/meta/ - Board Meta

[Make a Post]
[X]






TBC pics are broken Nanonymous No.5267 [D][U][F][S][L][A][C]
File: 18a143ccaa165d9342b56e185e2fa01a79056f1d8d1130c2d56fdecb973bac35.png (dl) (141.21 KiB)
http://nanochanqwrwtmamtnhkfwbbcducc4i62ciss4byo6f3an5qdkhjngid.onion/l/14715.html

>>14734
By another pic I meant another in post 733.
Try your magic on my second file and tell me exactly what you did. In the first case to.
I also tried "convert" to png and stuff even, and it STILL broke. I also tried to "save as" the stuff in an image editor. No luck.


Nanonymous No.5268 [D][U][F]
File: 71d2e0149c9ada553571e4297df308292fdcddf7ebbe0de882c0d39567f5c383.jpg (dl) (767.55 KiB)
>>14735
I mean I cannot upload that pic from catbox ever. And I certainly was able to before.
OK this pic is cute too.

Nanonymous No.5269 [D] >>5270
I hope you get a boyfriend soon so you can quit your spam.

Nanonymous No.5270 [D][U][F]
File: f69c742557447517a6d68026889e9ad2a5c78d33258a9b4e9e946000d5059a3c.jpg (dl) (277.39 KiB)
>>5269
My heart is broken forever, OK?

Nanonymous No.5271 [D][U][F] >>5275
File: 35b953e5265c154d35e0ca386eb102699b1264e2ad91f511ee01e8217da9d835.jpg (dl) (38.00 KiB)
>cumskins
why are they so incompetent? nothing like this EVER happened when hapase was in charge. we should bring back hapase

Nanonymous No.5275 [D] >>5276
>>5271
>hakase resorting to straight up begging to take back the reins for nanochan
You know, if there wouldn't be significant backlash in doing so, I would actually give you the keys and files back. You did finish the rewrite, after all, and maybe accelerationism would be much better for this place than a slow boil

Nanonymous No.5276 [D][U][F] >>5288
File: 8b3829e1e088e184d905c41b4a05071905dad6de21fb9abd26fe896ca20c76a3.jpg (dl) (395.61 KiB)
>>5275
>HUR UR A HAPASE.
no, stop trying to collapse everyone you don't like into a singular entity to preserve your fragile mind from the possibility that there might be two (g*d forbid!) or more people who don't like you.
>I would actually give you the keys and files
Don't bother. I am not interested in babysitting a site full of wiggers, and I honestly don't fancy the task of converting your corrupted database into the new format either.

Nanonymous No.5281 [D][U][F] >>5283
File: fa4f76374f6850aace23625f4a5dc1feaa0230517b98776b7ebcbb089055c892.jpg (dl) (1.60 MiB)
Meanwhile I cannot upload https://files.catbox.moe/bpjoky.jpg still! And some others too!

Please at least tell me you have the same problem or not.

Also I realized that I said "uploaded after changing the extension to jpeg" while I meant "from jpeg to jpg". Though earlier I recommended to rename to jpeg to reproduce the bug. It somehow got mixed up in my head and probably caused misunderstanding, that's why I'm clarifying it now.

Nanonymous No.5283 [D][U][F] >>5284
File: 9ef8cc5809534fdfba7c9a0fa04e2bd7837888397941c680a278b49faca11102.jpg (dl) (598.62 KiB)
>>5281
it works for me lol

Nanonymous No.5284 [D][U][F] >>5286
File: d1ba5adfd69705cbbe38ddd5201bc2c4a12607691c27309fdeaf80e96ea63935.jpg (dl) (380.99 KiB)
>>5283
Well, FML.

Nanonymous No.5286 [D][U][F] >>5291
File: 25a27228a0d25244ac4d613e5c0d7f7ea03416fa03f2401f49980b551033ae7e.png (dl) (1.12 MiB)
>>5284
It doesn't really make any sense though, the file should be the same right? So what else is different? I just reuploaded without changing anything nor content nor extension.
SHA256 hash of the file on my part 9ef8cc5809534fdfba7c9a0fa04e2bd7837888397941c680a278b49faca11102

Nanonymous No.5288 [D]
>>5276
>stop trying to collapse everyone you don't like into a singular entity
But I like hakase. There's just too much proof and conjecture for me to continue denying it.
>I am not interested in babysitting a site full of wiggers
Typical nigger behavior

Nanonymous No.5291 [D][U][F]
File: 23c2597d46e2f1f555992ba01d03c7ff7cfcc1248a63e353e421a1ef223c4840.png (dl) (1.69 MiB)
>>5286
Yea, the file is the same, I even double-checked that file from catbox in case it was tampered with (it shouldn't have been the case anyway).

