[Systems] Hacked content detected on http://www.sugarlabs.org/
James Cameron
quozl at laptop.org
Wed Oct 14 18:06:28 EDT 2015
Looks good now.
@Walter, a wider announcement of the update?
On Wed, Oct 14, 2015 at 07:05:50PM +1100, Sam P. wrote:
> Great. I've migrated www and @ to freedom. You should see the newer site when
> your dns updates.
>
> It's now on freedom, so HTTPS and HSTS on that sub domain. Be warned of that
> if we need to migrate back to sunjammer.
>
> On Wed, Oct 14, 2015 at 6:10 PM, Ignacio Rodríguez <[1]nachoel01 at gmail.com>
> wrote:
>
> Wow.
>
> Nice work Sam, it looks nice and user friendly,
> so I think we should put it ASAP and disable php (or simply don't use
> it) for [2]http://sugarlabs.org in apache settings (I think that is
> possible, correct me if I'm wrong)
>
> Greetings
>
> 2015-10-14 3:54 GMT-03:00, Sam P. <sam at sam.today>:
> > Ok, so changed the new static site to hide all of the todos and stuff:
> > [3]http://www.sam.today/
> >
> > When you all are ok I'll deploy it if you want.
> >
> > On Wed, Oct 14, 2015 at 8:36 AM, Sam P. <sam at sam.today> wrote:
> >
> >> Yeah, its pretty close to ready. I can probably hide the todos and
> >> change
> >> some of the links so it will be OK? CCing for Walter's opinion
> >>
> >> On Wed, 14 Oct 2015 7:50 am Bernie Innocenti <[4]bernie at codewiz.org>
> wrote:
> >>
> >>> How about replacing this old and insecure website?
> >>>
> >>> If the new one isn't ready yet, we could temporarily serve a
> >>> minimalistic
> >>> page with the SL logo and a few links to the main resources. A bit like
> >>> the
> >>> Google home page...
> >>>
> >>> On October 13, 2015 4:26:37 PM EDT, Samuel Cantero <[5]
> scanterog at gmail.com>
> >>> wrote:
> >>>
> >>>> Hello everyone,
> >>>>
> >>>> I just recently erase all the unwanted images and the malicious php
> >>>> files for www.slo.
> >>>>
> >>>> The injected URLs [f*or ex:
> >>>> [6]sugarlabs.org/index.php/cheap-canadian-viagra/
> >>>> <[7]http://sugarlabs.org/index.php/cheap-canadian-viagra/> or
> >>>> [8]sugarlabs.org/index.php/viagra
> >>>> <[9]http://sugarlabs.org/index.php/viagra>*]
> >>>> are not working anymore. Those URLs were generated with the head.php
> >>>> script. The complete decoded code can be found here:
> >>>> [10]http://www.fpaste.org/278824/.
> >>>>
> >>>> Also, the b374k-shell webshell is not working anymore. For the
> curious,
> >>>> it looked like this: [11]http://snag.gy/BmcA1.jpg
> >>>>
> >>>
> >>>> I've found similar php files in [12]walterbender.org the other day. I
> >>>> replaced the wh ole site for an uncompromised one.
> >>>>
> >>>
> >>>> Anyway, we still have to find how they did that and how can we protect
> >>>> our server from this kind of exploit. It is not easy though. It can be
> >>>> a
> >>>> security vulnerability on wordpress, some plugin or a permission
> >>>> problem.
> >>>>
> >>>> Still pending to follow the CERT intruder detection checklist.
> >>>>
> >>>> Regards,
> >>>>
> >>>>
> >>>> On Tue, Oct 13, 2015 at 7:18 AM, Sam P. <sam at sam.today> wrote:
> >>>>
> >>> I was just running ls -lsah on the root of www.slo, and it told me:
> >>>>>
> >>>>> * Th e spam (head.php) was last modified on Jun 23 13:56. I assume
> >>>>> this is the creation date too.
> >>>>>
> >>>> * head.php is owned by www-data. I assume this means that it came
> from
> >>>>> php or apache?
> >>>>> * index.php was modified 1 minute after head.php. It has a command
> to
> >>>>> "include("head.php");"
> >>>>> * every directory was modified within 2 minutes after the spam
> >>>>> creation, including .git
> >>>>> * eg. css/comnon.php base64 or something encoded php. Looks a
> >>>>> different style to head.php, no use of regex, but IDK. It is a php
> >>>>> webshell named b374k-shell version 2.8.
