Return Styles: Pseud0ch, Terminal, Valhalla, NES, Geocities, Blue Moon.

Pages: 1-

Imageboard poster IDs

Name: Anonymous 2012-03-12 23:58

I've noticed that /soc/ now has forced anon and IDs.
I assume they're generated from the poster's IP and the thread id, but what's the ENTERPRISE GOLD STANDARD for generating IDs on textboards? Something involving a crypt function, I imagine.
I also recall there being some threads here about someone cracking FV's user id to reveal that he's from Israel; if someone could point me to those threads and the code the cracker used, I'd be grateful.

Name: DR.SARGON 2012-03-13 0:01

the id mechanism is as old as the kotsaba image boards
vrobatsa imageboard source is open
why dont ya look into it

Name: DR.SARGONT 2012-03-13 0:03


instead of shitpostin'

Name: Anonymous 2012-03-13 0:05

>>3
My question might be easy to answer, but I think it hardly qualifies as a ``shitpost.''
In any case; thank you for >>2.

Name: Anonymous 2012-03-13 0:36

kotsaba
vrobatsa

jesus fucking christ, what is this made up shit

Name: Anonymous 2012-03-13 1:11

sub make_id_code($$$)
{
    my ($ip,$time,$link)=@_;

    return EMAIL_ID if($link and DISPLAY_ID=~/link/i);
    return EMAIL_ID if($link=~/sage/i and DISPLAY_ID=~/sage/i);

    return resolve_host($ENV{REMOTE_ADDR}) if(DISPLAY_ID=~/host/i);
    return $ENV{REMOTE_ADDR} if(DISPLAY_ID=~/ip/i);

    my $string="";
    $string.=",".int($time/86400) if(DISPLAY_ID=~/day/i);
    $string.=",".$ENV{SCRIPT_NAME} if(DISPLAY_ID=~/board/i);

    return mask_ip($ENV{REMOTE_ADDR},make_key("mask",SECRET,32).$string) if(DISPLAY_ID=~/mask/i);

    return hide_data($ip.$string,6,"id",SECRET,1);
}

Name: Anonymous 2012-03-13 2:09

>>6
i thought it was written in php

Name: Anonymous 2012-03-13 2:16

>>5
your mother

Name: Anonymous 2012-03-13 2:34

// IP blocks
        for (a = 26; a < sizeof(ablocks); ++a) {
            SHA_CTX ctx;
            char prefix[16] = { '\0' };
            unsigned char md[SHA_DIGEST_LENGTH] = { '\0' };
            unsigned int b, c, d;
            char* bpos;
            char* cpos;
            char* dpos;
            bpos = prefix + sprintf(prefix, "%u.", ablocks[a]);
            for (b = 0; b < 256; ++b) {
                cpos = bpos + sprintf(bpos, "%u.", b);
                for (c = 0; c < 256; ++c) {
                    dpos = cpos + sprintf(cpos, "%u.", c);
                    for (d = 0; d < 256; ++d) {
                        sprintf(dpos, "%u", d);
                        SHA1_Init(&ctx);
                        SHA1_Update(&ctx, prefix, strlen(prefix));
// this might be reply # + thread #
                        SHA1_Update(&ctx, "291177427627", 12);
// from salt.cgi
                        SHA1_Update(&ctx, salt, 448);
                        SHA1_Final(md, &ctx);
// search is derived from the ID somehow, I cannot remember how an example here:
//  _+sP   42Ns   t___ (ID being +sP42Nst)
//5feb0f e3636c b575d7
                        if (memcmp(search, md + 1, 5) == 0) {
                            char* base64 = NULL;
                            base64_encode(md, SHA_DIGEST_LENGTH, &base64);
                            base64[9] = '\0';
                            printf("%u.%u.%u.%u: %s\n", ablocks[a], b, c, d, base64 + 1);
                            free(base64);
                            exit(0);
                        }
                    }
                }
            }
        }

Name: Anonymous 2012-03-13 2:35

5feb0f e3636c b575d7
Also you want six bytes from there.

Name: Anonymous 2012-03-13 6:22

>>9
An imageboard in C?

Name: Anonymous 2012-03-13 8:13

>>11
No, that's just a method for brute-forcing IDs.  (I don't think it works any more.)

Name: Anonymous 2012-03-13 8:30

>>12
I bruteforced you're waifu
Don't change these.
Name: Email:
Entire Thread Thread List
All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode -