/8leaks/ - 8chan leaks

Treat your users better next time

Posting mode: Reply

Check to confirm you're not a robot
Name
Email
Subject
Comment
Password
Drawing x size canvas
File(s)

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

Manage Board | Moderate Thread

Return | Catalog | Bottom

Expand All Images


(118.76 KB 1080x1231 1476928067728.jpg)
(118.13 MB 8chan.7z)
Part 1/? ##2itToi 04/04/2017 (Tue) 07:36:21 [Preview] No. 1

8chan.7z
sha256: 8a38f7e147f5c49e4b898m8ecdb90bf81697a0a941a9a6e0d9328c9afb548c175
https://endchan.xyz/.media/d3f09f251bcee0a13acae1a3b56eee24-applicationx-7z-compressed.undefined

Part 2 >>50 (*config)
Part 3 >>124 (mods)
Part 4 >>156 (pms)
Part 5 >>205 (/b/ vols)
Part 6 >>348 (globals)
Edited last time by CNnvenWKK on 04/10/2017 (Mon) 01:07:51.


Defender 04/04/2017 (Tue) 08:32:30 [Preview] No. 3 del
this better not be porn


Defender 04/04/2017 (Tue) 08:43:01 [Preview] No. 4 del
>implying i'm clicking that


Defender 04/04/2017 (Tue) 08:46:52 [Preview] No. 5 del
Thanks for the dolphin porn.


Defender 04/04/2017 (Tue) 09:01:10 [Preview] No. 6 del
...what the hell is "sunshine"?


Defender 04/04/2017 (Tue) 09:02:14 [Preview] No. 7 del
(24.38 KB 1017x646 8ch.png)
I'm no expert, but this looks legit.


Defender 04/04/2017 (Tue) 09:14:13 [Preview] No. 8 del
>>7
This is legit. I see why they were keeping it closed source now.
What the fuck were they doing with all those IPs?


Defender 04/04/2017 (Tue) 09:32:02 [Preview] No. 9 del
>>6
It's table that stores the IP, board and body of every post.

Ron said that he will make an "explanation" to why exactly he had to add this to the code and how its purpose definitely isn't to datamine users.


Defender 04/04/2017 (Tue) 09:33:01 [Preview] No. 10 del
(166.04 KB 252x312 monster inc jej.png)
excellent. let's get to the bottom of this


Defender 04/04/2017 (Tue) 09:33:25 [Preview] No. 11 del
(133.27 KB 320x240 double nigger.webm)
first dubs on this board


Defender 04/04/2017 (Tue) 09:41:48 [Preview] No. 12 del
>>7
OY VEY


Defender 04/04/2017 (Tue) 09:45:45 [Preview] No. 13 del
(67.81 KB 1396x711 Selection_002.png)
(31.85 KB 400x743 Selection_003.png)
(67.81 KB 1396x711 Selection_002.png)
I checked there is no loli, or anything other than the database. I also made a mirror, and converted it zip format easier for other anons, who are not in the least bit /tech/ and will spread it across the chans far and wide.

https://mega.nz/#F!djxkGTbK!S0Qp4E1QZfSbijvHhVpDtg


KEK

http://archive.is/xyDzJ
>As of now, I cannot find an indication that the hacker downloaded the databases, however it is highly recommended you change any password that might be shared with your 8chan mod.php account.


The checksums I calculated matched
sha256sum: 8a38f7e147f5c49e4b8988ecdb90bf81697a0a941a9a6e0d9328c9afb548c175

sha512sum: 38d629e3b07e54706ac498eef4e1a2c480aaf302704c7500d8368cfe98d8351542b6531280e889b0b863af08acef0982d7669ba5d2244bd778e7a110ba5c3c5a

New checksums for the zip file

512:7fbc26c0eddac6741052b58aa01db6489f1c03ae6ca7c8a57c325b18a360f02323e2fe493e9d44f12259895c2d0b1a20ca753e24459cee3e425811614081f733

256:7fbc26c0eddac6741052b58aa01db6489f1c03ae6ca7c8a57c325b18a360f02323e2fe493e9d44f12259895c2d0b1a20ca753e24459cee3e425811614081f733


Defender 04/04/2017 (Tue) 10:05:54 [Preview] No. 14 del
(123.06 KB 1280x720 1483889296976.jpg)
>>13
Thanks, anon.


Defender 04/04/2017 (Tue) 10:09:43 [Preview] No. 15 del
If you have the DB, I hope you consider removing any IPs before sharing it. Some people will literally get killed if you do it. /egy/ for example is frequented by christians, agnostics and atheists who say all the wrong things.


Defender 04/04/2017 (Tue) 10:38:20 [Preview] No. 16 del
>>15
Or at least redact them to prove they exist but protect the innocent.


Defender 04/04/2017 (Tue) 10:54:20 [Preview] No. 17 del
This thread was the second leak so far. The first leak just resulted in Codemonkey confirming that ip data was permanently saved, contradictory to their stated privacy policy. https://8ch.net/sudo/res/27745.html

This is just the start.


Defender 04/04/2017 (Tue) 12:25:12 [Preview] No. 19 del
Reminder: lynxchan (endchan, freech, etc.) keep IPs in the DB at least for as long as the post is alive.

Use onion/i2p.


Defender 04/04/2017 (Tue) 13:10:26 [Preview] No. 20 del
How do I use this to get a board password?


Defender 04/04/2017 (Tue) 13:41:06 [Preview] No. 21 del
>applicationx-7z-compressed.undefined
>.undefined
Stephen doesn't known the extension of an applicationx-7z-compressed mimetype?

wew lad


Defender 04/04/2017 (Tue) 13:45:08 [Preview] No. 22 del
(201.48 KB 858x810 Sunshine.png)
Some related updates
1. Sunshine is a feature that allows 8chan to give user data to three letter agencies even if the post/thread has already been deleted from their respective boards.
2. It has been disabled now, allegedly, but Ron plans to add it properly to the code to help make kids safe around the world!
3. 8chan will become open-source again.


Defender 04/04/2017 (Tue) 14:08:14 [Preview] No. 23 del
>>22
I wouldn't trust these people at all.


Defender 04/04/2017 (Tue) 14:37:38 [Preview] No. 24 del
>>22
Open sourcing the code again is probably the best thing to come of this. Other than Jim being brain damaged, there was no reason to make it closed in the first place.


Defender 04/04/2017 (Tue) 14:42:28 [Preview] No. 25 del
>>22
Wasn't this IP snatcher Sunshine active for a lot of 8chan's "open source" period?


Defender 04/04/2017 (Tue) 14:47:29 [Preview] No. 26 del
>>25
yes, that's why they hide it in the config file (since that's not usually included in the repo)


Defender 04/04/2017 (Tue) 15:02:26 [Preview] No. 27 del
(88.93 KB 313x325 Smug____.png)
>>22
>mfw when all the screencaps and warnings on endchan were right all along.


Defender 04/04/2017 (Tue) 15:51:01 [Preview] No. 28 del
(55.52 KB 600x406 why didn't you.jpg)
>8ch is already blaming this on endchan as a whole


Defender 04/04/2017 (Tue) 15:53:27 [Preview] No. 29 del
>>28
it's all the 8niggers are capable of tbh


Defender 04/04/2017 (Tue) 16:30:28 [Preview] No. 30 del
>>23
>>24
>>25
>>26

you now remember Jim, Hotwheels et al. flipping the table when Josh stood firm on his decision of licensing InfinityNext under AGPL (the A being important)

you now understand why


Defender 04/04/2017 (Tue) 17:53:05 [Preview] No. 32 del
>>13
That's the source code, not the database.


Defender 04/04/2017 (Tue) 18:27:31 [Preview] No. 33 del
I don't really care about the pubkey encrypted IP address table, at least Cripple knows how to pubkey encryption.
Jim and his son did not, years ago.

I'm glad they got a kick in the teeth. Thanks, anon.

I wish all the autists (aside from the annoying ones, they can stay on Jimchan) could work together and finally work themselves free of the centralized faggotry.

Maybe people could actually create a decentralized, community-moderated alternative to Microsoft's PhotoDNA which allows people to keep law enforcement from taking down said decentralized communities just because some faggot posted underage cooch.

But, I doubt it will happen. The communities are too fragmented now. The damage is done. And it'll keep splintering.


Defender 04/04/2017 (Tue) 18:54:37 [Preview] No. 34 del
>>32

Yes, Codemonkey knew the source code was downloaded and indicated this here.
> Hacker downloaded the 8chan source code, so probably 8chan will become "open source" again sometime in the next few days. There is still no indication that the hacker downloaded the 8chan DB - he might have, but I cant see anything like that on the logs.
You done goofed OP, there was more and you missed it.


Defender 04/04/2017 (Tue) 19:36:17 [Preview] No. 35 del
(151.19 KB 543x600 Slappening.jpg)
I always thought you were some butthurt pedo that did all this for payback after Jim b& your asses.
8cucks will never learn their lesson though. Fucking morons, good work anyway and welcome aboard.


Defender 04/04/2017 (Tue) 23:59:51 [Preview] No. 41 del
Hey guys, I am going to be disseminating the code with commentary @ nntpchan, because it's distributed in nature: one node dies, others have my messages. Right now I am reviewing http://gr5gzhk5hurwetdr.onion/intb/res/115506.html#116267
Or freech Gonna also copy the file here and split it.
afk w/ fam


Defender 04/05/2017 (Wed) 01:44:52 [Preview] No. 45 del
e.g. t/e09c3319dfa651ae01990264d751531dd5db3b5d/#df183e695ce4256589d1f7935b16ac85800e5794
Right now I am making backups of threads discussing all this.


Defender 04/05/2017 (Wed) 01:52:56 [Preview] No. 46 del
(309.49 KB 560x560 1483889196977.jpg)
>>37
>coming to the thread with real leaks to post some LARPing faggotry


Defender 04/05/2017 (Wed) 03:25:42 [Preview] No. 48 del
(580.76 KB 2304x3456 smugFin.jpg)
>>13
joke's on him, I've been unable to sign into my own boards since The Joshening. Fat Bastard never did get around to fixing all the fucked up passwords, only the most populous of the 'bottom bitch boards'
there didn't seem to be any reason to bother signing in again since I did errything right the first time.
I wonder if this means they'll actually respond TO MY REQUESTS AS BO FOR MY OWN B'S PASSWORD FROM MY OWN WORK EMAIL GODDAMMIT
.......nah that's probably still beyond them.

>>22 kek
>yfw Duterte finds out about Sunshine and demands Jim hand it over at gunpoint to track drug dealers while removing it on his site now that it's considered 'government property'
>implying Jim isn't a part of the whole masonic pizza party thang.


Defender 04/05/2017 (Wed) 03:52:21 [Preview] No. 49 del
>>1
There's no database dump in here. It's all just php bullshit and not any actual data.

Am I missing something?


2/? ##2itToi 04/05/2017 (Wed) 05:12:08 [Preview] No. 50 del

8chan_config.7z
sha256: 9cbff04aeacf9d521b6784d9d527191cc8cd28e53035450831e160c3e682d44f


Content:

deny.conf
fastcgi-freebsd.conf
init-nginx.conf
logrotate.conf
nginx-5.conf
nginx-6.conf
nginx.conf
nginx-f.conf
nginx-freebsd.conf
nginx-lb.conf
nginx-maintenance.conf
php-fpm-freebsd.conf
sysctl.conf
troi12.conf
www.conf

For anyone who is intrigued by the purpose of the "pedo_redirect.php" file.


Defender 04/05/2017 (Wed) 05:27:34 [Preview] No. 51 del
>>50
logrotate.conf


# keep 4 weeks worth of backlogs
rotate 4

# create new (empty) log files after rotating old ones
create

# uncomment this if you want your log files compressed
compress


In their privacy policy, they declared that they only kept 24 hours worth of access logs, yet this proves that they save the data for up to 4 weeks.


Defender 04/05/2017 (Wed) 05:32:51 [Preview] No. 52 del
>>1
>>13
>>50
>>51
finally the truth comes out about these guys.


Defender 04/05/2017 (Wed) 05:48:37 [Preview] No. 53 del
>>49
It's the source code.

Are you expecting to finally get the IPs of the people who are posting rare Pepes of something?


Defender 04/05/2017 (Wed) 06:43:37 [Preview] No. 54 del
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

>>50
IP address to post DB dump when?
Also if that was an attempt at a tripcode, you failed miserably. Just upload&post your public GPG key and sign in a post, e.g.

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2

mQGNBFjkkG0BDADchTcaVAtFrUokI5w0YwRHmkq+NnN2h7O9nixmhzRHK+gkvwM7
R7UvamTGQCUOIWtQPf3eoBx90nKEc5ELBOWjVO34RbPdB9DL/jNxGvPfft5Ile7O
zH5rXO3NHGoUczzIoa7+r/nnUoKWtZiHCUGbt0/hUfmquB3GZ5yLQMuPRwQde7KK
eLBfdAtT6T2QzPBQ5Nft5xCIKTEQj7NaUBpWu4xx8pVcC3fLwrV0T7b5dG5CBiQl
n3byn70Lg9da9PXIn0u+gedBOdhNt7qVXwHZ2xHrO+VzxsoMTgNe9oY0ur+eluLR
n1aFivCe6T8XPKXYp1j52NyjhUedjqr8/LYmLo8+HgfXHkoM9H+FsRGe+l3S6Wuq
FHO4k2BUnrYtWODC6BLWpG5i97dCVpqoKdEPLeEK+pGk47r866W/2PK1F2KYeMzk
bN/D+Zy9Y9JSfVr3rfWLiyf96pELbQEZMoWIfKeXQ3WcbGRlKfKyVyKbV4/ZXFfh
Uvfk71thW6dKbxkAEQEAAbQHTUFHQXdvb4kBuQQTAQgAIwUCWOSQbQIbAwcLCQgH
AwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEIBMBa5DtoA7K/QMANuA5DxH5IRyQosL
BHQ4QCgv1NDVmHc76VhNugX7Ld8BNylErZhhAVQcQ+UnqiiuE4MG2g6Ed6g3lQp7
JKhjmtakZ9GuGvFFIzC6n3ouwBMLvPvg1blww7yGWnHpuNKwXL8KrtQz+P0Z1qBf
eBnC2nsxHzjp2Fz0KZ7xMZoDYBW9TGdjXbIniCzBtTSfFqQsTNlRsIxXTLCTxAot
am5XXOD2mDNYeJTej6nA4wby0bWNe2xQPA65XtGMrTN/yq9zeJUWflCV5F9VCcRl
raR0g74foWgLcODcn3lOwOLuKKx+wNfOXGwxgOXjGPq3YA4voX+Gga/XnbLJdtSh
PNiSLME4pB6/uId3c2BTjMIMrpQY5mwuZKZGdqVhhz0KX7X4sdi0i9AqNGRRqWyC
VyuhePw78ObOw3WebZkEDfWBa0k7XvcEhyVq8BaAbgOyhGIJR5+tHxCgr1X4dJON
Ua8JqHVwudKXjyi0ojMCB20i1BF8yLIjAB8Y1Tgqj12g0DUQLLkBjQRY5JBtAQwA
1mcfwMNO8NPpsSm7HeDBGZJqBNQLNxFg9cuSSNmB2NKaHf4sXyHxgskUB399WAJF
mi2bcnVD67mGtFGUc+3OB+3KJp0tXfYN/VCYZqotmE/j3I+VkotoMx6gwb0JWszr
by/w/cXndomOiyHIOT1aE0q3it/O2nqaZf9Dx9pFXlb2hOpbM882ujxlywB0QXii
3AuQDfoMVKOrEQHChyBEJStFwqo7sa4MJ+DkG+ybCrgIleEcTgDtD8gtU81Pq7RC
fFwIzEzcfakmIwUaJghmVwiSKazaj/y+zQrUsmBN1Daq09NbO5qxYnQ+V+anL96n
2jr6mKgCl1uEio3Pe6yWNq8zM7zlNTSnVYIKlp3QhSTnMWQ9SdD6QjApCDEfs/dI
UkOEVRXXO1SToHSz49HbqJmbM3UheTsyzZjx3g5X4DIydVs2dOKNJm53W1dUEvbA
Wp+DEviPY7M1z5swnSFRdCE+EK4Amfs9ff7tjpQL1pq6S0SwsQKVbKqZp27tk/HV
ABEBAAGJAZ8EGAEIAAkFAljkkG0CGwwACgkQgEwFrkO2gDvOMQwAl4cY6S3/H+iq
nMsevUfLD7W8R5mFc0vVMwPoCdbhO/3k9pS5J4FY5wIvk2EoxaPZ4VTC58FmIwNe
0at6A51y64DLHy4W5NMm5nzvmkZEkNKd01GmyA32hANwqV7TmMrZ5qNoObaNdIDv
jtAbXJcb4NDXhUB+v+Xcpssx3a2pc0x4IwExa/930y0bOuXrVHF0mrS3Iexz8WuK
Yl/QJa7ZS1UK/6E6PN6mS+8RbhO/smdR9zVgRcsiYeOrBDVIaBgiqJlxQjC9JTcX
IvPhnQ4YjzdXNCToF44vHFMMmlQXtk4DH5qe1ugaCTNrGDXqPvRR10mHKuAjg85/
+Y7qPcxzzsdZC3mvOZ3flVuuHHHhMD6TB6h714qiPXoVyD7IkNxaQYTDEW6/mKPN
UlpGBK6WX93PtVZmD6GUc7iUVEzoI3bp3QIuU3PlVaeoCrQGvta9ngBizWt7HQUN
knT+H2SnWXSbWX4tcHVOCI/RlW2C9tLl/3MjoxdmlV/WHMk/Lgf8
=GdDS
- -----END PGP PUBLIC KEY BLOCK-----

And if you can, join us @ nntpchan.

>>53
Yes: If Mallory/JimWatkins has that list, and it's sharing with Wendy/ECHELON, every user deserves to know _how_ they are being tracked.