> >>>>> * eg. assets/fs-login.php encoded php that is decoded using a
> >>>>> regex. Prompts for a passoword, but no identifying stuff
> >>>>> * There are also files called fedit.php Iicense.php (starting
> with
> >>>>> cap. i) lndex.php (lower case L)
> >>>>>
> >>>>> Some files came before head.php, see
> >>>>> [13]http://www.fpaste.org/278658/47310741/
> >>>>>
> >>>>> Also, reviewing Walter's repo, I can't find a clean copy of the
> >>>>> website, see [14]https://github.com/walterbender/www-sugarlabs/issues
> /11
> >>>>> So hum, cleaning this will be fun!
> >>>>>
> >>>>> Thanks,
> >>>>> Sam
> >>>>>
> >>>>
> >>>>> On Tue, Oct 13, 2015 at 12:35 PM, Samuel Cantero <[15]
> scanterog at gmail.com>
> >>>>> wrote:
> >>>>>
> >>>>>> I can't continue working on this today. Tomorrow I will try to
> search
> >>>>>> related files. We can erase the suspicious files now but if we do
> not
> >>>>>> find
> >>>>>> the root cause, it will happen again.
> >>>>>>
> >>>>>> Thanks James. I will google for it.
> >>>>>>
> >>>>>> On Mon, Oct 12, 2015 at 10:27 PM, James Cameron <[16]
> quozl at laptop.org>
> >>>>>> wrote:
> >>>>>>
> >>>>>>> Sadly, I've done PHP. There were PHP vulnerabilities that can lead
> >>>>>>> to site compromise if the www directory was writable by the apache
> >>>>>>> processes that run PHP.
> >>>>>>>
> >>>>>>> Follow the CERT intruder detection checklist if you can.
> >>>>>>>
> >>>>>>> On 13/10/2015, at 12:01 PM, Samuel Cantero wrote:
> >>>>>>>
> >>>>>>> > Also, I've found the followings php files with suspicious code:
> >>>>>>> >
> >>>>>>> > /srv/www-sugarlabs/www/images/favicons/class.wp-date.php
> >>>>>>> > /srv/www-sugarlabs/www/old/fedit.php
> >>>>>>> > /srv/www-sugarlabs/www/old/Iicense.php
> >>>>>>> > /srv/www-sugarlabs/www/scripts/fs-login.php
> >>>>>>> > /srv/www-sugarlabs/www/xsl/fs-login.php
> >>>>>>> > /srv/www-sugarlabs/www/.git/lndex.php
> >>>>>>> > /srv/www-sugarlabs/www/cache/fedit.php
> >>>>>>> > /srv/www-sugarlabs/www/cache/Iicense.php
> >>>>>>> > /srv/www-sugarlabs/www/.cache.php
> >>>>>>> >
> >>>>>>> > In addition, some gzipped base64 encoded php using some
> >>>>>>> > hexadecimal
> >>>>>>> character codes. This "fancy" code is executed via preg_replace
> with
> >>>>>>> the e
> >>>>>>> modifier.
> >>>>>>> >
> >>>>>>> > /srv/www-sugarlabs/www/images/Iicense.php
> >>>>>>> > /srv/www-sugarlabs/www/press/Iicense.php
> >>>>>>> > /srv/www-sugarlabs/www/xml/fedit.php
> >>>>>>> > /srv/www-sugarlabs/www/head.php
> >>>>>>> > /srv/www-sugarlabs/www/static/lndex.php
> >>>>>>> > /srv/www-sugarlabs/www/assets/fs-login.php
> >>>>>>> >
> >>>>>>> > An expert in PHP here?
> >>>>>>> >
> >>>>>>> > This is just Sugar Labs web site. Maybe we have a lot of them in
> >>>>>>> the entire /srv directory. I have to look for it.
> >>>>>>> >
> >>>>>>> > Regards,
> >>>>>>> >
> >>>>>>> > On Mon, Oct 12, 2015 at 9:03 PM, Samuel Cantero <
> >>>>>>> [17]scanterog at gmail.com> wrote:
> >>>>>>> > Google is right. Our site has been hacked.
> >>>>>>> >
> >>>>>>> > One example: [18]http://www.sugarlabs.org/images/
> >>>>>>> >
> >>>>>>> > There is a URL inyection:
> >>>>>>> [19]http://www.sugarlabs.org/index.php/cialis-10mg/
> >>>>>>> >
> >>>>>>> > I will try to find all URLs not belonging to our site and the
> root
> >>>>>>> cause.
