
Embroidered and put on the kitchen wall, on a mug or just as words of wisdom to bring with you in life?
The HP Color LaserJet CP3525 Printer looks like any other ordinary printer done by HP. But there’s a difference!
A friend of mine fell over this gem, and told me.
If you go to the machine’s TCP/IP settings using the built-in web server, the printer offers the ordinary network configure options but also one that sticks out a little exta. The “Manual cURL cURL” option! It looks like this:
I could easily confirm that this is genuine. I did this screenshot above by just googling for the string and printer model, since there appears to exist printers like this exposing their settings web server to the Internet. Hilarious!
How on earth did that string end up there? Certainly there’s no relation to curl at all except for the actual name used there? Is it a sign that there’s basically no humans left at HP that understand what the individual settings on that screen are actually meant for?
Given the contents in the text field, a URL containing the letters WPAD twice, I can only presume this field is actually meant for Web Proxy Auto-Discovery. I spent some time trying to find the user manual for this printer configuration screen but failed. It would’ve been fun to find “manual cURL cURL” described in a manual! They do offer a busload of various manuals, maybe I just missed the right one.
Yes, it seems HP generally use curl at least as I found the “Open-Source Software License Agreements for HP LaserJet and ScanJet Printers” and it contains the curl license:
Independently, someone else recently told me about another possible HP + curl connection. This user said his HP printer makes HTTP requests using the user-agent libcurl-agent/1.0
:
I haven’t managed to get this confirmed by anyone else (although the license snippet above certainly implies they use curl) and that particular user-agent string has been used everywhere for a long time, as I believe it is copied widely from the popular libcurl example getinmemory.c where I made up the user-agent and put it there already in 2004.
Frank Gevaerts tricked me into going down this rabbit hole as he told me about this string.
I got this email in German…
Subject: Warumfrage Schönen guten Tag Ich habe auf meinem Navi aus meinem Auto einen Riesentext wo unter anderem Ihre Mailadresse zu sehen ist? Können Sie mich schlau machen was es damit auf sich hat ?
… which translated into English says:
I have a huge text on my sat nav in my car where, among other things, your email address can be seen?
Can you tell me what this is all about?
I replied (in English) to the question, explained how I’m the main author of curl and how his navigation system is probably using this. I then asked what product or car he saw my email in and if he could send me a picture of my email being there.
He responded quickly and his very brief answer only says it is a Toyota Verso from 2015. So I put an image of such a car on the top of this post.
When the spam bot didn’t consider other reasons for your email to appear on Instagram…
See also: Instagram and Spotify hacking ring.
“Josh” sent me an email. Pardon the language here but I decided to show the mail body unaltered:
From: Josh Yanez <a gmail address> Date: Wed, 6 Jan 2016 22:27:13 -0800 To: daniel Subject: Hey fucker I got all your fucking info either you turn yourself in or ill show it to the police. You think I'm playing try me I got all your stupid little coding too. Sent from my iPhone
This generates so many questions
Very aware this could just as well suck me into a deep and dark hole of sadness, I was just too curious to resist so I responded. Unfortunately I didn’t get anything further back so the story thus ends here, a bit abrupt. 🙁
Just in case you missed my youtube/G+ posting from yesterday about my new trip to work:
Time to submit some more strange emails I’ve received recently. Here’s one I suspect may be someone who spots that curl is being abused against some host. I really wouldn’t even know how to begin to answer this…
Someone is using your code to continually hack small businesses I work with. How on earth do I stop them?![name]
(This is an authentic email we received at Haxx the other day. Names, emails and URLs are replaced in this excerpt to save the innocent)
Date: Thu, 29 Nov 2012 14:59:25
Subject: hakinghello, can you tell me how to hack into web site:
[FIRST URL]
so it is showing:[OTHER URL]
when you click on a link in google results?for example if you click on a google result:
[URL to a google.rs search for something on the FIRST URL site]the point is i would like to protect my web site form that kind of attack so please let me know how to do that
how did i found you? there is your address at [FIRST URL]/coockies.txt so i think you did it, but was polite enough to leave address.. please help me.
Of course I was curious enough to check the “coockies.txt” file, and the beginning of that file looked like this:
# Netscape HTTP Cookie File # http://curlm.haxx.se/rfc/cookie_spec.html # This file was generated by libcurl! Edit at your own risk. [FIRST URL] FALSE / FALSE 0 PHPSESSID dfn1a5ll0hs8odpfh3p2qtlcj3
This tells us a few trivial things, all of which might not be obvious to the untrained eye:
Today I learned that Need for speed World (I first had to google what “NFS-world” actually means) uses curl when I received this email:
From: [removed]
Subject: NFS-worldI can not go into the game for 4 months my nickname “[removed]”. it writes the error “Login failed, please try again.” Please solve this problem. Support Group does not help.
But no, I don’t know why this guy emailed me…
I then went on to look for other Electronic Arts games using libcurl, and I fell over these forum posts that clearly indicate Game Face uses it, but I found no credits or other information page online.
Can you find any other?