/operate/ - Endchan Operations

Let us know what's up

Boards | Catalog | Bottom

Drawing x size canvas

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

PSA: Block bypass has been enabled for some IPs Balrog Board volunteer 05/17/2016 (Tue) 14:23:15 [Preview] No. 4154 [Reply]
I found where that spam full of random garbage is coming from. It doesn't have any discernable pattern so we can't use the autoban addon to remove it, but it's all coming from the same /24 range of IPs in Russia so we can just rangeban it. The problem is that Lynxchan currently only does /16 rangebans, which would result in substantial collateral damage. To counter this I'm enabling the block bypass function.

If you are rangebanned, you can use the block bypass function to solve a CAPTCHA and bypass the rangeban. This requires your browser to store a "bypass" cookie. No CAPTCHA will be required to post if your IP has not been subject to a rangeban. Block bypasses last for 24 hours or 50 posts.

I've already asked StephenLynx about adding a second, smaller rangeban level.
25 posts omitted.

Anonymous 05/02/2017 (Tue) 06:14:38 [Preview] No. 6243 del
>#1 we don't use them
Stop bullshitting me: https://gitgud.io/search?utf8=%E2%9C%93&search=TorIps&group_id=&project_id=660&search_code=true&repository_ref=master
>#2 I don't see any problem
replied to you the exact problem on overchan: tl;dr why record at all?
Read the first thread >>>/8leaks/1

odilitime 05/03/2017 (Wed) 00:35:34 [Preview] No. 6244 del
>Stop bullshitting me
Well, you see that's called the "Master" branch, it contains the latest source code for LynxChan (1.8/1.9?). We don't use vanilla LynxChan, we use InfinityNow which is currently based on 1.7.5. 1.7.5 uses the database to store the list of tor exit nodes, it does not use the "binary TorIP lookup".

>replied to you the exact problem on overchan: tl;dr why record at all?
It's to make sure BOs don't ban tor exit nodes. And again we're not recording, we're download the publicly disclosed database from the tor site to speed the software up and reduce the load on the tor project's website.

Anonymous 05/03/2017 (Wed) 01:44:44 [Preview] No. 6245 del
>Showing 1 - 19 of 19 blobs for "TorIps" in project InfinityNow / LynxChan
>we use InfinityNow which is currently based on 1.7.5. 1.7.5 uses the database to store the list of tor exit nodes, it does not use the "binary TorIP lookup".

>to speed the software up and reduce the load on the tor project's website.
tis fine.

Anonymous 05/05/2017 (Fri) 00:06:05 [Preview] No. 6251 del
since this is about tor I wont make another thread

here's my experience of the endchan.onion links
>wake up monday morning
>go to the endchan.onion links
>1 open in each tab
>make coffee
>make breakfast
>go to work
>come back
>wednesday evening the tabs are fully loaded
>try to post
>takes about 2-3 days for the block bypass to load
>a few weeks later finally the pages loaded and I can post
>refresh the page, go to catalog, go to new threads, block bypass expires

Message too long. Click here to view full text.

odilitime Board volunteer 05/05/2017 (Fri) 22:04:08 [Preview] No. 6253 del
if I know how to make the onion not shit, I would. I'm told restarting it too often isn't good either. There's not much I can do

FILE SUPPORT THREAD odilitime Board owner 01/23/2016 (Sat) 08:43:14 [Preview] No. 1017 [Reply]
What file types do we don't support that you would like us to add?

Making an official thread to keep on top of this better. Most of these are relatively easy to add.

I'm not quite sure why LynxChan has a filter on these. It maybe easy to start a list of what we don't want.


Here's the current list:

Message too long. Click here to view full text.

Edited last time by odilitime on 06/05/2016 (Sun) 10:44:34.
164 posts and 23 images omitted.

Anonymous 04/07/2017 (Fri) 17:25:27 [Preview] No. 6093 del
Are you doing that now, because the captcha is acting weird and stuff is randomly showing 404 for me, then working again a minute later.

Anonymous 04/10/2017 (Mon) 16:34:13 [Preview] No. 6131 del
>odili bans himself for kike shill
What did he mean by this?

odilitime Board owner 04/12/2017 (Wed) 19:48:36 [Preview] No. 6140 del
(10.16 KB 480x360 hqdefault.jpg)
was fixing/testing the ban/unban system. Apparently LynxChan doesn't ever remove ban messages.

pls add djvu files to upload-OK list Anonymous 05/04/2017 (Thu) 11:32:19 [Preview] No. 6249 del
I second the request to add .DjVu files as upload-capable.