If they are already compromise, exposing how they are compromised actually helps expose the systemic problem.
See Edward Snowden and NSA, and how everything turned for the worse.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCAAGBQJY5JH7AAoJEIBMBa5DtoA7Cp4L/1owHhBbulUfEL6MaYNFVD2Z
Ye0bmFPAl6IvZEs8L8xifcYvTx+24PZxvYk7trUZAUwzGTPCzdvlJPSe1NWkQu18
U2A7UGnoZYbjJvzUg4nIxJf+jsuoTqFDj2wTXGXJwue3d1MCcW2nIyj50paJUL9I
8Fkg4AJRpn6SxGke7xlArTqPMddqaMeyvqVB/rNvxH/oLzKxHDdggQ2XMz5pdqIB
YVCEl7to1saceKDTVicf+6/A5q95TawXWXC4fgXAcfmth2q6j/ZInNrIrLDjy3BZ
owtH/qbJ1BvvkwEm8p6MQmtK2vI/86BnYW8TuNtkoUfsloOOSdDUG9orTOaGMNam
x6WifdSFUIHdo/slSl905RDN/Tx/ZOuxv9XFn/6GjLIaL46WvuZfjIUHLmjUGwfi
kHXgXIldyRRxK7y4qpMTysGmQ3U7sNcjG74YVxDmL7ZpjPyO1/c9sp7EgZEtONHm
EjE3jLc2LbefrZrzX4Z0YFGas5lYcCyWek0sVJQDsw==
=npkf
-----END PGP SIGNATURE-----


Defender 04/05/2017 (Wed) 07:17:04 [Preview] No. 55 del
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Is this your first time distributing files for dissemination?
There's a lot of opsec you are missing here.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCAAGBQJY5JnUAAoJEIBMBa5DtoA7lv8L/10575djWX6xClq7G8GaV3g0
IX5CstAgPH9DHCFSsy7arNtHGgz6lGo7lO7U3mukEDXK2SQKqPNanosu63z3bSCR
uhVpLl/gBsMJn5AXlQMIDGtQnK2fvRDLQQ57m5ggl+j2EoifKgOZq5GpUt2BBaLU
61Z9aXNuq9xJ7HKkzJVa+kGoirh8k3FK3az3JGx6r9bHg9QooB3biNJLX2OjkfYR
WcZ5RUVNoYyCGC/Tl8Xf7I9XODqiLg3X1I+KBptGKo2f04frVToqZodUCcgxQ9Mn
6pbxobMXuE490Hag1g6o+U8uat/RnRsRQn2ZFQMTXXV/7n8gGXoueMLJHCxE6ElW
G6tAxZ9yBBiTtmuaVUPzDb4ibwZZw+qXzyCv3vlN230L7f+pIjK94J0opknZK+1i
FCkTxT2KJVHi7duUuZcAzr8F8VPzNyBywAAE0TKQwTWT7GtTePm2/vh8UDF76u+E
0JAPItLL+CmH0hTgZim1QKNq1a/ptNYb6uFVnJuqRg==
=JYgA
-----END PGP SIGNATURE-----


Defender 04/05/2017 (Wed) 12:51:47 [Preview] No. 56 del
>>53
No I want to find out who the Rei spammer is when quite obviously Asuka is best girl


Defender 04/05/2017 (Wed) 13:24:55 [Preview] No. 57 del
>>55
could you elaborate on what are you doing and posting for us technobarbarians?


Defender 04/05/2017 (Wed) 13:26:00 [Preview] No. 58 del
>>56
>asukafag
kil yourself


##2itToi 04/05/2017 (Wed) 17:20:54 [Preview] No. 59 del
>>54
>Also if that was an attempt at a tripcode, you failed miserably.
I'm not sure what you're on about.

If you look at:
https://gitgud.io/LynxChan/LynxChan/blob/master/src/be/engine/postingOps/common.js#L167

// Section 1: Tripcode {
exports.generateSecureTripcode = function(name, password, parameters, cb) {

var tripcode = crypto.createHash('sha256').update(password + Math.random())
.digest('base64').substring(0, 6);

tripcodes.insertOne({
password : password,
tripcode : tripcode
}, function createdTripcode(error) {
if (error && error.code === 11000) {
exports.generateSecureTripcode(name, password, parameters, cb);
} else {

parameters.name = name + '##' + tripcode;
cb(error, parameters);
}
});

};

A secure tripcode is just the characters '##' followed by 6 base64 characters, which matches exactly what you're seeing in these posts.
I'm not sure what was Stephen's reasoning for choosing such a short length or why prefix it with '##' instead of '!!' like other imageboard engines but that how it's defined.


Defender 04/05/2017 (Wed) 17:40:39 [Preview] No. 60 del
>>54
>>59
Unlike just about any other imageboard software ever made, Lynxchan converts "Name##tripcode" to "Name##hash", all in bold, rather than converting it to "Name!!hash" with only "Name" in bold. It's confusing and makes it look like tripcodes aren't implemented, but StephenLynx doesn't care about silly mortal concerns like "doing what people expect".


Defender 04/05/2017 (Wed) 17:53:05 [Preview] No. 61 del
>>60
That's awful.
And length 6 is a terrible choice.
At the worst case, it shouldn't take more than a few hours to generate a collision for a regular tripcode.


Defender 04/05/2017 (Wed) 18:58:46 [Preview] No. 62 del
>>1
Thank you hacker for exposing 8chan's unacknowledged datamining feature against their privacy policy and bringing it out in the open. I guess they are modifying their policy to actually acknowledge its existence. (I assume so anyway) Who knows what is next but this alone makes the hack a positive thing for all users.

Most of this stuff is too tech for me tbh and people are saying "so what it is just a database" so feel free to elaborate on exactly what all these leaks are. Thanks.


Defender 04/05/2017 (Wed) 19:16:47 [Preview] No. 64 del
>>59
>I'm not sure what was Stephen's reasoning for choosing such a short length

>>61
>At the worst case, it shouldn't take more than a few hours to generate a collision

>password + Math.random()

Notice that this turns it into an _online_ bruteforcing attack. Maybe he though that 6 was enough for that.

But even if 6 /could/ be enough, using Math.random is likely a mistake since it isn't cryptographically secure.


Defender 04/05/2017 (Wed) 19:41:40 [Preview] No. 65 del
>>64
>this turns it into an _online_ bruteforcing attack.
Only for the """secure""" version.

The processRegularTripcode method just does this:
>password = crypto.createHash('sha256').update(password).digest('base64').substring(0, 6);
>parameters.name = name + '#' + password;

Which can be easily computed locally and therefore it would be pointless to use it for anything.


Defender 04/05/2017 (Wed) 20:15:18 [Preview] No. 68 del
>>51
That's just the default configuration of logrotate, which only applies to /var/log/lastlog as mentioned.
If logrotate was used for getting logs out of the way, it has another config file under /usr/local/etc/logrotate.d.


Defender 04/05/2017 (Wed) 21:14:28 [Preview] No. 72 del
>>54
>>55
Using PGP for this is probably overkill.
The checksums would be good enough if there was another place to verify them in case endchan gets compromised.


Defender 04/05/2017 (Wed) 21:14:56 [Preview] No. 73 del
I just want to pipe in here to say that I am anon who nearly got vanned because of Hotwheels before. I think he did it through Skype. He could have just as well done it through 8chan though. Police came to my doors...


Defender 04/05/2017 (Wed) 21:17:09 [Preview] No. 74 del
>>15
I'm going to get killed by antifa that have been trying forever to find my location. Either that or all the antifa are going to die at my hands and then I'm going to sit in jail, heh

Does this DB has passwords for all boards? Can anyone just go and log in now to any board on 8chan?


Defender 04/05/2017 (Wed) 21:25:19 [Preview] No. 76 del
>>73
>I am anon who nearly got vanned because of Hotwheels before
Elaborate on that.
How do you know it was Hotwheels and why would he want you to get v&?


Defender 04/05/2017 (Wed) 21:30:54 [Preview] No. 77 del
>>19
Isn't that for technical purposes though? That's not the same as logging IPs to hand over to law enforcement. It's probably needed for some kind of site functionality. There should be a formal warning about that though and a recommendation for people to use a VPN while posting.


Defender 04/05/2017 (Wed) 21:34:05 [Preview] No. 78 del
>>22
Is 8chan actually going to be open source?

and fuck safety. I don't care about collateral damage. The biggest marxist and feminist freaks I've seen around who push the most extreme censorship due it on the grounds of "creating safespaces" and "stopping cyberbullying on the internet" and "making the internet welcoming for everyone". That's their words for bullying and imprisoning and killing white males who dare to continue to exercise freespeech in the one environment they're still allowed to do so. It makes me sick, it's all doublespeak.


Defender 04/05/2017 (Wed) 21:36:05 [Preview] No. 79 del
>>30
>when I'm finally beginning to realize that Josh was the unsung fuck up hero all along trying incompetently to fix a bad situation


Defender 04/05/2017 (Wed) 21:38:48 [Preview] No. 80 del
>>77
>Isn't that for technical purposes though?
No.

>That's not the same as logging IPs to hand over to law enforcement.
It absolutely is.

>It's probably needed for some kind of site functionality.
No. There's no technical need for it.


Defender 04/05/2017 (Wed) 21:47:28 [Preview] No. 82 del
>>78
Yes.
According to Ron, the only thing he's waiting for is for HW to give him permission to commit again.

https://8ch.net/sudo/res/31749.html#q31757


Defender 04/05/2017 (Wed) 21:56:26 [Preview] No. 83 del
>>82
Nothing prevents them from running different version than one checked in.


Defender 04/05/2017 (Wed) 21:56:55 [Preview] No. 84 del
>>82
>plz master let me code again
a literal fucking cuck
copypaste better deny it so that 8chan finally dies


Defender 04/05/2017 (Wed) 21:59:34 [Preview] No. 85 del
>>22
this isn't really so much about kids getting killed irl. Typical Ron trying to dodge a bullet and manipulate the truth.
The question is:
why was something that was for helping to stop threats in real life (a good thing) not acknowledged in their privacy policy?

You would think they would want to brag about something that would prevent real world threats but that's not what it's about. It's about mining user data and that is one reason why these leaks are so important.


Defender 04/05/2017 (Wed) 22:17:48 [Preview] No. 86 del
>>33
It seems to be usually a problem of principles (freedom, centralization, privacy) vs getting shekels when a board gets too big and the cost of running it is too much.


Defender 04/05/2017 (Wed) 22:18:29 [Preview] No. 87 del
>>34
tfw he puts open source in quotes


Defender 04/05/2017 (Wed) 22:23:34 [Preview] No. 88 del
>>46
He's not entirely off the mark.


Defender 04/05/2017 (Wed) 22:33:01 [Preview] No. 89 del
>>87
I don't understand what was even the point of making it closed source.

Maybe they were thinking about selling 8chan to the biggest bidder in the near future and thought not being open source anymore would be an important factor for that.


Defender 04/05/2017 (Wed) 22:38:09 [Preview] No. 90 del
>>48
It is a bigger priority for them to give away one of the Fringe Wizard's boards the very second it goes up for claims to someone who then vandalizes the board then to address legitimate concerns like yours. Maybe if you pretended your board was owned by the Fringe Wizard and that you were a troll wanting to vandalize it since it has gone up for claim, you'd get it right away.


Defender 04/06/2017 (Thu) 00:40:01 [Preview] No. 93 del
>>59
Good news, StephenLynx just told us it's fine because he stores all the trip passwords in cleartext in the database.


Defender 04/06/2017 (Thu) 03:30:41 [Preview] No. 94 del
(331.99 KB 560x600 1483889196802.png)
>>93
I'd love to hear what does he think the purpose of a tripcode is and how exactly does he think his implementation achieves that purpose.


Do you know why Ron can rely on using "!Odemonkey." to identify himself on /sudo/?

Because it's computationally hard to generate a collision for the tripcode algorithm that infinity uses. Also, keep in mind that he's not even using the secure version which is even harder to collide for being more computationally expensive and including in the computation a value that is not public.

Stephen seems to think that just the fact he used sha256 makes his protocol so much better that it makes sense to decrease the search space in several orders of magnitude.


Defender 04/06/2017 (Thu) 03:34:13 [Preview] No. 95 del
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

>>57
Basically, if your IP addresses are already compromised, it's worst to keep the information away so that Jim Watkins and Ron do whatever the hell they want with, and the people exposing their corruption, that have gotten access to the database censor the IP addresses, than it is just exposing everything they've found, and letting everyone know how exposed everyone was/is.
To summarize: it's better to have the full map, than a partial foggy map (if you played treasure hunt)

>>59 >>60
I am facepalming so hard, it was difficult to even write this. You want, and should, always verify the information is your source, using your own encryption and software: that's why GPG was made for: so even if Lynxchan gets compromised you can still verify the upload and comments are yours alone, regardless of where you host & comment your views....

>>61 >>64 >>65
The problem is not that it's weak crypto, but that you are depending on a site and the crypto: if endchan were do die overnight, how can any verify ##2itToi is the same person in another IB? For all we know, we are being lied by ##2itToi, and he's doctored the documents himself:
https://github.com/ctrlcctrlv/infinity
It's why I began to doubt the leak: >>55
Regardless if Ron Watkins already confirmed it:
http://oxwugzccvk3dk6tj.onion/sudo/res/27745.html
https://archive.is/https://8ch.net/sudo/res/27745.html
>>93 ^ and lol.

>>72
No, checksum only prove file/data exist, not that the data is genuine, and it is the one leaked (multiple doctors/actors scenario: who's the real Bob?). It is precisely why tripcodes are useless if endchan becomes compromised. You want to be as independent and portable with the information you have: the first thing an experienced leaker does is confidentially encrypt the data they've gathered, set up a temporary PGP key, comment the contents of the files in it (checksums then possible), setup a torrent anonymously with a temporary seedbox, distribute the information to as many people as possible, and verify addenda with their key. If I am to assume >>1 or ##2itToi are the leakers, they've done a poor job of proving to anyone they are experienced. Moving forward, if this is all they have, they need to come up with a way to verify these are the files from the server: we need better confirmation than "Yes, Sunshine is a infrastructure that was[/is] in 8ch".


inb4: Nextchan created by Ichverbot has better Sunshine infrastructure in place.


>>76 it's " >>73 [citation needed]"

Exactly this >>83
They've already done the same for miku-nyan/Overchan-Android
https://github.com/everychan/everychan
Heck, they can label it: https://github.com/8ch.net/infinity

>>85 thank you for providing this insight.
>>89 "nothing to hide" argument. The real reason is always profit: Who wins using proprietary software, the user, or the creator?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCAAGBQJY5bbhAAoJEIBMBa5DtoA7zmAMANLFYAYXq92MAQOaiF2c8tfV
Ds21OZNyrPpVkMFOlOIAZkmxWibobav30gQRgHPr8EH37TBR7OQ52sxxoIzh7iqR
cst77Ttsdt2o3FLPG21bPktqYlJh07VFRdgCeefNYDixYDex6nkW/9jVoiZ5/65t
JlVMDsrXg63l4ekQjpysak+bopVVJxUFIW2BFRhEDIw4oUXHJe2qE5gIKbw5mzQh
+434qF+Lljw4FeJFaxVG3bZbSPimDeKb7Wt7aNSMQG4QbmaxW7fEMNrzpIpI07fI
/fMx6w05RebpnmvvXxNpMKXdKprtvDM2EolgoJVAdjPr/tdZVrpwKUbTlTv3ElFO
9c5is+6SSo7XZBRsJzVVW21VAKXl5ESNoG6sPLL9wSzIaJDUlpwYd/y7qc85E3Vr
8/6obGMGXdemCOrNs5BjOdyAgDvzTt+AQwbddzoEP/zdgUbBgoa1guv/8z+6t5hH
7wdD1QBHkiwLQICiejkas/p84t8+3voGA6IMyExhuw==
=LlOJ
-----END PGP SIGNATURE-----


Defender 04/06/2017 (Thu) 03:46:08 [Preview] No. 96 del
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

inb4: My comment had additional markup for lynxchan, so to verify my comment, you need to copy my text and append the following markup (\ being used as break character):
\'\'gets compromised''
\_\_how__

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCAAGBQJY5bnhAAoJEIBMBa5DtoA7EP8MAJZ39jOQYlwdYMr8v4pog7Ml
I/k1yUxm0fBQ+D6HB2COPal5Ocoo4cDcqDsMgGvTmSF0+fNHnQob0oMEdCL9Prhd
LnYtnF8SEBRTEULiTiVLD09YK2hOkUAsPoU7BGJKFsHaxjYvSQKZMHSLuGIU3oEM
9DZETZflgb6kujRE8W7RUthUa551sX7CivMrsbnIvJgFSZgT2QjUKCw6LKHX43Ya
Oyf50//50l0s9CgmzTow7nMXk8xsYN+8LQPycRbcwCjoKGDsFSW63wWic0/sVjFX
yZQu4Xqjn82ukrDOR+0WAESZiPMfKoMr85W1mCTL3+btGH8AUOVGNehhdUpEFH+Y
BQkCbT0w7IT8WX4r9SjXybupW0TmBQOofX0aBBrsDmiMGB/mEOGYJRXxNKbNmSy4
SJS1s5wLYk3WzV+2b9sFoYyOiv3viSJtbhwXiszxrvXhC6Du+H2AO+AwCbHGiPuY
bWtVExorzzaI0vnERM8IRZUkfCN7JAd3v+oe6mSNEQ==
=h8VQ
-----END PGP SIGNATURE-----


Defender 04/06/2017 (Thu) 04:08:19 [Preview] No. 97 del
>>78
I just realized the point that >>82 brought up
http://oxwugzccvk3dk6tj.onion/sudo/res/31749.html#31795
My interpretation:
>Hey guys Ron Watkins with my solved vichan tripcode here, which boards will you loyal user want to keep while I delete the many not used?
>this way NT Technologies Inc. can track you precisely.
This animal farm tier suggestion. Recall, no one leaves the slaughter house.


Defender 04/06/2017 (Thu) 04:51:09 [Preview] No. 98 del
>>19
>>77
There's actually an option to delete IP's overtime, I set freech to delete IP's after three days

>>80
>logging IPs to hand over to law enforcement.
You're forced to comply with a subpoena. If you don't have the IP address on you, it doesn't count as destruction of evidence if it's part of the settings/software
It happened to cockman when he got a subpoena, since e-mail IP's are deleted after 7 days on cock.li


Defender 04/06/2017 (Thu) 04:52:08 [Preview] No. 99 del
>>98
what's it called because I don't see it


Defender 04/06/2017 (Thu) 05:04:14 [Preview] No. 101 del
>>95
You're forgetting a big problem here which is the key distribution.
There is nothing preventing someone with access to endchan's database to replace the public key you posted on >>54 with their own public key, removing all your signatures, modify the message and then re-sign them with their own private key.
It would only be detected if someone noticed a signatures mismatch with your new signed messages or if someone with your old key verified the old messages again.

>No, checksum only prove file/data exist, not that the data is genuine
I understand what you're saying.
There are different levels of compromise one can protect themselves from in a place like this.
One can use a tripcode and hope it will not be compromised but warn people in case it does.
Or use capcodes and hope the account will not be compromised but have no way of warning people if it happens.
Or use PGP signatures and hope your private key will not be compromised but warn people in case in happens.
The last one would probably be the ideal option but the problem of verifying the public key still remains.


Defender 04/06/2017 (Thu) 05:32:51 [Preview] No. 102 del
based


Defender 04/06/2017 (Thu) 05:40:23 [Preview] No. 103 del
>>93
>function named generateSecureTripcode is not suppose to generate something secure
LynxChan in a nutshell.


Defender 04/06/2017 (Thu) 06:04:58 [Preview] No. 104 del
>>95
>>101

Actually, there's really no need whatsoever for the publisher to authenticate himself to the rest of the world with every published thing. In fact, there's a compelling argument to make for him to NOT sign or otherwise attest for his identity (even if pseudonymous). Leaving a trail is potentially devastating (especially one made of cryptographically strong links; no deniability), and never gives more benefits than the capacity to build, defend, and exploit a reputation. (Is this not part of what you consider opsec, PGP-kid?)

