-
-
-
-
-
-
Going to make a few posts on the history of bugs on Darflen in the next few days
History of bugs on Darflen: c2pe
C2PE (community pinned post exploit) was found on 28th June, 2024 when I made a post in a community by that was basically a hate club for s4il. pinned my post and then realised that community owners could edit and delete a pinned post. Considering you can pin a post by anyone, and it doesn’t even need to be in your community, this basically gave the people who knew about the exploit power over everyone else. Before knowing this, I panicked and deleted my post and changed my password thinking I was being hacked. But then told me about the exploit and he went on to edit a Darflen post to make it say Darflen had commited 63 felonies, while I edited a jcole post to contain the hashtag (after getting permission). I forgot what I did apart delete a few blaze alt posts for testing, and change 1 word of s4il’s pinned post.
Just before the website gets taken down for maintance [sic], manages to change s4il’s pinned post to “hi, im gay” and then wiped every single post by.
After Darflen was accessible again, the functions to edit and delete pinned posts no longer worked, as they were intentionally disabled. Paradock probably added checking to see who was deleting posts afterward (I hope he did).
The aftermath of c2pe, which only lasted 2 hours or so, brought the most users who edited a single post record (me, blockcoinisbetter, Paradock, s4il in that order), a little bit of peace on the blockcoin war and temp ban (@blockcoinisbetter). Sometime short after or before, Paradock also deleted the original place of the discovery of the exploit, the s4il hate community. It’s probably better that way.
Next time: anarchy/ownerless communities.
Disclaimer: Info may not be 100% accurate, I went off of a few posts from the chaos period (a lot of them were deleted afterward), screenshots and memory.
-
-
-
-
