Difference between revisions of "4chan"

4chan has been hacked. The hack is largely attributed to individuals or a group associated with Soyjak.party, a rival imageboard also known as "The Sharty." The primary motive appears to be related to the restoration of the /qa/ board, which was banned on 4chan about four years ago. The sharty boys allegedly reinstated this board during the attack, demanding a space significant to their community. Additionally, the hack involved leaking moderator and janitor emails, source code, and internal communications, exposing and undermining 4chan’s moderation practices.

the process

Evidently, some sharty boys had access to root on 4chan's servers since 2021 and planned the hack for a few years. The attackers exploited vulnerabilities in 4chan’s outdated infrastructure, specifically an old version of PHP (potentially from 2016) and deprecated MySQL functions in a script called "yotsuba.php." This script, which handles post submissions and moderation, was a key entry point. Some reports suggest the hackers gained shell access to 4chan’s servers, allowing them to leak sensitive data like admin panels, source code, and moderator credentials. There’s also mention of an exploit involving PDF uploads, where a malicious PDF could execute PostScript commands via an outdated Ghostscript version, granting shell access.^[1]

what to do

Commentary and help from our friends in the east:

gallery

Oh well, despite the fact that people are crying about it and saying "this is the end," 4chan will probably be back in a few hours. Reminder: you are here forever.

stuff

• 7zip of the source files
• List of mods and jannies in .txt format.
• Dump of the jannies private IRC channel
• Dump of the entire /j/ board (a board private only to board jannies)
• File tree.
• Autodoxxed jannies/mods/admin in JSON.

further reading

• Soyjack.party website
• Archived thread depicting the damage and joy.

references