cURL / Mailing Lists / curl-users / Single Mail

curl-users

RE: Hacking / Hijacking / or OTHER ?

From: Bill Mercer <bmercer_at_nccer.org>
Date: Thu, 22 Mar 2012 20:19:39 +0000

curl -i http://www.mydomain.com/-A billy

The first part of this command tells curl to retrieve a page named "-A" from the server called "www.mydomain.com."

If there is no such page as -A on that server, it triggers a 404 error. The server handles this error in whatever way the owner of the site has configured it to.

Some hosting companies generate revenue by adding advertising to their 404 and parked domain pages, or provide additional error handling (e.g. a page that tries to identify possible typos.)

You'd need to talk to whoever created the site you're trying to access in order to find out more about this.

The second part of this command tells curl to retrieve the default page from a server called "billy".
If "billy" resolves to a local machine, then curl will try to retrieve the default page from that machine. If it exists, then you're going to get whatever page that is. If it doesn't exist, then what you get will depend on the ISP. Some ISPs deliberately break DNS by redirecting nonexistent domains to their own sites so they can make more money. This is merely annoying for web users, but it actually breaks other services. The practice is unfortunately widespread among consumer ISPs, where most users only access web services.

curl -i http://www.mydomain.com/-A Nessus

Again with this command, the second part is trying to retrieve the default page from a server called "Nessus."

Without knowing more specifics there's not much else people on this list can tell you, but I don't see anything that looks like hacking or hijacking in what you've posted so far, it looks to me like spurious output from a malformed command.

>-----Original Message-----
>From: curl-users-bounces_at_cool.haxx.se [mailto:curl-users-
>bounces_at_cool.haxx.se] On Behalf Of Botany
>Sent: Thursday, March 22, 2012 2:04 PM
>To: the curl tool
>Subject: Re: Hacking / Hijacking / or OTHER ?
>
>> This is an attempt to use a java applet that will let a user use a
>normal
>> browser to download a file from an SFTP service.
>> http://www.jscape.com/products/file-transfer-clients/secure-ftp-
>applet/
>
>The questions are, where from, why, and what triggers these two types of
>output?
>
>-------------------------------------------------------------------
>List admin: http://cool.haxx.se/list/listinfo/curl-users
>FAQ: http://curl.haxx.se/docs/faq.html
>Etiquette: http://curl.haxx.se/mail/etiquette.html

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-03-22

This message: [ Message body ]
Next message: Jan Paulini: "reding form data from url to file, modifying, posting back and 'click' submit"
Previous message: Daniel Stenberg: "ANNOUNCE: curl and libcurl 7.25.0"
In reply to: Botany: "Re: Hacking / Hijacking / or OTHER ?"
Next in thread: Botany: "Re: Hacking / Hijacking / or OTHER ?"
Reply: Botany: "Re: Hacking / Hijacking / or OTHER ?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]