-  [WT]  [PS]  [Home] [Manage]
[ 7ch / banner / ch7 / irc ] [ b / fl / gfx / ? / :F::a::I::L: ] [ a / grim / hi / me / rx / vg / weed / wp / x ] [ aisfw / co / diy / eh / fit / halp / jew / lit / phi / pr / rnb / sci / tg / w ] [ ai / cake / cd / d / di / elit / fur / gif / h / men / pco / s / sh / ss / unf ]
[Return]
Posting mode: Reply
  3.   (reply to 11677)
  6. (for post and file deletion)
/7ch/ - Site Feedback

IF YOU'RE GOING TO REPORT A SITE PROBLEM, MAKE SURE YOU PASTE THE URL.

IF YOU'RE GOING TO BITCH ABOUT A VIRUS ALERT, PASTE THE URL IT SAYS THE VIRUS IS COMING FROM

Thank you.

  • Supported file types are: GIF, JPG, PNG, WEBM
  • Maximum file size allowed is 10240 KB.
  • Images greater than 200x200 pixels will be thumbnailed.
  • Currently 556 unique user posts.

  • Blotter updated: 2018-08-24 Show/Hide Show All

Movies & TV 24/7 via Channel7: Web Player, .m3u file. Music via Radio7: Web Player, .m3u file.

Possible Vulnerability? Anonymous 25/04/29(Tue)17:42 No. 11677
11677

File 174594135374.png - (374.57KB , 750x750 , 009.png )

Hey, dunno if anyone has reported this to you, but KusabaX has flaw that allows the poster IDs to be linked to the actual user's IP (within a likelihood of 221). There's a proof of concept for it on github, which I can include the link for.

Just figured since 4cucks just got fucked for having outdated code, I'd bring it to your attention. Apologies if you've already addressed this.

https://github.com/savetheinternet/kusabax-idcrack


>>
Anonymous 25/04/29(Tue)18:29 No. 11678

Hello,
The back end site code has deviated substantially from the public forks, but the visible poster id's (on boards where it is seen) can indeed be worked out to a collection of possible IP addresses if you have the time and desire. I'll go ahead and remove them from the few boards that show poster id's, and see about returning them with a better non-reversible obfuscation later.
Thank you


>>
Anonymous 25/05/03(Sat)02:47 No. 11681

>>11677

Thanks alot for spilling the beans about this exploit, i was gonna hack da planit and steal erryones credit card info but now i cant.
Jerk.


>>
Anonymous 25/05/05(Mon)09:46 No. 11683

>foreskinchan
>users abuse exploits to shut the shithole down
>admins/mods invisible except to meme once a year

>sebenchan
>users report exploits
>admins/mods immediately respond and take action

holy shit this place is bizzaroworld, i might stick around


>>
Anonymous 25/05/13(Tue)01:33 No. 11696

>last commit in 2011
I mean, wasn't that in the heyday of Kusaba X exploits?



[Return] [Entire Thread] [Last 50 posts]

Delete post []
Password  
Report post
Reason