself where they showed that all the domain names have been expired and the owners haven’t renewed it, and jester just made the story up about a mysterious tool called Saladin to take credit.

Duck and run when the going gets hot?

These are so many questions that are yet to be answered by the Jester, however looking at the recent happenings rather than answering the questions look like Jester is more interested in playing a Duck and run game when the going gets hot.

For example when the jester posted about the QR code hack in March, people started questioning him, rather than answering he started a fight with TeamPoison and then everybody took notice about TeamPoison and what they did, and after TeamPoison went down, everybody forgot the QR code hack and Jester didn’t answer the questions made.

Even when people started talking about Saladin, same thing happened, Jester said he was going to post a full disclosure about Saladin, but then mysteriously went dark on the day where he said he’s going to publish the post. Then came some drama from the @cubespherical twitter account saying he knows jester’s identity, people came up with different opinions of jester going dark. Jester came up few days later, bashed @cubespherical. Never answered the questions any question, the post about Saladin full disclosure never saw the light of day.

Most of my friends now believe that @cubespherical and Jester are the same, and Jester put on this online drama to cover up about Saladin.

Why is Jester strong?

I think jester is influential because of his loyal fan base, some of them are following him blindly, and although some are followers of him, they still have doubts about Jester and his capabilities and don’t believe what he’s saying about Saladin.

It’s because of these followers that help Jester in fight what’s coming at him, if it wasn’t for LeRes Jester wouldn’t have released information about TeamPoison members. Jester didn’t even properly dox Sabu.

Final conclusion?

In my opinion I think Jester is just another “grey hat hacker”  who is overly hyped on his DoS  attacks on websites, if you have the knowledge you can DoS, DoS attacks happen everyday on the web, so what’s the fuzz about Jester’s DoS? Yes, DoS attacks on Jihad websites is a good thing, apart from that what is he good at?

I think now most people are starting to realize that Jester is another DoSer that’s getting too much attention, and Jester likes getting attention, I think he enjoys getting attention. I think that’s why he’s taking credit for things he didn’t do. And put online dramas, so people will know about him. After all what has he done apart from doing DoS attacks? He’s like a thug surrounded by trolls that support him, without his fans he’s just no body.

I might be wrong in this opinion, but still I hope Jester will at least give his disclosure of Saladin, so we can see he’s telling the truth.

Action speaks louder than words but not nearly as often. – Mark Twain


One thought on “Jester, More Questions Unanswered Than Answered.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s