Postmortem Site compromised 10-Sep-2019

  • 🇵🇦 Nuestro primer dominio localizado está en español en kiwifarms.pa. Our first localized domain is on Spanish on kiwifarms.pa.
  • Want to keep track of this thread?
    Accounts can bookmark posts, watch threads for updates, and jump back to where you stopped reading.
    Create account
Estado
No está abierto para más respuestas.
For people on the list who had their IP disclosed, live wary now. If the trolls have a tactical nuke, they will be able to destroy the surrounding area in a 1,000 mile radius of the location of your IP and potentially take you out.
 
What could someone do if they had our IPs? I used a temp email anyway.

Steal your silverware, make your CPU explode, and kidnap your family. You've seen Liam Neeson when he's not busy contemplating killing black people, right? That's essentially what you can do with an IP. It's game over, lad.

On a serious note: If you're using a local ISP, they can figure out within a 20-300 mile radius where you live, and potentially look through other leaks where your IP is also leaked and tie your accounts together that way - it is at least a feasable entry point for a dox, unfortunately.
 
What could someone do if they had our IPs?

If it's an IP that only you use (ISP assigned ie. Not through VPN/Proxy/Tor) , they could attempt to hack you or any open services (most likely through your router, though), however they may as well just do this to any IP address ever as they're publically available. So I wouldn't be tok worried about this unless someone knows your username on here and they're out to get you.

They can't get your location unless it's through the courts (in most countries).

Edit: As dude before me said, if it's linked to any other available data they can MAYBE dox you. Just google your ip address in quotes (") and see if you can find anything.

But I saying that, your IP address has likely been assigned to someone else before you.
 
Última edición:
If it's an IP that only you use (ISP assigned ie. Not through VPN/Proxy/Tor) , they could attempt to hack you or any open services (most likely your through your router, though), however they may as well just do this to any IP address ever as they're publically available. They can't get your location unless it's through the courts (in most countries)

Most IPs are behind NATs, and will not respond to a port scan or a ping- if he's one of the unfortunate ones where this isn't the case, furries could turn on his smart TV.
 
Steal your silverware, make your CPU explode, and kidnap your family. You've seen Liam Neeson when he's not busy contemplating killing black people, right? That's essentially what you can do with an IP. It's game over, lad.

On a serious note: If you're using a local ISP, they can figure out within a 20-300 mile radius where you live, and potentially look through other leaks where your IP is also leaked and tie your accounts together that way - it is at least a feasable entry point for a dox, unfortunately.
If it's an IP that only you use (ISP assigned ie. Not through VPN/Proxy/Tor) , they could attempt to hack you or any open services (most likely your through your router, though), however they may as well just do this to any IP address ever as they're publically available. They can't get your location unless it's through the courts (in most countries).

Edit: As dude before me said, if it's linked to any other available data they can MAYBE dox you. Just google your ip address in quotes (") and see if you can find anything.

So basically they were just trying to find our IRL identities.
 
Tranny is salty that we're back.

Ver archivo adjunto 930969

These people are actually exceptional.

"I wish all the incriminatory content would disappear!".

Fuck it. I have nothing worth stealing.
My email used for this is my semi-home email, but mainly used for making social accounts rather then anything like banking.
But I’ve been doxed by eqifax and I’ve been doxed by Target, what can a bunch of assmad twitter sjw’s do?
I’m not changing my password. Come get me you cowards. I live paycheck to paycheck, there’s nothing to steal

My job unintentionally doxed me some years ago. It was not even online, but print.

Of course, I'm a fuckign nobody so no one minded

Apparently some chucklefuck used a .gov email address, will this exceptional individual please come forward for a very special prize.
Trump or Barron.
 
So basically they were just trying to find our IRL identities.

Well that's one usecase for the leaked data if you're a butthurt indie dev/brony/furry or worse - though I doubt their noggin' can even comprehend how to couple the data together, it is especially exceptional individuals we're talking about here.

If I was implicated in the leak, I'd still sleep soundly - unless I'd used my .edu or .gov mail, then I'd run for the hills.
 
Fuck the trannies hacked me so bad. They actually managed to hack into the mainframe of the winds CPU wifi router and blow away a pair of my undies off the drying line. I should've never posted on 4chan.
 
@Fancy Bear you're on the list, lol.

Hmm, whomever was behind this might regret poking the (fancy) bear. It wouldn't surprise me if our resident comrade offered to help Null in some way just to show whomever that their hack attempt was the most epic nothingburger of a fail and drew the ire of someone far more skilled.

I think most of it's from yesterday, i.e just before the site got hacked.

I'd tend to agree. I was trying to catch up on threads I've missed out on when the site went kaplooey. Once I saw Null's tweet, I simply decided to listen to his latest stream instead.

