I listen to music whilst coding like anyother sane coder, its what
fills the void for a lonely developer at work. Lawyers, Accountants,
Doctors, Drivers, Plumbers all have people around them to talk, but we
IT nuts are usually head-first deep inside code where only the insane
of the insanely live. So music is our only connection to the outside
world.
Back to the point of this blog post, I went to the
FoxFM website to
"Listen Live", after finding in Firefox(who says I dont dig Firefox?)
the popup wont show properly (Tools > Javascript Console):
Error: window.showModalDialog is not a function
Source File: http://www.fox.com.au/
Line: 60
So like anyone else who has no life I went to the source of problem and
a little loosky... the ListenLive link opens a new window and gives us
those nasty ads (they have to make a profit somewhere aye?):
function launchPlayerFOX() {
var radioStation = "15129";
var url = "http://203.48.254.42/ad.php?rsid="+radioStation;
var w = screen.width; // Get the width of the screen
var h = screen.height; // Get the height of the screen
var resources = "dialogHeight: "+h+"px; dialogWidth: "+w+"px; dialogLeft: 0px; dialogTop: 0px; scroll: no; status: no; resizable: no; help: no; center: no;"
var winRadio = window.showModalDialog( url, "", resources);
}
So I browse to this URL in a new instance of Firefox:
http://203.48.254.42/ad.php?rsid=15129
Nothing too shabby, just the ad we're meant to be watching. Screw that, I dont need a mortage! View source it:
var theRSID = jsrsid.value;
var rsMediaFile = jsrsmf.value;
var url = "player.php?rsid="+theRSID+"&rsmf="+rsMediaFile;
var winRadio = window.open( url, "RadWin", "[WINDOW CODE SNIPPED OUT!]");
if (winRadio != null) {
self.close();
}
and get the URL for the player:
http://203.48.254.42/player.php?rsid=15129
Ooops... I forgot about the rsmf (
Radio-
Station-
Mutha-
Faq'er? - Media File)
looks like whoever wrote that script didnt think ahead about this and
automatically assumed it would have been parsed (as well as rsid -
Radio Station ID).... BIG MISTAKE! Just run that URL and see what
happens, (please dont over-do it!)
If your a good person and didnt click on it heres what you would have got:
Notice: Undefined index: rsmf in E:\zeroklix\ZeroKlix\player.php on line 13
Warning: fopen(media/foxfmmelbourne/clickthru/txt): failed to open stream: No such file or directory in E:\zeroklix\ZeroKlix\player.php on line 49
Warning: feof(): supplied argument is not a valid stream resource in E:\zeroklix\ZeroKlix\player.php on line 50
Warning: fgets(): supplied argument is not a valid stream resource in E:\zeroklix\ZeroKlix\player.php on line 51
The last two lines iterate over and over and over (possible problem
with feof?), whats more with a bit more of playing around you can get
their
clickthru/txt file that lists some data but I wont go into much detail
there.
What should have been done would be to check that the file actually
exists with
file_exists() method and if so continue, otherwise you'd be
stuck with the above.
So with that information we know that a company by the name of
ZeroKlix
hosts the content for them, its stored in E:\ZeroKlix and a few other
things that I'll leave out for the time being. Not only that, but its
quite easy to get the server to start to hiccup if we simply run that
PHP script file(although after the 30 second timeout PHP will stop processing it).
Ohhh before I forget, heres the direct link to the FoxFM "Listen Live" stream:
http://203.48.254.42/media/foxfmmelbourne/playlist.asx
Enjoy!