Re: [Wireshark-dev] Is wireshark.org possibly hacked?

2024-06-25 Thread Gerald Combs

Each of the Sucuri issues should be fixed now.

On 6/25/24 9:30 AM, Roland Knall wrote:

We will be looking into it

kind regards
Roland

Am Di., 25. Juni 2024 um 18:24 Uhr schrieb Triton Circonflexe mailto:triton%2benu...@kumal.info>>:

It seems to be an issue with the placement of the clear/dark theme 
javascript.

I checked the about.html page with a simple "view source" and Firefox
is also complaining about the fact that the  tag is not the root
of the document.

In fact, we see




     const currentTheme = localStorage.getItem("theme");
     document.documentElement.className = currentTheme;


…

in all pages while the script tag should probably be inside the 
tag (but my last go at HTML was with HTML 4.01 so I’ll let someone
more competent take over from there.

Le mar. 25 juin 2024 à 16:05, Kate mailto:kateshadowho...@gmail.com>> a écrit :
 >
 > or possibly a code review(of the website)?
 >
 >
 > checked sucuri sitecheck :
 >
 >
 > https://sitecheck.sucuri.net/results/https/www.wireshark.org 

 >
 > warning.html_anomaly
 >
 > Description:
 > We detected anomaly in HTML code placement. Typical anomalies are placement of 
scripts and iframes outside of the .. block, which means that it was 
don't by someone who is not familiar with the web page generation process of this particular 
site (massive automated infection) or simply doesn't have access to the code that generates 
webpages (for example, server-level infections that append malware to every server response). 
This is a strong signal that a stranger tried to modify web pages.
 >
 >
 >
 > Site Issue Detected
 >
 > http://www.wireshark.org/  (More Details)
 >
 >
 > Anomaly behavior detected (possible malware): warning.html_anomaly?1
 > Site Issue Detected
 >
 > https://www.wireshark.org/  (More Details)
 >
 >
 > Anomaly behavior detected (possible malware): warning.html_anomaly?1
 > Site Issue Detected
 >
 > https://www.wireshark.org/about.html 
 (More Details)
 >
 >
 > Anomaly behavior detected (possible malware): warning.html_anomaly?1
 > Site Issue Detected
 >
 > https://www.wireshark.org/docs/  (More 
Details)
 >
 >
 > Anomaly behavior detected (possible malware): warning.html_anomaly?1
 > Site Issue Detected
 >
 > https://www.wireshark.org/download.html 
 (More Details)
 >
 >
 > Anomaly behavior detected (possible malware): warning.html_anomaly?1
 > Site Issue Detected
 >
 > https://www.wireshark.org/faq.html  
(More Details)
 >
 >
 > Anomaly behavior detected (possible malware): warning.html_anomaly?1
 > Site Issue Detected
 >
 > https://www.wireshark.org/learn  (More 
Details)
 >
 >
 > Anomaly behavior detected (possible malware): warning.html_anomaly?1
 > Site Issue Detected
 >
 > https://www.wireshark.org/lists/  
(More Details)
 >
 >
 > Anomaly behavior detected (possible malware): warning.html_anomaly?1
 >
 > 
___
 > Sent via:    Wireshark-dev mailing list mailto:wireshark-dev@wireshark.org>>
 > Archives: https://www.wireshark.org/lists/wireshark-dev 

 > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev 

 >              mailto:wireshark-dev-requ...@wireshark.org 
?subject=unsubscribe
___
Sent via:    Wireshark-dev mailing list mailto:wireshark-dev@wireshark.org>>
Archives: https://www.wireshark.org/lists/wireshark-dev 

Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev 

              mailto:wireshark-dev-requ...@wireshark.org 
?subject=unsubscribe


___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


___
Sent via:Wireshark-dev mailing list 
A

Re: [Wireshark-dev] Is wireshark.org possibly hacked?

2024-06-25 Thread Roland Knall
We will be looking into it

kind regards
Roland

Am Di., 25. Juni 2024 um 18:24 Uhr schrieb Triton Circonflexe <
triton+enu...@kumal.info>:

> It seems to be an issue with the placement of the clear/dark theme
> javascript.
>
> I checked the about.html page with a simple "view source" and Firefox
> is also complaining about the fact that the  tag is not the root
> of the document.
>
> In fact, we see
>
> 
>
> 
> const currentTheme = localStorage.getItem("theme");
> document.documentElement.className = currentTheme;
> 
>
> …
>
> in all pages while the script tag should probably be inside the 
> tag (but my last go at HTML was with HTML 4.01 so I’ll let someone
> more competent take over from there.
>
> Le mar. 25 juin 2024 à 16:05, Kate  a écrit :
> >
> > or possibly a code review(of the website)?
> >
> >
> > checked sucuri sitecheck :
> >
> >
> > https://sitecheck.sucuri.net/results/https/www.wireshark.org
> >
> > warning.html_anomaly
> >
> > Description:
> > We detected anomaly in HTML code placement. Typical anomalies are
> placement of scripts and iframes outside of the .. block,
> which means that it was don't by someone who is not familiar with the web
> page generation process of this particular site (massive automated
> infection) or simply doesn't have access to the code that generates
> webpages (for example, server-level infections that append malware to every
> server response). This is a strong signal that a stranger tried to modify
> web pages.
> >
> >
> >
> > Site Issue Detected
> >
> > http://www.wireshark.org/ (More Details)
> >
> >
> > Anomaly behavior detected (possible malware): warning.html_anomaly?1
> > Site Issue Detected
> >
> > https://www.wireshark.org/ (More Details)
> >
> >
> > Anomaly behavior detected (possible malware): warning.html_anomaly?1
> > Site Issue Detected
> >
> > https://www.wireshark.org/about.html (More Details)
> >
> >
> > Anomaly behavior detected (possible malware): warning.html_anomaly?1
> > Site Issue Detected
> >
> > https://www.wireshark.org/docs/ (More Details)
> >
> >
> > Anomaly behavior detected (possible malware): warning.html_anomaly?1
> > Site Issue Detected
> >
> > https://www.wireshark.org/download.html (More Details)
> >
> >
> > Anomaly behavior detected (possible malware): warning.html_anomaly?1
> > Site Issue Detected
> >
> > https://www.wireshark.org/faq.html (More Details)
> >
> >
> > Anomaly behavior detected (possible malware): warning.html_anomaly?1
> > Site Issue Detected
> >
> > https://www.wireshark.org/learn (More Details)
> >
> >
> > Anomaly behavior detected (possible malware): warning.html_anomaly?1
> > Site Issue Detected
> >
> > https://www.wireshark.org/lists/ (More Details)
> >
> >
> > Anomaly behavior detected (possible malware): warning.html_anomaly?1
> >
> >
> ___
> > Sent via:Wireshark-dev mailing list 
> > Archives:https://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
> >  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org
> ?subject=unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


