Re: [Jack-Devel] www.jackaudio.org defacement

PrevNext  Index
DateFri, 30 Dec 2011 11:47:54 -0800
From Robert M. Riches Jr. <[hidden] at jacob21819 dot net>
To[hidden] at gareus dot org, [hidden] at linuxaudiosystems dot com
Cc[hidden] at lists dot jackaudio dot org
In-Reply-ToRobin Gareus Re: [Jack-Devel] www.jackaudio.org defacement
Follow-UpPaul Davis Re: [Jack-Devel] www.jackaudio.org defacement 
> Date: Fri, 30 Dec 2011 10:18:39 +0100
> From: Robin Gareus <[hidden]>
> To: Paul Davis <[hidden]>
> Cc: JACK <[hidden]>
>
> On 12/30/2011 02:23 AM, Paul Davis wrote:
> > On Thu, Dec 29, 2011 at 7:48 PM, Fred Gleason <[hidden]> wrote:
> >> On Dec 29, 2011, at 19:29 05, Patrick Shirkey wrote:
> >>
> >>> The main difference is the number of cogentco servers in the path. Is it
> >>> possible that one of those is proxy caching and serving a corrupted
> >>> version of the site?
> >>
> >> Anything is possible, I suppose.  My connection here is direct to Cogent's tier 1 network.
> >>
> >> That could also explain why I'm now seeing the defacement showing up in Google's cache.  Just search for 'jack audio' and look at the results.
> > 
> > my conclusion is that the site was hacked and restored by the web
> > hosting service without telling me (or anyone else).
>
> nope. It is still hacked and shows different content depending on the
> user-agent and both Accept-language HTTP header.
>
> Try `curl "http://jackaudio.org/"` - that prints out the weird stuff
> that google also sees.
>
> however:
>
> curl -A "Mozilla/5.0 (X11; Linux i686; rv:9.0.1) Gecko/20100101
> Firefox/9.0.1 Iceweasel/9.0.1" -H
> "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" -H
> "Accept-Language: en-us,en;q=0.9" "http://jackaudio.org/"
>
> shows the original site content!
>
> I'd hazard a guess at trac; which is not too hard to hack, but the
> problem could be more deeply rooted..
>
> Cheers!
> robin


Google's preview shows me something that looks like a commercial
for a certain medication.  I take it that's the "weird stuff".
"wget http://jackaudio.org" and "html2text index.html | more"
shows me this (some indentation mine):

    Skip navigation.
               * applications
               * developers
               * documentation
    [Home]     * download
               * email
               * faq
               * wiki
               * bugs
                              ****** What is JACK? ******
                              Have you ever wanted to take the audio output of
                              one piece of software and send it to another? How
                              about taking the output of that same program and
                              send it to two others, then record the result in
                              the first program? Or maybe you're a programmer
                              who writes real-time audio and music applications
                              and who is looking for a cross-platform API that
                              enables not only device sharing but also inter-
                              application audio routing, and is incredibly easy
                              to learn and use? If so, JACK may be what you've
                              been looking for.
                              ...

It would appear the defacing might be intermittent or dependent
on factors other than just the user-agent string.

HTH

Robert
PrevNext  Index

1325274485.15224_0.ltw:2,a <20111230194754.A731D26513 at one dot localnet>