this post was submitted on 15 Apr 2025

394 points (99.5% liked)

4chan

4757 readers

1 users here now

Greentexts, memes, everything 4chan.

founded 2 years ago

MODERATORS

brainschaden@lemmy.world

skyspydude1@lemmy.world

394

4chan has been hacked. All source code leaked (lemmy.dbzer0.com)

submitted 1 week ago* (last edited 1 week ago) by sunglocto@lemmy.dbzer0.com to c/4chan@lemmy.world

90 comments fedilink hide all child comments

Slurs

Not sure if this is against the rules or not

The IPs of all janitors and admins have been leaked

4chan's entire tech stack is built of outdated and insecure myPHP

Not sure where the source code is from but I think it's the forum that did all of this in the first place

top 50 comments

sorted by: hot top controversial new old

[–] Justas@sh.itjust.works 2 points 4 days ago

Nintoddler being a slur is somehow very funny to me.

[–] Beartotem@sh.itjust.works 2 points 6 days ago

In the media soon: The notorious hacker 4chan strikes again, his latest victim: 4chan.

[–] Eiri@lemmy.ca 92 points 1 week ago (5 children)

Was something of value lost?

[–] Hubi@feddit.org 40 points 1 week ago

nope

[–] sudo@programming.dev 27 points 1 week ago

No, in fact we might begin healing. 🙏

[–] setsneedtofeed@lemmy.world 14 points 1 week ago* (last edited 1 week ago)

The /GROG/ threads in /tg/ were a constant source of good posts by Oldhammer players and a great resource for links to Oldhammer content that would otherwise be difficult to find.

/WIP/ on /tg/ has given me a lot of great tips throughout the years.

More recently, the Trench Crusade and MCP threads tend to be good for discussion and updates (when they aren't being raided by posters looking to call everything bad just to rustle people).

/k/ has gotten a lot more boring in the last few years as pretty much none of the original crew of tripposters are around anymore, but it can still produce the occasional nugget of good info, and usually has at least a couple of interesting picture threads up. I will say during the initial 2022 invasion times in Ukraine, /k/ had pretty much up to the minute updates and daily info threads for a few years.

load more comments (2 replies)

[–] Hubi@feddit.org 90 points 1 week ago* (last edited 1 week ago)

Pool's closed.

[–] Eyekaytee@aussie.zone 51 points 1 week ago (3 children)

it feels like this is big news but I can't seem to get myself to care

[–] 9tr6gyp3@lemmy.world 47 points 1 week ago (22 children)

This is a huge blow to the Russian misinfo machine, unironically. If its down for a while, it will have some big effects

[–] Eyekaytee@aussie.zone 11 points 1 week ago

i hope so 🤞

load more comments (21 replies)

[–] Trihilis@ani.social 10 points 1 week ago

load more comments (1 replies)

[–] PP_BOY_@lemmy.world 51 points 1 week ago (2 children)

whoisthisfourchan.gif

[–] henfredemars@infosec.pub 20 points 1 week ago

It’s a famous hacker.

load more comments (1 replies)

[–] codexarcanum@lemmy.dbzer0.com 44 points 1 week ago

[–] DudeDudenson@lemmings.world 42 points 1 week ago (1 children)

Why's anyone surprised this happened? Was 4chan supposed to be a super up to date and modern website?

[–] oce@jlai.lu 49 points 1 week ago

Maybe because it used to be an important place for hacktivists like Anonymous. So, it was probably an obvious hacking target that could have learned to protect itself better.

[–] OozingPositron@feddit.cl 40 points 1 week ago (1 children)

Holy shit. Has this ever happened before?

[–] sunglocto@lemmy.dbzer0.com 48 points 1 week ago

4chan's had leaks before but it was nothing compared to this

[–] CaptainBasculin@lemmy.bascul.in 28 points 1 week ago (3 children)

Leaked Source Code: https://litter.catbox.moe/a8z45n.7z

[–] jbk@discuss.tchncs.de 11 points 1 week ago

quite a welcome change that this leak is tiny unlike most others lol

[–] Object@sh.itjust.works 11 points 1 week ago (2 children)

I know it's a 7z, but still not even a megabyte. That's really impressive.

[–] Realitaetsverlust@lemmy.zip 22 points 1 week ago (1 children)

I mean, this is only source code in text form, there's no assets or anything in the leak. They also don't use composer or any package manager, so there's no large dependencies in the project.

[–] Angry_Autist@lemmy.world 7 points 1 week ago

there’s no large dependencies in the project.

