tony

When Manners Run Out – Story of a Website Theft

July 7th, 2010 by tony

A guest post from our intern Tony. He has traveled all the way from North-America just to learn the ropes of programming and IT culture from us. He’s last week’s priority 2 task was to handle our site being stolen problem.

A few months ago we discovered that our website (http://www.zeroturnaround.com) had been stolen by jbrute.info (I won’t link it, you need to copy-paste yourself), in every sense of the word. (HTML, CSS, JavaScript, even our logo, HOTLINKED!) A simple side-by-side screenshot will show you the extent of their blatant behavior.

Furious as we were, we managed to keep our manners and reached out (tried to at least) to the author of of jbrute.info and their hosting provider. Sadly, the only response we ever had other than SMTP MAIL CANNOT BE DELIVERED is a canned email instructing us how to write a formal DMCA takedown notice.

We then turned to starting a blog post and asking your help on what you would do in our shoes. As Karl Marx would put it, “the power of the people is strong”, and before long the community came up with a few nothing-less-than-brilliant ideas. (We are not Communists and are not related to the Tsars in anyway, I promise, even though our operational base in Central Estonia might lead you to think otherwise :P)

In particular, Joe Walnes pointed out that since jbrute.info hotlinks .php files and JavaScript from our website, by “check[ing] the HTTP_REFERER, [we] can conditionally change the contents, and with JavaScript [we] can make the page look however [we] want.”

Sadly, life got busy and almost three months suddenly went by, and this little incident was nearly forgotten. Last week, we stumbled upon JBrute once again… Finally we got around to acting on Joe’s advice and, in the most hackish fashion, decided to take it upon ourselves to deliver a truly custom “DMCA Takedown notice” over two glasses of beer. Here is a screenshot of the finished work :) We encourage you to check out jbrute.info (this time I linked :( ) for yourself.

Just to prove our point, we bring you the pseudo xkcd comic.

I hope you enjoyed our little mischief. We’ll keep you posted on the status of jbrute over the coming days following this post and we’ll follow up next week with the technical details – How to un-hack a website! Keep tuned :)

Toomas Römer

Somebody is stealing my website design – what are my options?

April 23rd, 2010 by Toomas Römer

The authors of this blog also run a software company called ZeroTurnaround. We monitor the mentions of the company name and its products with different tools. I personally use Google Alerts (you get an email when the interwebz mentions your monitored word).

One day we stumbled upon a page that had stolen our website design. It was not a question if they had borrowed ideas from us but they had literally stolen everything. The html, css, images and even had our logo up! Our website is zeroturnaround.com and their, jbrute.info (the one which stole the design).

My first reaction was that I’ll just drop them an email, make sure that they’re aware that it is a crime (is it?) and order them to take it down and problem solved. We have no interest of suing anybody. Maybe they were just playing around. Here is a picture how it looked at that time.

The plan was easy but getting contact information was not. At least they had taken down our contact information from the footer. Not finding even an email (then again, smart move, too many stories of criminals accidently leaving their card at the scene of the crime) from the webpage I turned to DNS whois. Whois records show

Domain ID:D32012015-LRMS
Domain Name:JBRUTE.INFO
Created On:24-Mar-2010 20:00:01 UTC
Last Updated On:24-Mar-2010 20:15:33 UTC
Expiration Date:24-Mar-2011 20:00:01 UTC
Sponsoring Registrar:GoDaddy.com Inc. (R171-LRMS)
Status:TRANSFER PROHIBITED
Registrant ID:CR44517482
Registrant Name:Conor Ryan
Registrant Organization:Warlock 999 Development
Registrant Street1:One Vernon Drive
Registrant City:Vernon
Registrant State/Province:New Jersey
Registrant Postal Code:07976
Registrant Country:US
Registrant Phone:+1.5555555555
Registrant *************@warlock999.info

All emails sent to warlock.info or jbrute.info bounce. Googling the name and address does not bring much up. It’s like a dead end. I’ve also contacted the registrar and hosting, still waiting for replies. They’ve updated their website design today, removed the video, our logo and put up some text.

What are my options to deal with something like this? Proving that the design belongs to us should be easy (the html is too similar). How should I go about documenting this? I did make a screenshot when I first stumbled upon, but you could always say that I’m good in Photoshop.

Are there other options to contact a domain name owner besides information from website and WHOIS?

