API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 28th, 2016
11,284
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.34 KB | None | 0 0
raw download clone embed print report
  1. ...DMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
  2. ...+MM   .MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
  3. ...+8 .... MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
  4. ...+.......M...M.................M8 . MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
  5.  ..+M .    M.. M...  . ..........? ...MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
  6. ...+MN   MMM.. M  .    ..........+ ...MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
  7. ...+   . . ....M.................+....MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
  8. ...+...........M.................+....MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
  9. ...+MMMMMMMMMMMMMM8OMMMMMMMMMMMMMM....MMMMMMMMMMMM..MMMMMMMMMMMMMMMMMMMMMMMMMMMM
  10. ... ..... +MMMM .......MMMM ...... ...MMMMMMMMMMMM..MMMMMMMMMMMMMMMMMMMMMMMMMMMM
  11. .... MM ...+MM....MM....MM.....MM.....MMMM .. ,MMM..M  .  MMM.....  MMM. M .. DM
  12. ....MMMM....M ..,MMMM....M....MMMM ...MM ..MMM.. M...MMM..?M...NMM ..MM.. MM?..M
  13. ....MMMM....M......... . M....MMMM ...MN..MMMMM MM..MMMM...MMMMMMM ..MM..MMMM...
  14. ....MMMM....M .. MMMMMM MM... MMMM....M...MMMMMMMM..MMMM...MM....8$..MM. MMMM...
  15. ....   ,...MMM... NM7 .. MZ....  .....MM..MMMMM  M..MMMM.. M..MMMM,..MM. MMMM...
  16. ...   .   MMMMM. .... .,MMMM......,...MMM.. ....MM..MMMM...M.. ..... MM. MMMM...
  17. OOOMMMMNMMMMMMMMMMMMMMMMMMMMMMMMMMZOOOMMMMMMONNMMMDMMMMMM MMMMI:MMMMOMMNMMMMMM.M
  18.  
  19.  
  20.  
  21. First Jim was accused of stealing 2ch from Hiroyuki Nishimura (http://fgts.jp/qa/thread/183913/#q192022). Because it is a totally normal industry practice for a hosting provider to seize your domain name, web site and other intellectual property when you fail to pay a bill.
  22.  
  23. Then he was suspected to have DDoSed 8chan and got it kicked off hosting providers.
  24.  
  25. Then Jim LARPed being a white knight by offering old as fuck dual core i5 shit boxes for hosting in exchange for a majority equity stake in 8chan. (http://www.8ch.net/who.html - http://archive.is/Bq2M4)
  26.  
  27. Then the DDoSes mysteriously stopped even though 2ch's & 8chan's real IPs can be found via ARIN records because Jim is a retard who can't into INFOSEC. But this was only a coincidence amirite?
  28.  
  29. Then Jim says in 8chan's privacy policy that IP logs are only kept for 24 hours. But this too is all a lie as you'll soon see.
  30.  
  31.  
  32.  
  33. Jim's ARIN Info
  34. https://whois.arin.net/rest/poc/TW488-ARIN.html - http://archive.is/w4gJ7
  35.  
  36. N.T. Technology's ARIN Info
  37. https://whois.arin.net/rest/org/NTTECH-1.html - http://archive.is/kZxtM
  38.  
  39. Netblock NET-204-63-0-0-1 (Hosts 2ch.net) Info
  40. https://whois.arin.net/rest/net/NET-204-63-0-0-1.html - http://archive.is/egA4x
  41.  
  42. Netblock NET-206-223-144-0-1 (Hosts 8ch.net) Info
  43. https://whois.arin.net/rest/net/NET-206-223-144-0-1.html - http://archive.is/0QtI9
  44.  
  45. 2ch.net IPs
  46. 204.63.8.33 204.63.8.34 204.63.8.35 204.63.8.74
  47.  
  48. 8ch.net IPs
  49. 206.223.147.210 206.223.147.213 206.223.147.214
  50. 206.223.147.215 206.223.147.217 206.223.147.218
  51.  
  52. There are other IPs such as 206.223.147.216 but they dont serve webpages and are probably things like the SQL server.
  53.  
  54.  
  55.  
  56. Archived links proving these IPs host 2ch.net and 8ch.net:
  57.  
  58. 2ch.net Servers
  59. http://204.63.8.33/ - http://archive.is/voJFt
  60. http://204.63.8.34/ - http://archive.is/LMAMd
  61. http://204.63.8.35/ - http://archive.is/efa9i
  62. http://204.63.8.74/ - http://archive.is/ME0wb
  63.  
