Twitch has been compromised

Skitzels said:
I love watching the divide on Twitter over Hasan’s earnings among the Commies
Click to expand...
I like that almost all twitch streamers kind of sign a contract where they make millions of dollars but have to sell their souls and ethics with the contract basically or the banned and gulaged basically.
 
  • Like
Reactions: Kiwisee
ArthurEdwards said:
I bet Pokimane's feet pics are in those files.
Click to expand...
Best I found is a pic of some server equipment (vidops/kontron_ticket_data/GSOC-00000/rma_files).
Kontron v4:5 Sled Visual.jpg
That's enough for today for me. Hopefully something funnier will be uncovered in the following days.
 
  • Like
  • Informative
Reactions: Next Task, Justa Grata Honoria, MintandRue and 8 others
Since nobody seemed to talk about the actual structure of the leak so far allow me to indulge in autism.

From looking at some of the files like twitch.zip, I was able to discern the following information:
  • Each zip file is a Github Enterprise organization or user. The folders in each zip file are repositories belonging to the organization or user. This is why there are seemingly random things like "kevinbacon" there, they're just Twitch internal usernames with repos probably being forks of actual repos or just personal internal tools.
  • The actual address of this Github Enterprise install is git.xarth.tv. Many files in twitch.zip/docs/ reference this domain. When visited, you are taken to Amazon Midway Auth, confirming this.
  • As mentioned before, many repositories contain lots of vendored third-party software or forks. I have no idea why some of them are as big as they are, I can only assume that they commit binary blobs to the repos and never clean them up with git-filter-branch(1).
  • For some reason all internal Twitch developers use justin.tv emails. Whether this is on purpose or was because they never bothered to change it I don't know.
  • Each subfolder contains the .git folder, meaning the full commit history is available. It seems like the current Twitch Git infrastructure was set up at around 2016, since a lot of repos seem to have an initial commit around that date.
  • They put credentials directly in the Git repos :story: Even I didn't do that when I was interning over 10 years ago in some shithole web shop.
There's also some internal Twitch lore in twitch/docs. Here's "lol/slackbot-has-something-to-say.md" (the links are unreachable without credentials):

Markdown (GitHub flavored): 
(April 2017) https://twitch.slack.com/archives/C0266V6GR/p1492035669647923


Context: A relatively little-known channel by the name of #the-hunt was using five Fieris (:flavortown:) to trigger Slackbot messages notifying their channel of delicious food, which was (more) relevant when most employees in SF were located in 225 Bush.


Problems arose when this was inadvertantly triggered in **#general**, notifying 1200 users (mostly employees) that... there was delicious food somewhere.


![screen shot 2017-04-17 at 3 00 50 pm](https://git.xarth.tv/storage/user/46/files/b2a47af8-237e-11e7-9fd5-7784f799dbd7)


(June 2016) This timebomb had been predicted by the great [Eric](https://twitch.slack.com/archives/C0K0XKN73/p1466022430000099).


![screen shot 2017-04-17 at 3 04 47 pm](https://git.xarth.tv/storage/user/46/files/5c2949d2-237f-11e7-8d14-1e79b9d3e902)

Digging into that xarth.tv domain a bit more:
Domain Name: xarth.tv
Registry Domain ID: 130708459_DOMAIN_TV-VRSN
Registrar WHOIS Server: whois.comlaude.com
Registrar URL: https://www.comlaude.com
Updated Date: 2020-10-05T10:07:10Z
Creation Date: 2017-07-20T22:39:24Z
Registrar Registration Expiration Date: 2022-07-20T00:00:00Z
Registrar: NOM-IQ Ltd dba Com Laude
Registrar IANA ID: 470
Domain Status: clientDeleteProhibited https://www.icann.org/epp#clientDeleteProhibited
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://www.icann.org/epp#clientUpdateProhibited
Registry Registrant ID: REDACTED FOR PRIVACY
Registrant Name: REDACTED FOR PRIVACY
Registrant Organization: TWITCH INTERACTIVE, INC
Registrant Street: REDACTED FOR PRIVACY
Registrant City: REDACTED FOR PRIVACY
Registrant State/Province: California
Registrant Postal Code: REDACTED FOR PRIVACY
Registrant Country: US
Registrant Phone: REDACTED FOR PRIVACY
Registrant Phone Ext: REDACTED FOR PRIVACY
Registrant Fax: REDACTED FOR PRIVACY
Registrant Fax Ext: REDACTED FOR PRIVACY
Registrant Email: xarth.tv-Registrant@anonymised.email
Registry Admin ID: REDACTED FOR PRIVACY
Admin Name: REDACTED FOR PRIVACY
Admin Organization: REDACTED FOR PRIVACY
Admin Street: REDACTED FOR PRIVACY
Admin City: REDACTED FOR PRIVACY
Admin State/Province: REDACTED FOR PRIVACY
Admin Postal Code: REDACTED FOR PRIVACY
Admin Country: REDACTED FOR PRIVACY
Admin Phone: REDACTED FOR PRIVACY
Admin Phone Ext: REDACTED FOR PRIVACY
Admin Fax: REDACTED FOR PRIVACY
Admin Fax Ext: REDACTED FOR PRIVACY
Admin Email: xarth.tv-Admin@anonymised.email
Registry Tech ID: REDACTED FOR PRIVACY
Tech Name: REDACTED FOR PRIVACY
Tech Organization: REDACTED FOR PRIVACY
Tech Street: REDACTED FOR PRIVACY
Tech City: REDACTED FOR PRIVACY
Tech State/Province: REDACTED FOR PRIVACY
Tech Postal Code: REDACTED FOR PRIVACY
Tech Country: REDACTED FOR PRIVACY
Tech Phone: REDACTED FOR PRIVACY
Tech Phone Ext: REDACTED FOR PRIVACY
Tech Fax: REDACTED FOR PRIVACY
Tech Fax Ext: REDACTED FOR PRIVACY
Tech Email: xarth.tv-Tech@anonymised.email
Name Server: ns-1113.awsdns-11.org
Name Server: ns-158.awsdns-19.com
Name Server: ns-1828.awsdns-36.co.uk
Name Server: ns-634.awsdns-15.net
DNSSEC: Unsigned Delegation
Registrar Abuse Contact Email: abuse@comlaude.com
Registrar Abuse Contact Phone: +44.2074218250
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/