After all, who cares about authentication of the publisher? I care about authentic publications, which are a different matter only tangentially related.

Seems like PGP-dude here recently learnt to use GPG, and as every dullard with a shiny new hammer, sees nails everywhere he looks.

On the other hand, what >>101 says is very on point. He should have mentioned the WoT, though. OK, it's still quite hard to do and probably unusable for cases such as this where the key is ephemeral or the subject anonymous, but it did solve the key distribution/attribution/trust problem decades ago, and it's to this day still the only *proper* way to use PGP; so if the goal is to educate PGP-kid, I think it deserves a mention.


Defender 04/06/2017 (Thu) 11:12:46 [Preview] No. 105 del
>>102
you can't really go full anarchy with your chan these days


Defender 04/06/2017 (Thu) 12:02:50 [Preview] No. 106 del
>>22
To be fair, the chans are notorious for lone gunmen.
But I don't see why we all have to be punished for it.


Defender 04/06/2017 (Thu) 12:07:30 [Preview] No. 107 del
>>85
>why was something that was for helping to stop threats in real life (a good thing) not acknowledged in their privacy policy?
This.
That tells me it really was for what endchan said it was.

But frankly I assume all chans are compromised. Hell why does it matter? Pissing in a sea of piss.
Unless they want to start rounding up 10s of thousands of people for simply scrutinizing government.

People assume all of (((them))) are on the same side and know what each other is going on. The reality is that it's more of a giant bitch fight of crooked politicians and government players.

I don't like compromised chans, but I don't think we have an option and we shouldn't let that scare us. The spider is already biting off more than it can chew. That's why they pay shills.


Defender 04/06/2017 (Thu) 12:29:08 [Preview] No. 108 del
>>13
>I checked there is no loli
Sure there isn't.
How did you check?

Yes I am noob.


Defender 04/06/2017 (Thu) 12:32:31 [Preview] No. 110 del
8ch Secret Datamining Botnet Files.zip 135MB

https://archive.org/details/8chSecretDataminingBotnetFiles


Defender 04/06/2017 (Thu) 12:34:09 [Preview] No. 111 del
>>33
>The communities are too fragmented now.
No the mongols are going from green pasture to green pasture now.
This is a good thing, though it is open to d&c.


Defender 04/06/2017 (Thu) 13:41:08 [Preview] No. 113 del
>>108
>How did you check?
With his eyes.


Defender 04/06/2017 (Thu) 14:00:15 [Preview] No. 114 del
>>113
So unless I download and check I won't be able to totally know if it's ok?
Great!

Of course, those were only the files he could see :^)


Defender 04/06/2017 (Thu) 14:34:30 [Preview] No. 115 del
>>114
>So unless I download and check I won't be able to totally know if it's ok?
Exactly. If hundreds of people having already downloaded and checked it's not enough for you then it can't be helped.

If you're that paranoid get Tails and download the link using the hidden service.


Defender 04/06/2017 (Thu) 19:11:37 [Preview] No. 116 del
https://archive.fo/GuWmG

Some anon on 8/tech/ found out that due to PHP incompetence, Sunshine could have been sidestepped by merely making a post longer than the RSA key used.


Defender 04/06/2017 (Thu) 19:42:51 [Preview] No. 117 del
(351.54 KB 1280x1024 OPSEC MEGA COLLECTION.png)


Defender 04/06/2017 (Thu) 19:43:50 [Preview] No. 118 del
(719.36 KB 1700x2200 Sunshine Code.jpg)
>>116

Did you say Sunshine?!!!


Defender 04/06/2017 (Thu) 19:45:04 [Preview] No. 119 del
(719.36 KB 1700x2200 sunshine code.jpeg)
About Sunshine

Earlier, Sunshine came to my attention again after the source code for it was posted on freech's /intb/ board (https://archive.is/6sPs7#selection-2161.0-2205.53). Since users were concerned about it, I investigated the Sunshine code and looked back through my logs to figure out exactly when it was created, why it was created, for what purpose, and exactly what it does.

When?

Sunshine was created on October 9, 2015.

Why?

On October 8, 2015, the 8chan Administrator (who, at the time, was Hotwheels) received an email from the American authorities, who were concerned about a post on 8chan threatening an attack against a school in the Houston area (http://archive.is/lVsJe). Because of their incompetence, the 8chan Admin received a scanned picture of a photocopy of a printed 8chan post (pic related). The post in the picture (dated October 1, 2015) indeed contained a threat against a school in the Houston area, but due to the bureaucracy of the authorities, it arrived approximately a week too late and the original post had already been deleted.

Purpose

Sunshine was created by Hotwheels on October 9, 2015 after we discussed a way to make sure kids didn't get killed. It was meant to help prevent potential school shootings in the future if the shooter(s) happened to post specific threats on 8chan (i.e., bomb threats, shootings, etc.). Sunshine was neither an imposition nor a request by third parties. The pros of Sunshine were believed to outweigh the cons.

What Does It Do?

Sunshine takes the IP address and message of a poster, pads it with a few bytes of junk data, encrypts it using a RSA pub key, then stores the encrypted data. This data remains in encrypted form with decryption only possible by Hotwheels.


Defender 04/06/2017 (Thu) 21:56:40 [Preview] No. 120 del
>>116
https://secure.php.net/manual/en/function.openssl-public-encrypt.php
>tfw you can't even spy on your users properly
That's pretty embarrassing.

It seems having the length limitation specified at the documentation itself instead of people in the comments would be a pretty good idea but I guess PHP developers don't need silly thing such as proper documentations for their functions.


Defender 04/06/2017 (Thu) 22:16:54 [Preview] No. 121 del


Defender 04/06/2017 (Thu) 22:22:37 [Preview] No. 122 del
Funnily enough even with crypt had been implemented properly, Ron's claims that "Sunshine can never be unencrypted because Hotwheels has destroyed the private key" is far from the truth.

NIST has already deprecated the use of RSA for deeming it insecure for post-quantum cryptography and they estimate it will be possible to break RSA-2048 (the kind that HW used) in a matter of hours by 2030 (see draft 8105).


Part 3/6 ##2itToi Board owner 04/07/2017 (Fri) 01:49:06 [Preview] No. 124 del
(296.25 KB 1452x678 8chan_mods.jpg)
In celebration of most boards being back.

8chan_mods.txt
sha256: 6a7d821fa9c32904553bc1b5a6762862962286a8e990dd1d339ae705526b1a5e

Mods table (id,username,password,salt,type,boards,email)
15736 rows

The .txt is a .csv file.

Have fun.


Defender 04/07/2017 (Fri) 03:08:46 [Preview] No. 125 del
>>124
>18345,hotwheels,0307288cba2aa8ac4e23bae684c9897f7b519cdf49d77000bcfb3e27c41d6d92,b97e2f71193ccf02cafa877b9ca2f368,20,cutebois,NULL

Ayy


Defender 04/07/2017 (Fri) 08:23:24 [Preview] No. 128 del
>>124
This does more harm to users than to the administration. Why did you leak it?


Defender 04/07/2017 (Fri) 10:10:51 [Preview] No. 129 del
>>128
Maybe he wants to crash the site with no survivors?


Defender 04/07/2017 (Fri) 10:38:02 [Preview] No. 130 del
>>33
look up nntpchan fag, it exists and is active


Defender 04/07/2017 (Fri) 11:05:09 [Preview] No. 131 del
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

>>101
The timestamp does... if everyone is archiving....
>detected if someone noticed a signatures mismatch with your new signed messages or if someone with your old key verified the old messages again.
Thanks for agreeing....
>I understand what you're saying.
....
>levels of compromise one can protect themselves from in a place like this.
Which are?
>problem of verifying the public key still remains.
Which is? The earlier argument you raised is not a valid one.
>>103 thank you
>>104
>attest for his identity (even if pseudonymous)
You don't seem to understand validation of data with a temporary key. It has little do with with learn Bob committed an act.
>Leaving a trail is potentially devastating
... None are asking for this
>to build, defend, and [...]reputat[e].
The exact point of making a temporary key to validate data... esp. an ls -R of the contents....
>who cares about authentication of the publisher?
Agreed. Who cares if the data is doctored⸮
>I care about authentic publications
Then how can you validate the leak is indeed 8ch's data?
>PGP-dude here recently learnt to use GPG, and as every dullard with a shiny new hammer, sees nails everywhere he looks.
Explain to me why you rather attempt an ad hominem to someone asking the "leaker" to validate their files are genuine warrant any merit to the points raised?
>>105 >>106 >>107
What's a chan? Is that a chan[nel]? Or is endchan.xyz an imageboard?
>>110 >>117
Windows, great OPSec.
>>122
Thank you....
>>124
not .csv.7z....
So I guess we just have to crack these RSA salts?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCAAGBQJY53HQAAoJEIBMBa5DtoA7N0wL+waMssQyv6Uxa8Wmpj4M958Q
FiJb9HEl+MQkIJ/BFs2S/SS+ZYarJlHbBLdFfgCd+OC6EWo9dlR6li0zW4rKnfe8
+9kUw3Umzqkd3uj1C4sMWD4/T6JT/rQ1As5iqdhhtW2Vtks+OSP+GWlFwHtk9dYb
GdU8pP6ZnqKF11OKC2KuXPjylKgsJagPh433uR4HvwKnYlqs+iMGECd8O8ZdcPMH
War5DydvurEFzdwXgrtNw3AeDvkR41I++eggwEvs9zj/uv6vEb8lJCYFGThkdBt3
5g9atchvW6rFcEaIqPA/WZhWGuGrudICC/H6n8x6OcFdpyoflnpT7TnBh7QTeTZL
/fBvP4rkcPCPWQ1yP+YlkPYlsNe/vvX5MnhNd/IcDqut3vMHGmoGhiZSryT1tPgh
Yh4a7R8QktlzHLBag42oiewoQHMCx4Qr6bb0p6OR+E60Z+dUEqYcobNGDH/B4bCM
1LnX5UU77ZKUcSRa/EBKZuvciOVcLVp0wZbwfzazEQ==
=JlK9
-----END PGP SIGNATURE-----


Defender 04/07/2017 (Fri) 11:31:48 [Preview] No. 132 del
(24.70 KB 903x428 Untitled.png)
>>124
made a shitty browser for that.
https://a.cocaine.ninja/ojytjn.html


Defender 04/07/2017 (Fri) 11:31:50 [Preview] No. 133 del
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Ok, so we can indeed confirm >>124 is a real dump:
oxwugzccvk3dk6tj.onion/sudo/res/33509.html#33579
https://archive.is/https://8ch.net/sudo/res/33509.html#33579
If I read the source code correctly, it means the leakers had access to the database, thus it can be inferred they had could have accessed IP addresses tables. In honor of full disclosure, I suggest ##2itToi release them, and anything else they have, as a torrent. The last anyone here would want is for the releasesto end if endchan were to shutdown.
I did note 3/6, so 3 more leaks before you go.
But I assume you have an agenda, which you are following through.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCAAGBQJY53iAAAoJEIBMBa5DtoA7u0UL/2ZLMF7L/xarulRVxor844gO
+5fGSlMSqdQ+M6OF52uYHiiRnkNIgSjNMyK6qVv8jSuh7ichMnOX05TldE8N/2Ib
QZaiqTLrBI530K5RoI5xumUJVRnUSxdfLE5B7P32xuCF17/gb7Vy2wfw/FjjpU9k
cWSITD3smFIMTIOG+ex0M2MagqoD3V2QjjTu+BFr5aNZqlFT7bOi3WySiSg4mWYb
TZ2MoLPre3/csyRn6CIX7aj5JhxJ0XP8FRChudPGjqLJiABlZZJWqhSWtnhNahwM
Eehw9PBE/ZVmFLgfF65eb4M57IPVk/BVIFQDYzU/uK2EjbUL4xoNGjuU0wFNcVLR
Jg/l76kWhhVdory3Xe4yHPEC9w1nNe/gEHX0KsMyfOJzF3bRy68FZgunzSQL/ccY
HQ7QQZpiWDQRZ3AgdpTL8SsN9Fi5TvuzQlN6fqAAA+9uN9DrgKDdwNezMIlT/da5
JqFA5y9WkP44y63EyD+9/dUZOPmgDuWJu8MvE90QLg==
=dZnj
-----END PGP SIGNATURE-----


Defender 04/07/2017 (Fri) 11:33:10 [Preview] No. 134 del
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

>>132 .HTML documents are not browsers...........
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCAAGBQJY53jYAAoJEIBMBa5DtoA7X98L/0KbLljhHB+IOMHlcs3EWcGf
wXj5PNe0xktWlJk211bA7MYFkkA/woSsZEM2Q3Xkk/kA9aeXUqRlAuAO/qBT+kOw
Inn6LMdAFA1+l1JXOuR5b4RnwW7Ylyz6mONucySGSwDn9fQ4m1Auojj4Z4bM1UsC
7Xpc9O2fyfJt33idbxqjlv9sSq8IE1/fe/iV1iwNnP7EzIU0PFAyKsG9OEW7gwy9
00w30BGcmah/MAfcE9Jn29wCr26o0xGdlCdnONnxm/RogGxS5gS2bdsoC6tPvTCi
pOLghdXkq6LacRmKqpiuNfRU9CaTJY3ikEztjFeQvOpJbjsivEBwdJwH05tIdSCE
T39XA+tPC3n+RMlasyob+0VDaSCreenIjJR+GJHNl6YxEqhvjxo7PHod9II/PPQ6
tpTfxqM8Mm7txnWqE/DZuNbjrg/m+4/rKwV2bGYzr5EeI2k8EZSXRI0CMzImVBq4
mjSgDeSvhAg5amK8fb+8hzEvdUlBXgI1+xTfqbhSyw==
=uL4x
-----END PGP SIGNATURE-----


Defender 04/07/2017 (Fri) 11:34:17 [Preview] No. 135 del
>>134
semantics.

a way to search the data.


Defender 04/07/2017 (Fri) 11:39:21 [Preview] No. 136 del
>>132

Mod data was corrupted from the deletion, so the data is accurate anymore. You can see it on their board logs, imkampfy isn't on there anymore.


Defender 04/07/2017 (Fri) 17:11:57 [Preview] No. 138 del
>>124
mate, some of us are strong opponents of Jim, I would appreciate it if you don't leak this please


Defender 04/07/2017 (Fri) 19:38:43 [Preview] No. 139 del
>>124
Not cool, 2itToi. 8chan mods don't work for Jim. They are users who manage boards and got fucked by Jim just like you. You are a hero to us for exposing Jim Watkins. Don't tarnish this image.


Defender 04/07/2017 (Fri) 20:35:00 [Preview] No. 140 del
>>124
Looks believable, I see familiar usernames in the list. So just convert the Sha and you got the password for any board eh?


Defender 04/07/2017 (Fri) 20:51:39 [Preview] No. 142 del
>>140
I can confirm that the list is real. All my accounts are in there, with boards and e-mail addresses. It has been acknowledged by Codemonkey, too.

>just conver the Sha
Literally the entire goal of hashing algorithms like the SHA ones is to make "just converting" them infeasible. It's a one-way function. Password goes in, hash comes out. You verify whether someone entered the correct password by hashing the password they entered and comparing it to the hash you stored. If you want to go the other way you have to keep hashing passwords until you find the one that gives the same hash. If your password is "123456" that won't take long, since that's one of the first passwords that are typically tried, but if your password is along the lines of "ljVvrEreE12b+q+ZtQBtw4TLsfJRMvybdMmjDs1q" it gets harder.


Defender 04/07/2017 (Fri) 20:51:55 [Preview] No. 143 del
>>138
>>139
If you're against Jim then you're aware of this leak so you can take the opportunity to change your password. No harm done.

Besides, board owners on 8chan are guilty of hosting their communities on a forum that's dangerous for privacy. They are doing their users a disservice by forcing them to use a non-free service known for keeping ip's of posts indefinitely. And contributing to Jim by giving him shekels through ad money.


Defender 04/07/2017 (Fri) 21:28:28 [Preview] No. 144 del
>>138
>strong opponents of Jim
>still posting on 8gag


##2itToi 04/07/2017 (Fri) 22:02:40 [Preview] No. 145 del
>>128
>>138
>>139
You will understand why that table is important soon.

By itself the mods table is less harmful than you think.
Most people are smart enough not to use emails that can be traced back to them.
As for the hashed passwords, just changing your password is enough to prevent your account from being compromised if/when people crack those hashed values.


Defender 04/07/2017 (Fri) 22:33:41 [Preview] No. 147 del
>>145
will you release our -mods- IPs?
is harming the mods one of of your intentions in your grand scheme


##2itToi 04/07/2017 (Fri) 23:07:35 [Preview] No. 149 del
>Patch is already merged on infinity master.
https://github.com/ctrlcctrlv/infinity/commits/master
If those are all the "fixes" that you have Ron I'm severely disappointed.
I could easily fuck your shit up again without needing any of the things you removed.
Every imageboard running on infinity/vichan is still vulnerable.

>>147
If you're not a mod that enjoys being an asshole to users for no reason then you don't have anything to worry about.


Defender 04/08/2017 (Sat) 00:24:40 [Preview] No. 150 del
>>149
What do you mean by "being an asshole" asking since some people hate Mark, but he's not malicious just incompetent.


Defender 04/08/2017 (Sat) 01:36:03 [Preview] No. 151 del
>>150
>he's not malicious just incompetent
>not malicious
Yeah, no. You don't just delete entire meta threads right after anons were calling him out and talking why /v/ has gone to shit even tho the thread had only something like 150 posts, maybe 200 posts and then replace it with another thread so that the entire previous conversation meant nothing, he just deleted it with no stated reason.
Its stupid to believe that Mark isn't malicious.


##2itToi 04/08/2017 (Sat) 02:33:59 [Preview] No. 152 del
>>150
The most dangerous and perhaps the most prominent example of a malicious person on 8chan is Jim Watkins.

In his efforts to push users that he doesn't like away he has used multiple accounts to mass delete content that was within rules, permanently range banned users for no reason, purposefully broke the hidden service support for months, instructed BOs to treat specific users like shit to "shew" them away, and the list goes on.

That's the kind of asshole I'm talking about.


Defender 04/08/2017 (Sat) 04:04:03 [Preview] No. 153 del
>>152

Talk is cheap, I need hard evidence.


Defender 04/08/2017 (Sat) 04:15:02 [Preview] No. 154 del
>>131
>Which are?
They have already been thoroughly explained in the post you're quoting.

>The earlier argument you raised is not a valid one.
Yes, it is.
It's the sole reason things such as WOT and PKI are necessary.
There is ZERO security in a public key if there is no way of verifying its authenticity.


Defender 04/08/2017 (Sat) 04:30:55 [Preview] No. 155 del
>>149
Some BOs/mods try to maintain some quality level to keep the board alive, and they can't do that without exercising mod powers. I hope you don't qualify that as being an asshole. I also hope you don't mass dump IPs, too many people would get hurt. This would also take away attention from Sunshine and give Jim the chance to portray you as a malicious person who hates imageboard users.


4/6 ##2itToi Board owner 04/08/2017 (Sat) 04:55:03 [Preview] No. 156 del
>>153
You can find evidence for some of the things I described here:


8chan_pms.txt
sha256: b45c1900bb8c29bf12172ba84f925191ccc2a9b3d091abafdc0c1b109e654e95

PMs table (id,sender,to,message,time,unread)
5741 rows.


This is also a .csv file with a tab separator.

IPs and IDs of personal accounts have been [REDACTED].
Unfortunately that means you won't be able make a surprise visit to the /leftypol/ mod chatroom.


Defender 04/08/2017 (Sat) 07:09:28 [Preview] No. 157 del
>>130
Jeff pls stop making self deprecating jokes like that.
>>156
wewlad


not jeff 04/08/2017 (Sat) 10:48:02 [Preview] No. 158 del
>>157
that wasn't me yo


Defender 04/08/2017 (Sat) 11:27:24 [Preview] No. 159 del
>>143
>Besides, board owners on 8chan are guilty of hosting their communities on a forum that's dangerous for privacy. They are doing their users a disservice by forcing them to use a non-free service known for keeping ip's of posts indefinitely. And contributing to Jim by giving him shekels through ad money.

I don't know where to begin to tell you how retarded you sound.


Defender 04/08/2017 (Sat) 11:41:49 [Preview] No. 160 del
>>143
>board owners on 8chan are guilty of hosting their communities on a forum that's dangerous for privacy
As opposed to what? A dead community that would get your board 0 traffic? Don't be retarded. The vast majority of people use 8ch because there's people in it and because it's better than the more pozzed 4chan. If you can convince everyone to move to what you perceive as a more secure chan, then the boards will begin to exist there too.


Defender 04/08/2017 (Sat) 12:03:18 [Preview] No. 161 del
>>155
>give Jim the chance to portray you as a malicious person who hates imageboard users.
They're doing that already nig. As long as mr. anonymous hacker doesn't dump user IPs shit will stand on its own merits.


Defender 04/08/2017 (Sat) 12:45:50 [Preview] No. 162 del
>>160
>The vast majority of people use 8ch because there's people in it and because it's better than the more pozzed 4chan.

Nigga that's a good joke.

1 4chan at least has a large community of over 3 million unique IPs monthly. 8chan is lucky they have thousands of regular users.

2 4chan isn't riddled with technical problems daily and when they do find a big one it's fixed within days, not a years.

3 both Jim and Moot sold us out, nothing to compare there.

4 Both sites had a hierarchy of corrupted mods that were part of the In Circle that called all the shots and I'm pretty sure this is what the hacker was talking about when they said 'asshole mods'. People like Mark who I remember wanted HotWheels to share part of the site's revenue with him because he had one of the most visited boards, people like AcidMan who had a group of people shilling against others they didn't like from the dark and still do, people like ALL the /pol/ mods with their Trump/Kek worship and ban any dissenting opinions and destroy free speech which that board was built on.

5 All this shit was happening before Jim and Ron even showed up. And don't feel sorry for the fucking cripple either. Jim anticipated that. Why do you think he gives HW a free ride when he hardly does anything? It's because he's using the cripple as a human shield for all the pozzed assholes who didn't see he sold us out long before Jim came along.

He sold us out to news sites, he sold us out to the feds, he sold us out to collecting our IPs and storing them WAY the fuck back in 2014 and lied to us about it, he sold us out by siding with AcidMan when that BO went off the deep end and reported innocent people to the FBI just because he didn't like them and he sold us out by ignoring administration of his own damn site. Don't feel sorry for the fucker, he doesn't deserve it because he's just as guilty as the other two.

https://8ch.net/sudo/res/33509.html#q33688

>Here's my advice for them: use tor, or a VPN
>This is the correct answer for anybody living in a politically hostile environment.

Mother fuckers actively banned VPNs and Tor and now they suggest you use it?

Then CodeKike posts this

>Regarding /pol/, If you dont like imkampfy then there are some alternatives like >>>/leftypol/ or >>>/polk/

Everyone was right. They are literally shilling shit they control. The end game is clear. Anyone who still stays is a fool. There's nothing democratic or free about that site. It's a Leftist circle jerk. It's undeniable now that they're media shills and crashing /pol/ with no survivors was always part of their plan. The motherfucker unironically shilled for /leftypol/.

There were people back during 2014 who told you they could see poster IPs in real time and you didn't believe them. Bedchan came around and proved the cripple was lying to you and you called him a shill. Now this happens and all you niggers can muster up is blaming it on us or your cover all excuse 'goons' to save face for your incompetence when things all fall down around you because of your own irresponsibility. Anyone who still stays on 8chan after this is beyond salvation and not worth saving anyway. They deserve everything they get.


Defender 04/08/2017 (Sat) 12:50:49 [Preview] No. 163 del
>>162

>defending cuckchan

Alright (((anon))), you can stop now.


Defender 04/08/2017 (Sat) 12:59:53 [Preview] No. 164 del
>>1
>>149
Please do not release IPs without redacting them. I own a few boards. If I were doxed, due to the nature of one board, owning it could see me being harassed by some users of another board I own, not to mention the users of boards I am affiliated with. I don't want my family to be harassed because of this.

Also there's a chance certain groups of people could actually turn up at my home or even try to pursue prosecution against me if some of the things I've said online could be tied back to me.

I've always tried to be careful online and use a vpn and other things to mask my identity. But I know for a fact I have been complacent occasionally, or my vpn failed me and I didn't realise.

Please do not publish IPs without redaction. Don't punish the users.


Defender 04/08/2017 (Sat) 13:07:38 [Preview] No. 165 del
>>143
I've once tried to force a migration, it didn't work. Users created an alt board on 8chan and left. I had to bend over backwards to bring them back. Trust me, most of us (BOs and mods) hate Jim more than the average user because of the global bans, globals meddling in board's affairs, shitty performance and bugs that make moderation hard...etc. The enemy here is the greedy lying faggot, Jim and that's why I'm glad he's being exposed.


Defender 04/08/2017 (Sat) 14:30:04 [Preview] No. 166 del
>>162

Well as much as I like to call Acid Man a faggot, there is a reason you should use strong opsec when doing a raid. Plus I know for a fact Heil was much less passive and more controlling of imkampfy before, reigning him in when he outright banned Tor.

>Now this happens and all you niggers can muster up is blaming it on us or your cover all excuse 'goons' to save face for your incompetence when things all fall down around you because of your own irresponsibility.
Freech are a bunch of trannies, and most of them are so incompetent and unreliable that it baffles me that the hacker posted there first. They're practically poison and useful idiots for anything like this.


Defender 04/08/2017 (Sat) 15:13:00 [Preview] No. 167 del
>>156
Thanks for redacting the IPs, 2itToi.


Defender 04/08/2017 (Sat) 16:38:34 [Preview] No. 168 del
>>155
>Some BOs/mods try to maintain some quality level to keep the board alive
Spoke like a true rulecuck.


Defender 04/08/2017 (Sat) 16:52:17 [Preview] No. 169 del
>>168
Only rulecucks come up with reasons like these. "Keep the quality of the board in order to make it better blah blah blah"


Defender 04/08/2017 (Sat) 17:10:27 [Preview] No. 170 del
The moderation team and admins of 8chan have shown an attitude of consistently fighting against freedom. Dump the ips of the mods/admins of the site. The users don't deserve it but the mods/admins sure do. Dump those ips and let come what may.

If your the one who hit 8chan I also have to ask,why not do it again ? There's a lot more to prove. And its not as though their making any strides in free speech. I await your thoughts, thank you.


Defender 04/08/2017 (Sat) 17:39:05 [Preview] No. 171 del
>>170
I'd really enjoy it if they got hit again. Keep the pig-men on their toes.


Defender 04/08/2017 (Sat) 17:50:55 [Preview] No. 172 del
>>170
There is no moderation "team". This is 8chan we are talking about. Any user can create a board. In matter of fact, many BOs are openly anti-Jim and went on a strike when he pulled that shit on /operate/. BOs and mods are users who care so much imageboards, probably because they don't have much in life. For each board in 8chan you will find an counter board. You shouldn't put them all in one basket and you also shouldn't separate them from users, they are users on their own board and other boards too.


Defender 04/08/2017 (Sat) 17:56:14 [Preview] No. 173 del
*a


Defender 04/08/2017 (Sat) 17:59:57 [Preview] No. 174 del
>>169
>>168

You must enjoy 4chan a lot.


Defender 04/08/2017 (Sat) 18:05:43 [Preview] No. 175 del
>>169
>>168

It's true though. I lost about 2/3 of activity when I left the board unmoderated. If you lurk in 8chan, you would know very well that /n/, /new/ and /politics/ died because they have minimal moderation. People no longer filter stuff they don't like, if the quality is not good enough for them, they move to another board. This is the sad state of imageboards today. If you disagree, please show me one successful board in 8chan without moderation.


Defender 04/08/2017 (Sat) 18:13:29 [Preview] No. 176 del
>>175

People shouldn't have to filter things they don't like, moderation is needed to keep posting quality. What moderation and users think is quality posting is subjective, but as you said, boards without moderation die. There's only room for one /b/.


Defender 04/08/2017 (Sat) 18:24:12 [Preview] No. 177 del
>>156
Pay attention to lowcard.
He's antifa and the PMs show he's highly involved in moderating /pol/.
He also filled global mod positions with tons of german friends way early in the game.

>>163
>2017
>still using "cuckchan" to describe 4chan
You can fuck right off, cripple suckboi.


Defender 04/08/2017 (Sat) 18:25:23 [Preview] No. 178 del
>>172
This. I own a board with around 15-20 users usually, and I am blatantly against Jim and his ways. The only reasons I don't go away are explained well by >>160. There are lots of us who don't deserve being exposed like that. I am an user just like you most of the time.
Please consider this. Lots of mods are with us, not with Jim.


Defender 04/08/2017 (Sat) 18:34:28 [Preview] No. 179 del
>>177

lowcard is a great guy

he fought for freedom of speech and pedo posting rights since the early days


Defender 04/08/2017 (Sat) 18:55:02 [Preview] No. 180 del
>>178
>hello please listen to me i use 8chan and own a board there and am a leader within my own community and could at any point in time migrate with it somewhere else, please don't compromise 8chan any further because we are against the owner, administrator and the one responsible entity for this clusterfuck, also there's moderators who are with us and against the people who gave them power to act however they please and these mods are totally not playing us into staying on the sinking ship so they don't lose any more users and the prestige that comes with being a moderator in a moderately populated godforsaken image board
>we would move out but we won't because 8chan has users and i'm not quite aware of the circular logic within my argument but the point is i'm going to stay in 8chan regardless of what happens and however much more the owners, administrators, moderators and volunteers rape our asses, that's the choice we're making and we're sticking to it
>sure we've been lied to all this time but don't you think it's a little cowardly to not stick to your guns? how much more conned can we get, really?
>thanks!


Defender 04/08/2017 (Sat) 19:13:10 [Preview] No. 181 del
>>177
>lowcard
>antifa


Defender 04/08/2017 (Sat) 19:35:31 [Preview] No. 182 del
>>180
>Throwing personal infos on the net is justified because you are using a site witch has been proved just now to be compromised for real
Yeah right. I sincerely don't care though as I use tor, but there is people who will be in real danger if their IPs get leaked.
>prestige that comes with being a moderator in a moderately populated godforsaken image board
Excuse me, what? It is now a privilege to own a board? Wew.
>we would move out but we won't because 8chan has users and i'm not quite aware of the circular logic within my argument
No the point is not that exactly. The point is that users often refuse to move. See the fuckup that's going on at /leftypol/ - although I am quite pleased by it.
>the point is i'm going to stay in 8chan regardless of what happens and however much more the owners, administrators, moderators and volunteers rape our asses
Wrong. I am in fact considering moving. But Im waiting to see how this evolves first.
Tl;dr whatever you choose to do, leaking IPs damages users and not Jim. For me that's a dickmove. Look at it this way:
>oh no, Jim is storing IPs illegally and could do whatever he wants with them!
>let's fuck him up but let's leak those IPs too!
I don't like this reasoning, for whoever uses the site.


Defender 04/08/2017 (Sat) 19:41:44 [Preview] No. 183 del
At the least leak the ips of /pol/, /v/, /b/, /a/ and /leftypol/ mods. And any global mods. Do it for justice.


Defender 04/08/2017 (Sat) 19:45:15 [Preview] No. 184 del
>>183
100% This


Defender 04/08/2017 (Sat) 19:50:49 [Preview] No. 185 del
>>183
pls no


Defender 04/08/2017 (Sat) 19:51:29 [Preview] No. 186 del
>>185
fuck off imkampfy


Defender 04/08/2017 (Sat) 19:54:26 [Preview] No. 187 del
>>183
DOOOOOOOOOOEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEET


Defender 04/08/2017 (Sat) 20:15:30 [Preview] No. 188 del
>>183

>/a/
?

Isn't /a/ just a bunch of autistic purists?


Defender 04/08/2017 (Sat) 20:36:43 [Preview] No. 189 del
>>185
This. It'll serve double duty of putting the fear of God into those worthless kikes and confirming that the dumps are legit while simultaneously leaving innocent users (like /egy/ who could get beheaded by their fanatical government for shitposting) in the clear.


Defender 04/08/2017 (Sat) 20:41:04 [Preview] No. 190 del
>>183

>/v/

Hello Shitsu


Defender 04/08/2017 (Sat) 20:44:03 [Preview] No. 191 del
>>189
what I didn't quote that
>>183


Defender 04/08/2017 (Sat) 21:28:55 [Preview] No. 192 del
>>156
>Also Jim just set us up a twitter bot for our board kek

8chan denied these bots were theirs


Defender 04/08/2017 (Sat) 21:35:42 [Preview] No. 193 del
>>192
When? Do you have a link?


Defender 04/08/2017 (Sat) 21:53:35 [Preview] No. 194 del
(76.77 KB 887x1097 1489309458881.jpg)
>>170
Jim and the ones who defended him deserve to be taken to the cleaners and I know a lot of the niGGers on 8chan defended him as if he were their sugar daddy. They're complacent with being slaves since he pays the rent. If that's the way they feel then they should have no problem going down with the slave ship.

>>183
For fuck's sake, THIS!


Defender 04/08/2017 (Sat) 22:46:13 [Preview] No. 195 del
/leftypol/ hates Jim. wtf are you guys on about?


Defender 04/08/2017 (Sat) 22:56:27 [Preview] No. 196 del
(116.89 KB 1275x560 for_free.png)
>>195

Typical shill tricks, that's what.


Defender 04/08/2017 (Sat) 22:58:12 [Preview] No. 197 del
>>195
>implying only /leftypol/ hates Ji
>implying Jim isn't a Freemason kike.


Defender 04/08/2017 (Sat) 23:00:36 [Preview] No. 198 del
>>197
I'm not implying only /leftypol/ hates Jim. I'm just saying attacks on /leftypol/ are unwarranted.


Defender 04/08/2017 (Sat) 23:02:10 [Preview] No. 199 del


Defender 04/08/2017 (Sat) 23:03:41 [Preview] No. 200 del
>>188
Autistic purists pretending to be oldfags


Defender 04/08/2017 (Sat) 23:15:15 [Preview] No. 201 del
>>183
Holy shit why did no one came up with this yet?


Defender 04/09/2017 (Sun) 00:50:15 [Preview] No. 202 del
>>183
THIS THIS THIS
Do it, leak those ips. Its time for justice to prevail.


Defender 04/09/2017 (Sun) 01:27:10 [Preview] No. 203 del
>>183
this tbh


Defender 04/09/2017 (Sun) 01:55:48 [Preview] No. 204 del
>>164 Now mirror what you just said toward Jim Watkins, his Son, and Fredrick Brennan, because they've been doing for 3 years, and you have yet to complain.

>>165 then refuse to be a board owner, simple as that power hungry pig.
>>172 >>178 ^

>>175
>People no longer filter stuff they don't like
User problem, not software. Jim is using you with his software.
>please show me one successful board in 8chan without moderation.
Should that be: "successful site without moderation"? But it must be 8ch[an?]
>>176
>you NEED US

>>182
I thought Tor was only for pedophiles.
>oh no, Jim is storing IPs illegally and could do whatever he wants with them!
>let's fuck him up but let's leak those IPs too!
>I don't like this reasoning, for whoever uses the site.
He's been selling you info to the highest bidder.

>>183
Tactically, I would say all volunteers & mods, not the users. Leave the Board Owners alone, since they only want to create content, not be power hungry faggots, which Jim wants to flourish.


5/6 ##2itToi Board owner 04/09/2017 (Sun) 02:32:32 [Preview] No. 205 del
(265.61 KB 871x930 greetly.jpg)
(117.49 KB 689x446 omlet.jpg)
All the IPs used by the /b/ mods dysnomia, greetly and Omlet.

If Jim were Napoleon, these three would be his loyal dogs.

8chan_b_mods.txt
sha256: bb003fa989d04526037a4a3d365542d17e77113df53a4c4c48b06e04e3027846

This is a join of the mods and modlogs table.
COUNT is the number of actions logged from the respective IP.


Defender 04/09/2017 (Sun) 02:33:49 [Preview] No. 206 del
>>205
it would be great to release /pol/ mod information


Defender 04/09/2017 (Sun) 02:35:05 [Preview] No. 207 del
(585.45 KB 1280x1620 1491619903420.jpg)
>>204
>Leave the Board Owners alone, since they only want to create content

Nigger, some of those BOs are part of what destroyed 8chan's infostructure long before Jimmy Jam and Ron the Retard script kiddy even came along. There should be no mercy for people who destroyed the site's culture and snitched innocents to the feds for their own ends and means. You'd have a site that does nothing by raise tons of mini moots.

What the hacker does is up to them but what WE should be doing is looking over Jim's emails and or passwords. Long ago in a distant land, Lizard Stresser the fail DDoSing master of script kiddies unleashed an unspeakable evil on 8chan, but a foolish pig farming yoga enthusiast wielding a magic server, stepped forth to oppose them.

Or so Jim's version of the story goes. Jim's not a hacker and he's not even technologically capable. He's the type of person who believes that hackers are top of the food chain and hackers can't be hacked which Lizard Squad was. Why do I bring this up?

Because Jim showed up RIGHT when the Lizard Stresser attack happened and he swooped in to offer HotWheels server support out of the 'goodness of his own heart' which is an epic load of horse shit. Keep in mind these exact same circumstances happened before he loomed over 2ch.

A lot of people believe non other that Jim, Ron or possibly both were behind the Lizard Stresser attacks to make HotWheels fold so he could jump in and scoop up an easy target that was faltering yet still pulling in tons of traffic for him to datamine.

The Lizard Stresser services were hacked and the user lists containing user names, emails and passwords in plain text were all leaked. /baphomet/ and /b/ had a wild ride with those but what we need to do is find that leak and compare the emails to Jim and Ron's and see if we find a match. If we do then they are royally, irreparably, legally fucked beyond words. It could literally put Jim in prison.

We need to get on this shit now.


Defender 04/09/2017 (Sun) 03:18:28 [Preview] No. 208 del
(175.02 KB 940x385 lol.png)
Your boy Dysomnia isn't exactly the brightest.

Also, the PHP server just shit itself, I think.


Defender 04/09/2017 (Sun) 03:24:05 [Preview] No. 209 del
(19.10 KB 300x161 damagecontrol.jpg)
(13.98 KB 562x107 ss.png)
>>208
kek true.
DAMAGE CONTROL/10

and they have a global announcement that says they went offline for a fix, probably botnetting


Defender 04/09/2017 (Sun) 03:28:07 [Preview] No. 210 del
>>15
>If you have the DB, I hope you consider removing any IPs before sharing it. Some people will literally get killed if you do it. /egy/ for example is frequented by christians, agnostics and atheists who say all the wrong things.

Shouldn't we like, um, tell the FBI or something???


Defender 04/09/2017 (Sun) 03:31:19 [Preview] No. 211 del
>>210
do it


Defender 04/09/2017 (Sun) 03:37:07 [Preview] No. 212 del
>>211
I'm not a part of this.


Defender 04/09/2017 (Sun) 03:42:49 [Preview] No. 213 del
>>205
Excellent if you can just drop a few particular other boards mods you'll have done gods work. /pol/, /v/, /leftypol/ probably the biggest offenders. Don't forget the globals and thank you for your work.


Defender 04/09/2017 (Sun) 03:46:02 [Preview] No. 214 del
Hell I'd settle for just a dump of /pol/ and /v/ and the globals now you did /b/ and thats a great start. Those 3 done and globals would be perfect.


Defender 04/09/2017 (Sun) 03:47:32 [Preview] No. 215 del
>>214
No, I need /leftypol/ as well. I'm fairly certain that their little faggot Che has worked with imkampfy in the past.


Defender 04/09/2017 (Sun) 03:48:11 [Preview] No. 216 del
(166.18 KB 400x400 1491691820050.jpg)
>>209
Hot. Monkey. Fix.

>>213
Do /gghq/ because there's another offender who was one of Mark's own hand picked groupies that runs that board and I wouldn't be surprised if there were other groupies as the mods. Not to mention AcidMad is also the fed snitch and if that isn't breaking chan culture, I don't know what is. He was basically Mark's attack dog for other boards that were calling out this shit early on and AcidMan was a defender of Jim. His board was among the people that called Bedchan and all the other hackers who warned them shills and goons.


Defender 04/09/2017 (Sun) 03:48:57 [Preview] No. 217 del
>>213
Did you not see that shitshow on /leftypol/ a few days ago? The /leftypol/ BO raged at codemonkey and even the /leftypol/ userbase took codemonkey's side. /leftypol/ does not deserve being lumped in with those retards.


Defender 04/09/2017 (Sun) 03:51:06 [Preview] No. 218 del
>>217
The biggest arguement I could make for the /leftypol/ mods getting dropped is to confirm that they aren't in fact the same people running 8/pol/. There's something up with 8/pol/ we've all known that for a long time now, would it be surprising that both sides of the political coin are controlled opposition on 8chan? I don't think it would.


Defender 04/09/2017 (Sun) 04:08:17 [Preview] No. 220 del
(63.78 KB 1280x720 1483889196900.jpg)
>greetly's face when /b/ breaks with his IP in the front page


Defender 04/09/2017 (Sun) 04:16:32 [Preview] No. 222 del
>>194

With shit like this >>143 I had to put with combined with all those guys at freech pulling shit out of their ass with their badly concocted "infographs" which somehow never improved in quality for so long do you really expect me to just listen and believe without hard concrete evidence like what OP is dropping? Now there is and I believe it now. From here on I'm just going to stay out of this hacker guy's way and hope I don't get caught in the crossfire from a raw IP dump of every user saved in 8chan's database.


Defender 04/09/2017 (Sun) 04:18:36 [Preview] No. 223 del
>>182
I was being hotheaded and I apologize. >>15 and >>189 put it into a perspective beyond some random knowing someone's general location that I honestly hadn't thought about. My point is you were asking for something but showing no signs of working towards improving your situation to the point you never have to make such a request again.

Do you seriously think there are global mods on 8ch who are currently looking for your best interests? These spots are all filled with people close to Jim and hotwheels' inner circle. They've put ego above community and fucked around with whoever they pleased. At the absolute best they're conceding a position where both you and them benefit. This is 4chan pre moot sellout all over again, when people thought moot was the cool guy and he was just unlucky enough to the point all the higher ups he surrounded himself with were faggots doing dirty work behind his back. Birds of a feather do flock together.

I concede there's no point to leaking ip's besides maybe global mods. Situations like /egy/ are certainly fucked up and there are loads of /pol/ board volunteers who were around early in the game who got shafted over time for questioning the board owners' circlejerk's actions. Gamergate is a can of worms too.


Defender 04/09/2017 (Sun) 04:26:52 [Preview] No. 225 del
>implying VPN
>2602:304:ccdf:5190:195d:a9c1:7e4a:1ebf
>AT&T netblock
Yeah, nice VPN dysnomia


Defender 04/09/2017 (Sun) 04:36:24 [Preview] No. 226 del
(58.50 KB 603x453 1483889196940.jpg)
>>208
>>209
>Sorry. The owner of this board has decided not to allow Tor posters for some reason...
8/b/ vols on suicide watch.


Defender 04/09/2017 (Sun) 04:38:11 [Preview] No. 227 del
(92.94 KB 943x568 yee.png)


Defender 04/09/2017 (Sun) 04:38:56 [Preview] No. 228 del
>>227
Nothing out of the ordinary for /b/


Defender 04/09/2017 (Sun) 04:39:52 [Preview] No. 229 del
>>226
Just FYI, there's tons of exits not banned.
A few circuit changes and you should be able to post over cloudflare.


Defender 04/09/2017 (Sun) 05:02:12 [Preview] No. 230 del
>>229

Do people still not know how to chain open proxies after tor exits?


Defender 04/09/2017 (Sun) 05:04:42 [Preview] No. 231 del
>>230
Can you give me a guide? or a quick link so I can learn how?


Defender 04/09/2017 (Sun) 05:07:21 [Preview] No. 232 del
>>230
I do, but I'm lazy. It's easier to open a few circuits than dig up perl I wrote years ago to scrape a bunch of computers from a russian botnet. I don't shitpost like this often to warrant it.
Seriously though, for some reason the DNSBL must be fucked up.


Defender 04/09/2017 (Sun) 05:09:15 [Preview] No. 234 del
(20.62 KB 427x427 1489095559895.jpg)
>>227
Only begun has the damage control.


Defender 04/09/2017 (Sun) 05:24:15 [Preview] No. 235 del
>>230

It requires some setup to do properly and easy to fuck up/leak so most don't bother.

>>233

If you want use those methods with Tor Browser instead of Firefox, you'll need to launch Tor Browser with the enviroment variables:
TOR_SKIP_LAUNCH=1
TOR_SKIP_CONTROLPORTTEST=1

Then go to about:config and change extensions.torbutton.use_nontor_proxy to true

The best way to do is in a Torified VM, so you don't fuck up (if it really matters).


Defender 04/09/2017 (Sun) 05:36:27 [Preview] No. 236 del
>>235

I think only scumbag carders chain proxies after Tor since all exits are flagged by credit card payment processors.

In a Whonix VM, all you need to do start TBB, change extensions.torbutton.use_nontor_proxy to true then configure the proxy you want to chain in the network settings.

Not worth the effort for shitposting on 8chan.


Defender 04/09/2017 (Sun) 05:43:20 [Preview] No. 237 del
>>229
That's true. They use exitnodes.tor.dnsbl.sectoor.de which is not a comprehensive list of exit nodes.
After finding one that works you can use it again later by editing the torrc file but I recommend returning to the standard configuration after you're done using the exit node.


Defender 04/09/2017 (Sun) 05:44:05 [Preview] No. 238 del
>>229
>>230

lol just do it directly through open proxies, it's not like you're gonna be tracked down and arrested for spamming 8chan


Defender 04/09/2017 (Sun) 06:03:07 [Preview] No. 239 del
>>124
>ctrl-f my username
>its there
well fuck


Defender 04/09/2017 (Sun) 06:23:34 [Preview] No. 240 del
>>225

I thought he was some lain cyberpunk, why is he modding bare IP?


Defender 04/09/2017 (Sun) 06:29:06 [Preview] No. 241 del
>>239
Changing your password should be enough to avoid having your account compromised.


Defender 04/09/2017 (Sun) 06:30:27 [Preview] No. 242 del
>>240
he never had anything to do with lainchan other than that he likes lain anon.


Defender 04/09/2017 (Sun) 07:07:28 [Preview] No. 243 del
>>241

You can't change the password for boards that aren't up yet, because the mod account can't be logged into yet.


Defender 04/09/2017 (Sun) 07:30:16 [Preview] No. 245 del
>>243
It seems it's not taking too long to have a board up after making a request to Codemonkey.
So if he has done that already, he will probably have access to it soon enough.

Also, I don't think there anyone rainbow tabling those hashes just so they can take control of random board #48151642.


Defender 04/09/2017 (Sun) 07:35:50 [Preview] No. 246 del
>>245

you can't rainbow table salted passwords, it's why salts exist.

if your password is strong enough, it will be nearly impossible for anyone to crack it


Defender 04/09/2017 (Sun) 08:31:23 [Preview] No. 247 del
>>245
>>246

So the main issue for random board owners is IP addresses and emails?


Defender 04/09/2017 (Sun) 08:37:32 [Preview] No. 258 del
I'm seriously waiting for you to drop 8/pol/ mods and BO, such as imkikefy.
Come on, DO IT


Defender 04/09/2017 (Sun) 08:37:54 [Preview] No. 259 del
>>258
drop ips of* fixed


Defender 04/09/2017 (Sun) 09:14:48 [Preview] No. 260 del
>>258
fucking this, please hurry up and do it mate. It would mean a lot to us /pol/acks


Defender 04/09/2017 (Sun) 09:52:53 [Preview] No. 262 del
>>156

From one of the messages (presumably BO):

>"I remember imkampfy telling me early on, when I first became a mod, that shills would likely try to fight against him specifically. I suppose that's what we're seeing here."

lel, why would imkampfy tell people so early on that people would shill against him? Pretty suspicious.


Defender 04/09/2017 (Sun) 09:55:42 [Preview] No. 263 del
>>261
t.imgoonfy in damage control


Defender 04/09/2017 (Sun) 10:15:55 [Preview] No. 264 del
>Treat your users better next time
I love the header ##2itToi. I never thought a day like this would come, at least someone cares about us anons. Keep up the great work.


Defender 04/09/2017 (Sun) 10:23:30 [Preview] No. 276 del
>>265
>>271
>>275
we're coming for you imkikefy no matter how much you spam


Defender 04/09/2017 (Sun) 10:26:32 [Preview] No. 277 del
these goon leaks are obviously fake. whoever falls for them is retarded


Defender 04/09/2017 (Sun) 10:30:11 [Preview] No. 279 del
>>277
Care to elaborate?
How do you known?


Defender 04/09/2017 (Sun) 10:31:09 [Preview] No. 280 del
>>279
I don't need to explain anything to you, kike.


Defender 04/09/2017 (Sun) 10:34:40 [Preview] No. 281 del
(282.22 KB 640x360 wew.png)
>>277
>>278
>>280
>fake
so codemonkey is retarded? :^)
imkikefy we're still coming for you no matter how you spam, your spamming is WEAK and PATHEIC,.


Defender 04/09/2017 (Sun) 10:35:00 [Preview] No. 282 del
(25.48 KB 480x360 oy vey.jpg)
>>280
>Goyim knows
DELETE THIS


Defender 04/09/2017 (Sun) 10:54:23 [Preview] No. 283 del
>>280
hahahahahahahahahaha


Defender 04/09/2017 (Sun) 10:58:45 [Preview] No. 284 del
Kikemonkey obviously set all of this up himself. He is trying to falseflag imkampfy, but he plans on delaying the release of the logs. He had to come up with something elaborate to finally get rid of 8/pol/.

Watch out, (((they))) are watching this thread.


Defender 04/09/2017 (Sun) 11:09:18 [Preview] No. 285 del
>>284
t. imkikefy


Defender 04/09/2017 (Sun) 11:23:26 [Preview] No. 286 del
(74.96 KB 1775x337 imkampfy turkey.PNG)
>>284
You're not fooling anyone you low IQ shitskin


Defender 04/09/2017 (Sun) 11:28:33 [Preview] No. 287 del
Found some /pol/ vol that is not the BO, and probably likely to be imkampfy. The hotpocket is scheming to get rid of one of the vols by playing them off against each other.

https://archive.is/2h94n#selection-761.19-761.368

>I talked with faggetttss about it. If nacht is toning down the bullshit then good. If he amps it up again, you and faggetttss MUST get doorways to remove him. Watch him like hawks. I can't participate much right now. This is up to you and faggetttss. I know you have a good heart. Use it. Don't let nacht fuck up /pol/ and splinter the community.

So this unknown vol is looking to remove the vol nacht_. nacht_ has a msg to the BO in the messages above. Surprise surprise, it's a conversation with imkampfy. It's a longer conversation so you'll have to read it.

https://archive.is/2h94n#selection-713.21-713.186

Notice the stark difference between the hotpocket nacht_ and imkampfy in the messages. Nacht sounds polite, and admits wrongness to the BO. Imkampfy flies off the handle in the chat, then secretly organizes with some others behind Nacht's back to get rid of him.


Defender 04/09/2017 (Sun) 11:31:07 [Preview] No. 288 del
>>287

If that second link doesn't work ctrl+f irc chat log


Defender 04/09/2017 (Sun) 11:36:18 [Preview] No. 289 del
>>288
I'm having issues with it too


Defender 04/09/2017 (Sun) 11:48:40 [Preview] No. 290 del
>mfw literally jew spam
it just keeps getting better every day


Defender 04/09/2017 (Sun) 12:23:38 [Preview] No. 291 del
>all this ass devastation
>probably all pedophiles and kikes

Nice.


Defender 04/09/2017 (Sun) 12:24:32 [Preview] No. 292 del
>>264

>I SHOULD BE ALLOWED TO SHIT UP A BOARD RULECUCKS MUST DIE


Defender 04/09/2017 (Sun) 12:26:15 [Preview] No. 293 del
>>292
anyone should be able to "shit up" a board, rulecucks should die and you have to go back 8nigger.


Defender 04/09/2017 (Sun) 12:27:48 [Preview] No. 294 del
>>293
this board already have refugee 8niggers and they keep making stupid boards and "rulecuck" boards with no rules written anywhere and ban everyone they disagree with


Defender 04/09/2017 (Sun) 12:28:04 [Preview] No. 295 del
>the only thing imkampfy knows to do is spam the thread and claim fake with no evidence
Hahahahahahahaha. Get fucked, you cunt.


Defender 04/09/2017 (Sun) 12:39:04 [Preview] No. 296 del
>>292
What does "Treat your users better" have anything to do with wanting to spam a board, like you are doing right now.
Also, i find it funny that you just called yourself a rulecuck, imkampfy.
>>294
>this board already have refugee 8niggers
No shit, you think we don't want any good users that are still on 8chan to come?
Also
>this board already have refugee 8niggers and they keep making stupid boards
You mean this SITE has 8chan refugees?

>"rulecuck" boards with no rules written anywhere and ban everyone they disagree with
I know you are trying to push a narrative in order to try and convince other 8channers to trust you but at least TRY a bit harder.


Defender 04/09/2017 (Sun) 12:39:41 [Preview] No. 297 del


Defender 04/09/2017 (Sun) 12:43:43 [Preview] No. 298 del
>>294
Also, you should try learning proper grammar, imkampfy.


Defender 04/09/2017 (Sun) 12:47:52 [Preview] No. 299 del
>>293

How old are you anarchy fag


Defender 04/09/2017 (Sun) 12:54:08 [Preview] No. 300 del
Welp, at lest we finally got them to really the updated source code. Weren't they in violation of the GPL anyway?


Defender 04/09/2017 (Sun) 12:55:29 [Preview] No. 301 del
>>299
Did you not see the quotations? I am pretty sure he means that rulecucks need to gas themselfs because people shouldn't be banned cause of , what you describe as, "shitting up the board".


Defender 04/09/2017 (Sun) 12:59:23 [Preview] No. 302 del
>>296
We don't take 8nigger refugees
GO BACK WHERE YOU CAME FROM


Defender 04/09/2017 (Sun) 13:02:02 [Preview] No. 303 del
>>301

He means "we should be allowed to turn every board into a form of /b/". This means no proper discussion ever, you can't have every board be a form of /b/ and expect some manner of quality posting.


Defender 04/09/2017 (Sun) 13:04:39 [Preview] No. 304 del
>>302
Is that you, imkampfy? Trying to samefag and make us look bad? It ain't gonna work.
Of course we are taking 8channers because most of endchan users WERE 8channers. We may have came here earlier but it still counts.
>>303
No, i am pretty sure he means rulecucks like imkampfy need to fuck off, not that every board needs to be /b/.
>This means no proper discussion ever, you can't have every board be a form of /b/ and expect some manner of quality posting.
No shit.


Defender 04/09/2017 (Sun) 13:05:33 [Preview] No. 305 del
(101.14 KB 650x650 damagecontrol.jpg)
>>303
if this (posting things you don't like) "shitting up a board" then yes, absolutely.
>muh discussion
truly cucked fam


Defender 04/09/2017 (Sun) 13:07:50 [Preview] No. 306 del
>>304

I don't care about pol shit, I care about the quality of the boards I actually use. "rulecucks" is a meme by fags who want to destroy imageboards. You don't like how pol is moderated create your own pol you fucking faggots god damn.


Defender 04/09/2017 (Sun) 13:11:38 [Preview] No. 307 del
>>306
>"rulecucks" is a meme by fags who want to destroy imageboards.
pffaaahaaaaahjahahaahahaaahahahahaaahaahhaaaaaaaaaaaaaaaahhaaahaha
>You don't like how pol is moderated create your own pol you fucking faggots god damn.

that's what we have done, 8nigger. umad you can't play internet forum moderator anymore?


Defender 04/09/2017 (Sun) 13:13:05 [Preview] No. 308 del
(883.54 KB 1258x3096 Exodus2.0.png)
(5.35 MB 1280x720 degration of hobby.mp4)
>>304
>Of course we are taking 8channers because most of endchan users WERE 8channers. We may have came here earlier but it still counts.

>most of endchan users WERE 8channers
Was it during the exodus and when finding out that Jim was datamining kike.

Also why would (((we))) want to take 8niggers here? More traffic will decrease the quality of this board you know and strain the servers more.


Defender 04/09/2017 (Sun) 13:13:07 [Preview] No. 309 del
>>306
>"rulecucks" is a meme by fags who want to destroy imageboards
Sure, mate, its used only by fags who want to destroy imageboards and its not generally used to describe people such as imkampfy.
Sure.
>You don't like how pol is moderated create your own pol you fucking faggots god damn
That was tried but it never worked cause idiots don't want to abandon /pol/, as you already know.


Defender 04/09/2017 (Sun) 13:13:51 [Preview] No. 310 del
>>204
>Now mirror what you just said toward Jim Watkins, his Son, and Fredrick Brennan, because they've been doing for 3 years, and you have yet to complain.

I've always raised concerns whenever the issue has come up on /sudo/ and other boards. And after the failed migration. I've always been in favour of privacy and always encouraged it. I would have emailed the admins direct if I knew what I was talking about but I'm not very /tech/y at all and people who seem more knowledgeable than me on the issue are always arguing about it and I have no idea who's right. Also the threads are full of everyone with an agenda so nothing really come of it and the admins always ignore.

I appreciate what the hacker has done to bust it all open for everyone to see. But I'd really rather not be punished for this.


Defender 04/09/2017 (Sun) 13:16:18 [Preview] No. 311 del
>>309

If you weren't so obsessed with pol you'd know that rulecuck meme is thrown around in every board that with mods that try to keep their board clean.


Defender 04/09/2017 (Sun) 13:17:20 [Preview] No. 312 del
Daily reminder how librechan went. Of course moderation is needed when it comes CP and stuff like that.


Defender 04/09/2017 (Sun) 13:23:13 [Preview] No. 313 del
>>308
>Also why would (((we))) want to take 8niggers here?
Because they will increase the amount of posting and discussion going on in the site? A few extra 8channers won't kill it.
>More traffic will decrease the quality of this board
You mean this SITE? This is just board dedicated to a single thread, unless you start spaming ,like you did earlier.
>strain the servers more
The site would still work without a problem. I doubt that even 50 more users can strain the site to the point it become nearly unusable.
>>311
>obsessed with pol
I rarely ever browse it.
>you'd know that rulecuck meme is thrown around in every board that with mods that try to keep their board clean
Yeah and you would know that those people are generally called out on and that a lot of people also use it just to describe rulecucks such as imkampfy.


Defender 04/09/2017 (Sun) 13:29:07 [Preview] No. 314 del
>>312
>>313
the only job of a moderator is to remove illegal content
prove me wrong


Defender 04/09/2017 (Sun) 13:34:26 [Preview] No. 315 del
>>314
While it depends on the board, the moderator also has to keep the board clean of poor shitposts and other posts that add absolutely nothing to the thread.
The reason the do it is if they let spammers do anything they run a high risk of their board going to shit and having both the conversations go to shit and have the users leave.
Unfortunately, there are rulecucks that take it too far.
There, i proved you wrong.


Defender 04/09/2017 (Sun) 13:40:16 [Preview] No. 316 del
>>313
>You mean this SITE?
Yeah, mixed the word there.
>unless you start spaming ,like you did earlier.
It was some other faggot who raided with >muh lexor haxor Tor xd.
This indeed does lead to my next point which is case in point what will happen if we take these refugees. The more users we take, the more likely we are getting raided by these niggers because spamming is totally cool amarite and or become a target of raid when we start to grow bigger.
>The site would still work without a problem. I doubt that even 50 more users can strain the site to the point it become nearly unusable.
I sure do hope so that lynxchan engine does its magic.
>>314
Unless you deny and or question holohox or general hate speech and the server itself is in Europe. Otherwise, yes.
>>315
What if a particular board does not have any set rules beside from the global rules. Is it okay to call the BO a faggot? For example, >>>/mtf/. Now that board is a complete shitshow.


Defender 04/09/2017 (Sun) 13:44:58 [Preview] No. 317 del
>>261
>ITT 8nigger mods figure out where the leaks are being posted and spam us

Don't lie, you faggots are the only ones who cry about goons like this and seeing you call OdiliTime an incompetent goon spammed all over the board is proof of this. You're butthurt and calling other people goons (your personal anti christ) is your best form of a come back. Rot in piss. This is happening.

>>262
Sounds like a guilt complex if I ever saw one.

>>280
We're coming for you imcoonpfy. Get the lube.

>>284
Cool story bro.

>>287
Well, he's autistic so this all sounds in character.

>>300
They were in violation of shit loads.


Defender 04/09/2017 (Sun) 13:56:56 [Preview] No. 318 del
>>316
> Is it okay to call the BO a faggot? For example, >>>/mtf/. Now that board is a complete shitshow.

it is run by a trannyfaggot so it makes sense that he'd be mentally unstable and censor everything.
it's fun to watch him delete posts that are harmless because I can tell that he's suffering inside from
MEAN INTERNET WORDS


Defender 04/09/2017 (Sun) 13:59:16 [Preview] No. 319 del
>>316
Really? Is that it? You're afraid of being a target? Thats weak.
Of course you're gonna be a target if you aren't a good goy and keep your site dead. I sincerely doubt that the site will start being raided and destroyed because a few extra anons came. Yes it might happen eventually but thats unsurprising. This site won't last forever.
>What if a particular board does not have any set rules beside from the global rules
Well, if the board allows spamming then its ok for it to have spam, obviously. If the board doesn't have written rules but expects quality, then the BO should write down a rule in which he says he won't allow shitposts. Simple. Its now just up to the users themselfs, will they just post shitty spam or have good shitposts? Also, there will always be people who will shit on the BO for the smallest reasons.


Defender 04/09/2017 (Sun) 14:01:28 [Preview] No. 321 del
>>319
Oops.
Of course you're gonna be a target if you aren't a good goy and NOT keep your site dead.*


Defender 04/09/2017 (Sun) 14:02:57 [Preview] No. 322 del
>>319
Oops.
Of course I'm going to be a fucksucking dick muncher on this site to keep it dead.*


Defender 04/09/2017 (Sun) 14:04:54 [Preview] No. 323 del
CP yes but there is a difference between that and images that "make you uncomfortable" but do not violate the DOST test.

Also, no specific information about why librechan went down the way it did was ever posted.

Rumors are its admin just didn't want to run it anymore.


Defender 04/09/2017 (Sun) 14:07:01 [Preview] No. 324 del


Defender 04/09/2017 (Sun) 14:34:13 [Preview] No. 326 del
>>314
Spam should be removed as well.
The problem is when BOs start calling everything they don't like "spam".


Defender 04/09/2017 (Sun) 14:35:53 [Preview] No. 327 del
>>326
if "spam" is to be removed the term needs to have a strict explicit static (non evolving) definition.


Defender 04/09/2017 (Sun) 15:11:09 [Preview] No. 328 del
>>327
It can. You can define a spammer as someone with a high number of PPM where most of his posts as off-topic.
"spam" would be these off-topic posts.


Defender 04/09/2017 (Sun) 15:16:05 [Preview] No. 329 del
Jesus christ, just dump the ips of 8/pol/ BO and mods already.


Defender 04/09/2017 (Sun) 15:27:04 [Preview] No. 330 del
>>327
You can't help if certain people want to label things they don't want/like as spam.
If you want a definition tho, >>328 gave it to ya.

>>329
Yeah, seriously, whats taking so damn long?
There is supposed to be 1 more part to this whole leak, so i guess he may be preparing the last part?


Defender 04/09/2017 (Sun) 15:57:09 [Preview] No. 331 del
>>320
>Rumors are its admin just didn't want to run it anymore.

From my information, librechan was hosted by the same place as masterchan. Both of the admins of said imageboards communicated with each other to to figure out what to do after receiving complaints of illegal content. It was either French or Danish official whom wanted to down it. The location of said servers was probably in France or unknown location. However masterchan did manage to avoid such thing after its rebranding tho it is ruined by outlanders

To sum it up cynically
tl;dr freedom of speech dedicated board ruined by pedos because of hebe and cp.

It is a shame because I really liked it, probably my favourite after endchan. I wonder if there is any librechan lurkers here to confirm my spouting. It has been quite sometime so I may not remember everything correctly.


Defender 04/09/2017 (Sun) 16:18:33 [Preview] No. 332 del
>I found this

Meu email é silver.rider@outlook.com" 1480471324 0
6486 3017 20245 "
I see you deleted some Richard Spencer dox. What do you think, is it really bad to allow dox of rightwingers on /leftypol/?" 1480482003 0
6487 20389 3017 "
Something is very wrong with the baning system. I have to ban the same Ip's over and over and over again and they can still post like nothing happened, i don't know what the fucks going on." 1480492382 0
6488 24106 26680 "
>Sick and tired of deleting necrobumps tbh, you think Cluck would mind if we stickied your rules thread? Its aesthetic and helpful. Itll do more good than me posting in every thread reminding people a mod is hovering over 'Recent Posts' every second.

When I asked him why he unsticked it to begin with he said something to the effect of 'stickies don't do any good'. It's true that most people don't bother paying attention to them, but in my opinion the point is not giving people an excuse to not read it. You can certainly ask him again though, he might change his mind if there's more consensus about it." 1480496080 0
6489 26839 24802 "
pls filter ""Laura B"" to ""Richard 'lowtax' Kyanka""" 1480508826 0
6490 20245 3017 "
Doxxing is just bad in general.
I imagined that it would had ment trouble in the long term eitherway.

I'm unsure about what to do now. Should I allow dox if theire from a nazi?" 1480516776 0
6491 3017 20389 "
>Something is very wrong with the baning system. I have to ban the same Ip's over and over and over again and they can still post like nothing happened, i don't know what the fucks going on.
Hm, you mean those IP hashes? IIRC, I had this problem once. I asked Hotwheels, and he said that the IP hashes don't actually represent the individual IP of the poster, but a whole IP range. I guess this protects the anonymity a bit more. If you're having this problem, do a rangeban. Covering 128 or 256 IPs seems like a moderate way to crack down on this type of ban evader (likely a phoneposter resetting their connection)." 1480521225 0
6492 3017 20245 "
>Doxxing is just bad in general.I imagined that it would had ment trouble in the long term eitherway.I'm unsure about what to do now. Should I allow dox if theire from a nazi?
Well, I think that bad/troublesome things tend to kind of belong on imageboards. And I like board wars and shit like that. On top of this, doxing is part of some IRL organizations' methodology, such as Antifa I believe. My first impulse is to say, yes, doxing that is done by left-wing posters is okay.

However, I would be a bit worried that something could escalate and /leftypol/ users or volunteers would be targeted by an angry mob." 1480521442 0
6493 26680 24106 "

Its a great fucking sticky so if he unstickies it I might just stop modding the place. I mean you shouldnt expect someone to want to do a job when the workload can halved easilly (i.e people reading the rules)


May I ask you copy and paste everything in the sticky thread and remake it with the /loli/-tan I'll request SP draw for me? It'll say something like 'The rules are simple!"" or whatever you have in mind it say. Let me know how it should look." 1480524957 0
6494 20245 3017 "
That is truth, our issue now is what to do if things escalate" 1480526702 0
6495 3017 20245 "
>That is truth, our issue now is what to do if things escalate
If there really was some kind of doxing board war, I don't think bans or deletions would really stop the problem. /pol/lacks wouldn't post dox of leftwing people on /leftypol/ anyway, they'd post it on their own board. I wouldn't want to stop lefties from retaliating. And it's not like we are official negotiators or anything.

One thing I will say for sure is that I would rather not bring extra FBI or police attention to the board. If someone happened to post ORIGINAL dox on a government agent here, I would say get rid of it. But if it's just a repost from something like wikileaks, let it slide too." 1480527441 0
6496 20245 3017 "
That totally answers my concers.
Thanks" 1480528130 0
6497 24106 2668


Defender 04/09/2017 (Sun) 16:20:00 [Preview] No. 333 del
>Well, I think that bad/troublesome things tend to kind of belong on imageboards. And I like board wars and shit like that. On top of this, doxing is part of some IRL organizations' methodology, such as Antifa I believe. My first impulse is to say, yes, doxing that is done by left-wing posters is okay.
Who said this? Was it a conversation between /leftypol/ BO and vols or with hotwheels/codemonkey?


Defender 04/09/2017 (Sun) 16:29:09 [Preview] No. 334 del
(17.90 KB 637x418 ebin-clinton.jpeg)
>>332
>they thought banning a /16 would stop mobile phone ban evasion

wew


Defender 04/09/2017 (Sun) 16:32:57 [Preview] No. 335 del
>>104
Dudwheels used to sign every message on 8 chan with PGP.


Defender 04/09/2017 (Sun) 17:28:34 [Preview] No. 336 del
>>335
Only the ones in which he revealed his identity anywa.


Defender 04/09/2017 (Sun) 17:40:46 [Preview] No. 337 del
>>182
>has been proved just now
No, it's been proved in 2015/2016 with bedchan, the "cuteboys stores IP addresses from 2 years ago" image, and other warnings.


Defender 04/09/2017 (Sun) 19:02:24 [Preview] No. 338 del
What a shitshow.


Defender 04/09/2017 (Sun) 19:05:36 [Preview] No. 339 del
>>218
The /leftypol/ BO literally wants to abandon 8chan and the users don't know any better than to want to stay on 8chan. If BO actually tries to force an exodus, codemonkey is getting ready to cuck /leftypol/.

http://8ch.net/sudo/res/33994.html#34151


Defender 04/09/2017 (Sun) 19:08:18 [Preview] No. 340 del
>>339
If /leftypol/ is actually smart enough to evacuate I'll be extremely surprised. Aren't those faggots born to be cucked?


Defender 04/09/2017 (Sun) 19:16:51 [Preview] No. 341 del
Still waiting on you dumping IPs of /pol/ BO, and mods. and /leftypol/ BO, and mods. BO.


Defender 04/09/2017 (Sun) 19:19:43 [Preview] No. 342 del
>>337
Surely you're not going to fall for freech pulling shit out of their ass with their badly concocted "infographs"! T-that was an elaborate goon troll! B-based hotwheels would never betray us! It's all Jim's f-fault!


Defender 04/09/2017 (Sun) 19:33:10 [Preview] No. 343 del
youre the same guy who was doing all that wikileaks blockchain shit late last year


this is all adderall fueled bullshit


Defender 04/09/2017 (Sun) 20:02:21 [Preview] No. 345 del
>>344
Interesting, OC is getting shared across bunkers.


6/6 ##2itToi Board owner 04/10/2017 (Mon) 00:46:23 [Preview] No. 348 del
Lastly, all the IPs used by the following global/admin accounts: copypaste, dvt555, ft, guy, JEWS, L (good work on security btw), laozi, nepfagglobal, ofxw791tk, R2D2, ryu, Tenicu4, Toolshed and zerosugar.

8chan_globals.txt
sha256: 514dfe32dbee2114d64671f62d048f4907d1c138b5976e84e4a001fe71207f9f

They can see everyone's IPs so I'm sure they won't mind users having a glimpse of their IPs as well.
The global accounts botmod, claims and Somanyanons3 have been removed from this file.


##2itToi Board owner 04/10/2017 (Mon) 00:50:00 [Preview] No. 349 del
(217.00 KB 1080x1080 1483889196869.jpg)
Sorry to disappoint but I will not be releasing the IPs of any other vols.
8chan is still vulnerable so you can do it yourself if you want.

Goodbye and remember to be nice to your users.


Defender 04/10/2017 (Mon) 00:52:45 [Preview] No. 350 del
>>349

So you had an opportunity to unmask a hotpocket of the largest board (imkampfy) that several dozen anons have evidence for being connected to a large network of VPNs, antifa, and others, as well as causing chaos on 8chan, yet you don't do unmask him?

Really makes you think.


Defender 04/10/2017 (Mon) 01:01:09 [Preview] No. 351 del
>>349
Thank you.


Defender 04/10/2017 (Mon) 01:05:01 [Preview] No. 352 del
(9.39 MB 960x540 8chanhack.webm)


Defender 04/10/2017 (Mon) 01:06:19 [Preview] No. 353 del
>>349
Do kampfy, moonman, and heil and I'll give you 100 USD in buttcoin.


Defender 04/10/2017 (Mon) 01:07:25 [Preview] No. 354 del
>>353
who are they?


Defender 04/10/2017 (Mon) 01:11:48 [Preview] No. 355 del
>>354

Heil is the BO of /pol/ (aka faggettts). imkampfy and therealmoonmoon are /pol/ vols.

Look leaky hackerman, you've done a good job with all this and I thank you, but you would give many of us a big bit of closure if you gave us information about them. A lot of us think there is something up with the /pol/ mod team. Something doesn't sit right with them. There are a lot of inconsistencies in their behavior and have been for a long time. More information on them could clear this up, or exonerate them.


Defender 04/10/2017 (Mon) 01:12:12 [Preview] No. 356 del
>>348
>They can see everyone's IPs
Not any more as of a few months ago, actually, except through the JSON interface of the global report queue.


Defender 04/10/2017 (Mon) 01:22:45 [Preview] No. 357 del
>>355
>faggettts
oh yeah he deserves it. fuck that guy


Defender Board owner 04/10/2017 (Mon) 01:31:30 [Preview] No. 358 del
>>356
>except through the JSON interface of the global report queue
So they can still see the full IP of whoever they want but they have to globally report it first?


Defender 04/10/2017 (Mon) 01:50:12 [Preview] No. 359 del
>>358
It's a bug/oversight. There are some inconsistencies between the HTML and JSON interfaces (like the hidden service not getting a 000000 ID) and the JSON interface of the report queue is a giant mess in general. For some reason it contains paths to the temporary files used during the file upload and some of the data in it is stored as JSON-encoded strings, within the JSON.

This only happens in the JSON interface, the HTML interface shows hashes.

It could be abused, but I really doubt it ever happened. It would leave suspicious traces in the board log and anything tracking the report queue (including the IRC bot). I still wouldn't mind a fix (hi Ron).


Defender 04/10/2017 (Mon) 02:09:53 [Preview] No. 360 del
>>348
>he even leaked dvt555's IP
What a faggot, that guy did literally nothing wrong.


Defender 04/10/2017 (Mon) 02:21:32 [Preview] No. 361 del
Is there a board list? Always was curious to see some of the unlisted boards


Defender 04/10/2017 (Mon) 02:21:53 [Preview] No. 362 del
>>348
>L (good work on security btw)
I'm assuming you saw my title in that old gvol list file, in which case this is an insult.

(Un)fortunately that role has not been mine, and the server/software security has been entirely up to ron/jim. Although they can only be blamed so much, given what they inherited.

But I couldn't miss the opportunity to reply anyway. You should have grouped this file by username as well?


