Post-Mortem of File System Compromise on April 30th, 2023

[Super Shiro]

Did you try asking Null about your issues with the hack in the Technical Grievances thread, Null?

 

[glass_houses]

Interesting. Sounds like the lad is facing a split in his life path: professional arsehole hacker or professional defense against arsehole hackers. The first is much more lucrative, but the second will let him sleep at night without worrying if Interpol will smash down his door at 3am.

Chose well, Turkish Teenage Hacker. Come sneed with us Kiwi Farms degenerates when you turn eighteen.

 

[Artificial Stupidity]

To be fair to you null it seems the kid was bored and kf is an easy target as there isn't any repercussions in attacking the site.
He would probably do well using that time in bug bounties, unless this opens the gate on more attacks with people looking for leverage.

 

[johnny dollars]

Good Guy Josh

 

[102]

Turkish (BLACK KARA BOĞA)

 

[Null]

Nah. Null could've been fucked over by a 17-year-old Turk-roach. Generally speaking, this shouldn't inspire confidence.

We have enough redundancies in place that the worst possible scenario would still be mostly reversible but it was a pretty embarrassing oversight.

 

[lolcow yoghurt]

Nigger...

 

[Slav Power]

We have enough redundancies in place that the worst possible scenario would still be mostly reversible but it was a pretty embarrassing oversight.

Was it even your fault or the fault of openresty/XenForo?

 

[Darkholme's Dungeon]

He also could have potentially done a lot more damage if he was really trying to be malicious, so I'm grateful for that.

A grey hat, in this day and age? The last one I remember was some fella writing a worm to fixed pwned linux machines from the early 00 or late 90s while leaving a nice popup log telling the owner to fix their shit so they didn't have to.
Edit: The worm was to fix the 1i0n worm

# removes rootshells running from /etc/inetd.conf # after a l10n infection... (to stop pesky haqz0rs # messing up your box even worse than it is already) # This code was not written with malicious intent. # In fact, it was written to try and do some good.

 

[Post Reply]

Interesting. Sounds like the lad is facing a split in his life path: professional arsehole hacker or professional defense against arsehole hackers. The first is much more lucrative, but the second will let him sleep at night without worrying if Interpol will smash down his door at 3am.

Chose well, Turkish Teenage Hacker. Come sneed with us Kiwi Farms degenerates when you turn eighteen.

There is a third path: dickless tranny programmer. Hopefully this Turkish kid chooses to wear the white hat instead.

 

[Rommelbutt]

Nah. Null could've been fucked over by a 17-year-old Turk-roach. Generally speaking, this shouldn't inspire confidence.

You can still be nice to Null.

 

[Null]

Was it even your fault or the fault of openresty/XenForo?

It was mine. I had borrowed configuration files from nginx to achieve higher performance with our file server, but failed to realize how much I was empowering nginx.

XenForo's fault, as far as that goes, is that it tries to use PHP-FPM as a file server instead of doing anything reasonable, so I have to try and circumvent it as much as possible.

 

[Dona Morte]

Just peeped into Telegram spazzy fit from some people.

Please stop embarassing the Farms spazzies.

Anywho, we back and Null remains a chad.
Back to budness folx.

 

[TheDarknessGrows]

Based ice cream parlor trickster.

Delightful!

 

[Kept Ya Waiting Huh]

good shit, jersh

 

[analrapist]

For those seething about a Turkroach impacting the site, consider this. Said Turkroach achieved what the troon squad's been trying to do. It's not that he's "great" (though clearly he's good), it's that Troon Squad can't even outhack a Turkroach.

And "Turkroach" is probably overly insulting. Null thought he was worth encouraging, so I'll follow his lead in this disclaimer. Git gud, bruv.

 

[Dyn]

Nah. Null could've been fucked over by a 17-year-old Turk-roach. Generally speaking, this shouldn't inspire confidence.

Confidence in what? We're not entrusting him with our government ID's and banking details. This is a controversial website with a lot of enemies, run by a single man. You should know and accept it's going to be hacked, and you should be keeping your personal information far enough away from this place that you never have to clench your asshole in anxiety when the database inevitably gets leaked.

 

[Kees H]

A Turk not defacing the website with their buttugly flag but just replacing a couple of files is pretty okay. This guy should be the example to the other Turks.

 

[mindlessobserver]

Aww, Janny Jersh is being an internet daddy for zoomers. Yer getting old Null.

 

[Dysnomia]

Look null you should have just turned it off and on

You gotta jiggle the handle.

It was nice to go easy on the kid. Hope he makes something good out of his life.