Interesting... So the entire Twitch codebase is accessed through some domain which has guarded WHOIS records. I can only assume they did this so people can't guess something like git.twitch.tv.

As for the languages used... Twitch has made it clear on their engineering blog that they use Go already, so that's nothing new. I haven't had the chance to look through it all just yet, so I don't know whether they use any other language majorly, but I've seen PHP and Ruby mentioned.
 
  • Informative
  • Like
Reactions: spiritofamermaid, The Demon Pimp of Razgriz, Idiocy Abroad and 39 others
Amazing Criminal said:
Critical is one of those creepy fence-sitting e-fathers with a huge underage fanbase. He "tells it like it is" by having the must lukewarm milquetoast shit-opinions on current events and literal children praise him as a voice of reason.
Click to expand...
I'm surprised at the amount of people defending him on here of all places. Was he more entertaining in the past and its nostalgia? I've come across some of his vids recently and its just been ice cold uninteresting takes, nothing horrible but one of those "this guy is boring and gay and I don't need to watch any more of this". Then I had the misfortune of having one of his reaction stream highlights for a video I watched recently recommended to me. Holy shit it was painful. Literally a gormless retard watching something, not really understanding what he is watching, desperately trying to make jokes and riff on it here and there and failing miserably. Who the fuck watches this shit and then gives this guy money. I assume all streamer "reaction" content is the same and therefore needs to be burned with fire.
 
  • Agree
  • Like
Reactions: awoo, 419, Dickhorn Magnetbutter and 8 others
Merkabah said:
What sort of "normie" group are you talking about?

Fat, disgusting pedophiles are the majority in the v-tuber fanbase (just look at any v-tuber circle on Twitter or in the thread about it here), sometimes they are just as bad as those socialist zoomer rats that pay Hassan.

So far the takeaway here is that either there should be a limit to what these mentally unstable people donate to these people or the newer generations are growing more and more lonelier to the point that they believe that some loser rando on the internet is their friend.

Also, Jerma deserves more and better that any other streamer out there.
Click to expand...

I found about hololive in real life believe it or not, was talking to a guy about animation and we were talking about using after effect for puppeteering animations and distortions (when you don't have to draw frames, but rather rig on a 2D drawing in parts, and animate it as if it was a Skeletal animation) and he showed me a video with a animation with Korone, I thought it was a anime and asked what show was that from, and then I got to know about hololive.

I know, talking shop about animation isn't what we can call "normie", but it isn't like i was knee deep in some reddit corner with a bunch of weirdos jerking off to waifus. And since then, I've seen news about hololive shit even on mainstream gaming sites, like kotaku and IGN, I guess they are pretty big in Japan right now.
 
  • Like
  • Dislike
Reactions: Femboy Hooters and Owlery
George Lucas said:
This is the first time I have heard of this Hasan character.

The amounts actually don’t seem like that much. I mean think of how much an A-list Hollywood actor or a top YouTuber makes.
Click to expand...
sure , top earning celebrities might make a few million for a role in a project, but these streamer earnings are monthly figures for what equates to the laziest content, in unrehearsed rantings from people who arent actors who become the biggest leeches that appeal to the lowest consumer in society with no other hobbys or interests but to become paypigs to make the rich richer. This isn't just 'he has made xxx,xxx" its "he gets xxx,xxx monthly' EVERY MONTH. Its disgusting
 
  • Like
  • Agree
  • Feels
Reactions: ApeBass, 419, blåhaj fucker and 5 others
Mooger Meng said:
I wouldn't give them that much credit. A concert musician has to have some class; streaming is more like being a busker.
Click to expand...
you’re not wrong but the principle is the same, and twitch streaming is fucking exploding. go ahead and follow one (1) vtuber on Twitter if you don’t believe me. a dozen new ones make accounts every day and they all follow one another. the market, and it is a market, is going to be so glutted this time next year that the disparity in numbers will only grow worse.
 
  • Agree
  • Informative
Reactions: 419, Femboy Hooters, Indefinite_Ordered_Sets and 1 other person
You must log in or register to reply here.
Back