  64. 8ch.net Servers
  65. http://206.223.147.210/ - http://archive.is/KEYT5
  66. http://206.223.147.213/ - http://archive.is/IJyBz
  67. http://206.223.147.214/ - http://archive.is/3TvTN
  68. http://206.223.147.215/ - http://archive.is/GtZjs
  69. http://206.223.147.217/ - http://archive.is/QBSl2
  70. http://206.223.147.218/ - http://archive.is/y06XS
  71.  
  72.  
  73.  
  74. Jim will probably change these IPs at some point. They can be found again by looking up all organizations on ARIN which specify him or his organizations as a contact, and then scanning their netblocks with nmap:
  75. nmap -Pn -p 80 -sV --open 206.223.144.0/20
  76.  
  77. 8chan servers will response with output similar to the following indicating they're running nginx. The vast majority (>90%) the servers in Jim's netblocks are running Apache so its easy to find the needle in the haystack.
  78.  
  79. Starting Nmap 7.12 ( https://nmap.org )
  80. Nmap scan report for 206.223.147.210
  81. Host is up (0.067s latency).
  82. PORT STATE SERVICE VERSION
  83. 80/tcp open http nginx 1.8.0
  84.  
  85. This can be protected against with a firewall so it may not work in the future. There are other far more effective ways to find the needle in the haystack as well but i'll omit how, because his engineers are clearly incompetent and i'm sure can't think of it if they couldn't be bothered to configure a firewall.
  86.  
  87.  
  88.  
  89. Please also take note than 8chan is running nginx version 1.8.0, not 1.8.1. This version does have multiple security vulnerabilities according to the change log. Because why would you ever want to install security updates?
  90.  
  91. http://nginx.org/en/CHANGES-1.8
  92.  
  93. *) Security: invalid pointer dereference might occur during DNS server response processing if the "resolver" directive was used, allowing an attacker who is able to forge UDP packets from the DNS server to cause segmentation fault in a worker process (CVE-2016-0742).
  94.  
  95. *) Security: use-after-free condition might occur during CNAME response processing if the "resolver" directive was used, allowing an attacker who is able to trigger name resolution to cause segmentation fault in a worker process, or might have potential other impact (CVE-2016-0746).
  96.  
  97. *) Security: CNAME resolution was insufficiently limited if the "resolver" directive was used, allowing an attacker who is able to trigger arbitrary name resolution to cause excessive resource consumption in worker processes (CVE-2016-0747).
  98.  
  99.  
  100.  
  101. Jim is also violating the license agreement he has with Font Spring for use of their fonts (Koch Geometric) for use on his soft serve ad site.
  102.  
  103. http://softserve.8ch.net/account/login/ - http://archive.is/uLXeK
  104.  
  105. Which references file http://softserve.8ch.net/static/css/ultraman.css which clearly states this font is owned by Font Spring and subject to the following license terms:
  106.  
  107. http://www.fontspring.com/licenses/fontsite/webfont
  108.  
  109. 2. Requirements and Restrictions
  110. Licensee agrees to abide by the following requirements and restrictions:
  111. a. Licensee must use the Webfont provided by Fontspring under this EULA. Licensee may not link to the full, CFF OpenType or TrueType font designed for desktop installation.
  112.  
  113. But he makes the TrueType fonts available below in violation of his license agreement
  114. http://softserve.8ch.net/static/css/KochGeometric-Ultra-webfont.ttf
  115. http://archive.li/uLXeK/891cffe9e7bbdbc209d3fe96d111eb25476ffed8.ttf
  116.  
  117.  
  118.  
  119. Now Jim says in his Privacy Policy (http://8ch.net/privacy.pdf) that:
  120.  
  121. 3 Reading and page views
  122. Every page view on 8ch.net is kept in a log for 24 hours…
  123.  
  124. 4 Posting
  125. When a post is made to 8ch.net, the posting user’s IP (Internet Protocol) address is stored in the database, along with the parameters of their post (post body, subject, and name)… This information is retained in the database until one of the following happens:
  126. • the post is deleted by the owner of a board or one of his volunteers;
  127. • the post expires, or falls off the last page of the board due to new posts being made;
  128. • the post is deleted by the user himself if the board allows user post deletion.
  129.  
  130. But this isn’t true as there are a number of publicly available IP logs, some going back to 2014, including one which is almost exclusively posters to the /cuteboys/ fag board:
  131.  
