669
Issues: @mattataDev Creator: @wrxck Source: https://github.com/wrxck/mattata Official Bot: @mattatabot Development Bot: @matticatebot
New feature! View skill information about a RuneScape player using /runescape!
Читать полностью…
A future update will see support for plugin help string translations. However, due to the complexity of the feature's implementation, this is a low priority change.
Читать полностью…
At the current time of writing, mattata has information stored for over 277,000 users and over 20,000 chats!
Читать полностью…
That is, update objects from the Telegram API.
Читать полностью…
Small new feature! If you say you're feeling sexy then mattata will set the mood!
Читать полностью…
This will reduce spam and also increase code efficiency.
Читать полностью…
https://github.com/wrxck/mattata/commit/aed6d23d87a226c13e9a159719ba9c84684e5100
Читать полностью…
Redis:
• Config File: /etc/redis/redis.conf
• Mode: standalone
• TCP Port: 6379
• Version: 3.0.6
• Uptime: 0 days
• Process ID: 4183
• Expired Keys: 0
• User Count: 237,551
• Group Count: 16,900
System:
• OS: Linux wrxck 4.4.0-81-generic #104-Ubuntu SMP Wed Jun 14 08:17:06 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
mattata is now offline, as I am importing what I was able to recover from the old database!
Читать полностью…
You can help mattata out by forwarding messages from users who might be sleeping, since it will only begin recognising users when it sees a message from them.
Читать полностью…
1 second, just going to fix something with redis.
Читать полностью…
How to revoke access from mattata
Spotify: https://www.spotify.com/us/account/apps/
Twitter: https://twitter.com/settings/applications
In both cases, look for "mattata" and click "revoke access" next to it.
It seems they've been cracking the password for months, this log has an entry for their IPs every couple of seconds since a few months ago.
Читать полностью…
I will shortly be leaking the IP of the attacker.
Читать полностью…
To anybody who set up their Spotify or Twitter with mattata, since the attacker will have access to the database, it is important you revoke mattata's access to your account. If you need assistance with doing this then please join @mattataDev. If you ARE the attacker and would like to share how you achieved this, I'd love to hear - I'm not even mad, you literally wasted your time to hack an open-source rat.
Читать полностью…
Chat with me live @ https://curiouscat.me/chat/wrxck
Читать полностью…
Including previously purged databases, the total amount of users mattata has seen in the past year is about 2,000,000!
Читать полностью…
Also, the database is over 3 times larger than it was this time 3 months ago! That's such an awesome growth rate!
Читать полностью…
In the next few days we should hit the 100,000,000 updates milestone!
Читать полностью…
I think I'll make it a setting which is turned off by default.
Читать полностью…
Since Telegram clients now have a more detailed event log, should mattata stop sending the action messages after commands like /ban have been used?
Читать полностью…
I'm just upgrading the server, it's going to have double the specs so we should see less disk-persisting issues with redis!
Читать полностью…
I need to make a few more changes, it should be no more than 10 minutes.
Читать полностью…
I have found a backup file from early June, so a heap of data can be recovered!
Читать полностью…
Plus, if this does happen again, I now have DigitalOcean backups on, so it will take mere minutes to restore everything.
Читать полностью…
The database was completely erased, everything will need re-configuring - that includes your location, Twitter/Spotify and plugin/administration setup. I've put about a dozen new security measures in place, it is extremely unlikely this kind of attack will happen again. From the bottom of my heart, I'm sorry for the inconvenience this may have caused as I know there are some users who utilise mattata for business-related groups.
Читать полностью…
Who the fuck even goes through this much effort, you could have just asked me for the files and I would have sent you the link on GitHub 🙄
Читать полностью…
It appears this was a distributed attack, as a mass amount of requests came from 3 IPs.
Читать полностью…
After checking log files, it has become clear this wasn't an injection through mattata, somebody had bruteforced it. They must have just gotten lucky, since my password was like 64 characters long.
Читать полностью…
Meanwhile, I'm now setting up a new droplet so mattata will be back online shortly.
Читать полностью…