I was wondering

I was wondering
How hard can be to bruteforce the hidden boards?
Any bruteforce tool can check like a million combos in 8 hours and you just need to go for 1-6 characters at most boards
Which tool could be used for this?
With just a-z1-9 1 to 6 characters combo returning 404 as false can't be so hard, right?

Other urls found in this thread:

8ch.net/boards.json').json())for
8ch.net/{}/threads.json'.format(uri)):
8ch.net/claim.html
pastebin.com/gpZEKWde
8ch.net/maxes.txt
en.wikipedia.org/wiki/Perceptual_hashing
github.com/jenssegers/imagehash
github.com/jenssegers/imagehash/pull/17
twitter.com/NSFWRedditGif

import itertoolsimport requestspublic = set(b['uri'] for b in requests.get('8ch.net/boards.json').json())for n in range(6): for uri in (''.join(x) for x in itertools.product(*('012345679abcdefghijklmnopqrstuvwxyz' for _ in range(n)))): if uri not in public and requests.get('8ch.net/{}/threads.json'.format(uri)): print(uri)

8ch.net/claim.html
This lists more boards than there are public boards on the site. So much for hidden :^)

Array.from(document.querySelectorAll('tbody > tr')).map( x => x.id = 'b_'+x.firstElementChild.textContent.slice(1, -1));$.ajax('boards.json').then( j => j.map(r => { let id = document.getElementById('b_'+r.uri); id && id.remove(); }) && console.log( hiddenboards = Array.from(document.querySelectorAll('tbody > tr')).map(r => r.id.substr(2)) ));
1119 hidden boards found, 29 remain unaccounted for. Get rekt skid

Any pollacks around? This list reeks of pizza.

That way you only find dead boards

It lists every board that hasn't had an active post OR an owner login. You can ctrl-f 2016-11-13 and see for yourself.

Well that is the point, hidden dead boars have 0 interest

I'm not going to sit around waiting, so if anyone wants to dig in their own time this will turn all the board names on claim.html into clickable catalog links:
Array.from(document.querySelectorAll('tbody > tr > td:first-child')).map(td => td.innerHTML = ''+td.textContent+'');

No interest at all, sure

You have that threads on Holla Forums anyways

There's also the ban page. I think bans are or used to be public no matter which board.

I managed to guess one by chance one time (it's on the list right now, but they were posting "reserved" on it once a week to make sure nobody found it)

So it would need to find unlisted boards with at least 1 post every 6 days

Sounds like someone has something to hide.

You don't?

Well yeah but I'm not dumb enough to rely on STI-pozzed code to do it

STI did nothing wrong, KIKE.

So how did this site's database end up with over eleven thousand tables?

The goblin did it

Technically true.
It's so bad that even haskell "dude neural networks lmao" meme man and daddy pigfucker don't want to spend the time to fix it. Just hack around it.

Can you elaborate on this?s

pastebin.com/gpZEKWde

Some faggot also was able to screw around with Holla Forums's URL schemes a while ago to view a list. I don't remember where I saved it and this thread is too gay for me to care.

You could get that same list using the script in . It's just bruteforcing them. You can tell that he cut it off right after reaching the four-character boards.

Something that's a bit more interesting is the list of maxes the site keeps on each board.

8ch.net/maxes.txt

That is interesting, but it hasn't been updated for over a year at least.

And what is that supposed to be?

The highest post number of each board.

Is there more of this?

Codemonkey thought that training a neural network would be a good way to block CP images. Not CP spam, all CP in general. Versus the alternative, using a perceptual hash to actually ban each image, or paying for access and incurring the bandwidth cost to Microsoft's already pre-populated perceptual hash based child exploitation database.

In short, he's fucking retarded, and so is the cripple.

That sounds retarded. Is there some kind of archive of him saying that?

Is he even alive anymore?

Who knows, all I remember is him saying that the network he was training has a lot of false positives. Well no shit, dumbfuck.

Yes, he's a contractor for the world-renowned software outsourcing firm NTTEC.

That would be an interesting way to solve the problem, probably not a practical one. Also wouldn't using a hash be ineffective, all you'd have to do is change one pixel and it would result in a new hash. Then after a while you'd just end up with a massive hash table.

en.wikipedia.org/wiki/Perceptual_hashing
github.com/jenssegers/imagehash
github.com/jenssegers/imagehash/pull/17

Just yesterday he set up a Slack/IRC bridge so all the hipsters at N.T. Technology can finally be part of the IRC cabal.

I see, guess I wasn't aware of perceptual hashes. Looks like they're relatively new, pHash started development in 2008-2009 and I've only found a few other implementation of it.

Oh man, I wonder where he's going to procure all the data to train his network :^)

Some kind people on Holla Forums work around the clock to provide it.

I provide some (click at your own risk)

Absolutely disgusting

Not that user, but sell me on Matrix. I've been so frustrated with all messaging services being proprietary and "web" only that I considered writing something myself on top of xmpp. I just want something somewhat decentralized and open, as long as I can install some client to connect to something on any device and have others do the same so we can send text, images and files to each other, I'm set.

Is Matrix what you recommend?

It's XMPP but done right. The transport layer encryption doesn't interact with layer7, all the stuff needed for a sane IM client is part of the base spec instead of XEPs, and the parts you're asking for already exist.
And yes it can bridge to XMPP/IRC/etc.

The only thing people complain about is that the default transport uses HTTP polling, but HTTP2 takes most of that away.

findimagedupes.pl has been around for ages and is probably the oldest perceptual hash script, as many sources refer to it.

Aside from making the EJ25 which is complete trash.

On topic and:


Yes, he is.

useless

Yeah no.

I did this. Anything above 6 characters and you're gonna wait literally weeks and then months.