  132. http://8ch.net/lorenzolog.txt - http://archive.is/9gL9M
  133. http://8ch.net/index.html.1 - http://pastebin.com/WP7k38gA - archive.is doesn’t work
  134. http://8ch.net/ips_ron_3232.txt - http://archive.is/6QXAW
  135. http://8ch.net/bui.txt - http://archive.is/wJWDB
  136. http://8ch.net/int.sql - http://pastebin.com/w1xCeC6g - archive.is doesn’t work
  137.  
  138. Now considering how hard Jim is shilling his new softserve ad system, and refuses to accept code from Next because he might be forced to open source it due to the AGPL, what does he have to hide in his code if he isn’t following his own privacy policy?
  139.  
  140.  
  141.  
  142. Because Jim is a greedy Jew, he wants to kill off Tor access so he can serve targeted ads. But he LARPs that it is due to "problem" users. Of course Tor has no legitimate uses such as on /pol/ for people in countries where hate speech is banned.
  143.  
  144. https://archive.is/c45aW
  145.  
  146. >>564844
  147. HW posted months ago that he is not support that TOR stuff anymore.
  148.  
  149. >>564851
  150. If anything we will probably make it tougher for TOR users. Most of the problems on 8chan originate from TOR users. They are a small minority of the users, but have caused the most problems… I am sure most of the users understand that is to help the majority enjoy the site.
  151.  
  152. >>564856
  153. When the mainstream pervs and culprits move to TOR. Time to leave TOR.
  154.  
  155.  
  156.  
  157. One feature of 8chan is the possibility to have hidden boards which aren’t publicly listed. This however does no good when you post a SQL dump (circa December 2015 for pages.sql) of all the boards on the server. archive.is doesn’t support SQL files, and due to pastebin’s size limitations it was split in to 4 files with “split -b 480k pages.sql”. Concatenate the files to restore them. If I get bored i’ll go through boards.json and figure out which ones in these dumps aren’t publicly listed.
  158.  
  159. http://8ch.net/pages.sql
  160. Part 1 - http://pastebin.com/b2xHjhKr
  161. Part 2 - http://pastebin.com/D1AwKqgS
  162. Part 3 - http://pastebin.com/9bfpRF2J
  163. Part 4 - http://pastebin.com/femcRKJh
  164.  
  165. http://8ch.net/.git/COMMIT_EDITMSG - http://pastebin.com/JnE6JPzS
  166. http://8ch.net/maxes.txt - http://archive.is/xIq52
  167. http://8ch.net/dirsizes.txt - http://archive.is/nmLQx
  168.  
  169.  
  170.  
  171. And there are plenty of other files too if you go through the previously mentioned COMMIT_EDITMSG file:
  172.  
  173. http://8ch.net/.bash_history - http://pastebin.com/2S6Kg8F8
  174. http://8ch.net/inc/.nfs0000000004d8002400000001 - http://pastebin.com/QuRnXwK8
  175. http://8ch.net/working.ser - http://pastebin.com/C2yYCCCY
  176. http://8ch.net/rip.txt - http://archive.is/xXh39
  177. http://8ch.net/rip2.txt - http://archive.is/p3x0D
  178. http://8ch.net/ku_klux_kuchera.txt - http://archive.is/7wqs7
  179. http://8ch.net/reddit-admins-are-cucks.txt - http://archive.is/NcC9W
  180. http://8ch.net/reddit-admins-are-cucks-part-2.txt - http://archive.is/J66tj
  181.  
  182. Because it was totally a good idea to not block accessibility to unneeded files. This is surely a sign of a competent server administrator, just like calling old as fuck i5 shitboxes “servers”.
  183.  
  184.  
  185.  
  186. Because Jim is only offering old shitboxes and doesn't offer 10GbE ports on NT Technologies hosting and colo page, he likely doesn't have his own private cage at 200 Paul in San Francisco and is likely renting rack space from a real company. A trace route to 2ch's IPs shows that NT's routers are 204.63.8.11 and 204.63.8.15, and they are connected to 208.74.64.3 which belongs to Centauri Communications which does offer colocation services at 200 Paul and who Jim is likely renting rack space from. If you were to file abuse complaints with someone, Centauri would be the company to send them to.
  187.  
  188.  
  189.  
  190. Please send hate mail to: adolf@hitlerdidnothingwrong.com
  191.  
  192. If 8chan should go down, this is your daily reminder that the bunker site is http://8ch.pl/ which isn't ran by a greedy race mixing jew like Jim (((Watkins))).
  193.  
  194. Eat a dick Jim. Stop posting pictures of your dog and fix the CAPTCHA you fat fuck.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!