Comcast HTML injection attack

Status
Not open for further replies.
Joined
Apr 23, 2018
Messages
22
Location
GA
I had a situation last night were my feed went down due to a Comcast HTML injection attack. I had used up X% of my Comcast usage cap. They placed an HTML injection into my stream to Broadcastify and the feed was unable to connect for quite some time. I solved the problem by combing through SDRtrunk's logs and noticing that there was a notify.Comcast address associated with "Unrecognized Response" errors. This error persisted over multiple program and system restarts.

Eventually I solved it by attempting to connect to audio#.broadcastify.com using a browser, I was then able to see the Comcast HTML injection attack as it popped up a Comcast overlay window on the browser. I then had to manually click away the message. Using the browser on other web pages did not exhibit the same behavior. I had to connect to the specific audio#.broadcastify.com:80 URL: port on that computer using a program which could understand more HTML and receive user input. Once I clicked away the message, they quit blocking the traffic and I was able to reconnect the feed.
 
Status
Not open for further replies.
Top