> >>>>>>> >
> >>>>>>> > Regards,
> >>>>>>> >
> >>>>>>> > On Mon, Oct 12, 2015 at 5:50 PM, Bernie Innocenti <
> >>>>>>> [20]bernie at codewiz.org> wrote:
> >>>>>>> > Maybe all we need to do is click the reconsideration request link
> >>>>>>> and see what happens.
> >>>>>>> >
> >>>>>>> > Feel free to take control of the domain if you want to see the
> >>>>>>> Google webmaster console.
> >>>>>>> >
> >>>>>>> > On October 12, 2015 3:11:53 PM EDT, "Ignacio Rodríguez" <
> >>>>>>> [21]nachoel01 at gmail.com> wrote:
> >>>>>>> > Is that updated?
> >>>>>>> >
> >>>>>>> > I remember to see some spam in [22]sugarlabs.org (but it was
> Fixed).
> >>>>>>> >
> >>>>>>> > AS the email says, can we rfetch as Google? I mean, the tool for
> >>>>>>> that-
> >>>>>>> > Greetings,
> >>>>>>> > Ignacio
> >>>>>>> >
> >>>>>>> > 2015-10-12 16:02 GMT, Sebastian Silva <[23]
> sebastian at fuentelibre.org>:
> >>>>>>> > I did a very quick look on the pages reported, and can't find
> >>>>>>> anything
> >>>>>>> > suspicious with them.
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > On 12/10/15 10:52, Samuel Cantero wrote:
> >>>>>>> > I can check this later (in 8 hours). I am away from my laptop
> >>>>>>> > now.
> >>>>>>> If
> >>>>>>> > someone has found something please share the info.
> >>>>>>> >
> >>>>>>> > Regards,
> >>>>>>> >
> >>>>>>> > On Monday, 12 October 2015, Bernie Innocenti <[24]
> bernie at codewiz.org
> >>>>>>> >
> >>>>>>> > <mailto:
> >>>>>>> > [25]bernie at codewiz.org>> wrote:
> >>>>>>> >
> >>>>>>> > Can someone look into this to see if our ancient website
> >>>>>>> really is
> >>>>>>> > serving "hacked" content?
> >>>>>>> >
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > *From:* Google Search Console Team <[26]
> sc-noreply at google.com
> >>>>>>> > <javascript:_e(%7B%7D,'cvml','[27]sc-noreply at google.com');>>
> >>>>>>> > *Sent:* October 6, 2015 5:47:40 PM EDT
> >>>>>>> > *To:* [28]bernie.codewiz at gmail.com
> >>>>>>> > <javascript:_e(%7B%7D,'cvml','[29]bernie.codewiz at gmail.com
> ');>
> >>>>>>> > *Subject:* Hacked content detected on
> >>>>>>> [30]http://www.sugarlabs.org/
> >>>>>>> >
> >>>>>>> > Message type: [WNC-633200]
> >>>>>>> > Search Console
> >>>>>>> >
> >>>>>>> > Hacked content detected on [31]http://www.sugarlabs.org/
> >>>>>>> >
> >>>>>>> > To: Webmaster of [32]http://www.sugarlabs.org/,
> >>>>>>> >
> >>>>>>> > Google has detected that your site has been hacked by a
> third
> >>>>>>> > party who created
> >>>>>>> > malicious content on some of your pages. This
> >>>>>>> >
> >>>>>>> > critical issue utilizes your site’s reputation to show
> >>>>>>> potential
> >>>>>>> > visitors unexpected or harmful content on your site or in
> >>>>>>> search
> >>>>>>> > results. It also lowers the quality of results for Google
> >>>>>>> Search
> >>>>>>> > users. Therefore, we have applied a manual action to your
> >>>>>>> > site
> >>>>>>> > that will warn users of hacked content when your site
> appears
> >>>>>>> in
> >>>>>>> > search results. To remove this warning, clean up the hacked
> >>>>>>> > content, and file a reconsideration request. After we
> >>>>>>> > determine
> >>>>>>> > that your site no longer has hacked content, we will remove
> >>>>>>> this
> >>>>>>> > manual action.
> >>>>>>> >
> >>>>>>> > Following are some example URLs where we found pages that
> >>>>>>> > have
> >>>>>>> > been compromised. Review them to gain a better sense of
> where
> >>>>>>> this
> >>>>>>> > hacked content appears. The list is not exhaustive.