I guess I'll start checking my throwaway periodically to see if I get emails similar to ones I got after another site compromise where randos spammed that particular throwaway with demands for $800+ in bitcoin or else they'd embarrass me with compromising pictures. Godbear knows I'd be totally humiliated if people saw an empty pie tin. :lol:
 
If I was implicated in the leak, I'd still sleep soundly - unless I'd used my .edu or .gov mail, then I'd run for the hills.
Basically, the current list of people "fucked" by the "dox":
-You used your realfullname@realfacelessmegacorporationjob.com
-you used a student or government email
-You live in some gay European country with draconian speech laws (extends to NZ, Asia, and Ozland as well) and your IP might be able to be traced
-You're an e-celeb
-You're Josh
-You were one of the retards gloating about the dox on twitter or wherever these fags congregate these days and got doxed in the thread
 
Basically, the current list of people "fucked" by the "dox":
-You used your realfullname@realfacelessmegacorporationjob.com
-you used a student or government email
-You live in some gay European country with draconian speech laws (extends to NZ, Asia, and Ozland as well) and your IP might be able to be traced
-You're an e-celeb
-You're Josh
-You were one of the exceptional individuals gloating about the dox on twitter or wherever these fags congregate these days and got doxed in the thread
fuck i did everything and i'm a failed josh clone.
 
Due to some concerned Kiwis, the search engine is not happening. I like you guys too much - these keep ticking in. I have all the data on you imported into a mongoDB I can easily search for you if you want to know what data they have on you. If so, send me an e-mail at scaredkiwi@protonmail.com

Ver archivo adjunto 931620

EDIT: I cannot stress this enough, if you're going to ask for a neatly formatted blob on the info that got leaked, and if you're affected, then please use something like 10minutemail or guerillamail. DO NOT USE YOUR REAL E-MAIL. Alternatively, click the username-account.txt in the /h folder of the leak, provided by Null. Stay safe, lads.

Dear, mr registered 12 hours ago,
Why should any kiwi have to email you? Why can't they just PM you here? And why are you doing this when null is hosting the whole thing here already, AND it's available all over the internet now, too?
This is just dumb and weird, you must realize how shady it looks to be trying to get emails from thousands of people in order to get them to "opt out" at a time like this?

edit: lol I thought I was replying to an earlier post of yours, before you said you nixed the database idea. You're still creepy as fuck.
 
Dear, mr registered 12 hours ago,
Why should any kiwi have to email you? Why can't they just PM you here? And why are you doing this when null is hosting the whole thing here already, AND it's available all over the internet now, too?
This is just dumb and weird, you must realize how shady it looks to be trying to get emails from thousands of people in order to get them to "opt out" at a time like this?

edit: lol I thought I was replying to an earlier post of yours, before you said you nixed the database idea. You're still creepy as fuck.

Like it or not, I was doing a service for concerned Kiwis -- when I realized I could've just had them PM me (I'm a legitimate lurker), I nixed the idea.

On another note, I think, thanks to the help of @stakenifes I've doxed the guy who hacked the database. I'm taking archives of every piece of evidence.
Should I make a seperate thread on this?
 
The only person in all this that I feel sorry for is the guy that Chelsea "bribed" to hack KF.

All that effort in exchange for a 2/10 blowjob. I bet she didn't even bother to work the shaft OR cradle the balls.
A good blowjob is not a handjob. Work the balls, the shaft and tip only with the mouth. Learn to love the butthole as well. I enjoy it better that way. Hone your sucking skill young padawan.
- They can't do anything with that information unless they have a good legal grounds for isp subpoena
- Which 90% of the means nothing will happen.
- ISP geolocation tools are full of shit and are not even vaguely correct.
- Unless your email is MyRealName1992@ImExceptional.com nothing will happen.
Depends on where you live. In Korea or certain European countries they need no court order of any kind, example. The example entitles everyone to go to your isp and demand the account holder from the date of that judgement, in theory those circumstances mentioned must be met, in practice they often are not, there was another case drawing upon this one that allows just that but on the condition that you feel offended. Sometimes isp's kick up a stick, and 90% of the time lose. People are easily offended. I know the cows are. They could in theory send a strongly worded letter to get personal data unless a foreign vpn was used. Which of course I did. Enjoy that one.
They're IPv6 addresses. Those aren't random either, they're hexadecimal and only contain 01234567989abcdef.
128bit where ipv4 is 32bit. It was very needed but have fun remembering such an address if you have to.

At least I am one of the cool kids, I am in the leak. Enjoy the email. It will only lead you to the weirdest of pornsites. Also do not care too much who did it. I know that if found out, some users will be mad enough to try and be clever trolls, it is inevitable, so perhaps for the best we will not find out?
 
Estado
No está abierto para más respuestas.
Atrás
Top Abajo