Defender 04/10/2017 (Mon) 02:37:48 [Preview] No. 363 del
>>352
You don't even need to compare both videos. Jim and hotwheels contradicted themselves in the press release. The press release summary webm nailed it. Very good piece of OC though, saved for sure.


This was all very interesting, leaker.


Defender 04/10/2017 (Mon) 02:38:55 [Preview] No. 364 del
>>362
>given what they inherited.
It was entirely their fucking decision to keep eating shit.
They could migrate to Monaba, since they don't like the AGPL and Codemonkey has a functional programming fetish. They could've fixed Next. They could've used Lynxchan, as shitty as it is.

This is entirely on them. They stayed with vichan because Jim is fucking retarded, and because it meant that the cripple could fix whatever things he fucked up in the past.


Defender 04/10/2017 (Mon) 02:44:33 [Preview] No. 365 del
>>364
/shrug

Those things are easier said than done, although I don't want to absolve them of blame completely.

Why were some gvol accounts redacted and others not?


Defender 04/10/2017 (Mon) 02:44:58 [Preview] No. 366 del
>>349
Thanks for all you did. Someone needs to dig up the /pol/ mods bad. Man the secrets you know. But hey, at least you blew the lid off some of these people. Gods work.


Defender 04/10/2017 (Mon) 02:45:51 [Preview] No. 367 del
>>365
I think he did it cause of who he thought was gulity or not. Man if only the pol mods had gotten leaked though.


##2itToi 04/10/2017 (Mon) 02:54:55 [Preview] No. 368 del
>>359
>It's a bug/oversight.
I see. There are a lot of those in the source-code.
Some with a lot of potential for abuse.
I'm still waiting for Ron's writeup to see how exactly does he think all of this all possible with the things he removed in his patch.

>>362
>this is an insult
:^)

Don't take it personally. Even if it was still your responsibility it's understandable there would be mistakes there.
With Ron forking infinity it will be helpful to have multiple eyes checking for problems in the code again.

>You should have grouped this file by username as well?
Sure but don't tell anyone that


Defender 04/10/2017 (Mon) 03:02:30 [Preview] No. 369 del
(295.22 KB 1066x918 1488505407964.jpg)
>>355
Maybe you should ask them how they did it and like they said, do it yourself?

Either way, thanks hacker. You didn't really pull the lid all the way off this mess like many of us wanted but you've still done a greater service than all others and for that I thank you.

I am curious why you decided to leak some mods and not others though.

>>361
There was a list out in the open a bit ago. /tech/ or at least someone who posts there put it up a while ago.

>>368
You should stay on this honestly. They're going to keep making excuses as this goes on and better you than anybody to knock the lies out of their mouth when they inevitably come.


Defender 04/10/2017 (Mon) 03:06:45 [Preview] No. 370 del
>>368
I have to ask.... why not drop the /pol/ mods at least? These are the people gulity of some of the most fuckery. I get not releasing everything... but why not throw that in? I appreciate what youve done... I just dont get why not do the last bti and see what happens. And yes, users who stay under tyranical mods in the name of pph are dumb.


Defender 04/10/2017 (Mon) 03:07:42 [Preview] No. 371 del
>>369
>Maybe you should ask them how they did it and like they said, do it yourself?

This. He should use a time machine and go back before the exploits were patched and the code was changed. No need at all to drop info on /pol/ mods as they are based.


Defender 04/10/2017 (Mon) 03:16:32 [Preview] No. 372 del
>>370
This. Why drop the /b/ info but omit other legitimately higher traffic (read: more important) boards? Jim's "loyal dogs"? That's putting far far too much importance on them. More than even Jim puts into them.


Defender 04/10/2017 (Mon) 03:20:32 [Preview] No. 373 del
>>371
>before the exploits were patched
THE EXPLOITS WERE NOT PATCHED YOU GULLIBLE MORON
READ THE THREAD


Defender 04/10/2017 (Mon) 03:37:40 [Preview] No. 374 del
>>371
>before the exploits were patched and the code was changed.

Even if he did, I can say with confidence that anything Ron 'patches' will be like covering a mortal wound with a low quality bandaid. I'm not even slightly worried.


Defender 04/10/2017 (Mon) 04:04:26 [Preview] No. 375 del
(252.42 KB 371x371 1483889196706.gif)
>>352
10/10
The best OC I've seen in a while.


Defender 04/10/2017 (Mon) 04:05:37 [Preview] No. 376 del
>>349
>posts 3d little girls


Defender 04/10/2017 (Mon) 04:11:30 [Preview] No. 377 del
>>352
Kek, saved. Good shit.


Defender 04/10/2017 (Mon) 04:25:50 [Preview] No. 378 del
(2.85 MB 1280x720 JimWatkins.webm)


Defender 04/10/2017 (Mon) 07:40:40 [Preview] No. 379 del
>>349
Oh for fuck sake LEAST DUMP THE IPS OF 8/pol/ MODS AND BO


Defender 04/10/2017 (Mon) 07:59:18 [Preview] No. 380 del
>>379

Post some screenshots of how /pol/ wants to castrate and kill pedos, maybe that will motivate him.


Defender 04/10/2017 (Mon) 09:34:34 [Preview] No. 381 del
>>349
What the hell? Why are you refusing to release all of the information? Can you give us a good reason?
Why did you release the /b/ info yet refuse to release /pol/ info?


Defender 04/10/2017 (Mon) 10:55:55 [Preview] No. 382 del
>>381

Why do you even want pol IPs, kike


Defender 04/10/2017 (Mon) 11:24:20 [Preview] No. 383 del
>>382
Why do you make 8/pol/ shitty, imkikefy?


Defender 04/10/2017 (Mon) 14:00:35 [Preview] No. 385 del
(1.71 MB 1700x2200 WE ARE ANONYWUSS.png)


Defender 04/10/2017 (Mon) 20:40:01 [Preview] No. 387 del
>>382
Because the mods are the biggest problem on the board. It's clear you're just bluffing anyway, if you had the information you would've posted it already.


Defender 04/11/2017 (Tue) 02:53:45 [Preview] No. 388 del
I ask for the last time, WHY DO YOU REFUSE TO RELEASE THE INFORMATION?


Defender 04/11/2017 (Tue) 03:18:27 [Preview] No. 389 del
>>388
Maybe he doesn't care about /pol/ drama.

If the problem is imkampfy just migrate to /polk/ or meguca and convince others to do the same.


Defender 04/11/2017 (Tue) 03:32:15 [Preview] No. 390 del
>>389
There is no reason for him to not drop the pol stuff if he cares about treating users better.
There more to /pol/ problems then just simple drama.
Also, i ain't migrating to a different board if its still on 8chan. Fuck that site.


Defender 04/11/2017 (Tue) 08:07:23 [Preview] No. 392 del
>>389
I mean what the fuck even happened on /b/ of all the goddamned boards that warrants such rage? Not being allowed the old pedo threads anymore? That was site-wide though, not limited to /b/. Maybe I missed something, but I only went there when I was really, really fucking board. Do any oldfags even consider themselves /b/tards anymore? I'm sorry but I just don't understand why anyone would have so much emotional investment in the random board, which is meaningless by design. /pol/ has some sort of intention to be relevant to the real world at least (whether or not they end up doing so in practice). If someone had this much of an issue with the one of the main boards, I would expect them to keep stirring up shit with every bit of ammo against the entire site in possession.


Defender 04/11/2017 (Tue) 08:10:16 [Preview] No. 393 del
>>392
>board
Yes, I fucked the board to cure my boredom.


Defender 04/11/2017 (Tue) 10:02:06 [Preview] No. 394 del
>>389
>>391
This is to get revenge on the guys who fucked with 8/pol/ and who are shills, this isn't about going to a new /pol/ board.
Again, why would you refuse to leak the /pol/ info?
You're purposely hiding something from us.


Defender 04/11/2017 (Tue) 12:44:17 [Preview] No. 395 del
>>389
>just migrate to //polk/

Yeah, that place looks totally legit /sarcasm.

>>392
>he goddamned boards that warrants such rage? Not being allowed the old pedo threads anymore? That was site-wide though, not limited to /b/. Maybe I missed something, but I only went there when I was really, really fucking board. Do any oldfags even consider themselves /b/tards anymore? I'm sorry but I just don't understand why anyone would have so much emotional investment in the random board, which is meaningless by design.

As far as 4chan goes, all newfags start out on /b/. It's practically where all the Redditfags get entry to imageboard culture because of the (((news))) and 'alternative media'.

It happened there and it happened to 8chan when the news portrayed them as a dark cyber club of criminals and pedos so all the edgy kids went there. The only difference is Gamergate brought over all the Redditfags before that even happened.


Defender 04/11/2017 (Tue) 18:11:51 [Preview] No. 396 del
>>392
>Not being allowed the old pedo threads anymore? That was site-wide though, not limited to /b/.
No other boards had their moderation policies changed as drastically as /b/ to try pushing the pedos to masterchan.

Since the first exodus in the end of 2014 until Jim/Ron took over in 2016, Hotwheels and the other /b/ owners didn't have any problem with having pedo threads on /b/.

It was after dysnomia became the BO and was instructed by Jim to push the pedos away that people started seeing things like the "300-year ban with reason: Pedo" that you see in >>205

All the other boards that used to have pedo threads or the /b/ alternatives that were created to allow the same kind of threads there had been allowed for years were nuked by Jim himself, not by their board owners.


Defender 04/12/2017 (Wed) 07:52:45 [Preview] No. 397 del
So does anyone know HOW 8chan was hacked? I can't find anything about it.


Defender 04/12/2017 (Wed) 11:48:23 [Preview] No. 398 del
>>397
bug in a proprietary extension of infinity got exploited


Defender 04/12/2017 (Wed) 16:04:42 [Preview] No. 399 del
>>398
Any more details other then a bug being exploited?


Defender 04/12/2017 (Wed) 16:21:37 [Preview] No. 400 del
>>397

I realize this doesn't answer the technical question you are asking. There is some valuable insight to be gained by taking a step back from code and looking at the bigger historical picture.

a) Hotwheels noticed The Infinity Blob(TM) was (and still is) a creeping horror of falling apart and a disaster in waiting.
b) Tweaking The Infinity Blob(TM) with band-aids would only buy 8chan some time. A near endless nightmarish overhaul of deep refactoring was needed.
c) Hotwheels pushed for a complete replacement.
d) Josh was hired to build a better system.
e) Infinity Next was an immediate disaster.
f) Hotwheels canvased the community for an answer to this dilemma.
g!) The community answered: "Fix The Infinity Blob(TM) and carry on!"
h!) Hotwheels (To be played by Verne Troyer, just you wait and see!) stabilized the site, called it a fix, packed up his shit, and wheeled off into a Philippinian Sea sunset. Fade to black. Roll credits.

Hotwheels is not a project manager, nor an application designer. Hotwheels is a maintenance programmer. To his credit, he understands this. With a broad panoramic vision he foresaw what was coming, though he could not foretell the specific particulars.

At this point people usually start taking Josh's name in vain for later developments, or crowing about the current administrations' counter productive style, or laying out slices of cheese pizza conspiracy, or bandy about hacking ethics and manifestos, or geeking out in code. I read these subsequent discussions as a listing of peripheral consequences, not causes.

The real problem as I see it is shared between "g" and "h" above. These are the causes, and where the blame (equally) lies.


Defender 04/12/2017 (Wed) 16:59:02 [Preview] No. 401 del
>>400
>valuable insight!
Except thats not what was asked.

How was 8chan hacked?

Your copypasta isn't even correct. Hotwheels was the one who didn't care about Infinity Next and didn't check up on Josh which resulted in the mess we had with Infinity Next and it took 8chan becoming unusable and nearly dead for Hotwheels to stop pissing in bottles and to find and fix the bug that was slowing 8chan down to the point of barely functioning.

I swear i've seen that copypasta of yours elsewhere.


Defender 04/12/2017 (Wed) 18:05:49 [Preview] No. 402 del
>>401
>Hotwheels was the one who didn't care about Infinity Next and didn't check up on Josh which resulted in the mess we had with Infinity Next

By temperament and experience Hotwheels was not and is not a project manager. Agreed. The end result was a circular detour leading 8chan back to the same spot at the start, with the same stability problems, and the same looming storm clouds on the horizon. In public and in private some pointed out potential security issues to Hotwheels, along with other bugs. The Hacker wasn't even the first to break into 8chan and ... have a look around. He or she was the most prolific and spectacular. In doing so the regular users of 8chan owe the Hacker a "thank you."


Defender 04/12/2017 (Wed) 23:22:10 [Preview] No. 404 del
>>401
>>402
i'm not an ebin leethaxr and even i could've shelled 8chan's servers, the code is that bad.


Defender 04/12/2017 (Wed) 23:34:37 [Preview] No. 405 del
>>398
I heard it's a bug that dates back to Tinyboard.


Defender 04/12/2017 (Wed) 23:46:19 [Preview] No. 406 del
>>404
>even i could've shelled 8chan's servers
Saying that is easy.

Actually doing it is the hard part.


Defender 04/12/2017 (Wed) 23:53:00 [Preview] No. 407 del
(51.78 KB 187x252 1490596299160.png)
>>404
>404

Fucks not found. If you can do it then do it. If it was so easy for the hacker to do this then why are you asking them to obtain these easy to access logs?


Defender 04/12/2017 (Wed) 23:59:15 [Preview] No. 408 del
>>406
i'm not going to shell 8chan that's illegal and ima good boy that didndu nuttin fam


##2itToi 04/13/2017 (Thu) 03:46:36 [Preview] No. 409 del
>>401
>How was 8chan hacked?
Read the notes in the archive. The file is password protected.
If you're really interested, I'm sure you will find a way of opening it.

The password was inspired by the great design of Stephen Lynx's "generate tripcode" algorithms


Defender 04/13/2017 (Thu) 06:52:02 [Preview] No. 410 del
https://archive.is/https://8ch.net/sudo/res/34073.html
>C!Odemonkey. 04/10/17 (Mon) 07:23:50 No.34534
>8chan was using SQL queries without preparing them first, and this is probably what the hacker is referencing by saying 8chan is still vulnerable.
>The patch I put on the Infinity github removes a debug mode that the attacker got access to and should help prevent such attacks from happening again.
>Currently I am auditing the code from top to bottom and looking for all unprepared SQL queries. I have already patched approximately a dozen such queries, and there are probably a lot more that I have not found yet. You will be able to find these patches on the OpenIB github page as I finish auditing and finding all the unprepared statements.
>8chan is getting more and more secure as I audit the code and fix problems.
>I have also added new server-side policies that make it a lot harder to hack us. These policies are helping a lot while I finish the source code audit.
https://archive.is/https://8ch.net/sudo/res/33736.html
>C!Odemonkey. 04/09/17 (Sun) 05:01:25 No.34173
>New fork here:
>https://github.com/OpenIB/OpenIB
>I liked the OpenIB name.
>C!Odemonkey. 04/10/17 (Mon) 14:07:29 No.34577
>bunker online here:
>http://dont.datamine.me/
>Its not completely setup yet though
>C!Odemonkey. 04/10/17 (Mon) 14:21:28 No.34581
>>34578
>h.8ch.net links there too
>C!Odemonkey. 04/11/17 (Tue) 01:08:09 No.34683
>>34617
>Opened an issue for this.
>https://github.com/OpenIB/OpenIB/issues/19
>>34629
>I have nothing against lynxchan. It has lots of cool features. We are using infinity now, did you guys already forget how the last attempted migration went?
>C!Odemonkey. 04/11/17 (Tue) 07:28:34 No.34716
>First step towards hashing all IP on the database is done:
>https://github.com/OpenIB/OpenIB/pull/20
>Any recommendations for a hash algorithm?
>C!Odemonkey. 04/12/17 (Wed) 04:32:17 No.34864
>>34858
>Talked with Ring-san a bit about IP hashes. We should also store the hashed /16 of each IP so that /16 bans are still possible. This will limit future range bans to the /16 range.
>Whether we add more/different ranges is still up for debate. Anybody want to try and argue why we should include /8 range banning?
>/bin/sh 04/12/17 (Wed) 06:12:25 No.34876
>>34875
>The option to turn off Tor is good enough.
>C!Odemonkey. 04/12/17 (Wed) 06:21:21 No.34877
>>34876
>Ok, will consider it.


Defender 04/13/2017 (Thu) 06:59:28 [Preview] No. 411 del
>>409 No checksum here....
I'm sorry, why would I trust a 1002B 7zip exploit? Unless you are saying you really broke through vichan/Tinyboard by upload.


Jim Watkins 04/13/2017 (Thu) 07:36:23 [Preview] No. 412 del
>>397
The open-source part of the software got hacked. The code should have been fully closed source.
The hack was useless anyway. All it did was lose sleep for the site administration. Sunshine doesn't mean anything, site owners already said that you are NOT being datamined.


Defender 04/13/2017 (Thu) 13:46:06 [Preview] No. 413 del
>>411
>why would I trust a 1002B 7zip
You don't need to trust an archive to extract its contents.


Defender 04/13/2017 (Thu) 14:48:58 [Preview] No. 414 del
>>409
I thought I had it, but it turns out "aaaakv" is not the real password but extracts a file anyway. 7z is wonderful software.


Defender 04/13/2017 (Thu) 15:39:42 [Preview] No. 415 del
(421.81 KB 789x720 1483889196786.png)
>>414
So you're checking if it worked or not by checking if the file was created?


Defender 04/13/2017 (Thu) 16:09:02 [Preview] No. 416 del
>>415
I was using "if 7z x -p$pass 8chan_notes.7z > /dev/null; [...]" in a loop. I think it actually asked me whether I wanted to replace the file, but had the question redirected to /dev/null, and I thought it was finished, so it's my fault after all. Still weird that it manages to extract files with certain incorrect passwords, though.


Defender 04/13/2017 (Thu) 21:16:45 [Preview] No. 417 del
>>413
>you don't need to trust malware to run it.
>>414 >>416
While collisions for AES-256 are possible, esp. if binary blocks are inserted. I just tested "aaaakv" and that fails. Are we sure we have the same file?
---------------------------
Checksum information
---------------------------
Name: 8chan_notes.7z
Size: 1002 bytes (0 MB)

SHA256: 31F5B3A62DCE77F2D120FD536312155642D46B432F5D3002BD018C0E1819B0EB

---------------------------
OK
---------------------------


Defender 04/13/2017 (Thu) 22:25:42 [Preview] No. 418 del
(101.67 KB 907x435 Screenshot.png)
>>417
It fails but, for some reason, 7z still outputs a "8chan_notes.txt" file with random garbage.
I think that's what he means.


Defender 04/13/2017 (Thu) 23:03:02 [Preview] No. 419 del
>>417
>>you don't need to trust malware to run it.
You're not running the archive. You're running whatever archive manager you're using.


Defender 04/14/2017 (Fri) 09:19:26 [Preview] No. 420 del
>>348
AND WHERE THE FUCK IS SOMA'S IP?
Are you protecting your pedo buddy's identity? This alone is a suspicious detail.


Defender 04/14/2017 (Fri) 12:25:55 [Preview] No. 421 del
>>348
Why have the global accounts botmod, claims and Somanyanons3 been removed?


Defender 04/14/2017 (Fri) 16:51:48 [Preview] No. 422 del
>>420
Did you miss the whole part about him completely refusing to release /pol/ info?
The hacker is trying to play us, there is a reason he wants to release only specific parts of the "leak"


Defender 04/14/2017 (Fri) 18:36:42 [Preview] No. 423 del
>>421
Bot/inactive accounts.


Defender 04/14/2017 (Fri) 21:05:31 [Preview] No. 424 del
>>17
>threatening post made on 1st October
>FBI letter recieved on 8th October
>hurrdurr FBI so stupid
>got letter one week too late, thread already deleted

That doesn't make sense, by his words the thread was deleted on the same day it was posted.


Defender 04/14/2017 (Fri) 23:26:31 [Preview] No. 425 del
>>1
Would it be possible that the IP database is uploaded automatically to CIA/Shareblue in fixed intervals?

Does anyone really believe Hotwheels deleted the key? Do we have ANY indication he didn't give it to (((them))) or "US authorities" just after Sunshine was implemented?


Defender 04/15/2017 (Sat) 00:29:58 [Preview] No. 432 del
>>422
Well there's not even any mention of lowcard existing! I know that he quit but I also heard Jim didn't delete his account.


Defender 04/15/2017 (Sat) 07:43:49 [Preview] No. 435 del
>>425
It's technically not impossible, but it would make the design really really odd.


Defender 04/15/2017 (Sat) 13:49:58 [Preview] No. 436 del
>>435
Just need a script running on the server that uploads the database to wherever and a script on the receiving server that automatically decrypts it. Basic stuff really.


Defender 04/15/2017 (Sat) 17:35:35 [Preview] No. 437 del
>>436
Yes, but if they wanted to do that, why would Sunshine work this way? This is how I'd design a system like that:
- Have a post handler in secrets.php convert post contents + IP addresses to JSON
- Upload the JSON string to the remote server (using TLS)
- Receive the JSON string on the remote server
- Decode the JSON and insert it into your datamining database

This is how your hypothetical system works:
- Have a post handler in secrets.php convert post contents + IP addresses to JSON
- Encrypt the JSON using a public key
- Insert the encrypted data into the database
- Have a separate script read the encrypted data from the database
- Have that script upload the encrypted data to a remote server
- On the remote server decrypt the data using the private key
- Decode the JSON and insert it into your datamining database
It's not that it's impossible or even hard, but it's still harder, more complex, easier to mess up (there's actually a bug in Sunshine that makes it fail to store long posts), harder to come up with, slower and heavier. I can't think of a good reason to do it that way, and I can't even think of a bad reason to do it that way.


Defender 04/15/2017 (Sat) 22:31:27 [Preview] No. 438 del
>>437
Incompetence? Plausible Deniability?


Defender 04/15/2017 (Sat) 22:49:34 [Preview] No. 439 del
(76.93 KB 637x685 1483889196797.jpg)
>>409
HAS ANYONE BEEN ABLE TO OPEN THIS YET?


Defender 04/15/2017 (Sat) 22:50:56 [Preview] No. 440 del
>>388
if you had any working braincells you would have figured out the hacker is a pedo. pedos only bitch about global and /b/ moderation, not /pol/ or /leftypol/


Defender 04/15/2017 (Sat) 22:51:36 [Preview] No. 441 del
>>440
>implying 8chan isn't fullpedochan


Defender 04/15/2017 (Sat) 22:53:16 [Preview] No. 442 del
>>438
>Incompetence?
It's not more obvious or easier than a direct solution, and they aren't quite that incompetent.

>Plausible Deniability?
They would have to anticipate that someone would break into the server and find Sunshine, but not the extra script that sends it to a remote server.

Now that I think of it, an extra script could have done its job without the Sunshine code, because IPs of undeleted posts were stored in the database in plain text. If you have an external script accessing the database anyway it might as well grab them from there.

Sunshine really doesn't make sense for data mining.


Defender 04/15/2017 (Sat) 23:12:32 [Preview] No. 443 del
>>441
>implying you're not completely retarded
pedos have been completely btfo on 8chan, now even posting real life kids or asking for it is grounds for deletion and bans on /b/ because posting any kid pics entices real pedos to post their shit and its happened enough times that there's no tolerance. Pedos often go cry about free speech on /b/ or /sudo/ threads saying they are needed as a force to drive out normies, but everyone continues to tell them to fuck off.
The hacker is clearly one of them, because no one else gives a shit about pedos except more pedos.


Defender 04/16/2017 (Sun) 00:06:28 [Preview] No. 444 del
>>443
>no one else gives a shit about pedos except more pedos
Stop projecting.

I know it's a difficult concept to grasp for people like you but there are people who believe free speech is not limited only to the things that you agree with.

If it's legal it should be a fair game.

Hotwheels founded 8chan with this philosophy in mind and it's the main reason he allowed the pedo boards to exist there while he was in charge.


Defender 04/16/2017 (Sun) 01:19:44 [Preview] No. 445 del
>>444
t. pedo


Defender 04/16/2017 (Sun) 23:48:46 [Preview] No. 446 del
>>412
I know that this post is probably ironic shitposting, but closed source software didn't stop Jim Watkin's shitty credit card "processing" server (in reality, it was a credit card number storage server, unencrypted, storing credit card numbers forever) from getting facefucked :^)

Jim and his shitty outsourcing firm will never live that down.


Defender 04/17/2017 (Mon) 14:34:21 [Preview] No. 447 del
>>440
So? Does him being a pedo fuck excuse him from not releasing info on rulefags-in-charge on /pol/ or any globals that happen to be pedos like him?
It does explain why he didn't do it, but that doesn't mean we can't hate the fucker for not telling us what we want to know.


Defender 04/17/2017 (Mon) 21:11:12 [Preview] No. 448 del
>>447
You know infinity is vulnerable and the vulnerabilities it has.
Yet you choose to stay here and complain instead getting the information you want.
You have no one to blame but yourself.


Defender 04/17/2017 (Mon) 21:35:51 [Preview] No. 449 del
>>448
Ah, but there are 2 problems with your logic:
1. What if i am not /tech/ literate enough to actually get the info?
2. The problem here isn't just that we aren't getting the info, its that the hacker is clearly protecting the /pol/ mods for suspicious reasons.


Defender 04/17/2017 (Mon) 22:01:28 [Preview] No. 450 del
>>449
>What if i am not /tech/ literate enough
Then stop being /tech/ illiterate.

>the hacker is clearly protecting the /pol/ mods for suspicious reasons
Probably for the same "suspicious" reasons he didn't release the info from any other 17k+ vols.


Defender 04/17/2017 (Mon) 23:36:01 [Preview] No. 451 del
>>450
Why should i care about some vols of some small boards? /pol/ vols are the only ones we are asking for and there is a good reason we are asking.


Defender 04/18/2017 (Tue) 01:04:41 [Preview] No. 452 del
>>409
But cracking 7z is slow, really slow.


Defender 04/18/2017 (Tue) 02:00:53 [Preview] No. 453 del
In regards to sunshine:>If encryption failed, the event handler exits without writing anything into the database.Does that mean for posts over the character limit that botched the encryption, literally nothing about the post was saved in a database? I'm tech illiterate as it is but this sunshine stuff is really out there to me.


Defender 04/18/2017 (Tue) 02:11:19 [Preview] No. 454 del
>>453
>Does that mean for posts over the character limit that botched the encryption, literally nothing about the post was saved in a database?
Exactly.


##2itToi 04/18/2017 (Tue) 04:58:27 [Preview] No. 455 del
>>452

$ echo $salt
2itToi
$ echo "$salt$pass" | sha512sum
bf906f0668f549d03ef8c1db6a3f3da83b24005dac1e0be8e0a9195d3dfdb46a7bf4108117614573cb806a2eaabaabdc9aefc1873fb354c5cbe8a309b5235486 -

It should be simple enough now.


Defender 04/19/2017 (Wed) 00:47:01 [Preview] No. 456 del
>>454
So posts and their associated data over the character limit weren't saved at all, in sunshine or anywhere? Wouldn't that mean that most posts and their IPs are missing from the database? That's a special kind of botch. Makes me dubious of the whole "we did it for law enforcement" thing. You'd triple check that something important like that would work.


Defender 04/19/2017 (Wed) 00:56:56 [Preview] No. 457 del
>>456
Posts over the character limit weren't stored in the Sunshine table, because the PHP function for public key OpenSSL encryption is extremely dumb. The posts were stored everywhere else.

What other purpose could it have where that kind of bug wouldn't be solved? I'd say you would be less likely to find it the less often you try to use the system, which matches the law enforcement story well.


Defender 04/19/2017 (Wed) 01:43:49 [Preview] No. 458 del
>>457
So it sounds like posts were saved everywhere else regardless of sunshine. Then why implement the system? It just sounds redundant without serving any unique purpose the more it's explained to me.


Defender 04/19/2017 (Wed) 02:01:41 [Preview] No. 459 del
>>458
Sunshine saves IP addresses even after the posts are deleted.

In the case that led to its creation they received a request for a post's IP address a week after the post had been deleted, and as soon as a post is deleted (whether by the user who made it, by a mod, because it falls off the board, because it falls off a cyclical or whatever) it's removed from the database.


Defender 04/19/2017 (Wed) 11:16:15 [Preview] No. 460 del
So posts that were still live weren't encrypted. Figures.
How can I open the 7z-compressed.undefined files?


Defender 04/19/2017 (Wed) 13:01:20 [Preview] No. 461 del
>>460
Rename them so the extension is .7z, like it should be, then use 7zip.


Defender 04/19/2017 (Wed) 15:19:31 [Preview] No. 462 del
>>461
The extension is changed to .undefined because of some configuration problem with Endchan/Lynxhan.
You can download with the original filename and extension by left-clicking the link above the file.


Defender 04/19/2017 (Wed) 15:25:49 [Preview] No. 463 del
>>462
>configuration problem
No, just Lynx being brain damaged and producing dogshit as usual.


Defender 04/19/2017 (Wed) 15:40:19 [Preview] No. 464 del
>>462
>>463
Vanilla Lynxchan is highly advanced compared to vichan/Infinity. Long before people started complaining on /sudo/ about filenames no longer being unix timestamps Lynxchan had not only been scrambling them, but even stripping their extensions, into names like "285b3316268559a9e23d423ae2714c19-imagejpeg". 8chan has some catching up to do.


Defender 04/19/2017 (Wed) 15:47:58 [Preview] No. 465 del
>>463
I see. The ".undefined" led me to believe that there is map from mimetype to extension that would definable somewhere but I guess that's not the case then.


Defender 04/20/2017 (Thu) 01:53:45 [Preview] No. 466 del
>>352
At the end of the video, when they're theorizing about the hacker, what video is that from? I want to hear the rest of it.


Defender 04/20/2017 (Thu) 04:40:28 [Preview] No. 467 del
>>466
I don't know the time but it's from the Goldwater stream.

https://youtube.com/watch?v=qfFn7PA3tbw [Embed]


Defender 04/20/2017 (Thu) 11:18:35 [Preview] No. 468 del
Oh my god Jim is insufferable.


Defender 04/20/2017 (Thu) 12:40:46 [Preview] No. 469 del
>>468
all of 8chan is unsufferable


Defender 04/22/2017 (Sat) 12:51:08 [Preview] No. 470 del
>>409
>>439
it's not very interesting, typical web/php incompetence

$ echo "anon_$pass" | sha512sum

5eb3f474bc9c573cda34c1eedd0059fcf5de5be9b0af6f5499f7d44a53867e6fd47f09e3e7283a794449be97689aae49ed0e6cf36ec52caf6f25ceea6d4ddd04 -


Defender 04/22/2017 (Sat) 21:59:13 [Preview] No. 471 del
>>470
I thought it had something to do with the captcha? Can you explain?


Defender 04/22/2017 (Sat) 23:18:23 [Preview] No. 472 del
>>470
The interesting part is bypassing the caveats related to length restrictions, user permissions and CSP to get a working exploit from those.


Defender 04/26/2017 (Wed) 23:27:57 [Preview] No. 473 del
>>455
>>It should be simple enough now.
Can anyone who has opened the file post it for the rest of us who aren't tech people?


Defender 04/27/2017 (Thu) 12:43:51 [Preview] No. 475 del
(216.83 KB 600x600 1483889196894.png)
>>473
The bugs described there still haven't been patched.
Posting the plaintext would spoil the fun for everyone.


Defender 04/28/2017 (Fri) 21:25:46 [Preview] No. 476 del
>>475
Then what file is it in in the .zip?
I just want to know if it had something to do with the captcha.


Defender 04/29/2017 (Sat) 15:32:54 [Preview] No. 477 del
I still don't understand Sunshine's functionality.
So Sunshine was supposed to encrypt and store deleted posts.
According to the FAQ, the site would store your data while the post was still on the board or in its catalog. Once it fell off the site the information was gone.
So did Sunshine store the info for posts that fell off the boards/catalogs, or only those that were explicitly deleted by mod/user action? What forced a post into Sunshine in the first place?


Defender 04/29/2017 (Sat) 19:24:38 [Preview] No. 478 del
>>477
It grabbed posts as soon as they were made.


Defender 04/29/2017 (Sat) 20:37:25 [Preview] No. 479 del
>>478
Thanks for answering. But earlier in thread someone mentioned that Sunshine likely couldn't grab posts that were over a character limit. What happened to that info when it fell off a board or was deleted?
And does anyone really believe it was disabled? I noticed codemonkey used that language instead of saying deleted.


Defender 04/30/2017 (Sun) 00:44:56 [Preview] No. 480 del
Hello


Defender 04/30/2017 (Sun) 08:53:39 [Preview] No. 481 del
>>477
>>479

event_handler('post-after', function($post) {
global $board;
$post['ip'] = $_SERVER['REMOTE_ADDR'];

$data = json_encode(array('ip' => $post['ip'], 'body' => $post['body_nomarkup']));
for ($i = 0; $i <= 10; $i++) { $data .= chr(mt_rand(0,255)); }
$key = @file_get_contents('/srv/sunshine.pem');
if (!$key) return;
openssl_public_encrypt($data, $crypted, $key);
if (!$crypted) return;

$query = prepare('INSERT INTO ``sunshine`` VALUES (:board, :id, :data)');
$query->bindValue(':board', $board['uri']);
$query->bindValue(':id', $post['id']);
$query->bindValue(':data', $crypted);
$query->execute()or error(db_error($query)); // Failure is never an option, except when it is.
});

This is the Sunshine code.
It creates a callback to the anonymous function that will include the encrypted values in the database.
If you look at post.php you will see that one of the last things it does for a new post is to trigger a "post-after" event, which will result in a call to the function above.

So basically, if there were no errors while processing a post it would've been included in the sunshine table.

Because copypaste used the "openssl_public_encrypt" function incorrectly, if the post is too long PHP will throw an error in the line "openssl_public_encrypt($data, $crypted, $key);" and the execution of the anonymous function will halt. Hence, the INSERT query will not be executed.


Defender 05/02/2017 (Tue) 03:45:42 [Preview] No. 483 del
Stephen Lynx is such a retard:
https://gitgud.io/LynxChan/LynxChan/commit/9f698d23654cbc34c65ac435477d183793322c36
>authored 4 months ago

OdiliTime, Balrog, are you aware of this?


Defender 05/02/2017 (Tue) 21:54:04 [Preview] No. 485 del
>>483
I don't get it. What's the big deal?


Defender 05/04/2017 (Thu) 14:30:38 [Preview] No. 486 del
Apparently codemonkey deleted all the IP addresses from the database. Also all IP addresses are apparently hashed now.


Defender 05/05/2017 (Fri) 02:09:37 [Preview] No. 488 del
>>486
Sunshine could still be running in the backend but I guess that's better than nothing.


Anonymous 05/05/2017 (Fri) 19:47:41 [Preview] No. 489 del
Hello
i come from 8chan
8chan was hacked 1 april
/8leaks/ says "Treat your users better next time"
can you please tell me what the hell is goins on please?
update me


Defender 05/07/2017 (Sun) 18:59:19 [Preview] No. 490 del
>>489
pedo fucks hacked 8chan and leaked IPs of globals and /b/mods that are against their shit


Defender 05/08/2017 (Mon) 02:40:15 [Preview] No. 492 del
>>491
kek
incompetent


Defender 05/08/2017 (Mon) 06:37:51 [Preview] No. 493 del
>>491 >>492
https://sys.8ch.net/log.php?page=40&board=tech
https://sys.8ch.net/log.php?page=40&board=v
Basically /pol/ owner works for (((special interests)))

The possibility of
>The global accounts botmod, claims and Somanyanons3 have been removed from this file.
being responsible is tangible.


Defender 05/08/2017 (Mon) 12:47:42 [Preview] No. 494 del
>>491
What the fuck?
I thought CM said he had hashed everything.


Defender 05/09/2017 (Tue) 04:07:28 [Preview] No. 495 del
>491
#37483
>am cleaning those IP from the databases now.
>from the databases now
>databases
>OpenIB doesnt save IPs in such a way
>save IPs in such a way
>save IPs


Defender 05/09/2017 (Tue) 15:48:21 [Preview] No. 496 del
So let me see if I understand everything up to this point. Taking Sunshine out of the equation:
-the database saves the IP and info of every post until it falls off the catalog, at which point it is automatically deleted from the database
-BUT, if a post is deleted through mod action, or an ip is banned, the ip information is recorded in a log and remains even after the info would normally be removed from the database.
Does that sound about right or am I totally off base?


Defender 05/09/2017 (Tue) 20:10:41 [Preview] No. 497 del
>>496
That's what they are saying, but his wording specifies there are more than one recording IP database, and assuming correctly, OpenIB isn't the program running it. IoW, there's another Sunshine in place, not called Sunshine.

If I were a betting person, the cache front end is doing the IP address recording, since that's proprietary NTechnologies Inc. software, which they do not have to release.


Defender 05/09/2017 (Tue) 20:54:57 [Preview] No. 498 del
>>497
Could it be possible that the multiple IP recording databases is referring to Sunshine?
I'm mostly interested in what happens to post info/IP addy when it falls off the catalog rather than being deleted by a mod. I can't find it in the site FAQ.


Defender 05/15/2017 (Mon) 22:49:40 [Preview] No. 499 del
>>494
He hashes all new IP addresses, and removed all old IP addresses. Except that he forgot to remove the IP addresses from the board logs.

>>496
That would have been possible, before OpenIB, but I haven't seen anything that indicates they did that. It's not how Sunshine worked.


Defender 07/03/2017 (Mon) 04:05:42 [Preview] No. 512 del
>>124
*points to username* hey look that's me!


What the benis? What the benis? 08/02/2017 (Wed) 07:40:39 [Preview] No. 519 del
What the benis?



Top | Return | Catalog | Post a reply