The one fucking thing 4chan does right and not even the big boys try

[–] Angry_Autist@lemmy.world 11 points 1 week ago (2 children)

Not really, source code zips ridiculously well. A prolific and dedicated coder could probably fit their entire life's work minus assets on 5 floppy discs

[–] surewhynotlem@lemmy.world 15 points 1 week ago

Not me. I code in a big font

load more comments (1 replies)

[–] SandroHc@lemmy.world 7 points 1 week ago

141K LoC, of which 63K PHP, 45K JS and 31K CSS.

Tokei output:

===============================================================================
 Language            Files        Lines         Code     Comments       Blanks
===============================================================================
 CSS                    31        39203        31318          959         6926
 INI                    89         4269         1833         1401         1035
 JavaScript             20        55986        45105         1023         9858
 PHP                   104        93517        63143        15032        15342
 Rakefile                1          109           77            8           24
 Ruby                    1           74           57            2           15
 Plain Text            135         2609            0         2507          102
-------------------------------------------------------------------------------
 HTML                    2           83           83            0            0
 |- CSS                  1            4            4            0            0
 |- JavaScript           1           78           60            0           18
 (Total)                            165          147            0           18
===============================================================================
 Total                 383       195850       141616        20932        33302
===============================================================================

[–] darthelmet@lemmy.world 25 points 1 week ago (1 children)

Is this the work of the mysterious hacker 4 chan?

load more comments (1 replies)

[–] primemagnus@lemmy.ca 17 points 1 week ago (1 children)

Cool. It’s 4 chan. What exactly are you gonna expose lol

[–] ArchmageAzor@lemmy.world 11 points 1 week ago (1 children)

Apparently some admins had their personal emaild registered, and I heard posts caught the IP of posters.

[–] steeznson@lemmy.world 8 points 1 week ago

IPv4 addresses are not permanent and shuffle around a fair amount. There aren't enough addresses to cover the number of devices on the net. You'd need an ISP to map an IP to a specific time range confidently. Governments could do that but they could also do that pre-leak if they were investigating someone.

[–] nnullzz@lemmy.world 16 points 1 week ago (2 children)

Wouldn’t the hackers be able to release more info about the infamous “Q”? Like IP address or something?

[–] thallamabond@lemmy.world 7 points 1 week ago (2 children)

Q was 8chan

[–] setsneedtofeed@lemmy.world 12 points 1 week ago (1 children)

Qanon was a tripcode poster on /pol/, and a successor to the less famous FBIanon which was probably the same person.

The whole Qanon phenomenon is really fascinating because the actual Qanon poster stopped posting in like, 2018, but because boomers on Facebook don't know how anything works they'd just keep circulating that "Qanon said such and such" to each other on Facebook. It stopped being anything said by a specific poster on 4chan and started to just become this strange ethereal concept.

load more comments (1 replies)

[–] BlackLaZoR@fedia.io 16 points 1 week ago (2 children)

4chan stopped being relevant since they introduced asinine bot prevention. It's pretty much impossible to post there at all

[–] protist@mander.xyz 11 points 1 week ago

No one posts there anymore, it's too busy

[–] setsneedtofeed@lemmy.world 11 points 1 week ago* (last edited 1 week ago) (2 children)

It’s pretty much impossible to post there at all

Huh? The capachas were a low bar to clear to post. I had no trouble at all on various boards.

[–] Someonelol@lemmy.dbzer0.com 13 points 1 week ago

4chan hates it when Tor and a VPN is used to enhance anonymity. It does frequent captchas, will refuse to load images, and won't let you post replies. It's like they want you to not be anonymous at all anymore.

[–] Dotcom@lemmy.ml 8 points 1 week ago (3 children)

You have to buy a 4chan pass, register an account (lol) or wait 15 minutes to post

load more comments (3 replies)

[–] Flemmy@lemm.ee 16 points 1 week ago

I wish I cared. But have fun whoever wants this I guess.

[–] Thcdenton@lemmy.world 14 points 1 week ago (3 children)

Of course its php

[–] infinitesunrise@slrpnk.net 21 points 1 week ago* (last edited 1 week ago)

That's not a surprise, nor was it unknown. Pretty much all pre-"social media" discussion sites were PHP. Myspace probably was, too. PHP also isn't intrinsically insecure, it just doesn't lend itself very easily to security.

[–] Realitaetsverlust@lemmy.zip 15 points 1 week ago

Nothing wrong with php, except not updating it.

[–] Baguette@lemm.ee 10 points 1 week ago

Early internet website, php is expected tbh

They prob have infinite tech debt to even consider converting to anything because I doubt they expected 4chan to still be alive in 2025, plus I'm decently sure all funds are being to keep the website alive and not hiring