[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Mirimir Hacked 8ch.net



â??chan is saving all poster IPs indefinitely.

This is the code that matters:

[code]
event_handler('post-after', function($post) {
global $board;
$post['ip'] = $_SERVER['REMOTE_ADDR'];

$data = json_encode(array('ip' => $post['ip'], 'body' =>
$post['body_nomarkup']));
for ($i = 0; $i bindValue(':board', $board['uri']);
$query->bindValue(':id', $post['id']);
$query->bindValue(':data', $crypted);
$query->execute()or error(db_error($query)); // Failure is never an
option, except when it is.
});

Upon review of the vichan source code, I found that the
"event_handler" function adds a callback function which is run when
the corresponding "event" function is called. For example,
event_handler('post-after') runs when event('post-after') is called,
which it is called at the end of post.php.

Line by line, this function makes JSON of our IPs and our post text.
It then puts 10 random bytes at the end of the JSON. It then uses a
file called "/srv/sunshine.pem" as a public key to encrypt the JSON
with the PHP function "openssl_public_encrypt".

It then inserts the JSON, along with the board being posted on and the
ID of the post, into a table called "sunshine". The board and ID of
post are in the clear, only the post content and IP are crypted in
that JSON array.

This gives McRonald and Jim the ability to look up the IP of any post
they want even if the post is no longer live on the public site.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1872 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20170403/63df2da8/attachment.txt>