Re: attempted tor message with attachment does not get captcha prompt at pdfs Anonymous 05/04/2017 (Thu) 11:36:50 [Preview] No. 6250 del
@Odil could you kindly take a look at user reports of upload problems at
seems standard tor post prompts OK for captcha but attempted tor posting of message with attachment does not correctly or at all get a captcha prompt. tia

odilitime Board owner 09/08/2016 (Thu) 05:12:04 [Preview] No. 4983 [Reply]
I had a development server breached that I had an old development copy of the Endchan database (without media).

All users are advised to change their passwords ASAP.

Development server was breached used an redis/ssh exploit. Redis was installed and usually ran as a user but recently doing some development work, I accidentally started it up as root to look something up and left it running. Redis then can write to your ssh keys and insert unwanted keys and allow root access. All files in /root and /home were removed and a note was left:

>Hi, please view here: http://pastebin.com/raw/vadfLyDS for information on how to obtain your files!

Luckily I have bandwidth logs on that box and I can see there was nothing transferred out of the box. So my guess is they just deleted the files. The nature in which they left the machine leads me to believe this was an automated attack (plenty of other meaningful data directories were left alone).

The copy of Endchan's data is left untouched on this development server. However the dump that was used to transfer the copy was still likely in the /root directory that was deleted. I will get the date of the data copy as soon as I can do some data recovery on that machine, I estimated the copy to be an early 2016 Q2 dump. This server is now offline.

At Endchan, we want to be as transparent as we possibly can and even though we do not believe anything was leaked, we cannot rule out nothing happen with 100%. And even if we could be certain that nothing was at risk, we still want to report anything of this nature to our users.

I fucked up, I'm sorry for any troubles this may and has caused any of you.

Please let us know any questions you may have.
13 posts and 4 images omitted.

odilitime Board owner 11/29/2016 (Tue) 11:16:02 [Preview] No. 5344 del
>Why is/was your development/test server accessible online?
because we needed public testers.

>Could you check the logs if a mod volunteer like >>>/pol/23993 was in the logs of potential account takeovers
Not sure how to figure that out, let me talk with Lynx.

>You do still have a copy of that old DB, right?
No I don't.

Anonymous 11/29/2016 (Tue) 23:46:32 [Preview] No. 5380 del
Then make a mock test site, not a duplicate, yesh.
>No I don't.
This is bad. M8, when you can, study up on Sysadmin. Rule 37 of "After an attack" is to keep an archive of the exploit. You want to retrospect on how malicious attacks are growing, so you proactively scope those vulnerabilities.

odilitime Board owner 12/06/2016 (Tue) 01:38:31 [Preview] No. 5428 del
>make a mock test site
That's what this was. What's the point of the test if you aren't testing real data. Very few have a budget to generate similar but different data.
But you're right in the sense that we did need every users' account on the dev server. That could have and should been cleaned out more.

>keep an archive of the exploit
generally a good rule. I have a large archive of them, however the size of this development server was too large. I did a thorough analysis and deleted it. The vulnerability was easy to figure out and very popular, so there was plenty of documentation on it. In this specific case the storage costs outweighed the value.

Anonymous 12/07/2016 (Wed) 18:30:32 [Preview] No. 5430 del
As long as you archive and properly mock the test server from hither on, you will form a basis to document changes dependent on the master branch. Usually it is cheaper to VPN the server in a locked virtual environment, so you see a full scope of the system. Vulnerabilities are getting scarier and efficient, thanks in part to manufacturers leaving vulnerabilities in the hardware/UEFI/BIOS/firmware. Right now, the biggest threat are GPUs with DMA and their undocumentation: enormous processing power that when clustered, can replicate innumerable vulnerabilities in one machine before the next cycle hits the CPU to address the bus.

Anonymous 04/04/2017 (Tue) 22:02:00 [Preview] No. 6042 del
testing sticky bump

odilitime Board owner 02/16/2017 (Thu) 15:22:54 [Preview] No. 5684 [Reply]
working with a developer from /librejp/, we'll made some minor adjustments on page loading and refresh. We're trying to:
1. Make sure freshly added posts at the bottom of the page have all the same bells as whistles at the posts that were there when the page loaded
2. Cut down on browser stalls when processing large pages

Let me know if you notice anything better or worse.
15 posts and 6 images omitted.

odilitime Board owner 03/29/2017 (Wed) 12:42:18 [Preview] No. 5884 del
thank you so much for the fix. I've put it in place.

to_sha_ki#xs0+7l 05/13/2017 (Sat) 10:33:08 [Preview] No. 6283 del
(111.61 KB 302x270 double_count_down.webm)
thank you for merge.

it's been a while.

・catalog hiding support.( >>5889 )
・the issue on firefox. fix double countdown of catalog update timer.

Anonymous 05/15/2017 (Mon) 21:06:45 [Preview] No. 6292 del
Hi Ron

odilitime 05/23/2017 (Tue) 06:32:06 [Preview] No. 6310 del
Again, thank you so much. You read my horrible code, and write in the same style, I find this a rare but highly valued quality.

I see you used DocumentFragment, was working why? Should we convert more to use that?

Your changes are now in place.

Anonymous 05/26/2017 (Fri) 05:32:46 [Preview] No. 6325 del
(165.36 KB 1280x720 fasffafsfasf.jpg)
>cheap china clap

lol you bought all that fag color monitors you dont need and now have no money left for a proper keyboard with letters.

i suggest you to but buy some stickers from ebay to fix your cheap china keyboard.if you want you can use a marker or chalk to redraw them manually. in case you need advise on how to use chalk: we have guy on our board called schlomoko, he is a professional faggot and specialized on drawing interesting mojis with chalk on the walkway.

(12.51 KB 404x427 image.jpeg)
Concerned Anonymous 05/19/2017 (Fri) 04:14:39 [Preview] No. 6301 [Reply]
Hello site owners,

Why is there a what looks to be straight up cp showing up on the side tab of the main page from some old ass collection of threads from draw with never more than one reply? Is it just me? Should we be worried?

I would post a screenshot, but I do not have a tool on hand capable of blur, and I would rather not risk it.

Thanks for taking time to read this.
9 posts and 4 images omitted.

Anonymous 05/25/2017 (Thu) 19:31:13 [Preview] No. 6320 del
if boards could have their own jannies to manage stuff it would prevent most abuses of a system like that
76chan had like 5 jannies and everyone just benevolently did their duties- it was a last resort tho, and if theres any other way to stop the spam id do that first

Anonymous 05/25/2017 (Thu) 22:59:17 [Preview] No. 6321 del
this could work I think the issue is that it takes a while before someone can delete it so if you could use people that are logged in like board owners to be able to globally delete this then that could help in shrinking the time it is up.

Anonymous 05/25/2017 (Thu) 23:11:12 [Preview] No. 6322 del
abuse of this could result in losing control of their boards to make sure the board owners only use this to delete illegal material that they can see is being spammed on the overboard or at least have the ability to.

perhaps spoil posts that are reported for global rule violations. that seems to be an easy solution to having to see the thumbnails.

Balrog Board owner 05/26/2017 (Fri) 00:48:36 [Preview] No. 6323 del
(44.32 KB 316x436 how to remove CP.PNG)

When cleaning up CP on your board, make sure that "scrub media" is checked in the moderation panel. This removes the image from endchan's deduplication database, which means that an admin doesn't have to manually remove them later. While I'm not 100% on it checking "global" can't hurt either.

Define "weird" because good fucking luck coming up with a regex for that which won't fuck over anons who tried to save money on registration. For the record, we are banning both image hashes and URLs as we see them.

This is an interesting idea, but I'd be worried about it being abused for shilling/shitposting purposes. Still, one more idea for the bucket.

Anonymous 05/26/2017 (Fri) 01:05:39 [Preview] No. 6324 del
(275.44 KB 1000x967 good post fam.jpg)
>For the record, we are banning both image hashes and URLs as we see them.

Thank you so much m8, seriously

Anonymous 05/24/2017 (Wed) 21:26:28 [Preview] No. 6311 [Reply]

1. blacklist ALL .tk links
2. delete those fucking pics

Anonymous 05/24/2017 (Wed) 21:27:55 [Preview] No. 6312 del
They'll probably switch urls thats what these sites do but yeah blacklisting .tk links is a start.

Anonymous 05/02/2017 (Tue) 04:20:23 [Preview] No. 6241 [Reply]
has been hit hard by cp spam bots. I'm not going to go through and global report every post of it but its needing a nuke dropped. Might have hit some of the other low activity boards too, didn't check them all.
1 post omitted.

Anonymous 05/19/2017 (Fri) 04:20:57 [Preview] No. 6302 del
(16.52 KB 309x297 image.jpeg)
It happened again

Anonymous 05/19/2017 (Fri) 05:34:50 [Preview] No. 6305 del

odilitime Board volunteer 05/19/2017 (Fri) 08:10:14 [Preview] No. 6306 del
thank you, saw the message on IRC too. All clean now.

Anonymous 05/21/2017 (Sun) 19:48:29 [Preview] No. 6308 del
Guy posting about his Gondola Animation project on /draw/ here; The faggot's at it again today. Seeing as there's a manual captcha system in place it seems he's shitting on the board manually...

odilitime Board volunteer 05/21/2017 (Sun) 19:57:51 [Preview] No. 6309 del
all cleaned

(14.87 KB 300x300 Untitled-1.jpg)
Copyright Infringement Steven Armstrong 05/16/2017 (Tue) 20:59:44 [Preview] No. 6293 [Reply]
Dear endchan,

I need to report copyright infringement.

Please email me to let me know how to do that.

My contact information:

Steven Armstrong
Rosicrucian Order, AMORC
1342 Naglee Ave
San Jose CA 95191
(408) 947-3600

Thank you!

Anonymous 05/16/2017 (Tue) 21:33:10 [Preview] No. 6294 del
Hello I went and deleted the monographs. You can easily find them on bit-torrent though. That's how I found them.

Anonymous 05/17/2017 (Wed) 03:31:29 [Preview] No. 6297 del
Please for the love of god don't start banning people for this just delete it and explain it if you have to endchan sysops.

Anonymous 05/17/2017 (Wed) 17:36:14 [Preview] No. 6298 del
I saw this from the overboard and realized the monographs in the book thread so I deleted them see >>6294.
Hopefully that resolved the issue I know that the Rosicrucian have a program where you receive a monograph every couple of weeks and its how they make their money so you have to pick your battles and I deleted the monographs.

Anonymous 05/17/2017 (Wed) 17:40:14 [Preview] No. 6299 del
I am not a mod or anything I am the BO of /horror/ and I realized that this is for the monographs so I deleted them.

Anonymous 05/18/2017 (Thu) 23:22:05 [Preview] No. 6300 del
(1.45 MB 800x1200 voided.png)
Greetings Steve!
As a member of the esoteric hierarchy you have to understand that is voided memetically current year to the memetic hierarchy, Therefore you are a clandestine if you are insisting to respect freemasonry. You ought call masonry clandestine. You are clandestine Steve. I admire the guile to insist that you are the continuation of Egyptian magical practice. You certainly are Sir if you shed the masonic parasitical kikery off of you and establish dominance as a valid esoteric precursor to freemasonry, Do not predicate masonic membership (which I hope the AMORC does not) and try to clean out this swamp of dark occultism and fuck the dark new world order.

What is the deal with the Georgia guidstones Steve? Why is it inscribed by a one RC CHRISTIAN? Go on its time we know what that is about because the Georgia Guidstones are a precursor to possible fake news. Think of the possibilities Rosicrucian plan depopulation via Monument that says to keep the population under 500k Steve Armstrong Stonewalls Anonymous Skeptics
If you do not demolish the guide-stones and replace it with a sundial that says to always stay true to your moral compass you are no better than the axe murderer in the black lodge Steve.

Your oaths are voided Steve you are clandestine.Shed masonic affiliation and truly heal the nation from this iniquity masked as secret fraternal nepotism.

Lets go deeper
From the Slcdc Irc log http://endchan.xyz/.media/2d1567057998a5065d5eb28fe3bc3977-textplain
>22:26 < IceDagger> Rosicrucians? What the hell did I miss?
>22:26 < arynx> So the property for both rotary and aberdeen belong to HCC LLC
>22:26 < Dominya> Someone said building was reg'd to Mark A Short
>22:26 < Dominya> which turns up Rosicrucians
>22:26 < arynx> aberdeen location is "Hampton Collision Center" (also HCC abbreviated)
>22:32 < arynx> So HCC LLC is registered at 3754 ARBOR RD SUFFOLK 23435 VA

Message too long. Click here to view full text.

NON-javascript users poll odilitime Board owner 05/16/2016 (Mon) 03:45:09 [Preview] No. 4047 [Reply]
Spent some time looking non-animated thumbnails for GIFs.

I need to know the following
NON-JS users: do you prefer animated GIFs thumbs or static thumbs?

The only way I can make it configureable for NON-JS would to be to require a log in for setting storage and I don't think any one wants to have to log in to get their settings. Also let me know if I'm wrong on that too.
14 posts and 3 images omitted.

odilitime Board owner 05/20/2016 (Fri) 20:57:30 [Preview] No. 4177 del
For some reason, I thought we need JS for cookies to work but we don't. So I'll pursue this direction and unsticky this thread for now.

Anonymous 05/21/2016 (Sat) 10:50:35 [Preview] No. 4187 del
Animations are visual noise and although it's nice I don't need to click on them I really don't need to see them all the time.

In fact I just realized how I can fuck with people in here, flashing Spiderman.

