4chan is down, reportedly hacked as of April 15 | Together C & C++ | Page 1

hasty lantern Apr 17, 2025, 4:28 AM

#

https://mashable.com/article/4chan-down-reportedly-hacked

Interestingly, it doesn't appear to be social engineering attack. The quote from the hacker circulated states:

Contrary to popular belief, it was not SQL injection.
The exploit is such:
4chan allows uploading PDF to certain boards (/gd/, /po/, /qst/, /sci/, /tg/)
They neglected to verify that the uploaded file is actually a PDF file. As such, PostScript files, containing PostScript drawing commands, can be uploaded.
Said PostScript file will be passed into Ghostscript to generate a thumbnail image.
The version of Ghostscript that 4chan uses is from 2012, so it is trivial to exploit.
From there, we exploit a mistaken suid binary to elevate to the global user.

Mashable

4chan is down, reportedly hacked as of April 15

The imageboard's users are trading rumors of a potential hack.

hasty lantern Apr 17, 2025, 12:19 PM

#

https://www.youtube.com/watch?v=GNT7uqpf-bQ

YouTube

Mental Outlaw

4Chan Hacked, Admins Doxxed, Site SHUTDOWN

In this video I discuss how 4chan.org was hacked by using old insecure php code in the backend of the sites software (yotsuba) which lead to the administrators being doxxed and having to take the site down indefinitely while they try to fix the security issues.

My merch is available at
https://based.win/

Subscribe to me on Odysee.com
https://o...

▶ Play video

lament rivet Apr 17, 2025, 1:05 PM

#

The version of Ghostscript that 4chan uses is from 2012
lol

#

Not updating a dependency with known vulnerabilities for 13 years is definitely a choice

#

Especially one that directly processes user submitted files

#4chan is down, reportedly hacked as of April 15