/b/ - Random

Archived Post



File: 2021-10-03_11:22:05_%.png (2.18 KiB)
Fellas i can't believe fchan is dead
>>
Anonymous 10/03/21(Sun)15:41:52 No. fb-YRS0N2MZ
>>fb-WTCV69VL (OP) we probably just lost like 50% of the user base from Fchan going down
>>
Anonymous 10/03/21(Sun)15:52:49 No. 7TH66JWK >>5RNMM88M
database was compromised had to take it down to find the hole. i hope to have it back up. as ive said in another post it feels weird having fchan down, i dont like it.
>>
Anonymous 10/03/21(Sun)16:01:01 No. 5RNMM88M >>9TFZWEO1
>>7TH66JWK oh huh, thought you were just ditching tbh
>>
Anonymous 10/03/21(Sun)16:16:08 No. 9TFZWEO1 >>IM6AOTWJ >>LXV6TA2C
>>5RNMM88M no. as others noticed the instance list disappeared which was a result of the follow and following tables in the DB being deleted. i could have fixed it to where it was back to 'normal' by just adding the instances back to the database, but that would not have solved why that happened. i dont think there was some portion of the code that just happened to drop the following and follower entires. i think someone was able to my an sql injection somewhere or my servers were compromised. so i took them offline just to contain the mess. ill either move to another server or hopefully find some clues on what happend.
>>
Anonymous 10/03/21(Sun)17:28:50 No. IM6AOTWJ >>4SWQ7MTN
>>9TFZWEO1 ah, could it do with the RCE the chodomites mentioned on github?
>>
Anonymous 10/03/21(Sun)19:22:47 No. 4SWQ7MTN
>>IM6AOTWJ yeah it could have very well been. need to add better checks for file uploads to ensure the file uploaded is the type it is said to be. i suspect it is someone that is close to the project development because if they did have access to the DB they could have done more damage, but they choose the least damaging thing to do. kind of a playful notice that its been compromised.
>>
Anonymous 10/04/21(Mon)13:45:59 No. fb-8YYLP0Y8 >>GIZFSLZF
>>fb-WTCV69VL (OP) So I read through this thread but I'm not 100% sure whats happening. Is devchan done or did a sql injection force them to take down fchan? I saw a new release was merged (v .015 or whatever) but it did not seem /substantial/
>>
Anonymous 10/04/21(Mon)13:59:01 No. GIZFSLZF
>>fb-8YYLP0Y8 from a different thread >if i can find what went wrong i'll have fchan back up, but i can only assume database access was gained. it feels weird having it offline. but it might be good fedi wise in distribution. >i saw a new release was merged that was to fix the instance list i believe? or just to not make it try to ping fchan.xyz
>>
Anonymous 10/04/21(Mon)15:43:17 No. LXV6TA2C >>UK7RAUD2
>>9TFZWEO1 A few days ago I tried passing http://nigger.net to fchan.xyz/addtoindex and it created a blank entry in the list. It's probably not related but I thought I'd report it anyway.
>>
File: 004845899a7a92e93e2f540a2d(...).png (617.75 KiB)
>>LXV6TA2C Okay, I managed to find a way to replicate what happened with fchan, 99% sure that I was responsible for fucking it up. By leaving the id parameter blank (fchan.xyz/addtoindex?id=) it is possible to insert an entry into the followers table which is missing the follower field. When the inactivity check occurs an entry with the instance field missing is created in the inactive table, then when timestamp is older than 48 hours and the inactivity check occurs it wipes out all entries in the following and follower tables.
>>
Anonymous 10/04/21(Mon)18:07:36 No. fb-BTI2N5OC
>>UK7RAUD2 that makes a lot of sense and it sounds like the reason. thank you for breaking and revealing that. ill have a patch within the next 12 hrs.
>>
Anonymous 10/04/21(Mon)20:44:07 No. fb-0DK953T1 >>UIRMNE3K
Well i was impatient for it to happen. Only way to test if the federated principle is valid. It appear it is, since the mirrors works. Next huge step, 4channel.org down.
>>
Anonymous 10/04/21(Mon)23:34:56 No. UIRMNE3K
>>fb-0DK953T1 true, we just need the follower list to keep working when fchan is down, and uhhhh replies are fucking broken for some reason?
>>
Anonymous 10/04/21(Mon)23:59:49 No. fb-Q25VALTX
Indeed replies are broken on my machine as well.
>>
Yeah replies being buggy was the layout system that was in a PR and sat in development for a while, it has some issues that needed to be fixed. It seems to only be an issue when on the thread page but replying on the main board page seems to work. Something just needs to be hooked up from the transition to stylesheets from old inline styles.
>>
Anonymous 10/05/21(Tue)00:34:27 No. fb-40R7UPZO
>>fb-7XWNO01T what is happening is the javascript for the reply box is setting the offset too much from the top. if you reply to the first few posts you can see the reply box, but if you reply to the latest posts it pop ups offscreen.
>>
Anonymous 10/05/21(Tue)01:26:00 No. fb-5E4G7WY1 >>fb-UWXYIAHX
>>fb-7XWNO01T PR dev reporting in name some issues, i'll try and fix them up in the coming days and hopefully the reply box bug tomorrow tbh i was expecting a small oversight like this to show up eventually
>>
Anonymous 10/05/21(Tue)03:19:29 No. fb-MH17Q2YW >>fb-UWEPPM9K
