09/16/2019 (Mon) 08:37:33
Fair warning, I'm not any of the site staff. Just a random drive-by anon. Take with a grain of salt.
Looks like a 1990s style filename path hack exploit attempt. Except that shit don't work no more. At least not with any browsers made in the last ten years or so. Example:
The filename in this case (a jpeg image) was changed to a nonsensical "\tmp\name\Angela\Devi\evil\hackings\", although it appears not to have been shown in the posting. No matter.
Typically, imageboard systems scan the file without regard to the filename. At a minimum they run it through a thumnailer for display in-thread. Lynxchan can be set to identify/verify the filetype and will correctly set the thread filename based off of what it finds. So if I upload 1.jpg but it's really a png file, the name in the thread will be something like: [a string of numbers and letters].png and it correctly identified the file above as a jpeg, even with a completely BS filename.
The last applications I know of where this would work as an exploit would be some old zip utilities.
Anyway, someone maybe trying to play games with the internal file scanner (unlikely to accomplish anything but was a hell-on-wheels exploit back in the day) or they just like being weird. Or nostalgic.