Post ANgxE856N5mQ7WKisy by cope@eeeeeeeee.eu
(DIR) More posts by cope@eeeeeeeee.eu
(DIR) Post #ANgvrjmlvCM4RZWCvo by josh@poa.st
2022-09-18T14:27:21.742460Z
70 likes, 44 repeats
This statement regards user impact.- Assume your password for the Kiwi Farms has been stolen.- Assume your email has been leaked.- Assume any IP you've used on your Kiwi Farms account in the last month has been leaked.The attacker had access to my admin account, probably through session hijacking (bypassing password and 2fa). He would have been able to access user data, and XenForo provides a way to export user lists with information that is precisely: email, username, last acitivity, register date, user state (banned/unverified), post count, and if they are staff.However,```2a03:e600:100::31 - - [18/Sep/2022:08:16:13 +0000] "GET /admin.php?users/list-export&export=1 HTTP/2.0" 500 0 "https://kiwifarms.st/admin.php?users/list" "Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"```In this access.log entry for the only attempt made to export this information, he tried to export 120k+ users at once. This caused it to crash and respond Error 500. No other attempt was made to export the user list. It's unclear if he obtained any user information.I am still deducing the attack vector. I currently have two theories that I will explain later.
(DIR) Post #ANgvshUlvFbjd7YgCm by fr_brennan@poa.st
2022-09-18T14:27:32.716206Z
4 likes, 0 repeats
@josh Kiwicucks admit it, it's over. The LGBTQ+ community has mogged you forever the site will never recover from this perpetual embarrassment! #phpnoob #ralphwon
(DIR) Post #ANgw5bOju480U4t9s0 by yes@social.handholding.io
2022-09-18T14:29:51.929567Z
3 likes, 0 repeats
totally not the feds tho. just an innocent tor exit ip lmao http://[2a03:e600:100::31]/
(DIR) Post #ANgw9IoWwLpI0NiUMa by StagParty@poa.st
2022-09-18T14:29:26.115744Z
20 likes, 0 repeats
@fr_brennan @josh you're crippled, god has mogged you all your life.
(DIR) Post #ANgwAvyynXCHm2NlAm by Heil_Honkler@poa.st
2022-09-18T14:30:50.144948Z
0 likes, 0 repeats
@josh holy shit
(DIR) Post #ANgwDLxlAtLgvgxu64 by Richard_R_Ape@poa.st
2022-09-18T14:28:46.785522Z
7 likes, 2 repeats
@josh Oh fuck, now my nigger123 password is out in the wild?!
(DIR) Post #ANgwJR37B0dgRTN0Hg by sullybiker@sully.site
2022-09-18T14:32:20Z
1 likes, 0 repeats
@josh You need to get some legal help mate.
(DIR) Post #ANgwK0LlvdMLvTMtiy by Francisco@poa.st
2022-09-18T14:32:28.779624Z
0 likes, 0 repeats
@fr_brennan @josh This is just sad, Fred.
(DIR) Post #ANgwVhGAjQf8C3KA9Q by ThotsAndOpinions@poa.st
2022-09-18T14:34:35.339425Z
6 likes, 0 repeats
@fr_brennan @josh Does this mean that the HIV+ community stands with the Ralphamale?
(DIR) Post #ANgwWOIohTKNghtNk8 by ChristiJunior@detroitriotcity.com
2022-09-18T14:34:42.163130Z
4 likes, 0 repeats
@fr_brennan @josh "perpetual embarrassment"Dude, you're a backstabbing Furfag cripple who sold out to the Feds. It would take Jersh many years to become as big an embarrassment as you are.
(DIR) Post #ANgwZaYbatbaZ0nmqG by dexee@bae.st
2022-09-18T14:32:33.620827Z
1 likes, 0 repeats
@fr_brennan @josh i'm frankly surprised you haven't been tossed in a cell yet, you cuck.
(DIR) Post #ANgwbP55EW8JYArJ0y by Richard_R_Ape@poa.st
2022-09-18T14:30:11.524204Z
9 likes, 0 repeats
@StagParty @fr_brennan @josh Last thread he literally admits he has to wear diapers and tried to use it as an own! Lmao!
(DIR) Post #ANgwdgcH0ZSgVwTIp6 by snotts@poa.st
2022-09-18T14:33:24.337858Z
1 likes, 0 repeats
@fr_brennan @josh c’mon fredrick, using that hashtag negates your entire statement. ralph could ride pantsu into first place at the kentucky derby and he’d still be ralph
(DIR) Post #ANgwgvMyc1el8hrQO0 by gaystoner@poa.st
2022-09-18T14:36:37.309022Z
0 likes, 0 repeats
@josh ok but when do i get to sneedpost again
(DIR) Post #ANgwiWv6UCmLtDaZpA by NEETzsche@iddqd.social
2022-09-18T14:36:50.944273Z
1 likes, 0 repeats
@ChristiJunior @fr_brennan @josh look at the domain name. Enough said.
(DIR) Post #ANgwjQU5toRqDfNnV2 by MidwitNavigator@poa.st
2022-09-18T14:35:53.345117Z
2 likes, 0 repeats
@yes @josh
(DIR) Post #ANgwlC6qJfD2DPLmWu by DocScranton@poa.st
2022-09-18T14:30:30.538918Z
1 likes, 0 repeats
@josh hopefully everybody knew to use a separate email address after the last leak lol
(DIR) Post #ANgwlCmJpSO0I2kuB6 by RhoasJonas@poa.st
2022-09-18T14:32:10.118917Z
1 likes, 1 repeats
@DocScranton @josh Did anyone actually use their real email and not a throwaway protonmail account, irrelavent username and randomised password
(DIR) Post #ANgwqN8ijWRZsBhJWS by ChristiJunior@detroitriotcity.com
2022-09-18T14:38:18.766504Z
2 likes, 0 repeats
@NEETzsche @fr_brennan @josh Damn, the nigger got me.To be fair, I think the actual Hootwheels really is on Fedi.
(DIR) Post #ANgwz2h07lwP40rm0e by matty@nicecrew.digital
2022-09-18T14:39:53.558906Z
3 likes, 0 repeats
Here we go, boys.
(DIR) Post #ANgwzDuARA0bq26wYi by Moist_Clown@poa.st
2022-09-18T14:34:48.160084Z
2 likes, 0 repeats
@josh Things have escalated im now in honking
(DIR) Post #ANgwzhgjhf5gD43dmy by American_Democrat@poa.st
2022-09-18T14:36:40.037657Z
4 likes, 0 repeats
@josh Fuck! Did they get my email? It's matthewprince@cloudflare.com password: niggerniggernigger I'll delete this after you reply.
(DIR) Post #ANgxCaBqtO8ciekl4y by Ace66062@bae.st
2022-09-18T14:42:20.707960Z
0 likes, 0 repeats
@ChristiJunior @fr_brennan @josh (its a parody account, the real fred blocked poast)
(DIR) Post #ANgxE856N5mQ7WKisy by cope@eeeeeeeee.eu
2022-09-18T14:42:37.346194Z
2 likes, 1 repeats
@josh pet theory is you didn't lock down your database properly from lan access, and the pwnd proxy let them have close to free reign because you proxied traffic over a vpn connection
(DIR) Post #ANgxGTHsUz9kT8QTQm by ChristiJunior@detroitriotcity.com
2022-09-18T14:43:01.591009Z
0 likes, 0 repeats
@Ace66062 @fr_brennan @josh See my reply to NEETzsche
(DIR) Post #ANgxHL9wCitHY97tYG by Charlamagne@poa.st
2022-09-18T14:43:11.982006Z
0 likes, 0 repeats
@josh I don’t mind my real IP being leaked but I’m worried for anyone, especially older members who had no clue about opsec(OrsonZedd) potentially being DDoS’d or worse blackmailed over this. The trannies have no morals. They are willing to destroy the lives of registered users who have never even posted on the forum so they can assert dominance.
(DIR) Post #ANgxHwGcErDWdZXFb6 by Procrastinhater@chudbuds.lol
2022-09-18T14:30:05.799090Z
2 likes, 0 repeats
This is why I have single use emails and use VPNs and other shit.
(DIR) Post #ANgxHwfmjHLltdJLpQ by trogdor@rayci.st
2022-09-18T14:34:25.312137Z
2 likes, 1 repeats
TORCHADS ALWAYS WIN
(DIR) Post #ANgxKDW54oMqiMr5mK by Ace66062@bae.st
2022-09-18T14:43:43.498836Z
1 likes, 0 repeats
@ChristiJunior @fr_brennan @josh only just saw it now but yeah he is on fedi
(DIR) Post #ANgxKVzSOKYq0gjo48 by FederalAgent69@poa.st
2022-09-18T14:43:46.550949Z
4 likes, 0 repeats
@josh Really sucks to get doxxed I bet. 🤔
(DIR) Post #ANgxM5yS5dzFtx1O6a by brimshae@poa.st
2022-09-18T14:44:03.718701Z
0 likes, 0 repeats
@fr_brennan It's amazing how fast one-note novelty accounts stop being entertaining.
(DIR) Post #ANgxNSclMY8wRIWlbE by Charlamagne@poa.st
2022-09-18T14:44:18.445484Z
2 likes, 0 repeats
@StagParty @fr_brennan @josh It's an obvious parody account. Brennan's actual account has blocked every instance.
(DIR) Post #ANgxSy6fjtgTWo8y3s by Heil_Honkler@poa.st
2022-09-18T14:45:18.264884Z
1 likes, 0 repeats
@Richard_R_Ape @StagParty @fr_brennan @josh You do realize that's a parody account right?
(DIR) Post #ANgxUCOM72zG7f0AAy by slap@poa.st
2022-09-18T14:45:31.596924Z
0 likes, 0 repeats
@fr_brennan @josh I live my life assuming everything I put online will be in a breach. I don’t care, never worry about it, and you got played by a troon and look foolish
(DIR) Post #ANgxVPBW2CHQ5YZT4i by brimshae@poa.st
2022-09-18T14:45:44.729446Z
0 likes, 0 repeats
@ThotsAndOpinions @josh Bug chasers gotta get their fix somehow.
(DIR) Post #ANgxVptiiT5WwBS8aO by StagParty@poa.st
2022-09-18T14:45:36.633938Z
2 likes, 0 repeats
@Heil_Honkler @Richard_R_Ape @fr_brennan @josh nope, i didn't
(DIR) Post #ANgxYxlbunsADD9Osa by fr_brennan@poa.st
2022-09-18T14:46:23.270898Z
0 likes, 0 repeats
@brimshae I am still having fun uwu
(DIR) Post #ANgxlZhkgnR9LhMMQy by Richard_R_Ape@poa.st
2022-09-18T14:46:53.566441Z
1 likes, 0 repeats
@Heil_Honkler @StagParty @fr_brennan @josh You mean like God's little parody?
(DIR) Post #ANgxmn8yD0lxJpfels by pyrate@nicecrew.digital
2022-09-18T14:44:13.350126Z
1 likes, 0 repeats
> locate attacker> send deathsquad
(DIR) Post #ANgxnmn90G9YW5w6MK by King_Sneed@poa.st
2022-09-18T14:44:59.067494Z
2 likes, 0 repeats
@Richard_R_Ape @StagParty @fr_brennan @josh lol isnt that dude just a parody account?