i added the few fixes discussed reply box should be within view, it could be better calculated because you get different results depending on the height of your browser window fixed the empty addtoindex (havent tested, but "should" work) also there was someone (probably same anon that broke current stuff) that was able to spoof posts by just sending an valid activity object so added a check to make sure a post id actually is reachable. still not tested but should work... famous last words. ill bring fchan back up tomorrow when i add all the following and followers back to the database manually.
>>
Anonymous 10/05/21(Tue)03:26:36 No. fb-UWXYIAHX >>fb-UWEPPM9K
>>fb-5E4G7WY1 there was only a couple, basic styling. biggest is that the styles wait until the page fully loads so you see the default theme and then gruvbox shows which can be dissorenting. not sure of what the fix is for now, but if the set theme is able to happen before the page loads that would be best. you can see it on 0xchan if using gruvbox and switch between pages. all the other things is just simple style touch up like the archive title being left justified and the reply box being really small (which was just fixed) but the biggest is the theme waiting to be applied until after the page has loaded.
>>
Anonymous 10/05/21(Tue)10:07:54 No. fb-YP3BPMUI
>>fb-WTCV69VL (OP) But OTOH it's great because it coincided with FB going down but the whole federated imageboards are still up. It's perfect demonstration why this kind of platforms must be part of the future.
>>
Anonymous 10/05/21(Tue)13:28:21 No. fb-678LCC8D
>when you're a shitcoder pushing shitcode to your main branch
>>
Anonymous 10/05/21(Tue)20:11:08 No. fb-UWEPPM9K >>GB77CLTV
>>fb-MH17Q2YW based devchad >>fb-UWXYIAHX i'll fuck with this today, PR in tonight if not tomorrow the stylesheets themselves aren't even 100% complete because of how much style= was used, if i get some time to sit down and work on it a bit, i'll push changes but no promises i'd like to continue working on it, one huge thing i'd like to do is move to fasthttp. i might play with this idea on the weekend and if all goes well i'll draft an experimental PR, but again no promises
>>
File: 1617004320708.jpg (576.66 KiB)
>>fb-WTCV69VL (OP) So this is the federation in action: >Instance list down >Main website linked in most places is down So much for having redundant instances!
>>
Anonymous 10/06/21(Wed)20:33:08 No. fb-J0HEEQWE >>Y07KMLZJ
>>fb-RY16EOG1 But yet here we are
>>
Anonymous 10/07/21(Thu)15:22:46 No. fb-54VCFR59 >>Y07KMLZJ
>>fb-RY16EOG1 >main instance goes down >everyone instantly shitposts on another instance businessasusual.jpeg
>>
Anonymous 10/08/21(Fri)23:44:49 No. Y07KMLZJ >>fb-RTL3WCK0 >>fb-66H0KGHF
>>fb-RY16EOG1 Retard alert >>fb-J0HEEQWE >>fb-54VCFR59 the system works
>>
Anonymous 10/09/21(Sat)04:35:56 No. fb-RTL3WCK0
>>Y07KMLZJ THE SYSTEM JUST WORKS
>>
Anonymous 10/09/21(Sat)06:46:30 No. GB77CLTV >>fb-XCIB8BRG
>>fb-UWEPPM9K With that new PR the theme cookie no longer gets set on chrome because they block sameSite=none for insecure cookies. You have to also include the Secure; attribute.
>>
Anonymous 10/09/21(Sat)06:47:08 No. fb-RZTAO8Q7 >>fb-7ZY4VRB8
How are you losers so incompetent? You talk a big game but you can't even keep a site up. Seems like all you're good for is spamming the word "nigger".
>>
Anonymous 10/09/21(Sat)07:04:41 No. fb-7ZY4VRB8 >>fb-KJ4Q6FO5
>>fb-RZTAO8Q7 >I AM A FAGGOT PLEASE RAPE MY FACE LAWL
>>
File: fate translation.png (672.25 KiB)
>>fb-7ZY4VRB8 Sorry, this post was very mean and frankly it was just uncalled for on my part. Your sexuality is your own choice and nobody should be in any position to judge you for it, and I do not think being raped is funny nor should I wish for anybody to be forced into something so horrible. I have done a huge disservice for the FChannel community, and even though I know I don't deserve it, I hope that one day I can earn your forgiveness. ​ Gomenasorry!
>>
File: todd.jpg (427.76 KiB)
>>Y07KMLZJ It just works!
>>
Anonymous 10/09/21(Sat)20:19:52 No. fb-UZFJLGF8
>>fb-66H0KGHF this asshole is flooding 0xchan and fchan with requets. guess a rate limiter is the next thing to implement. guess its good theyre thinking of fchannel enough to flood it.
>>
File: i don't fuck around.jpg (552.57 KiB)
>>GB77CLTV AAAAAAAAAAAAAA I FUCKING HATE WEBDEV SO FUCKING MUCH christ, i'm getting this fixed up tomorrow and maybe possibly potentially diving head first into the backend for shits and giggles
>>
Miko #True Administrator 10/11/21(Mon)09:39:52 No. fab-poster
>>fb-WTCV69VL (OP) Well, that's what happens with fakers (¬‿¬ )
>>
Anonymous 10/11/21(Mon)16:15:20 No. fb-W8FKRX89
>>fb-OLFGLC73 → >devchan, i don't think commit 1df965e did anything i am thinking this anon is spinning up a fchannel instance that they modify the activitypub objects that get sent out. fchanni.ga is a registered domain and it has an ip address. so my assumption is they are sending the spoof post and then turning off their instance after the post id is verified. could be something else though.
>>
Anonymous 10/13/21(Wed)17:00:18 No. fb-Y9GPJLZA
>>fab-poster what the FUCK

37 / 5

Delete Post: [File Only]
[Home] [Rules] [FAQ]

All trademarks and copyrights on this page are owned by their respective parties.

v0.1.1

Theme: