Old 2nd October 2020, 22:04   #1
mv333
Junior Member
 
Join Date: Jan 2018
Posts: 3
554 stations hijacked?!

There's a blues station that i listen to often, and for the past 2 days a certain rap song has been playing on the station constantly.

I was curious if this song was on any other stations, so i typed "Shawty Lo - They Know" in shoutcast search.

554 results!

I've seen hijacking before, but this is the first time i searched for the song, to see how many stations would show up......
mv333 is offline   Reply With Quote
Old 3rd October 2020, 15:13   #2
Y100Michiana
Junior Member
 
Join Date: Nov 2019
Posts: 32
It Typically Means The Station Has Gone Off Air So Shoutcast Plays Some Random Song On The Stream Instead of It Just Being Dead Air.... I Like to Call Them Ghost Stations.. lol
Y100Michiana is offline   Reply With Quote
Old 16th October 2020, 14:26   #3
dopelabs
Major Dude
 
dopelabs's Avatar
 
Join Date: Oct 2006
Location: Silicon Valley
Posts: 534
Send a message via AIM to dopelabs
Quote:
Originally Posted by Y100Michiana View Post
It Typically Means The Station Has Gone Off Air So Shoutcast Plays Some Random Song On The Stream Instead of It Just Being Dead Air.... I Like to Call Them Ghost Stations.. lol
^^ this is incorrect.

radio stations are responsible for providing their own means of sourcing the stream with content. some choose 3rd party services that provide audodj, some prefer to self host with 3rd party apps like SAM broadcaster, etc.

that means if your statement were true, close to all of the 554 stations would have to be using the same hosting and/or autodj service, and each stream would need to be configured to play that specific song if for some reason their source failed. all of which are highly unlikely considering the span of genres, you'd think they would have their streams configured to fall back to play something thats at least the same genre. 554 stations all playing the same track is far from 'some random song' as well. 'shoutcast' (radionomy) or other autodj and DNAS hosting providers are under no obligation to make sure there is something playing on your stream instead of 'dead air'. it is up to the radio station to configure things to failover or fallback in the event something goes wrong.

instead this does seem to support some type of malicious intent. its possible that all those stations use the same hosting service provider and they were compromised.

its possible that there was some bug in the directory listing service where the current song metadata was incorrect and it returned a bunch of false positives. tuning into each of those stations to see if it was in fact that song playing would be the best way to tell... but currently... SEARCH SHAWTY LO - THEY KNOW : 12 RESULT(S)

so, whatever the issue was, it seems to have been resolved.

this may have been a good lesson to the stream owners or hosting providers to not use systematic, sequential, or dictionary based passwords, or the same master password for 'admin' accounts on all your streams.

to the best of my knowledge, the shoutcast DNAS doesn't have any protections against brute force attacks, so one could script login attempts and they would execute as fast as possible. most people dont keep an eye on their log files and wouldnt even notice such an attack is/was taking place.

its almost 2021 folks. you should not think pass'words' anymore and instead think pass'phrases', or use a strong, well known, locally hosted and ran (not some service you need to sign into and would be avail on all your devices) password manager to generate and store passes. i usually lean towards generating passes that have no less than 16 mixed-case alphanumeric characters.
dopelabs is offline   Reply With Quote
Old 16th October 2020, 20:49   #4
mv333
Junior Member
 
Join Date: Jan 2018
Posts: 3
Quote:
Originally Posted by dopelabs View Post
SEARCH SHAWTY LO - THEY KNOW : 12 RESULT(S)

so, whatever the issue was, it seems to have been resolved.

Not really, because they switched to another song :

"Arthur "Big Boy" Crudup - That's All Right" - 601 results

I noticed that the stations playing this song all have something in common - when i listen to them in Winamp and click "View file info", they all show "http://listen.radionomy.com/name_of_the_station".
mv333 is offline   Reply With Quote
Old 17th October 2020, 11:41   #5
DJ Egg
Techorator
Winamp & Shoutcast Team
 
Join Date: Jun 2000
Posts: 35,866
It means they've activated the Planner (AutoDJ) in the RadioManager but there's no active Planning for the current day.

"radionomy" in the stream url means these stations were converted from Radionomy to Shoutcast For Business (SC4B) stations.

Some of these stations might just have forgotten to create a new planning for the current day and beyond.

The system will just play one random song a day on loop until they add a schedule into their timetable in the planner.

In some cases, it's possible that their free trial has expired (Radionomy stations got a 12 month free trial after being converted to SC4B) and they've decided not to take out a subscription, in which case the station will cease to exist 30 days after the free trial expires....
DJ Egg is offline   Reply With Quote
Reply
Go Back   Winamp & Shoutcast Forums > Shoutcast > Shoutcast Discussions

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump