Post AQ9Y3ocswbDNOaFCW8 by nocebo@ng.cathoderay.tube
(DIR) More posts by nocebo@ng.cathoderay.tube
(DIR) Post #AQ9Y3ocswbDNOaFCW8 by nocebo@ng.cathoderay.tube
2022-12-01T05:30:48.603675Z
5 likes, 21 repeats
advising all admins to defederate from misskey-forkbomb[.]cf and *.repl.co as these domains are being used to serve an exploit that causes misskey servers to enter an infinite loop, wasting resources and lagging the instance id also STRONGLY advise defederating mastodong[.]lol, as that instance is operated by the malicious party responsible for the exploit and was used to trigger it (hxxps://mastodong[.]lol/[@]lamp/109436430029496536), so it may be used in similar ways by future "endeavors" the exploit works by serving a malicious activitypub actor that references itself as featured, causing misskey to infinitely try to resolve this same url forever misskey admins affected by the exploit should, after blocking the domains, stop misskey, clear redis in order to reset the job queue, and start it up again that said, now that this is out there, there will unfortunately be copycats, but hopefully these instructions help until a fix is available... #fediblock
(DIR) Post #AQ9b234SZG1ZTizVGi by Weeble@bungle.online
2022-12-01T06:04:42.022Z
0 likes, 0 repeats
@nocebo@ng.cathoderay.tube cc @emma@niscii.xyz @emma@pisskey.io
(DIR) Post #AQ9b2OhW9EkEYwQUYy by valerauko@pawoo.net
2022-12-01T06:04:48Z
0 likes, 0 repeats
@nocebo the server seems to be down. does this work by serving the same Person object from the /featured url too?
(DIR) Post #AQ9igz4b2GQodDWObw by gamer@bungle.online
2022-12-01T07:30:34.170Z
0 likes, 0 repeats
@Weeble was gonna tag you but seems you've already seen it, nice
(DIR) Post #AQ9l7YJEqnpzLtAOxM by nocebo@ng.cathoderay.tube
2022-12-01T07:48:58.572477Z
1 likes, 2 repeats
update: they are apparently spamming mastodon instances to try and ddos mine using the hug of death, based on the requests from mastodons hitting my instance's homepage, so that's pretty cool anyway, if you receive some sort of stupid spam including a link to this instance, it is not from me
(DIR) Post #AQ9lgZBVaWcmCbFNom by Zerglingman@freespeechextremist.com
2022-12-01T08:04:08.237577Z
0 likes, 0 repeats
@nocebo Who the fuck would want to flirt with a pronouns in bio?
(DIR) Post #AQ9mFCSm3f93rspzJA by skeh@birb.space
2022-12-01T08:07:22.718Z
1 likes, 0 repeats
Mitigation pending upstream approval: https://github.com/misskey-dev/misskey/pull/9247If based off of 12.119.0 instead of develop, this commit will apply better.
(DIR) Post #AQ9o8cUx3sXGUnqWQ4 by net@letsalllovela.in
2022-12-01T08:31:36.104806Z
0 likes, 0 repeats
@nocebo lol seethe misskunt. Stop using shit software LMAO
(DIR) Post #AQ9oDWyv038apmCkKm by nocebo@ng.cathoderay.tube
2022-12-01T08:32:01.358021Z
1 likes, 0 repeats
@net im not on misskey, dipshit
(DIR) Post #AQ9oDXMJb3qw0L9Qno by net@letsalllovela.in
2022-12-01T08:32:28.660366Z
0 likes, 0 repeats
@nocebo why not, huh?
(DIR) Post #AQ9tZAoaawSKE9VpxI by norm@misskey.biribiri.dev
2022-12-01T06:06:52.355Z
2 likes, 0 repeats
@nocebo@ng.cathoderay.tube may be worth IP blocking as well. Here's the IPs:norm@biribiri:~$ host misskey-forkbomb.cfmisskey-forkbomb.cf has address 172.67.201.197misskey-forkbomb.cf has address 104.21.74.100misskey-forkbomb.cf has IPv6 address 2606:4700:3031::6815:4a64misskey-forkbomb.cf has IPv6 address 2606:4700:3035::ac43:c9c5
(DIR) Post #AQ9ttLi7nJbhoN6q3s by Relected@shitposter.club
2022-12-01T09:36:01.710896Z
0 likes, 0 repeats
@net @nocebo so do y9u like misskey or no?
(DIR) Post #AQ9vvlutX31ZZjMi9Y by net@letsalllovela.in
2022-12-01T09:58:55.685957Z
0 likes, 0 repeats
@Relected @nocebo maybe I do, maybe I don't. What's it to ya?
(DIR) Post #AQ9ye2LA1wXxA7szQ0 by SuperDicq@minidisc.tokyo
2022-12-01T10:29:15.371Z
0 likes, 0 repeats
@nocebo@ng.cathoderay.tube Is a patch being worked on?
(DIR) Post #AQ9yvgluxZz9Tuoo0e by nocebo@ng.cathoderay.tube
2022-12-01T10:30:34.418330Z
0 likes, 1 repeats
@SuperDicq finished, even, shortly after my post, just not merged yet: https://github.com/misskey-dev/misskey/pull/9247
(DIR) Post #AQ9yvh8xZuPudNbCvQ by SuperDicq@minidisc.tokyo
2022-12-01T10:32:26.103Z
0 likes, 0 repeats
@nocebo@ng.cathoderay.tube Oh, cool, I might just merge this manually.I expected a recursion limit to be the solution, simple but effective.
(DIR) Post #AQA0q4QQIw5j0nDHYO by konni@toot.kartonrad.de
2022-12-01T10:53:54Z
0 likes, 0 repeats
@nocebo ig this will lead to the issue being fixed But good call
(DIR) Post #AQA8HQMtWnGUZ5YMHg by fristi@akkos.fritu.re
2022-12-01T12:17:12.088590Z
0 likes, 0 repeats
@jase @norm @nocebo might as well just block cloudflare at the firewall level if that's what every crook is gonna hide behind
(DIR) Post #AQA9p9DXttGBAlpCCG by Relected@shitposter.club
2022-12-01T12:34:35.953764Z
0 likes, 0 repeats
@net @nocebo >you must be 18 or older to post
(DIR) Post #AQBTVZA1vWBi5H530i by k1tteh@uwu.social
2022-12-01T08:01:21Z
1 likes, 0 repeats
@nocebo skill issue
(DIR) Post #AQBW9d9MiJgFwr09Ca by lucifargundam@qoto.org
2022-12-02T04:19:30Z
0 likes, 0 repeats
@nocebo Cc @freemo @stux