Three days after the vulnerability, I check the guestbook logs.

  Nobody mentioned it in channel. Nobody messaged me about it. The download counter keeps climbing.

  Either no one saw those messages, or no one cared enough to say anything.

  I don't know which is worse.

  But the site's still running. The guides are still helping people.

  Our IRC server is doing 120 users during peak hours. Website driving traffic. Users joining organically.

  I'm in #crew with SpaceGoat and SteeZ.

   so we have all this. now what

   we use it

   for what

   taking channels on efnet

   you serious?

   dead serious

   we've been watching people do it for months

   now we have the infrastructure

   coordination center

  SpaceGoat is right. We've spent months watching other crews take channels during net splits, seeing them build empires on EFNet while I just operate a few channels on DalNet-channels I haven't even been paying attention to. Now we have the tools.

   start with something not too big

   #hip-hop

   hip hop?

   yeah man its perfect

   we all listen to hip hop. its active but not massive. and those operators are weak

   they have any bots?

   none

   ive been watching for a week

   just two lazy ops no protection

   no bots at all?

   no bots

  That's rare. Most active channels have at least one bot running 24/7 on a Unix shell account—can't be knocked offline with Windows exploits, can't lose ops. But without bots, the channel is completely vulnerable.

   so we take it

   we take it

  My heart starts pounding.

   how

  We've never done this before. But we've seen it done.

   dos everyone off. be first ones back. empty channel = we get ops

  DOS-Denial of service attack. Since most likely everyone on there is using windows, this should be simple.

  If we can clear everyone out, the channel will die completely. First one back in gets ops automatically.

  Just brute force. Clear the channel. Take it.

   give me 10 minutes. ill start collecting IPs.

  Within minutes he's done.

   got everyone

   all the users except you

   so i stay in the channel?

   everyone else goes down

   then i leave and rejoin first

   auto ops

   steez and i will hit the list

   ska you watch from inside the channel

   when it empties out, you leave and rejoin

   ready?

  This is happening fast. Just like that, we are going to take over a channel on EFNet.

   lets do it

   on my count

   3

   2

   1

   go

  I watch #hip-hop. My crew is launching the attack from their shells. I just have to watch and wait.

  The effect is immediate.

  * Rakim4Ever has quit IRC (Ping timeout)

  * MC_Lyte has quit IRC (Read error: Connection reset by peer)

  * Wu_Tang_Fan has quit IRC (Ping timeout)

  * NastyNas has quit IRC (Connection reset by peer)

  * BeatMaster has quit IRC (Ping timeout)

  * HipHopHead has quit IRC (Read error: Connection reset by peer)

  * DJ_Premier has quit IRC (Ping timeout)

  ...

  #hip-hop on EFNet explodes with quit messages.

  Seventy users vanishing in ten seconds. The ops included.

  The channel is empty except for me. No ops, no control. Just me sitting in an empty room.

  I leave the channel.

  Rejoin immediately.

  * SKa () has joined #hip-hop

  * #hip-hop: No topic is set

  * #hip-hop was created on Sat Dec 6 1997

  First one back. Auto-ops.

  I trigger my bots to join and let SteeZ and SpaceGoat know that it's safe to join now.

  * ska|bot () has joined #hip-hop

  * SKa sets mode: +o ska|bot

  * SteeZ () has joined #hip-hop

  * SpaceGoat () has joined #hip-hop

  * ska|bot sets mode: +oo SteeZ SpaceGoat

  I have it. We have it.

   WE GOT IT

   YOOOOO

   hip hop is ours

  Users start trickling back into #hip-hop, confused about what happened. The old ops reconnect and immediately start complaining.

   what the hell

   who are you people

   new management

   this is bullshit

  * Rakim4Ever was kicked by SKa (new management)

  The other old op, MC_Lyte, tries to argue.

  * MC_Lyte was kicked by SteeZ (deal with it)

  SpaceGoat changes the topic: 'Hip-Hop Discussion | East Coast, West Coast, Underground | New Management'

  We've done it. In less than two minutes, we've taken a channel with seventy-three users and made it ours.

   that was too easy

   we should do more

   yeah but what

   bigger channels

   like what

   #hack, #hackers, #hacking, #mp3, #warez

   those are the big leagues

   so?