Anonymous 05/10/2017 (Wed) 00:01:10 [Preview] No. 6268 del
bump to save

Anonymous 05/15/2017 (Mon) 21:01:24 [Preview] No. 6291 del
you are doing something really STUUUUUUUUPID!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
If the "GIF" is over 1MB, render to .mp4. All browsers still first frame display of the video before "play". everyone is doing this for beyond blatant reasons like JPEG became the web standard. Webm encoded AC1 is competing for this status, like opus won the audio lossy debate. Javashit will always be javashit. It should have never existed.

Anonymous 05/17/2017 (Wed) 02:10:34 [Preview] No. 6296 del
how about fixing the fucking del button for non-js users

(196.65 KB 928x751 Nigger_spammer_MOD.jpg)
Anonymous 05/13/2017 (Sat) 08:51:14 [Preview] No. 6279 [Reply]
Hi dear site owners,

We have a problem with /pol/. One of our newly appointed mods is apparently the "nigger spammer" who is using Tor to bump old threads. I am suspecting the BO and the mod to be either one and the same person using different VPN mod accounts or BO has hi-jacked the board to crash it by employing his friends or family members.

Right now i was banned for exposing the new mod to be the spammer himself in the board own meta thread. As you may understand /pol/ is a NS board which is targeted by so many groups of people.
While the new mod is creating dozens of "honey pot" threads old popular threads were slid and /pol/ is dying.
The board is dying and I don't know what we suppose to do.
Some posts and threads are deleted, I myself was banned in the meta thread. The mods are creating a chaos and they they use it to ban random people and lock and delete unwanted threads.

The BO himself has developed the tactic to let the mods do the job for him so he keeps his clean image. Once a mod has messed up the board far enough he simply replaces him (likely with the same guy by deleting the old mod account and creating a new one. Ocolette is owning the board for approximately 5 months now and it has become same bs as 8/pol/ were people are getting banned unfairly and for ridiculous reasons.

I have taken screenshots and archived all evidence. I'm ready to upload it if required.
People are now leaving /pol/ in big numbers and I ask you to help to save the board from Ocolette and his moderation.
2 posts and 6 images omitted.

Anonymous 05/13/2017 (Sat) 09:05:30 [Preview] No. 6282 del
(485.81 KB 1423x1313 Liar_Mod.jpg)
(432.97 KB 1082x1734 Mod_expose.jpg)
This is where i exposed them. I was banned for posting this picture in the meta: [Mod_exposed_to_be_nigger_spammer]

Anonymous 05/15/2017 (Mon) 05:04:58 [Preview] No. 6285 del
/pol/ BO here. These are two different vols. ID: eaf is George_Costanza talking about a vol that has since been removed. The vol "unknown" who "poked" the pedo/nigger spammer has been removed.

>While the new mod is creating dozens of "honey pot" threads old popular threads were slid and /pol/ is dying.
Why don't you report some of these instead of just complaining about them? Are you talking about the Trump template threads?

Anonymous 05/15/2017 (Mon) 06:46:06 [Preview] No. 6286 del
Your new Vol here. Not unknown. This is the actual gay nigger spammer who created this post. I'm 90% certain he's also imkikey, I've been comparing file names he uploads for the past few days. Every time they're the same and the same on 8pol. Same formatting too.

OP is a faggot.

Anonymous 05/15/2017 (Mon) 06:54:31 [Preview] No. 6287 del
>Some posts and threads are deleted
False. The 'unknown' mod did this and he's gone.
>While the new mod is creating dozens of "honey pot" threads old popular threads were slid and /pol/ is dying.
Name one? I create 1-2 threads daily all 100% relevant to Politically Incorrect w/ proper formatting and archive links to boot.
>The BO himself has developed the tactic to let the mods do the job for him
BO is active daily in threads and I also conversate on every action I take with him, GC I have yet to speak to, but this is false.
>People are now leaving /pol/ in big numbers
False. PPH has only increased.
>This is where i exposed them. I was banned for posting this picture in the meta:
You were going into multiple old threads and posting this same autistic bullshit completely irrelevant to the threads. On several occasions I told you to contribute to the board, create new threads, and cut the bullshit. Instead you kept derailing totally off topic threads with this bullshit. Finally after about 12 hours of this shit for the entire day I banned you. For ONE DAY. Then you just came back and started posted off topic images claiming it was the BO and he's in Canada etc etc etc and now you're banned again for 3 days. If this were any other image board they'd have gassed your ass permanently the first time and not given you 30 chances to stfu and contribute.
Come back in three days, participate and you'll be fine
Come back and start this sperglord faghotry and you'll be gassed again.
Pretty simple. faggot

Anonymous 05/17/2017 (Wed) 02:04:01 [Preview] No. 6295 del