> >>>>>>> >
> >>>>>>> > [33]http://git.sugarlabs.org/python-xkb/mainline/commits/
> 35bdff6
> >>>>>>> >
> >>>>>>> > [34]http://meeting.sugarlabs.org/publiclab/meetings
> >>>>>>> >
> >>>>>>> > [35]http://meeting.sugarlabs.org/sugar-meeting/2015-06-07
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > Here’s how to fix this problem:
> >>>>>>> >
> >>>>>>> > 1
> >>>>>>> >
> >>>>>>> > Check Security Issues for details of the hack
> >>>>>>> >
> >>>>>>> > Use the examples provided in the Security Issues report of
> >>>>>>> Search
> >>>>>>> > Console to get an initial sample of hacked pages.
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > Security Issues
> >>>>>>> >
> >>>>>>> > <
> >>>>>>> [36]https://www.google.com/appserve/mkt/p/
> kVgkGZKCN3DzN06od04KKAtZ0MELd5xT3j6zpU-JXhXWycXm6bg2W2xxZcBHQshGY9Dbo6BoOE6t4b1qxyCKXO2Q-JbiMgnsBSipGOHR246wqlLQhLLeM2-Pn6UVjijAxh4IQbS8msvmyuCEhUM7SaaWo_iSJfqhdrGgwaX47_mqJlPAYaytPzxHn_TzI8idMH-b6vmj470TW8hQl-j2jruE55uGYSy_3fwvNKAOjSLNHJ11QWPMjSaVMX4IpasNLfbmYxP5PZW_0mGwbkoWtSMNVe3Mq7WU
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > 2
> >>>>>>> >
> >>>>>>> > Look for other compromised pages or files on your site
> >>>>>>> >
> >>>>>>> > Be sure to check your entire site, including the homepage,
> >>>>>>> > for
> >>>>>>> any
> >>>>>>> > unfamiliar content that could have been added. The malicious
> >>>>>>> code
> >>>>>>> > might be placed in HTML, JavaScript, or other files on your
> >>>>>>> site.
> >>>>>>> > It can also be hidden in places you might overlook, such as
> >>>>>>> server
> >>>>>>> > configuration files (e.g. .htaccess file) or other dynamic
> >>>>>>> > scripting pages (e.g. PHP, JSP). It’s important to be
> >>>>>>> > thorough
> >>>>>>> in
> >>>>>>> > your investigation.
> >>>>>>> >
> >>>>>>> > 3
> >>>>>>> >
> >>>>>>> > Use the Fetch as Google tool to isolate the malicious
> content
> >>>>>>> >
> >>>>>>> > Because some pages can appear one way to a user and another
> >>>>>>> way to
> >>>>>>> > Google crawlers, you can use the Fetch as Google tool to
> >>>>>>> > reveal
> >>>>>>> > some kinds of hacking. Enter URLs from your site in the tool
> >>>>>>> > to
> >>>>>>> > see the pages as Google sees them. If the page has hidden
> >>>>>>> hacked
> >>>>>>> > content, the tool can reveal that content.
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > Fetch as Google
> >>>>>>> >
> >>>>>>> > <
> >>>>>>> [37]https://www.google.com/appserve/mkt/p/
> I3Dm05ZvmwWJtGtmHNGyYK86h2nzUYGDM-1dIVEnmSHrHs0N84tDyBfUA5iDb72j6B-yiwNg-OrBO0P0PQbrU3v8R5tcVAdzYMv3OpcObaRWw6HuB_hF_vBUQ0wZEYtCIbe16MSxBLicOuFq6SP20C3-AbQorJKlU227T3AeC21nVaTf-KFMOvGO-OFQMdU8_Rthc-UT-ZB7e9_xKK8fusESgfkMAlFFnhedw1Mmy6z-7H7n_sA47L5Kf5TfpXQWf4tNFKZzfwYoKnY8NFJkNqyEOVpVQkAX
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > 4
> >>>>>>> >
> >>>>>>> > Remove all malicious content
> >>>>>>> >
> >>>>>>> > You can also contact your hosting provider and ask them for
> >>>>>>> > assistance. If you’re having trouble identifying and
> removing
> >>>>>>> all
> >>>>>>> > the content on your site that is compromised, consider
> >>>>>>> restoring
> >>>>>>> > an older backed-up
> >>>>>>> > version of your site.
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > 5
> >>>>>>> >
> >>>>>>> > Secure your site from any future attacks
> >>>>>>> >
> >>>>>>> > Identify and fix vulnerabilities that caused your site to be
> >>>>>>> > compromised. Change passwords for administrative accounts.
> >>>>>>> > Consider contacting your hosting service to get help with
> the
> >>>>>>> issue.