  The tale has been taken without authorization; if you see it on Amazon, report the incident.

  I feel like I just knocked out Glass Joe in Mike Tyson's Punch Out. Exciting, yes, but there are bigger challenges ahead.

   hang on

   you seeing this

  He pastes a series of messages from #2600 on EFNet. I've been too focused on #hip-hop to notice the discussion happening.

   #hackers just got hit

   again?

   third time this week

   two crews battling for it

  I switch windows and join #hackers on EFNet.

  One hundred forty-seven users. Ten people with ops—five from DarkOps, five from IronClan. The channel is pure chaos.

  The pattern repeats across the channel—deop, kick, ban, counter-deop, restore ops, remove ban. Back and forth in millisecond cycles. Whoever has more bots and faster scripts wins. Automated warfare.

   this has been going on for twenty minutes

   neither side has clear advantage

   probably need to wait for a net split

  Split riding. That's what they call it.

  When IRC servers disconnect from each other—a net split—the network fractures into islands. Channels that look full on one side appear empty on the other. If you have bots positioned on the right servers, you can claim the empty side. When the servers reconnect, there's a collision. Multiple ops.

  The sophisticated crews have bots spread across different servers, waiting. When a split hits, they race to grab channels on the empty side. Can't DoS the bots—they're on Unix shells, immune to Windows exploits. Have to use the network's own instability against itself.

  Our DoS attack on #hip-hop won't work here. These channels have protection.

  I switch back to #2600.

   darkops probably gonna try something dumb

   like what

   desync

   lol good luck

   hard to pull off

   yeah but if it works

   whats desync

   timing trick. servers get confused about channel state

   confused how

   split state sticks on different servers

   both sides think theyre right

   so like both think they have ops?

   or neither does

   or one side forgets who has what

  There's a pause. Scroll stops.

   sounds busted

   efnet is full of busted things

   why old crews still hold channels

   old crews?

   phantom ops from splits nobody lined up

   just sitting there?

   server keeps the state

   nobody else sees it

   until when

   until the right split hits again

  Another pause.

   people actually do this?

   rarely

   most lose the channel trying

   never get it back

   so why risk it

   because when you time it right

   the channel state favors you — then it’s up to you to lock it down

   dont have to fight as hard

   timing does half the work

  The topic scrolls by. Someone pastes ASCII. The channel moves on.

  I don’t.

   you guys watching #hackers

   yeah

   thats what we should be doing

   we just took hip hop in two minutes

   we could do this

   nah man this is different

   these crews have been doing this for years

   so

   we learn

  I watch the battle unfold. Bots cycling through. Commands firing in milliseconds. Neither side winning.

  Eventually, DarkOps gets the advantage. Five IronClan bots kicked simultaneously. DarkOps secures all the ops.

  The channel settles. New topic. New management.

  Thirty-five minutes of warfare.

   we need better bots

   we need scripts that react automatically

   and we need to learn split riding

   positioning bots on different servers

   waiting for splits

   and eventually desynch attacks

   what?

   something i just learned. timing exploit. forces servers to disagree about channel state

   thats advanced shit

   yeah. but we learn

  I check other channels. #mp3: 1,847 users. #warez: 1,102 users. Massive operations. Professional clans. The real prize.

  But #hackers? One hundred forty-seven users fighting over bravado and status.

   we start with hackers

   not mp3 or warez?

   those are the whale

   we prove ourselves on the hacking channels first

   how many bots you count

   darkops had twelve at least

   ironclan had more

   we have three

   so we build more and make them more efficient

   you really think we can do this?

  I look at the channel. One hundred forty-seven users. DarkOps and IronClan—established crews who've been fighting for who knows how long. Botnets we've only started to understand.

  We have three bots. They have dozens.

   yeah. we can

  I sound more confident than I feel. But that's half the battle, right?