Jevgeni Kabanov

A job offer and a kinda cool puzzle

February 18th, 2010 by Jevgeni Kabanov

ZeroTurnaround is looking for an infrastructure engineer in Tartu (http://bit.ly/zt-infra-eng). If you want to apply or just have a little fun, solve this puzzle:

UEsDBBQAAAAIAIVyUjx/yWgsbQIAAP0CAAAHABwAcHJvYmxlbVVUCQADeTB9S3ow
fUt1eAsAAQToAwAABOgDAAAdUsmumlAA3fcrGtNFX1zABblgXm2jOACXSRBEY9Jc
5knmSb6+vi7OkJyzO+fXnx8T6W4WrB3LbiuOBxXMfNRNW8Wn9NipMa4QbVv8MQVL
05STYRfqADEysKpWFm/3mViqu5EtXlzGPVl6zauMly7vUNt3S9ji1LESwdn63jCN
DZkNHrzCc78lb8/mucZtFFM45ckrs1XnmtOYo34WENfnXkzC9vQ6s3sJEpCifalp
BtvFDjI50bJunpHhegTuhAKuKsh49uGhN9tXPJpkNxknpCaHjgoxivp4MNg4YQSG
V+K8IXs3KvSzK2IcaJOxvWny89ztEn66vIpYcNpw1jnkr7CplWUCGGNneZ0Y3mdK
du/0Ss2S8Zqve2ZQWWQcIsDMh/spoPTCEujcunKTWHZ9JZryK6YlAqi7Z+4noaHM
+SC2KyYws6Vk3gqt4FuqESqyfQ6jSjfkIO0yXJgXr6zUI0L6+CKOcmjZvkFyrmxd
92QoKQ0WHcmRqgiKJ7+I6J0xK8d70ALbNBQh8LMlPLlBefMRVfOVkupsao181s+X
alqrQprbp3QH0CuTxEminYhUtGLm8htNsEVWaVvbzxrTTGTuAqlSEbsXQiMdjSCh
SxWaNYe6hknmS6ND+6g01+aoFnZ/qaURCYTRQBEf9vEp9UmrIxTb7bnzMOFzaFE1
cagV4M+WbexrQrDLPf/eqjROlTqeNYFVbwpYLvV+HTgdbcxavlan9ZhtFp/vb3qb
hYsfE0sHcPXXf0yQeYAV/dbQfxvmfyfYLKIHYKkHYMA7Cd6Ab3i4Cxaf34MB5z+/
Wl/kfZH78fHx+ef3t39QSwECHgMUAAAACACFclI8f8loLG0CAAD9AgAABwAYAAAA
AAABAAAApIEAAAAAcHJvYmxlbVVUBQADeTB9S3V4CwABBOgDAAAE6AMAAFBLBQYA
AAAAAQABAE0AAACuAgAAAAA=

Please don’t post the answer in the comments, but you’re welcome to tell what game is the quote from and how long did it take you to solve it.

Ivo Mägi

Story of a startup: How to Convert a Pair of Glasses into Fame and Fortune?

February 9th, 2010 by Ivo Mägi

Another guest post from our PHB. Obviously he has been reading too much Techcrunch, just discovered icanhascheezburger.com and slacking off during his day job.

This is a story of a start-up built around the nerdiest glasses on earth. If you wonder why and how we’re doing it, how exactly will we make millions of dollars off of it then you’re in luck. We’re planning to document and publish everything on our website and we have just released the first in the series, Converting a pair of glasses into fame and fortune.

Toomas Römer

Bleeding edge of development – upgrading system and ANT stops working

December 28th, 2009 by Toomas Römer

I run Debian Unstable as my main desktop system. I shoot myself in the foot couple of times a year with the upgrades but I like using the bleeding edge of development.

Today after my “regular” upgrade I noticed that one of the ANT tasks did not perform as I would have expected.

/home/toomasr/workspace/project/build.xml:459: The following error occurred while executing this line:
/home/toomasr/workspace/project/changelogic-build.xml:72: Please check the correctness of the root url property. The server returned HTTP response code 300 or above for the URL http://172.17.57.242/lib/changelogic-build.xml

A quick ant -debug did not help me much.

