Plagued 4chan - the Internet hate machine

[tmfyeki]

nigger the fact that this thread reached 550 pages in 36 hours is a testament to the legacy and of 4chan. and if Null disclosed how many new members joined yesterday, it would be evident. the Sharty alone gained 10,000 new posters. 4chan had and has the largest userbase besides the overlap that already existed with kiwi 8chn.moe and sharty

Although i dont doubt most users will stop posting once 4chan is up again, i wonder if such a big number of users ever started posting on their kiwifarms thread

 

[Susie Sumner]

Gee Hiro. You really put that cybersecurity cert to good use...

 

[Schpoots]

I wonder how many times 4chan has been hacked. It sounds like the only reason they knew they were hacked this time was because the sharty was having fun and leaking stuff. It could have been compromised in the past and quietly scraped without anyone noticing. This pdf exploit doesn't sound that complicated so I find it hard to believe nobody else tried it.

Skitzotheory: The site was left intentionally unsecure so the feds could quietly break in whenever they wanted.

 

[Chemo]

The whole thing is sus if you ask me. I don't buy this larpy hack story. Glowies are doing glowie shit. I'm going to be hauled in front of the Sanhedrin in a few years with a more efficiently organized and catalogued post history presentation used as evidence against me.

Source: My account is just over 5 minutes old, that credential speaks for itself.

 

[Xarpho's Return]

That other guy on here is right, I keep going back to my bookmarks due to muscle memory and then remembering 4chan is dead.

I know that feel, there's some forum I used to use that closed recently (basically wiped from the Internet) in the last week. Basically got DDOS'd and the guy was like "well I don't really want to do this anymore, bye!"

That said, I don't know if 4chan will be back, and it will be worse than ever--the next crop of jannies will probably zap you for posting anything remotely fun or interesting.

Mods, ban every mid-april join date.

One of the Nullposts in this thread was specifically denying requests to close registrations.

 

[Greate Pier]

There's a guy in here that's setting it all up to run on a VM to try and replicate it, so I'm holding out on things until then. I'm not some super code monkey or anything. I work with SQL and shit but not on any kind of forum level and I don't have any kind of skill in like malicious coding, so I'm just going off of what I know. It just all feels somewhat too easy in my gut if that makes any sense.

I understand the feeling, and you may be proved right eventually; but sometimes it really is that easy.
For example, there is a robot used by some companies as a greeter, which costs about 32 thousand eurobucks. This robot has an open TCP port, which will simply accept any commands sent to it, thus allowing remote control without any authentication.
In addition this robot has an admin panel reachable over HTTP, which transmits credentials in plaintext, however even if that wasn't the case, the robot also has a default and unchangeable admin username, allowing easy bruteforcing considering there are no measures against that either. As if that wasn't bad enough, if you get those cleartext credentials, you can ssh into the robot, and immediately escalate privileges to root, because the root password is hardcoded to be root.
This is a bit off topic, but I think it stands as a good example. If you're interested in reading more just search up "pepper the robot hacking"

 

[Pure Autism]

Something just occurred to me, have you newfriends been experiencing. This?
If so, please, turn on the dark theme. You've suffered enough. We're currently doing plumbing.

 

[Nothing Is Written]

"According to S0I1337, it was done by exploiting a vulnerability on 4chan's outdated GhostScript version from 2012 by uploading a malformed PostScript file renamed to PDF to gain arbitrary code execution as 4chan didn't check if files with PDF extensions were actually PDF files, and not through social engineering, betrayal or SQL injection. It was also revealed that 4chan ran on FreeBSD 10.1, which went end-of-life in 2017[3], outdated versions of nginx, PHP and MySQL and its source code was riddled with vulnerabilities...."

- https://wiki.soyjak.st/Great_Cuckset

a.k.a The 'Ack

 

[grocerygoblin]

The reason that it takes so long for these things to be discovered is the assumption that everyone else has already looked and found nothing because the site hasn't been hacked. This happens every time.

What are we paying security researchers for anyway

 

[cloudyy]

I think this is a testament to how boring 4chan has become. Nothing of interest happens there, so there was nothing to really discuss. The shiwi thread only retained that level of activity because all the autistic teens cross-post between here and the sharty. The fact this thread remained dead for so long shows just how fucking lame 4chan really is.

it became boring in the way that it got too popular, and the overall quality went down. but outside of that, if you had niche interests it was pretty cool. and even then, /sp/ was good example when something popular was happening it was actually fun to be there.
i frequented couple generals and as it goes with every single general on 4chan, it had the resident schizo or two but apart from that it was the best place you could talk about your interest. i seriously have no idea what other place i could go to complain about X thing, call someone every possible slur under the sun AND get a reply for a question i was asking from some random Anon all in the same post.

 

[Nothing Is Written]

There's a guy in here that's setting it all up to run on a VM to try and replicate it, so I'm holding out on things until then. I'm not some super code monkey or anything. I work with SQL and shit but not on any kind of forum level and I don't have any kind of skill in like malicious coding, so I'm just going off of what I know. It just all feels somewhat too easy in my gut if that makes any sense.

It will be ready within 24hrs. The hardest bit is finding the outdated packages and emulating the server hardware environment but I might be overcooking it.

 

[NetSphere]

Are actually they bringing 4chan up again after they "fix all issues" ? Saw plebbitors talk about a supposed leak of the private janny discord where they allegedly talked about taking an entire month to bring it back up, haven't seen any screenshot or anything of the sort besides the Twitter post so I wonder if you guys had a screen of thar private discord

 

[Johnny Ringo]

>I think this is a testament to how boring 4chan has become. Nothing of interest happens there, so there was nothing to really discuss
>The fact this thread remained dead for so long shows just how fucking lame 4chan really is.

nigger the fact that this thread reached 550 pages in 36 hours is a testament to the legacy and of 4chan. and if Null disclosed how many new members joined yesterday, it would be evident. the Sharty alone gained 10,000 new posters. 4chan had and has the largest userbase besides the overlap that already existed with kiwi 8chn.moe and sharty

Well, yeah. The site had millions of users and people looked for something to kill time until it all blows over.
Doesn't really mean it was the spigot of internet culture anymore. Hell I'm sure twitter has a bigger impact these days with how 50% of daily threads on the high ppm boards was some retard making an asinine statement.

What was the last cultural zeitgeist 4chan pushed?

 

[Shitoko]

The whole thing is sus if you ask me. I don't buy this larpy hack story. Glowies are doing glowie shit.

Only a seething jartycuck would say that

 

[HighschoolOutnOut]

According to someone in the 4chan IRC, it will take them 3 weeks to assess damage and restore service.

The website will be back in a couple weeks then.

Nothing ever happens

 

[DonScion7]

Something just occurred to me, have you newfriends been experiencing. This? View attachment 7229461
If so, please, turn on the dark theme. You've suffered enough. We're currently doing plumbing.

This place has a light theme?!

 

[Paridae]

I understand the feeling, and you may be proved right eventually; but sometimes it really is that easy.
For example, there is a robot used by some companies as a greeter, which costs about 32 thousand eurobucks. This robot has an open TCP port, which will simply accept any commands sent to it, thus allowing remote control without any authentication.
In addition this robot has an admin panel reachable over HTTP, which transmits credentials in plaintext, however even if that wasn't the case, the robot also has a default and unchangeable admin username, allowing easy bruteforcing considering there are no measures against that either. As if that wasn't bad enough, if you get those cleartext credentials, you can ssh into the robot, and immediately escalate privileges to root, because the root password is hardcoded to be root.
This is a bit off topic, but I think it stands as a good example. If you're interested in reading more just search up "pepper the robot hacking"

I'm not saying the method itself is hard. Not at all. Just that I'm pretty sure someone would've tried this by now because /tg/ itself has had a ton of trolls and shit which is why /qst/ had to be made. If there was an exploit to be had with uploading PDFs, they would've found it long ago.

 

[Greate Pier]

It will be ready within 24hrs. The hardest bit is finding the outdated packages and emulating the server hardware environment but I might be overcooking it.

You're doing gods work, very interested to see your results.

 

[GillyLilly]

One of the Nullposts in this thread was specifically denying requests to close registrations.

he should change that before you guys repeat the fall of rome

 

[ringtones]

Most of the spam comes from discord servers. Back when 4chan had IPs, stickied threads they couldn't even reach 1 thousand unique IPs most of the time. It's by no means a "major" outlet for anything, that would be twitter.

are you fuckin' serious? So 4chan spam essentially doesn't happen and somehow actual, real humans in fucking tranny discords are the ones typing up tens of thousands of spam posts per day? Get out of here with this kind of stupid