Re: [Wireshark-dev] Is wireshark.org possibly hacked?

2024-06-25 Thread Triton Circonflexe
It seems to be an issue with the placement of the clear/dark theme javascript.

I checked the about.html page with a simple "view source" and Firefox
is also complaining about the fact that the  tag is not the root
of the document.

In fact, we see




const currentTheme = localStorage.getItem("theme");
document.documentElement.className = currentTheme;


…

in all pages while the script tag should probably be inside the 
tag (but my last go at HTML was with HTML 4.01 so I’ll let someone
more competent take over from there.

Le mar. 25 juin 2024 à 16:05, Kate  a écrit :
>
> or possibly a code review(of the website)?
>
>
> checked sucuri sitecheck :
>
>
> https://sitecheck.sucuri.net/results/https/www.wireshark.org
>
> warning.html_anomaly
>
> Description:
> We detected anomaly in HTML code placement. Typical anomalies are placement 
> of scripts and iframes outside of the .. block, which means that 
> it was don't by someone who is not familiar with the web page generation 
> process of this particular site (massive automated infection) or simply 
> doesn't have access to the code that generates webpages (for example, 
> server-level infections that append malware to every server response). This 
> is a strong signal that a stranger tried to modify web pages.
>
>
>
> Site Issue Detected
>
> http://www.wireshark.org/ (More Details)
>
>
> Anomaly behavior detected (possible malware): warning.html_anomaly?1
> Site Issue Detected
>
> https://www.wireshark.org/ (More Details)
>
>
> Anomaly behavior detected (possible malware): warning.html_anomaly?1
> Site Issue Detected
>
> https://www.wireshark.org/about.html (More Details)
>
>
> Anomaly behavior detected (possible malware): warning.html_anomaly?1
> Site Issue Detected
>
> https://www.wireshark.org/docs/ (More Details)
>
>
> Anomaly behavior detected (possible malware): warning.html_anomaly?1
> Site Issue Detected
>
> https://www.wireshark.org/download.html (More Details)
>
>
> Anomaly behavior detected (possible malware): warning.html_anomaly?1
> Site Issue Detected
>
> https://www.wireshark.org/faq.html (More Details)
>
>
> Anomaly behavior detected (possible malware): warning.html_anomaly?1
> Site Issue Detected
>
> https://www.wireshark.org/learn (More Details)
>
>
> Anomaly behavior detected (possible malware): warning.html_anomaly?1
> Site Issue Detected
>
> https://www.wireshark.org/lists/ (More Details)
>
>
> Anomaly behavior detected (possible malware): warning.html_anomaly?1
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


[Wireshark-dev] Is wireshark.org possibly hacked?

2024-06-25 Thread Kate
or possibly a code review(of the website)?


checked sucuri sitecheck :


https://sitecheck.sucuri.net/results/https/www.wireshark.org
warning.html_anomaly

*Description: *
We detected anomaly in HTML code placement. Typical anomalies are placement
of scripts and iframes outside of the *..* block, which means
that it was don't by someone who is not familiar with the web page
generation process of this particular site (massive automated infection) or
simply doesn't have access to the code that generates webpages (for
example, server-level infections that append malware to every server
response). This is a strong signal that a stranger tried to modify web
pages.


Site Issue Detected

http://www.wireshark.org/ (More Details)


Anomaly behavior detected (possible malware): warning.html_anomaly?1
Site Issue Detected

https://www.wireshark.org/ (More Details)


Anomaly behavior detected (possible malware): warning.html_anomaly?1
Site Issue Detected

https://www.wireshark.org/about.html (More Details)


Anomaly behavior detected (possible malware): warning.html_anomaly?1
Site Issue Detected

https://www.wireshark.org/docs/ (More Details)


Anomaly behavior detected (possible malware): warning.html_anomaly?1
Site Issue Detected

https://www.wireshark.org/download.html (More Details)


Anomaly behavior detected (possible malware): warning.html_anomaly?1
Site Issue Detected

https://www.wireshark.org/faq.html (More Details)


Anomaly behavior detected (possible malware): warning.html_anomaly?1
Site Issue Detected

https://www.wireshark.org/learn (More Details)


Anomaly behavior detected (possible malware): warning.html_anomaly?1
Site Issue Detected

https://www.wireshark.org/lists/ (More Details)


Anomaly behavior detected (possible malware): warning.html_anomaly?1
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe