Plagued Soyjak.Party / The Sharty - The altchan born from the ashes of /qa/

Next Highlight
David Thoughie said:
I'll probably be heading to bed, I hope by the time I wake up I don't miss 1488.
Click to expand...
Goodnight 'teen
1000003984.webp
 
  • Feels
  • Like
Reactions: semitooth, Zertes, gangster computer god and 4 others
Vordhusbn said:
Posted this on the 4chan thread but just crossposting it here in case anyone isn't paying attention to the other one. Basically downloaded all shared leaks on the sharty thread.

The entire source code: https://files.catbox.moe/d56ws8.7z
Full list of all jannies/mods/admins (in username:email:role format): https://files.catbox.moe/vqkxwf.txt
Dump of the jannies private IRC channel that they all use to communicate on: https://files.catbox.moe/93d0r8.rar
Dump of the entire /j/ board (a board private only to board jannies): https://files.catbox.moe/czivhs.7z

Also autodoxxed all of the jannies/mods/admins, all files in JSON: https://files.catbox.moe/42w6h3.zip
File tree: https://files.catbox.moe/f75ypv.txt
Click to expand...
Oh don't worry, we've been paying attention. But thanks for putting all this info in one post.
This all should be archived doe.
 
Now that the Shiwicaust has been undone, please lil' Shiwis, be well behaved to avoid getting banned again, this thread is some of the funniest internet discussions that I have ever seen and laughed at in years, and I want all of the retards in here to continue producing gemmies, half of the users in this thread get banned for pissing off jannies in some way or another, but then the great 4cuck hack occurs and then they all get unbanned as a form of token gratitude from the Kiwi jannies?, it's a miracle, so don't waste it.
<GODdit spacing, redditGODS won, soyDEITIES won, 4cuckpedotroons lost
Going to bed now, hope that when I wake up, the time for the reckoning for the 4cuck janniggers arrived, this is only the beginning.
 
Last edited:
  • Feels
  • Like
  • Agree
Reactions: CasketBase, Space Police, Dozzy and 17 others
Kayfabe said:
Now that the Shiwicaust has been undone, please lil' Shiwis, be well behaved to avoid getting banned again, this is some of the funniest internet threads that I have ever seen and laughed at, and I want all of the retards in here to continue producing gemmies, half of the users in this thread get banned, but then the great 4cuck hack occurs and then they all get unbanned as a form of token gratitude from the Kiwis?, it's a miracle, so don't waste it.
Click to expand...
Don't worry, I don't plan to piss off Null anytime soon. I hope that last ban wave was the last of it.
 
  • Feels
  • Like
Reactions: Space Police, Wright, Springgreen and 2 others
Red flaming panda said:
Who needs the Sharty when we have ze 4cucks source code now. We can make own sharty now. With black jacks and hookers.
Click to expand...
i bought shiwi.party (registered with Cloudflare) because of the shiwicaust but there's no point so i might just use 4cuck's source code to create our better version of the sharty
 
  • Horrifying
  • Like
Reactions: Catter, Maldavius Figtree and plusone
Null said:
View attachment 7221411

this code excerpt someone posted shows a lot of fingerprinting stuff. 4chan aggressively fingerprints your browser.
Click to expand...
That's serverside code, so it literally only has access to what your browser deliberately sends to the server (user agent string). Looks like custom spam filters using very basic information (board and country code).
Can't really see anything aggressive in that. Aggressive fingerprinting would traditionally involve clientside code checking the installed fonts etc.

The part at the top does not run, as it's been manually disabled. It looks like a piece of code that takes 20% of posts made by verified users and uses them to create a whitelist of known good browsers to compare possible spam bots against. Not sure without seeing other code though, and it's disabled anyways.

Sorry man, I don't see the aggressive fingerprinting. Not putting it behind them, and that one hardcoded user ID seems sus, but I don't think this screenshot in particular is a smoking gun for anything besides sloppy coding.
 
  • Informative
Reactions: Ron Jeremy Stan Account
Null said:
undoubtedly the browser_id is some sort of hash involving font checks and other shit.
Click to expand...
They'd have to be smart to do that, It's just a hash of the user agent
// User Agent ID
$browser_id = spam_filter_get_browser_id();
Click to expand...
/**
* Generates the ID of the device from browser's user agent
*/
function spam_filter_get_browser_id() {
static $cache = null;

if ($cache !== null) {
return $cache;
}

$ua = $_SERVER['HTTP_USER_AGENT'];

if (!$ua) {
return '0deadbeef';
}

if (preg_match('/Android|iPhone|iPad|Dalvik|Clover|Kuroba|ChanOS/', $ua)) {
$is_mobile = 1;
}
else if (isset($_SERVER['HTTP_SEC_CH_UA_MOBILE']) && $_SERVER['HTTP_SEC_CH_UA_MOBILE'] === '?1') {
$is_mobile = 1;
}
else {
$is_mobile = 0;
}

$clean_ua = preg_replace('/(\/|:)[.0-9]+/', '', $ua);

if (isset($_SERVER['HTTP_SEC_CH_UA_MODEL']) && $_SERVER['HTTP_SEC_CH_UA_MODEL'] && $_SERVER['HTTP_SEC_CH_UA_MODEL'] != '""') {
$fmn = isset($_SERVER['HTTP_SEC_FETCH_MODE']) && $_SERVER['HTTP_SEC_FETCH_MODE'] === 'navigate';

if (strpos($ua, '(Linux; Android 10; K)') !== false && !$fmn) {
$clean_ua .= $_SERVER['HTTP_SEC_CH_UA_MODEL'];
}
}

$hmac_secret = 'd8d9616bce7b0a8fc83b422a7001b0492e17b4c16debeb43b77cf0060d9bdae3';

$sig = hash_hmac('sha1', $clean_ua, $hmac_secret, true);

if (!$sig) {
return '';
}

$cache = $is_mobile . bin2hex(substr($sig, 0, 4));

return $cache;
}
Click to expand...
 
  • Informative
Reactions: Scuttlefuck
You must log in or register to reply here.
Back