The only explanation that would make sense now is that the transmission gets borked somehow, but it seems REALLY unlikely. The other one could be that maybe the image processing code is time-sensitive somehow, meaning the time of upload matters or some shit.

But anyway since there was a problem with jpeg/jpg and there wasn't a problem before makes me think it's not on my end.

Nanonymous No.5628 [D][U][F] >>5630
File: 862f22fe8bbc3b22257f8102e36cc5be9d3be51ed6b7094e6b094badfe65a277.jpg (dl) (122.26 KiB)
Pics are still broken for me BTW. Well, some of them.
I just wanna know what happened server-side (like, webserver updates, lua updates or something), because I need to know if it's the issue with my browser or what the actual heck.

Nanonymous No.5630 [D]
>>5628
Upload them to catbox or something so others can help you test them

Nanonymous No.5636 [D][U][F]
File: 8e5dca5e8e1891adf87b19a344686fbfdff77bfd59d4f4cc68e9ad167eb7b962.jpg (dl) (1.98 MiB)
Not starfag, testing to see if it uploads on my end, pic is the first catbox file from phoneposting thread.

Nanonymous No.5637 [D][U][F] >>5639
File: 9ef8cc5809534fdfba7c9a0fa04e2bd7837888397941c680a278b49faca11102.jpg (dl) (598.62 KiB)
Now the "no matter what" picture. If this works, the problem is on your end. This was done via standard TBB. You didn't create this just to spread payloads, did you?

Nanonymous No.5639 [D][U][F] >>5640
File: f89cdaadcacc2ad82b52ee50c20380ebda26fa19411f72d215105cae3f86d9a5.png (dl) (257.05 KiB)
>>5637
>If this works, the problem is on your end.
No shit, Sherlock. You can see another helpful individual (no irony intended) uploading the same pic ITT before, while I cannot do it STILL.
But I was able to before, I'm pretty sure, and sakamoto allegedly changed something, about 3 (?) weeks ago. I want to know what, if possible.

Also if that pic is malicious, then I wouldn't know, sorry. I didn't create it and didn't tamper with it. And anyway, it would be weird to ask others to upload it while being able to upload it and make the supposed victims to download it normally. Well, not that weird, I guess, but I upload a bunch of other pics too, and you don't have to render the pic ever, and… Well, let's not dig a hole for ourselves here. xD

Nanonymous No.5640 [D] >>5641 >>5653
>>5639
The only thing I changed was the file extension verification function. Try:
1. uploading the image with BOTH .jpg and .jpeg extensions
2. checking that the magic bytes match up with what is required in the source code
3. uploading with a different web browser

Nanonymous No.5641 [D] >>5642
>>5640
Oh, and if you're using a firefox-based browser, go to the networks tab in devtools, upload the image, click the entry with the POST method, go to headers, click Raw headers, and check if the post filename is supplied along with the file.

Nanonymous No.5642 [D] >>5653
>>5641
Fuck wait, it's Edit and Resend, and Request Body:. And you need to check Persist Logs for the entry to stay.

Nanonymous No.5651 [D][U][F]
File: 2c0e89e9c2a4f5953b8617d4ade5a0db2a7b7eeb9381ac01185537ef72a54ade.jpg (dl) (223.21 KiB)
tst

Nanonymous No.5653 [D][U][F] >>5660
File: 7da777fd1d56f0a1878e66fe6ff5bd4f38b3257c9a14e7a1531e4b4135051e8b.jpg (dl) (124.29 KiB)
>>5640
1. Tried, still fails.
2. It would be weird if they didn't match because sha256sum of the file I have on me is exactly 9ef8cc5809534fdfba7c9a0fa04e2bd7837888397941c680a278b49faca11102
3. Will try it a bit later

>>5642
Filename is supplied.
>Content-Disposition: form-data; name="file"; filename="filename.jpg"
Is that it?
BTW this is some privacy leak to the server. Not that I didn't know of it, but I'm curious if you can edit that filename without JS tricks.

Though basically I'm curious if there was a webserver update, that would fix some bug that could affect this or would introduce some bug.

Nanonymous No.5655 [D][U][F]
File: dcb846d810f02459c7c3b88eb28a24dfad5a839ec47e1a516ae9be29dcb8ff59.png (dl) (257.02 KiB)
OK I got the same error with the w3m browser. At this point I'm willing to assume anything, even glowers on me.

Nanonymous No.5656 [D][U][F] >>5660
File: 0b71c10ef82c013aa21eb3323c567a85b059decc8799c26e598230c44cf245a2.jpg (dl) (170.85 KiB)
BTW does anyone happen to know a catbox(mixtape,pomf)-like onion fileshare, so I don't upload to clearnet while I'm here?

Nanonymous No.5657 [D] >>5660
>file extension verification function
Though in ANY CASE can you remove that function (or revert it to a previous state, like over a month ago, preferrably?) for a sec so I can test the upload again just to check?

Nanonymous No.5660 [D] >>5661 >>5662
>>5656
Upload it with a .txt extension, you should be able to upload any file with that
>>5653
>BTW this is some privacy leak to the server
I'm pretty sure you're leaking more data through exif, especially since nanochan doesn't strip them for you.
>2. It would be weird if they didn't match because sha256sum of the file I have on me is exactly 9ef8cc5809534fdfba7c9a0fa04e2bd7837888397941c680a278b49faca11102
What are you talking about? Just upload the offending files using the trick I mentioned above, and I'll test it myself. If I still can't figure it out I'll try >>5657.

Nanonymous No.5661 [D][U][F] >>5663
File: 9ef8cc5809534fdfba7c9a0fa04e2bd7837888397941c680a278b49faca11102.txt (dl) (598.62 KiB)
>>5660
> Upload it with a .txt extension
test

Nanonymous No.5662 [D][U][F] >>5663
File: 466a5cf7bc2812e7aff9866cda9f8236bde19868819b77c3d75d3e427ae3942a.jpg (dl) (62.53 KiB)
>>5660
>Upload it with a .txt extension, you should be able to upload any file with that
Well, it works, but you (or whoever) said yourself nano is not a file hosting service. I was just asking in general. There is a pasteshare for tor, there could be some quick-to-expire-no-captcha-no-nothing fileshare.
>I'm pretty sure you're leaking more data through exif
Not me personally in this particular case. This pic is from a public place.
>Just upload the offending files
I did, on catbox, others already tested that.
>If I still can't figure it out
Well, I would be SO thankful like I could stop avatarfagging even. xD For like a month or two.

Nanonymous No.5663 [D] >>5664 >>5665
>>5661
From what I can tell that looks like a regular image file to me. Anyway, the file.format function is reverted to the latest version in hakase's code temporarily, tell me when you've done your tests.
>>5662
The rules aren't rigid, and if you do break them they'll just get deleted, which for a test upload I'm sure you don't mind.
>in general
There are a ton of pomf clones out there with less cancer than catbox (no patreon, less rulecucking etc), but most of them might die at any moment so I haven't bothered with investigating them. For anonymous file hosting, zippyshare's probably the best, but there's other sites like anonfile (haven't actually tried it), 0x0.st (terminal uploads) and cockfile (24h only, works without js) you could consider

Nanonymous No.5664 [D][U][F] >>5665
File: 9ef8cc5809534fdfba7c9a0fa04e2bd7837888397941c680a278b49faca11102.jpg (dl) (598.62 KiB)
>>5663
>Anyway, the file.format function is reverted to the latest version in hakase's code temporarily, tell me when you've done your tests.
OK testing

Nanonymous No.5665 [D][U][F] >>5666 >>5676
File: 6aa5b472d377bac338ac1d3cf5f94e475a5ad0a80833dfcd2af28c60a6bfaffc.jpg (dl) (320.31 KiB)
>>5663
>Anyway, the file.format function is reverted to the latest version in hakase's code temporarily, tell me when you've done your tests.
See? >>5664
Now it's absolutely fine. Thank you for your cooperation, so it's definitely linked to the function change. You can revert it back or whatever.
>The rules aren't rigid
Nah, I want some consistent place to upload stuff (to share it here mostly xD)
>For anonymous file hosting, zippyshare's probably the best, but there's other sites like anonfile (haven't actually tried it), 0x0.st (terminal uploads) and cockfile (24h only, works without js) you could consider
Thanks for all those suggestions, I'm sure they'll come in handy, but I've explicitly asked for an .onion resource.

