Kiwifarms Hacked

[LingerLonger]

What is kiwi farms current website?

Back to .net but the forums are down due to the attack. So it is just a press release on the main page.

https://t.me/s/kiwifarms is to check a new host if the main site goes offline.

 

[The Fuchitive]

damn those trannys mean business!

 

[Missy's Mangled Feetster]

You should all assume your information here is constantly being stolen.

Good thing I got a phone call from a gentleman named Johnathan Sing and I followed his instructions to install TeamViewer for him to remote into my computer and delete all the viruses.

 

[Phish]

So say anyone writes my company with my ip tied to horrible shit on kiwi, im just going to *dan at Sox game face* “idk what any of this means. Now please excuse me we gotta real busy day”. I dont see how they can prove this is me writing this.

 

[Missy's Mangled Feetster]

The fact that Null doesn't know if his website is susceptible to a MITM attack from whatever CDN he's using this week makes him look like an inept retard.

He's a Chris Chan OG alog, they're all retarded autists, just slightly less than him

 

[guest]

 

[FurBurger]

The fact that Null doesn't know if his website is susceptible to a MITM attack from whatever CDN he's using this week makes him look like an inept retard.

He's said before that he's not technical; just a retard that believes strongly in freedom of speech.

 

[TheNanaDook]

I'll need to see if he explains what happens but if the proxy is just a passthrough I don't see how you can do a session based attack.

My understanding is that its a man in the middle exploit. If tls terminated at the host then it shouldn't be possible. For you bovine retards


Your browser --> proxy --> backend host

If your connection is https then your traffic is encrypted with tls. If the proxy server contains the private key it can decrypt https/tls traffic and forward along http or plaintext. Now I don't know what he's dealing with on the ddos side so there may be reasons for that.


Typically though, the proxy just forwards the encrypted traffic and the private key is stored on the backend server and decrypted there. This is pretty much what cloudflare does.

So if the proxy was comprised I think it would need to have had the private key and thus be terminating ssl there. But I'm a retard so who knows.

I read this:

“A bad actor was able to upload a webpage disguised as an audio file to XenForo. Elsewhere, he was able to load this webpage (probably as an inline frame), causing random users to make automated requests and send their authentication cookies off-site, so that the attacker could use it to gain access to their account. My admin account was compromised through this mechanism.”

If this is true, it could explain grabbing their session info, if this XenForo site is a dumb shit and stores session id in a non http only cookie, or even dumber, session storage. If he’s on a shared server, yeah they probably got the info. Of course, if they knew this exploit would get kiwi farms, very likely it was intentional.

 

[Salted Earth Truffle]

His conversation with Metokur about everything that’s gone down is a pretty good background listen:

 

[guest]

damn those trannys mean business!

You dont mess with the Royal Eunuchs...

 

[guest]

Oh no Dan and Big Dick Andrew are going to get doxxed!

The fuck is this idiot doing?

 

[Dog Eater]

So say anyone writes my company with my ip tied to horrible shit on kiwi, im just going to *dan at Sox game face* “idk what any of this means. Now please excuse me we gotta real busy day”. I dont see how they can prove this is me writing this.

My job would be like so? he says nigger every day in the workplace.

 

[Caverlock]

 

[Dog Eater]

 

[Stent]

Anyone who uses their real info, in any capacity, to dabble in "lolcow culture" deserves whatever happens to them when shit like this happens. I'm a KF sympathizer but anyone who uses their real email to sign up for a retard torture forum deserves a raping.

[email protected]

 

[Uncle Floyd]

backend host

 

['THE NIGGER MAN']

[email protected]

Aye Naye

 

[Jims_Maroon_Pants]

Back to .net but the forums are down due to the attack. So it is just a press release on the main page.

https://t.me/s/kiwifarms is to check a new host if the main site goes offline.

Tyfys

 

[HotDogJoe]

Can't believe KF let a troon defeat them. Meanwhile we're still standing.

Needless to say, we had the last laugh.

 

[Imager]

I blame Somerville Dan. It was karma. He doxxed Stu, so in return his new favorite site got hax0red.