(DIR) Post #ANgxoBrFo7IMG53Ejg by NEETzsche@iddqd.social
2022-09-18T14:49:03.983697Z
0 likes, 0 repeats
@ChristiJunior @fr_brennan @josh didn't he cuck hard in the end?
(DIR) Post #ANgy72eaFkl9DJ77mi by eTerrorist@poa.st
2022-09-18T14:52:32.803683Z
5 likes, 1 repeats
@josh it's a good thing i don't remember the password or the email i used for this account. checkmate, niggers.
(DIR) Post #ANgyAQM4aWjNai4J5U by Heil_Honkler@poa.st
2022-09-18T14:53:09.451806Z
3 likes, 3 repeats
@Moist_Clown @josh
(DIR) Post #ANgyFacnpgFetGMBai by Sigh@poa.st
2022-09-18T14:54:05.432442Z
3 likes, 0 repeats
@King_Sneed @Richard_R_Ape @StagParty @fr_brennan @josh Kiwiboomers got Jbaited. :ablobhyper:
(DIR) Post #ANgySa1nMZYmntF0oC by Moist_Clown@poa.st
2022-09-18T14:55:51.972451Z
3 likes, 0 repeats
@Heil_Honkler @josh
(DIR) Post #ANgyUklUPjjQgPeOdU by DocScranton@poa.st
2022-09-18T14:36:52.838235Z
2 likes, 0 repeats
@RhoasJonas @josh i mean, database of 120,000 users; there are deffo at least a few retards
(DIR) Post #ANgyXzXxubLPOfrvxg by Keurig@poa.st
2022-09-18T14:57:07.436154Z
1 likes, 0 repeats
@josh If the registration was open I might have to worry about this. As it sits now I'm just a lurker. Stay strong, you're in the right and can justly fight this battle.
(DIR) Post #ANgyZrHJcox2KcyH7A by HiTwo@leafposter.club
2022-09-18T14:57:44.431386Z
2 likes, 1 repeats
I imagine him typing this with his little stumpy arms and yelling it out loud with his goblin's voice and I can't stop laughing. Thanks Hotwheel.
(DIR) Post #ANgydXo9xOhH6W5ixk by brimshae@poa.st
2022-09-18T14:58:25.256854Z
0 likes, 0 repeats
@fr_brennan Well, that makes one person across the fediverse.
(DIR) Post #ANgypDb4vWQBtbXV5c by Sigh@poa.st
2022-09-18T15:00:31.806534Z
1 likes, 0 repeats
@Moist_Clown @Heil_Honkler @josh This song SPANKS. :ablobhyper:
(DIR) Post #ANgz807xEOLbcdsBw8 by Sigh@poa.st
2022-09-18T15:03:55.480032Z
2 likes, 0 repeats
@eTerrorist @josh Astral forgetion. :ablobhyper:
(DIR) Post #ANgzW0FARyGEvugxlY by HOLOCAUST@shitposter.club
2022-09-18T15:08:15.521943Z
1 likes, 0 repeats
@josh I haven't logged into my kiwi farms account in like a month and a half. I assume I'm ok. Please tell me I'm ok
(DIR) Post #ANgzZVmfdkzvcf2Hc8 by fr_brennan@poa.st
2022-09-18T15:08:53.845672Z
0 likes, 0 repeats
@brimshae And yet i have more followers than you... Strange! #ratiod
(DIR) Post #ANgzZb0KEPtJoSSl5k by rlier23@bae.st
2022-09-18T15:08:54.632250Z
1 likes, 0 repeats
@Heil_Honkler @Moist_Clown @josh banger
(DIR) Post #ANgzi3fDYlx911coa0 by Sigh@poa.st
2022-09-18T15:10:26.481914Z
3 likes, 0 repeats
@HOLOCAUST @josh
(DIR) Post #ANgzs9jRqxIMjQQ25I by Soup@chudbuds.lol
2022-09-18T14:35:24.508856Z
0 likes, 0 repeats
No, but Ralph's been trying his best to get them to
(DIR) Post #ANgzsACW6sY0Ba1FOS by MrbrokeDome@chudbuds.lol
2022-09-18T14:36:49.009675Z
1 likes, 0 repeats
he'll whore him self to any group if they give him support
(DIR) Post #ANgztvCGri7IENk5dw by Orca@poa.st
2022-09-18T14:38:15.804914Z
2 likes, 0 repeats
@josh Oh no, now they’ll know what my throwaway email is and what shithole Russian village I live in!
(DIR) Post #ANgzxGvoVsXgVZdsrw by OverstepSmirkCrepe@poa.st
2022-09-18T15:13:11.413242Z
1 likes, 0 repeats
@josh Knew I shouldn't have signed up with my fbi.gov email address.
(DIR) Post #ANh05K4whBLOaOkisi by iancho@chudbuds.lol
2022-09-18T15:14:38.587889Z
1 likes, 0 repeats
>Try's to export user list>site crashesSee the instability was feature not bug!Would be interesting to see of they tried to delete specific thread. Maybe they just hijacked admin's session token when it passed hacked proxy server. If I remember correctly that is what happened last time. Good luck Josh! I know you will figure it out!
(DIR) Post #ANh0FaYMIaluZnPC1g by terffulz@poa.st
2022-09-18T14:46:43.522727Z
2 likes, 0 repeats
@josh Theory 1: It was the tranniesTheory 2: It was the Jews.Correct theory: It was the tranny Jews.
(DIR) Post #ANh0lcGHTyMF8qDnZg by frenschan_dreadnought@poa.st
2022-09-18T14:30:59.426087Z
0 likes, 0 repeats
@josh Josh, how do you know it was a him....this misgendering needs to stop
(DIR) Post #ANh0lcfnx4m4Q0ABMG by PunishedD@poa.st
2022-09-18T15:22:17.245724Z
0 likes, 0 repeats
@frenschan_dreadnought @josh Have you ever talked to women in "software dev"?It was a him.
(DIR) Post #ANh0liqJ0wjtYJ7eYi by bronze@pleroma.kitsunemimi.club
2022-09-18T15:21:36.971917Z
0 likes, 0 repeats
@HOLOCAUST @josh realistically what would they have on you?Did you register an account without a throwaway address? I hope you don't didn't register with an email containing your real username, or god forbid your real name.Did you use a password you use everywhere else? You should've been using something like KeepassXC make and save a random string of shit as your password.Are you worried they have your IP? What could they actually do with your IP? Find out your rough location and then... nothing? They can't get an address from that alone and you can just unplug your router for a night Most of the time people get doxed if they're careless. If you covered your ass you should have nothing to worry about.
(DIR) Post #ANh0mwrgMizxKaLpFw by brimshae@poa.st
2022-09-18T15:22:31.849874Z
0 likes, 0 repeats
@fr_brennan True, but most people don't confuse my account for an authentic one run by an autistic backstabbing crippled faggot, so I don't get followers based on someone else's clout.It *is* pretty funny watching people think you really are him and react as such, though. There is that....
(DIR) Post #ANh0pMZ5mfFtcMo66a by Procrastinhater@chudbuds.lol
2022-09-18T15:19:53.936326Z
0 likes, 0 repeats
And yet you will never be a... whatever the fuck it is you dress up as.
(DIR) Post #ANh0pN0O9B5cz1ZteS by iancho@chudbuds.lol
2022-09-18T15:22:57.826820Z
0 likes, 0 repeats
It's bait mate. It is parody account. Look at profile. Real hotwheels has his own instance, and it blocks all the funposter ones.
(DIR) Post #ANh0sUNRCBCiiOqWsC by Procrastinhater@chudbuds.lol
2022-09-18T15:23:27.531845Z
1 likes, 0 repeats
I know lol, I'm just fucking around.
(DIR) Post #ANh0x1G2t5FxqqY5rc by HOLOCAUST@shitposter.club
2022-09-18T15:24:21.023439Z
1 likes, 0 repeats
@bronze @josh I know. I took all the precautions kiwi farms tells you take when you make an account. im good
(DIR) Post #ANh16bZ3GnP73o0exM by fr_brennan@poa.st
2022-09-18T15:26:04.968920Z
0 likes, 0 repeats
@Procrastinhater @brimshae
(DIR) Post #ANh1HRFRxv10Fc0UhU by iancho@chudbuds.lol
2022-09-18T15:28:02.533813Z
0 likes, 0 repeats
After last leak in 2019 and all the warnings you get when signing up about reusing accounts? They would be working really hard to be that retarded.
(DIR) Post #ANh1pUENNlTXLajwbg by PunishedD@poa.st
2022-09-18T15:34:11.658160Z
0 likes, 0 repeats
@yes @josh A Windows user with Firefox, the gayest possible combination.
(DIR) Post #ANh24zSnXh1MYbsX0S by iancho@chudbuds.lol
2022-09-18T15:36:59.766556Z
2 likes, 0 repeats
TOR browser is firefox.
(DIR) Post #ANh26ihip9XJ9sgSci by yes@social.handholding.io
2022-09-18T15:37:17.559192Z
0 likes, 0 repeats
the gayest possible combo
(DIR) Post #ANh2A24VGyZC5tv35s by CrushBead@shitposter.club
2022-09-18T15:37:38.880579Z
2 likes, 1 repeats
@ChristiJunior @fr_brennan @josh Stairs
(DIR) Post #ANh2QbgGeA03AQUD2W by brimshae@poa.st
2022-09-18T15:40:49.213778Z
0 likes, 0 repeats
@CrushBead Post macaroons later.
(DIR) Post #ANh2RBLc2Qrtmn6DqK by Procrastinhater@chudbuds.lol
2022-09-18T15:26:54.276092Z
0 likes, 0 repeats
The real question is, if this isn't the real Fred Brennan, who the fuck is the goblin looking cripple in the FurFag costume that keeps sneaking into my kitchen to squeeze out their diaper in my bastard cornflakes?I want answers...
(DIR) Post #ANh2RCEClSXMW6dow4 by Micheal_Westen88@poa.st
2022-09-18T15:31:02.768911Z
0 likes, 0 repeats
@Procrastinhater @iancho @brimshae @fr_brennan Oh that's just been Peetz and Chantal. They've been taking turns while I video tape. You haven't been buying cornflakes - just regular flakes. Chantal puts the corn in them after eating Mexican street food.
(DIR) Post #ANh2RDTU88M0NmnXOK by Snek@poa.st
2022-09-18T15:36:32.716551Z
1 likes, 0 repeats
@Micheal_Westen88 @Procrastinhater @iancho @brimshae @fr_brennan The implication that Chantal would 1. Eat Mexican Street Food (wrong brown men) 2. Not make poopoos in the kitchen with a live audience of VIB 3. Scream "PEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE" while doing so 4. do anything with a box that isn't part of the Mountain shows you do not love her enough and should be ashamed.
(DIR) Post #ANh3NXYTd4uXSOwaCO by PunishedD@poa.st
2022-09-18T15:51:33.104658Z
1 likes, 0 repeats
@yes @iancho @josh I haven't used it since Brave got its Tor integration working.
(DIR) Post #ANh3abSoPNfRLOWUpE by zeezoo@poa.st
2022-09-18T15:51:16.227824Z
0 likes, 0 repeats
@josh whoever did the hack pls dump the logs cause I forgot what was the throwaway e-mail I used for my account lmao
(DIR) Post #ANh46qrOhS6WMWOrB2 by cucumber@poa.st
2022-09-18T15:59:07.922881Z
2 likes, 1 repeats
@MidwitNavigator @yes @josh
(DIR) Post #ANh4JIZhU2ennC3cm0 by iancho@chudbuds.lol
2022-09-18T16:01:59.487783Z
1 likes, 0 repeats
Based Lion
(DIR) Post #ANh4Rr5x1RN5AhDrcm by Lalafell@poa.st
2022-09-18T15:54:50.573832Z
1 likes, 1 repeats
@fr_brennan @josh
(DIR) Post #ANh4oXkf6fMBq75EHY by MidwitNavigator@poa.st
2022-09-18T16:06:40.457485Z
1 likes, 0 repeats
@cucumber @yes @josh They cannot be taught to read and are the most ignorant race I have ever conqured.
(DIR) Post #ANh4un4D4rwT4oCnyq by yes@social.handholding.io
2022-09-18T16:08:45.344661Z
0 likes, 0 repeats
same
(DIR) Post #ANh56B2WHu5Cc0qQMa by PhoBingas@chudbuds.lol
2022-09-18T15:56:38.618752Z
0 likes, 0 repeats
Any ETA on uptime or no?
(DIR) Post #ANh56BXiPv2KAlRKzI by Sigh@poa.st
2022-09-18T16:10:49.399965Z
1 likes, 0 repeats
@PhoBingas @josh
(DIR) Post #ANh5EBPMnl4a4VLfpw by ogre_fucker@poa.st
2022-09-18T16:11:07.953725Z
1 likes, 0 repeats
@josh Typical nigger-tier infosec
(DIR) Post #ANh5GiuJDw6uXw26Ma by CrushBead@shitposter.club
2022-09-18T15:44:19.539822Z
0 likes, 0 repeats
@brimshae Macarons, not macaroons. Completely different thing.
(DIR) Post #ANh5GjGzraG5gIeDj6 by brimshae@poa.st
2022-09-18T16:12:43.081075Z
0 likes, 0 repeats
@CrushBead I just wanted to see macaroons.
(DIR) Post #ANh5yeF1vre0ojfbCy by nobu@nicecrew.digital
2022-09-18T16:20:40.185679Z
1 likes, 0 repeats
Lol, lmao. Owned.
(DIR) Post #ANh76qddpBDHXKehmK by ForTheHoard@poa.st
2022-09-18T16:26:38.153057Z
0 likes, 0 repeats
@Charlamagne @StagParty @fr_brennan @josh Damn I got baited lol
(DIR) Post #ANh7uLzO3H9axVQuG0 by Shinji_Takamiya@poa.st
2022-09-18T16:33:11.316874Z
0 likes, 0 repeats
@fr_brennan @josh there is no such thing as LGBTQ+, there is only LGB and the rest is all Mental Disorder
(DIR) Post #ANh7uMp8wqYPY1eEvg by ColdOnesLite@poa.st
2022-09-18T16:42:17.641863Z
1 likes, 0 repeats
@Shinji_Takamiya @fr_brennan @josh They're all mental illnesses.FAGS BE LIKE AH YES PUTTING MY PENIS IN ANOTHER MAN'S BUTT - THIS IS NORMAL AND NOT A MENTAL DISORDER
(DIR) Post #ANh8C2LFq3rzEi5qVM by _Trollcow_@poa.st
2022-09-18T16:45:29.976636Z
0 likes, 0 repeats
@josh Lol.
(DIR) Post #ANh8opM83OZuFs00GW by mint@ryona.agency
2022-09-18T16:52:29.942152Z
0 likes, 0 repeats
@cope @josh Earlier he mentioned that one of his reverse proxy hosts got compromised; as such, doing MitM on the same server is trivial. This allowed the attacker to steal cookies.
(DIR) Post #ANh8zgmeGWfyr0aBXM by fr_brennan@poa.st
2022-09-18T16:54:28.348162Z
0 likes, 0 repeats
@ColdOnesLite @Shinji_Takamiya @josh based fags
(DIR) Post #ANh9kc9xH8nQ7grNEe by _Trollcow_@poa.st
2022-09-18T17:02:57.145971Z
0 likes, 0 repeats
@GoodPerson @josh Josh is mean to me & deserving of contempt.
(DIR) Post #ANh9wPfnWdcAs8NcrA by AllinOne@poa.st
2022-09-18T17:05:05.120761Z
1 likes, 0 repeats
@josh At the very least he didn't get anything out of the export request it looks like.
(DIR) Post #ANhA0JPsjIfwcqnKe8 by _Trollcow_@poa.st
2022-09-18T17:05:47.361442Z
0 likes, 0 repeats
@GoodPerson @josh Mean and evil things!
(DIR) Post #ANhA4DSOpQTvIjplAW by _Trollcow_@poa.st
2022-09-18T17:06:29.732151Z
0 likes, 0 repeats
@GoodPerson @josh *tips fedora*
(DIR) Post #ANhAHCJiNWqrWuxgtU by _Trollcow_@poa.st
2022-09-18T17:08:50.419922Z
0 likes, 0 repeats
@GoodPerson @josh God fine. Didn’t know this was the USSR.
(DIR) Post #ANhAmXum81zdUWFDuq by genocidersyo@poa.st
2022-09-18T14:46:08.216346Z
0 likes, 0 repeats
@josh I was on when it was actively happening if its any help it seemed that whomever it was was just manually changing peoples avatars based on how vocal they were. Those that kept complaining in general chat had their avatar changed constantly. The avatar changing started at like 1am/2am EST.
(DIR) Post #ANhAmYJadlqIjTr2au by iancho@chudbuds.lol
2022-09-18T17:14:30.326507Z
0 likes, 0 repeats
Yes it also looked like they where trying to change all the ones on the main page forum list to Poast's. Very slowly like they where having to manually do it via an admin account. Another gayop like the MTG thing. There is clearly effort to turn the different user groups against each other. Sadly there is many falling for it. D&C is the oldest trick in the book. I think just putting the site back up in read only mode with logins disabled would be a good thing until exploit is found. That would make them seeth that it's back and at least keep information available.
(DIR) Post #ANhAsAgJQEnHAjA6KG by cope@eeeeeeeee.eu
2022-09-18T17:15:30.732059Z
1 likes, 0 repeats
most likely, the fud of a db dump is more funoh well, there's nothing could have done to mitigate a proper mitm, apart from meme paranoia setups
(DIR) Post #ANhBMZLaHRFOMIxfDk by MidwitNavigator@poa.st
2022-09-18T14:31:28.942553Z
1 likes, 0 repeats
@fr_brennan @josh Indeed sir, I have seen the light praise allah! I am currently cutting off my dick with my trusty chinesium pocket knife. I will post receipts of my transupplification once completed and bleeding staunched!
(DIR) Post #ANhBsj0xs9YNbmeLuy by splashdmg@poa.st
2022-09-18T15:30:24.771350Z
1 likes, 0 repeats
@josh Oh godnow all these burner accounts are going to be spammed with porn ads.
(DIR) Post #ANhBx1xfN2YtWs9zLU by InsRe@poa.st
2022-09-18T15:47:36.767607Z
1 likes, 0 repeats
@josh If they got the data, they would have published/would publish it so it will be obvious if they did or not. When registering on the site (at least back when I did, there were very clear warnings about not using anything that ties back to your real name, use throwaway email, use VPN, etc. So, hopefully most (active) users were smart enough to follow those instructions. The log seems to make it clear that they just got an HTTP 500 error back, probably after waiting quite some time for the file to be generated so it looks like that's not the case? That said, unless the attack vector is 100% confirmed and mitigated then it will likely happen again, and even if it is, whoever did it seems to know what they are doing so there is a chance it could happen again. Not trying to doompost but we have to be realistic about the situation. Let's hope this was just a scare and a reminder to everyone to tighten up whatever info they have associated with their accounts.
(DIR) Post #ANhBywVQcngLBkrcLw by josh@poa.st
2022-09-18T17:27:56.562575Z
3 likes, 0 repeats
@AllinOne I understood what the log meant, but I'm not going to state matter-of-fact that I don't think they otherwise scraped or obtained information, because I don't know for sure. The hostility is unnecessary: the situation is difficult and I'm navigating carefully.
(DIR) Post #ANhBzNn5BGqXoKKb7Q by AnOminous@poa.st
2022-09-18T16:20:15.333568Z
1 likes, 0 repeats
@InsRe @josh Seems likely if he just replicated the commands in the access log, perhaps even doing it through a tor node, and got the same error, there is a reasonably good probability that's what the attacker got as well.That depends though. The 50x could have been simply because the DDoS idiots stepped on the hacker's activities which would be amusing, I suppose.
(DIR) Post #ANhC1hNBLTgt7hJwjw by Very_sad_man@poa.st
2022-09-18T16:38:54.683427Z
1 likes, 0 repeats
@josh
(DIR) Post #ANhC9l2ZaqISoZWY2C by AllinOne@poa.st
2022-09-18T17:29:54.477576Z
0 likes, 0 repeats
@josh Yeah, that's what I meant by at the very least. He was in there for a while so who knows what he got. Didn't mean to come off hostile either, sorry.
(DIR) Post #ANhCMMu6dyAtilZpPE by RabbiChaimNosenberg@poa.st
2022-09-18T17:29:21.685861Z
2 likes, 0 repeats
@josh @AllinOne Godsneed, Dear Feeder.In the end, the troons decay at a 41% rate.
(DIR) Post #ANhCQBMdUTDt5ajwdk by anglo@poa.st
2022-09-18T17:32:52.447104Z
1 likes, 0 repeats
@josh jews
(DIR) Post #ANhDD2gCZFeWLQBqAS by HansZeFlamezrower@poa.st
2022-09-18T17:40:09.462543Z
0 likes, 0 repeats
@josh @AllinOne How deep do they have to be in the system to mass-change user avatars to poast icons?
(DIR) Post #ANhDD3B2iaK3t4cTEu by AllinOne@poa.st
2022-09-18T17:41:42.123176Z
0 likes, 0 repeats
@HansZeFlamezrower @josh Any mod can do that I think. They were also logged in as Null during most of the time that was happening since his account was online.
(DIR) Post #ANhDUGyCgodhaWpIVE by FilthyGaijin@chudbuds.lol
2022-09-18T17:10:20.071399Z
1 likes, 0 repeats
The world will know I hate trannies.
(DIR) Post #ANhDeaA0CAlA0AGF6m by genocidersyo@poa.st
2022-09-18T17:44:27.249839Z
0 likes, 0 repeats
@HansZeFlamezrower @josh @AllinOne It wasn't an en masse change they were extremely slowly changing them one by one.
(DIR) Post #ANhDeafYIrzra11RHk by AllinOne@poa.st
2022-09-18T17:46:40.863106Z
0 likes, 0 repeats
@genocidersyo @HansZeFlamezrower @josh And it wasn't in any clear order either. My only guess is they were going through some thread and doing it one poster at a time there.
(DIR) Post #ANhECbnyaQrkwsBRia by actualincel@poa.st
2022-09-18T17:52:49.707438Z
0 likes, 0 repeats
@GoodPerson @_Trollcow_ @josh rude to josh specifically because she's Jewish
(DIR) Post #ANhEGVner6P5Txtbou by actualincel@poa.st
2022-09-18T17:53:32.292203Z
0 likes, 0 repeats
@_Trollcow_ @josh i know what you are up to you fucking kike
(DIR) Post #ANhF6NboYRox8X5Yqu by actualincel@poa.st
2022-09-18T18:02:54.558927Z
0 likes, 0 repeats
@GoodPerson @_Trollcow_ @josh the opposite happens. they need white genes to keep their dna from degrading from inbreeding, and the children will identify as Jewish. that is where the khazar milkers and similar memes come from. all astroturfed to get us to dilute our bloodlines
(DIR) Post #ANhFAmhFDnNO6QjFia by SteveTheDragon@freespeechextremist.com
2022-09-18T18:03:42.814446Z
0 likes, 0 repeats
@josh @AllinOne Wow, it really sucks when your private information is used for someone else's personal purposes.
(DIR) Post #ANhFGTQRmcgc4YaK2q by Backed7742@poa.st
2022-09-18T18:01:03.270173Z
1 likes, 0 repeats
@josh @AllinOne Your repeated lessons in Internet privacy has made my PII more secure than any other social media sites' security.Thanks for all your efforts.
(DIR) Post #ANhFfAzTSfOk8XkPhI by Liladult@poa.st
2022-09-18T18:09:11.774522Z
0 likes, 0 repeats
@fr_brennan @josh Didnt you have a wife and trying to have a family and now look at you (I know this isnt actually hotwheels i just felt it needed to be said)
(DIR) Post #ANhFmVIIN6DD8O2r44 by actualincel@poa.st
2022-09-18T18:10:31.262664Z
0 likes, 0 repeats
@GoodPerson @_Trollcow_ @josh well, I wouldn't be so confident that things will work out that way. but i'm not going to stop you from trying. as for me i'd rather not mix my enemy's blood with my own.
(DIR) Post #ANhFphMjwhPpRVeCTw by SteveTheDragon@freespeechextremist.com
2022-09-18T18:11:06.467410Z
0 likes, 0 repeats
@ChristiJunior @fr_brennan @josh Hotwheels a furry? Will wonders ever cease?
(DIR) Post #ANhGLOOS1JLvrqYoSW by Liladult@poa.st
2022-09-18T18:16:49.856858Z
0 likes, 0 repeats
@josh Josh im sorry that every day you have to wake up to a new fresh hell delivered by people who have never and will never have done anything important in their lives. You seem like a person with a strong principles and character and that is highly respectable position to hold in this modern nightmare. I wish you the best.
(DIR) Post #ANhGnnOKfgc5VR35GK by animeirl@shitposter.club
2022-09-18T18:20:49.462940Z
1 likes, 0 repeats
considerably less secure than tor browser but fine as long as you're not doing something illegal
(DIR) Post #ANhHc3txYrNvBroLAW by PunishedD@poa.st
2022-09-18T18:31:02.851847Z
0 likes, 0 repeats
@animeirl @iancho @josh @yes What does the Tor browser do differently than Brave's implementation? (assuming the only thing you're doing is browsing web pages)
(DIR) Post #ANhICU1ptnLieArVw0 by iancho@chudbuds.lol
2022-09-18T18:37:37.811004Z
1 likes, 0 repeats
TOR is a secondary function of Brave. It works good enough to give you reasonable secure and simple access to .onion sites. 9000x better then using shady proxy sites. TOR browser is the TOR foundations mainline project. Any security issues are going to get patched there 1st. It is also very ridged in its configuration to prevent poor configuration and fingerprinting. If I was some super spy doing wikileaks stuff or in someplace where my life depended on it I would use TOR browser. If I was just looking for a hassle free way to get to a .onion to talk about fat woman and ip2? Brave it is.
(DIR) Post #ANhIDuesNMrjWjnw0G by FediverseCitizen@poa.st
2022-09-18T15:06:44.054851Z
0 likes, 0 repeats
@josh Maybe after this you might consider not being transparent about this aspect. I imagine quite a few hackers would be emboldened by statements such as this. At this point, users should assume their information is compromised. No attention should be given to the hackers IMO
(DIR) Post #ANhIDv6shFGcvauIee by KingDick@poa.st
2022-09-18T18:34:06.779523Z
3 likes, 1 repeats
@FediverseCitizen>Consider not telling your users about potential data breachesWow, you're a fucking retard.
(DIR) Post #ANhIQeSntmc544ERrk by StagParty@poa.st
2022-09-18T16:27:03.440246Z
0 likes, 0 repeats
@ForTheHoard @Charlamagne @fr_brennan @josh me too, me too
(DIR) Post #ANhIXfFNNtLFWOIMpU by PunishedD@poa.st
2022-09-18T18:41:27.446634Z
0 likes, 0 repeats
@iancho @josh @animeirl @yes Yeah, but that assumes I'm not locking down my own browser already to achieve similar functionality.I meant is there some specific, additional functionality Tor browser adds? Like route randomization, complete capture of the DOM, etc.
(DIR) Post #ANhK4JUrN8OFZgfae8 by mint@ryona.agency
2022-09-18T18:58:32.552188Z
0 likes, 0 repeats
@cope @josh We're both wrong, it's a script injection. But why even bother if one of the reverse proxies supposedly got compromised?Screenshot_20220918_215748.png
(DIR) Post #ANhKPBd5ojqdFwTR8C by mint@ryona.agency
2022-09-18T19:02:19.200642Z
0 likes, 0 repeats
@cope @josh Speaking of, pleromer also supports attaching and in-browser opening arbitrary HTML files, but default CORS rules forbid loading any embedded content.Манул — Википедия (2022-09-18 7…
(DIR) Post #ANhKZhNMdkfoby858S by mint@ryona.agency
2022-09-18T19:04:13.407057Z
0 likes, 0 repeats
@cope @josh Disregard that, it's "sandbox" policy that still allows loading inlined and same host's CSS and images.https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
(DIR) Post #ANhNp1OKnw2GtYa6aG by yes@social.handholding.io
2022-09-18T19:40:31.113740Z
1 likes, 0 repeats
no, objectively false. the firefox base of torbrowser is a historic baggage that has been a consistent security issue.
(DIR) Post #ANhO6ehFvDc1ikq9K4 by animeirl@shitposter.club
2022-09-18T19:41:12.306242Z
1 likes, 0 repeats
as opposed to blink? idk man
(DIR) Post #ANhO81kNhrcNV3xLUm by yes@social.handholding.io
2022-09-18T19:44:01.958229Z
0 likes, 0 repeats
yes, without question. all of the effort on firefox base is funded as a token antitrust asscovering venture. it is a dead project they use as upstream and ALL of the code effort is in chromium now a days for the past few years.
(DIR) Post #ANhQpCZRXYZPQfYSy8 by ThePhilosopher@poa.st
2022-09-18T14:43:41.656992Z
2 likes, 0 repeats
But I use my work e-mail with my full name! You said the site was safe for work @josh!
(DIR) Post #ANhRHTHJ12fDM3YEZk by animeirl@shitposter.club
2022-09-18T20:17:28.217049Z
0 likes, 0 repeats
Maybe a dedicated chromium based tor browser would be ideal, but brave has a pretty awful history in terms of privacy and security
(DIR) Post #ANhRHTjJKv46kuebE8 by yes@social.handholding.io
2022-09-18T20:19:21.120238Z
0 likes, 0 repeats
it is miles ahead of every other chromium based browser on all the relevant fronts despite the army of asspained trannies who want to destroy it as brendan got ousted from mozilla by them.
(DIR) Post #ANhRJOhezpS7kFnSfw by animeirl@shitposter.club
2022-09-18T20:16:09.459280Z
0 likes, 0 repeats
why do you think tor still uses firefox as its base?
(DIR) Post #ANhRJPAjFkhlCPOfz6 by yes@social.handholding.io
2022-09-18T20:19:42.272464Z
0 likes, 0 repeats
i dont think it does. they still do.
(DIR) Post #ANhUa9iMHETm2lo1YW by literalwho@poa.st
2022-09-18T14:46:17.239975Z
1 likes, 0 repeats
@josh Imagine not having dynamic IPs/VPN and using a burner email.Also, thanks for the transparency, Josh.
(DIR) Post #ANhXezKMcfeZ8hZvqi by AltisticRight@poa.st
2022-09-18T21:30:27.574047Z
1 likes, 0 repeats
@AllinOne @HansZeFlamezrower @josh Nah, mods cannot change avatars. I think only admins can.
(DIR) Post #ANhYHMGNnR1rHH0qQq by CornFlakes@poa.st
2022-09-18T16:39:36.904938Z
1 likes, 0 repeats
@MidwitNavigator @cucumber @yes @josh But enough talking about Californians.
(DIR) Post #ANhZ8sCtlDjthItuee by bushgrad@gleasonator.com
2022-09-18T21:47:27.546475Z
0 likes, 0 repeats
Am I doing it wrongly? nano /etc/ssh/sshd_config SET THESE TO 'NO'ChallengeResponseAuthenticationPasswordAuthenticationUsePAMPermitRootLoginMove SSH from port 22 to a random higher port
(DIR) Post #ANhj7PtOXz2N8KiqZM by tiptopkek@poa.st
2022-09-18T23:38:37.533582Z
1 likes, 0 repeats
@HOLOCAUST @josh I'm sorry, but the feet pics you provided when you registered have been stolen. Expect them to be uploaded to kiwifeets.net by the end of the week.
(DIR) Post #ANjTMWqdl6dW6CXPPM by JuergenSchT@poa.st
2022-09-19T19:36:25.897188Z
0 likes, 0 repeats
@Charlamagne @StagParty @fr_brennan @josh What? Why?
(DIR) Post #ANjTMXEkJTv1Ixoeyu by Charlamagne@poa.st
2022-09-19T19:52:07.108723Z
1 likes, 0 repeats
@JuergenSchT @StagParty @fr_brennan @josh he’s a weirdo furry with a persecution complex
(DIR) Post #ANjTbpFZcdrjW3Uht2 by ceo_of_monoeye_dating@bae.st
2022-09-19T19:54:53.441302Z
0 likes, 0 repeats
This is the best broad stroke answer, but it may also be the case that copypaste's instance is less meant to be social media and more meant to be treated like a chatroom between himself and a few close friends/allies.
(DIR) Post #ANrxw36MNtLK9lQJoO by SIGSEGV@poa.st
2022-09-23T19:34:46.080490Z
1 likes, 0 repeats
@josh >assume your password for the Kiwi Farms has been stolenlmao were you storing passwords in plaintext like some sort of fucking mongoloid?
(DIR) Post #ANwKYKIfrcK27ogEoy by animeirl@shitposter.club
2022-09-18T18:36:43.137908Z
1 likes, 0 repeats
tor browser does considerably more to anonymize you and (last I checked) has more options and safer defaults for blocking potential vectors for code execution vulnerabilities in js/video/fonts/other content