Nanonymous No.5666 [D] >>5676
>>5665
That's weird as fuck. Whatever, the extension check wasn't really needed anyway.
>explicitly asked for an .onion resource
Well you asked for a "quick-to-expire-no-captcha-no-nothing" file host, and the ones I recommended should work over tor anyway

Nanonymous No.5676 [D] >>5678
>>5665
I still think it's strange how you are the only person experiencing problems with this.
>>5666
Can you post the two versions of whatever you changed somewhere? I'm really curious now.

Nanonymous No.5678 [D] >>5679
>>5676
Check the comment block in file.format versus the uncommented code

Nanonymous No.5679 [D] >>5680 >>5682
>>5678
What is passed to file.format as an extension is the result of file.extension. It uses an oversimplified regex that fails on anything that has multiple dots in the filename, i.e. "picture.jpg.backup". I wouldn't put it past starfag to have le random names for his collection. You are right that extension checking on the user's part is overkill though.

I don't understand why the magic bit check doesn't just use a keyvalue pair for analysis, since you can add an arbitrary amount of extensions to that without bloating up the if-else chain and keep multiple bit pairs in an array for value.

Nanonymous No.5680 [D] >>5681 >>5682
>>5679
>picture.jpg.backup
You might be right, the regex might be picking up .backup.jpg instead of .jpg, haven't thought to check on the regex the function uses. I'll fix it later
The magic byte check checks against a specified byte range of arbitrary length at different locations, sometimes multiple times. One of the checks even uses :find() instead of :sub().

Nanonymous No.5681 [D] >>5682 >>5683
>>5680
I ran the same regex in a Lua interpreter and said example gives ".jpg.backup" as a result. Obviously that would fail the check. Not sure how you'd fix it though, short of just checking groups of a split by '.' for anything resembling a file extension.

Nyanonymous ## Global Volunteer No.5682 [D] >>5683
>>5679
>>5680
>>5681
I'm not an expert in Lua patterns but shouldn't this just werk?

%.([a-z-A-Z-0-9]+)$

Nanonymous No.5683 [D]
>>5681
I don't think .jpg.backup should necessarily be allowed, the problem I'd imagine is there is an extra period in the filename (like image.2019.jpg) and the regex matches 2019.jpg instead of jpg.
>>5682
Theres the %a selector to match letters, so str:match("%.(%a-)$") should work

Nanonymous No.5684 [D][U][F] >>5688
File: 1da72b89c98440eb54f9f0f0f65b7b2f855a786ff6ed42715c0a51b7242862b5.jpg (dl) (570.66 KiB)
>there is an extra period in the filename (like image.2019.jpg) and the regex matches 2019.jpg instead of jpg
This is most probably the case.
I could've sworn I could upload some other files with the same naming scheme, but maybe I'm wrong or I just did it before the change

Nanonymous No.5685 [D][U][F]
File: 052ba97a63861f2025ab14d1dec900b12cf804446c9c9568a3ff18dd39b424a8.jpg (dl) (166.68 KiB)
Also I cannot believe I am so braindamaged that I never ever tried to upload the files from catbox (with the changed autogenerated name) (also I could've sworn I did it but I guess not) and never did it after sakamoto asked whether the filename is supplied.

Nanonymous No.5686 [D][U][F] >>5688
File: a6a8a2641bb1e7034b0295312677b5d8846e31a0f7c08d844de420c7a69d6c53.png (dl) (549.36 KiB)
>file uploads fail if the filename is wrong
Wow, suckermooto. Much wow.

Nanonymous No.5688 [D]
>>5684
Nice, looks like this case is finally over. So it was an actual bug in the code, thanks for making me double check the issue
>>5686
No thanks to your retarded pattern matching, hakase. How the fuck should I have known that you couldn't even make a proper regex