i just read there out and about. abandoned using twitter long ago.
but surprisingly what i got was pretty much from twitter itself.
4chan got hacked btw.
im not joking lmao. but honestly. I even got the source code from a random forum talking about it.
it's about nigh 700kB as you can see.
so what's happening with 4chan? well, i'll tell ya...
for your context...
you already know about 4chan as an imageboard, a barn of controversial opinions, funny but naughy people, and sometimes they do weird things. it's generally the place that people know each other solely by their ID tied to a specific browser session and nothing else, spitting out their purest media macros as the whole meme baking oven of the world, shittalking and stuff.
I don't visit 4chan that much simply because i don't find myself anything to fit into their very own weird social norms. but i'm glad i've never been into any convos on the platform a single time in my entire life.
but what's hot these days, let's guess my mates...
public opinions
recently there have been news about 4chan outage experience (yeah, memorable one). searching google really give me these kind of results:
so why is 4chan attacked? the citation below might make things more clarified:
The current speculation among users is that 4chan was hacked by an attacker taking advantage of an exploit in an outdated version of PHP that the site still ran on, but we have not been able to verify these rumors.
- Mashable, 4chan is down, reportedly hacked as of April 15 [1]
well that seems to be a classic in cybersecurity. outdated backend, open firewall, heaps of CVEs, etc. it also makes more sense and is quite presumable that everything behind the popular forum of anonymity are just bunches of 20 year old codes and struggling self-grown servers.
however even mashable at the time wasn't "able to verify those rumours" citingly, so it was unsure if it was true.
at the moment 4chan is still down. and there are speculations about leaked source codes and moderators' chat logs. there goes true a whacky fact that hardly any users suffer from this breach, but people behind the forum itself.
According to cyberdaily.au[2], Soyjak Party (aka Sharty, the Party), an imageboard competitor, claimed their administration over 4chan. They also leaked the source code, the email of administrators (called janitors or jannies), their irc chats, and MySQL databases.
4chan got hacked by the sharty, they restored /QA/, they leaked the jannies passwords, their IRC, the site is slowing down, this is MASSIVE pic.twitter.com/Nzpn6rGl5o
— Priniz (@Priniz_twt) April 15, 2025
As the tweeter say below, the reason behind this is using outdated PHP backend version and old functions in code used to make touch with their SQL DB. I know zero thing about PHP, so that's all I can tell.
So 4chan very likely got hacked because they were running on an extremely out of date version of PHP that has a lot of vulnerabilities and exploits and are using deprecated function to interact with there MySQL database.
— Yushe (@_yushe) April 15, 2025
Web security 101: Keep your code and software up to date. pic.twitter.com/JFDOsbr5rt
If you are curious, it is just part of a bigger thread on X/Twitter. Apparently they have never taken a single look on what to do to improve their backend. It's just semantically not updated for ages (since 2016?).
On a Kiwi Farms forum thread[3], a 7z compressed file of the 4chan backend is posted. I downloaded it and it appears to be safe. Kiwi Farms sounds like also a place for BS and cyber-harassments, so I recommend you not to stay too long on it. The thread on KF is way tldr to read, so we'll skip that aside.
In fact, I do yet know about the motivation of the attack, and what did Soyjak people think about whether 4chan is hackable or not. I will try to find out later when I have time.
p/s: just read a the register article[4] (and many other sources also claim the same thing), that soyjak party is in fact a splinter group originated from 4chan's /qa/ board (Question & Answer), which was closed earlier due to long term contradictions between people in the board and /lgbt/. From this clue, we can safely conclude that soyjak are just a group of homophobic brats.
soyjak have claimed to reopen /qa/, but 4chan was down shortly after (possibly by its operator).
a look at the sauce
Since the source code is available and are shared somewhere, i decided to download it, unzip and have an insight about.
This is the construction of the 4chan source code that we already know.
yotsuba_config.php is the caretaker of the whole PHP app. It is the main source file to be run, and the imageboard itself.
require_once 'lib/ini.php';
// Yotsuba configuration engine
// HOEHOEPA!
no idea much about the comments, but i'm sure it's like... something funny?
excerpt from admin-test.php:
function append_ban( $board, $ip )
{
// run in background
$cmd = "nohup /usr/local/bin/suid_run_global bin/appendban $board $ip >/dev/null 2>&1 &";
print "User banned from /$board/";
// print $cmd . "<br>"; //disabling this because it's ugly and leaks filepaths
exec( $cmd );
}
i don't know if this is a very sketchy way to blur our small issues.
there seems to be a clue about a url that goes https://sys.4chan.org on line 9:
private function get_csrf_token() {
return bin2hex(openssl_random_pseudo_bytes(16));
}
private function validate_referer() {
if (!isset($_SERVER['HTTP_REFERER']) || $_SERVER['HTTP_REFERER'] === '') {
return;
}
if (!preg_match('/^https:\/\/sys\.(4chan|4channel)\.org(\/|$)/', $_SERVER['HTTP_REFERER'])) {
$this->error(self::ERR_BAD_REQUEST);
}
}
private function validate_csrf() {
if (!isset($_COOKIE['csrf']) || !isset($_POST['csrf'])
|| $_COOKIE['csrf'] === '' || $_POST['csrf'] === '') {
$this->error(self::ERR_BAD_REQUEST);
}
if ($_COOKIE['csrf'] !== $_POST['csrf']) {
$this->error(self::ERR_BAD_REQUEST);
}
}
private function validate_auth_flood($long_ip) {
if (!$long_ip) {
return;
}
might be a secret admin port. These lines are in file auth.php. those private functions are likely referring to some security certifications validating.
those code lines are said to be using deprecated PHP functions. Well, ditto, many times. I am not sure which ones though.
i am thinking of mirroring this source, and i actually did. In case if you're curious, you can have a deeper look at this forgejo repo. Being fret of copyright issues/legal problems, I decided to host the code on such platform thinking that no one will try to touch to.
Well, just hope that it's not gonna be striken down anytime soon. Or that's just a whimsical overthinking. It doesn't have a licence (despite having a licence file), so be caution when sharing.
Conclusion
So that's everything for now about the 4chan hack. I am writing this just to try out my ability to catch and grab information. But after all, the collapse of a famous internet landfill must be a sudden, surprising, and also curious news to people, especially imageboard nerds.
I still kind of wonder, is this a temporary outage, or are they shutting it down for good. Soyjak could be holding a large number of mysql databases and other infos, and the fate of them up to now is still a mystery. Now all we can do might be just wait and see how will stuff be going.