/home/toomasr/workspace/project/build.xml:459: The following error occurred while executing this line:
/home/toomasr/workspace/project/changelogic-build.xml:72: Please check the correctness of the root url property. The server returned HTTP response code 300 or above for the URL http://172.17.57.242/lib/changelogic-build.xml                                                                                                                                       
        at org.apache.tools.ant.ProjectHelper.addLocationToBuildException(ProjectHelper.java:508)                                                                                   
        at org.apache.tools.ant.taskdefs.Ant.execute(Ant.java:369)                                                                                                                  
        at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)                                                                                                     
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)                                                                                                              
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)                                                                                            
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)                                                                                    
        at java.lang.reflect.Method.invoke(Method.java:597)                                                                                                                         
        at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)                                                                                              
        at org.apache.tools.ant.Task.perform(Task.java:348)                                                                                                                         
        at org.apache.tools.ant.Target.execute(Target.java:357)                                                                                                                     
        at org.apache.tools.ant.Target.performTasks(Target.java:385)                                                                                                                
        at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1337)
        at org.apache.tools.ant.Project.executeTarget(Project.java:1306)
        at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41)
        at org.apache.tools.ant.Project.executeTargets(Project.java:1189)
        at org.apache.tools.ant.Main.runBuild(Main.java:758)
        at org.apache.tools.ant.Main.startAnt(Main.java:217)
        at org.apache.tools.ant.launch.Launcher.run(Launcher.java:257)
        at org.apache.tools.ant.launch.Launcher.main(Launcher.java:104)
Caused by: /home/toomasr/workspace/project/changelogic-build.xml:72: Please check the correctness of the root url property. The server returned HTTP response code 300 or above for the URL http://172.17.57.242/lib/changelogic-build.xml
        at org.apache.tools.ant.taskdefs.Exit.execute(Exit.java:142)
        at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)
        at sun.reflect.GeneratedMethodAccessor6.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
        at org.apache.tools.ant.Task.perform(Task.java:348)
        at org.apache.tools.ant.Target.execute(Target.java:357)
        at org.apache.tools.ant.helper.ProjectHelper2.parse(ProjectHelper2.java:142)
        at org.apache.tools.ant.ProjectHelper.configureProject(ProjectHelper.java:93)
        at org.apache.tools.ant.taskdefs.Ant.execute(Ant.java:367)
        ... 17 more
--- Nested Exception ---
/home/toomasr/workspace/project/changelogic-build.xml:72: Please check the correctness of the root url property. The server returned HTTP response code 300 or above for the URL http://172.17.57.242/lib/changelogic-build.xml
        at org.apache.tools.ant.taskdefs.Exit.execute(Exit.java:142)
        at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)
        at sun.reflect.GeneratedMethodAccessor6.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
        at org.apache.tools.ant.Task.perform(Task.java:348)
        at org.apache.tools.ant.Target.execute(Target.java:357)
        at org.apache.tools.ant.helper.ProjectHelper2.parse(ProjectHelper2.java:142)
        at org.apache.tools.ant.ProjectHelper.configureProject(ProjectHelper.java:93)
        at org.apache.tools.ant.taskdefs.Ant.execute(Ant.java:367)
        at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
        at org.apache.tools.ant.Task.perform(Task.java:348)
        at org.apache.tools.ant.Target.execute(Target.java:357)
        at org.apache.tools.ant.Target.performTasks(Target.java:385)
        at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1337)
        at org.apache.tools.ant.Project.executeTarget(Project.java:1306)
        at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41)
        at org.apache.tools.ant.Project.executeTargets(Project.java:1189)
        at org.apache.tools.ant.Main.runBuild(Main.java:758)
        at org.apache.tools.ant.Main.startAnt(Main.java:217)
        at org.apache.tools.ant.launch.Launcher.run(Launcher.java:257)
        at org.apache.tools.ant.launch.Launcher.main(Launcher.java:104)
 
Total time: 3 seconds

The access log on the server did not show anything for the request. Browsing to the url with FireFox worked just fine. Where to even start debugging this? The simple env did not show any proxies configured either. Quite lost.

At last I decided to trace the problem with strace. strace -f ant my_target > result 2>&1 produced 35 892 lines of output. Searching for the ip showed me the message

35596 [pid 13544] connect(46, {sa_family=AF_INET6, sin6_port=htons(80), inet_pton(AF_INET6, "::ffff:172.17.57.242", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 ENETUNR      EACH (Network is unreachable)

Weehah, I’m getting somewhere! Googling a bit showed me multiple solutions. Either a system wide sysctl -w net.ipv6.bindv6only=0 or just -Djava.net.preferIPv4Stack=true will do the trick. I hope this helps somebody.