> >>>>>>> >
> >>>>>>> > 6
> >>>>>>> >
> >>>>>>> > Submit a reconsideration request
> >>>>>>> >
> >>>>>>> > Once you fix your site, file for reconsideration to remove
> >>>>>>> > this
> >>>>>>> > manual action. Include any details or documentation that can
> >>>>>>> help
> >>>>>>> > us understand the changes made to your site.
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > Reconsideration Request
> >>>>>>> >
> >>>>>>> > <
> >>>>>>> [38]https://www.google.com/appserve/mkt/p/
> mkMChrLY5uOSnnaQ5gbTAFDfGwF9b6RURLy_mBu1favZezzi13VSZPX07YO4eT4qaxKtQQFbGwR5lgEHDrnmLOaVzvClgPw3zw4P5NW1tQCDpPfXWL3li5UfVcsWLvABq0-kSdP0RwG3S-icgEz1HOe4fAssqjSSFWSwdgGpDcsqBZK8h8zWXqgHmAnfU3-a93zxp54EiQASOsPPnMSvqx8oBIco-F5o-Ro4Da3xmZU6HpjdwyGPq_PYyPJ1utqx1VNivc0ptczU9Ga6kc6x_HzwsjXAtvwTwFDuzAqE
> >>>>>>> >
> >>>>>>> >
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > Need more help?
> >>>>>>> >
> >>>>>>> > • Read our guide for hacked sites
> >>>>>>> >
> >>>>>>> > <
> >>>>>>> [39]https://www.google.com/appserve/mkt/p/
> IV-1opuTX8iamyLtoalATOnDHD7nAlmgL8CVzxJazsopWNGnaydlADoMVjEnxX6PPmcoakoeoAI_pi9Fr94XUsVcDgZ_5t0jCV4eFMo3ehPi0RqjmdUphK8AeWrRaiNuPE-G8mLJo_0ZxqlIaNYBxdHxDhw9idMBli6GQxEjRhkJdZHPB7crjABDHO7pW3yIGDi2MuVI09y1bKc7QlGI6OTxGFTLmpQsLxGTCflqCA
> ==
> >>>>>>> >.
> >>>>>>> >
> >>>>>>> > • Learn how to use the Fetch as Google
> >>>>>>> >
> >>>>>>> > <
> >>>>>>> [40]https://www.google.com/appserve/mkt/p/
> 9Ir-Bt-67WRNvKE9owMrZLp8oZJ1HImuPu4xcaEPRb0JtnzPu6aTmg2CUheZmi-tuwqORJVIvjiPKkndT4yNd0YpPysKDsWv32eQNwCtJ4If7XJl13TyrO9HotNhwd7K9lpUYNvbMjVNl7nYSBHZ7AP4nWHNjelPl4jlZIRAMWdMtDDlsvyDT79bBAs83a7NjBY2D8FnVFd5b7MV3B4prCLse477PGMw_ADsoybItKdyR1bpPjsQ288
> =
> >>>>>>> >
> >>>>>>> > tool in our Help Center.
> >>>>>>> > • Learn more about reconsideration requests
> >>>>>>> >
> >>>>>>> > <
> >>>>>>> [41]https://www.google.com/appserve/mkt/p/
> aQ8PKvfwLMXzVU_Y2JKYswOlSi_DMZlgJxl_1pKoECDrfGb2bMv7ktikhnlpXYFo5pFod5pV_5MID2lXxPnG8JXg2IT2QK4EEHFK5CKy_jEld6vmacZzTy5qkLiQ_KXYEpR3IHJRXl_5bAzuInboteGdP3kowTaHbH0k5_KGdQ-7x_7Uc9S6ZuON2GRJgf_l7VBFlCpYx63dthhREfGl3aJAmrrd5B12fcQXpUS-XivElQ5E4tuW7TZJ6-2t
> >>>>>>> >
> >>>>>>> > in our Help Center.
> >>>>>>> > • Ask questions in our forum
> >>>>>>> >
> >>>>>>> > <
> >>>>>>> [42]https://www.google.com/appserve/mkt/p/
> ciVSXy1Lws4CbKwqiPW7Vh6w0QYywSigyhOIHLlIjWP3nj6-NftgW0tj9Q7pqbfedTFBQzUv2xyKSI6xfNA58JuQX50x7h1ytUIKOkQiKXj_ERqHQ2gb03stUwFcck5XtNQmsaC97h1gYDzzEc9Znv0rvIn8yn7rZTLHocA63VlvS7nA4uEpsVVNhe_z53A40yKJiZ6MjC4w-CPfWa_U9yssivxOXqpB3412s9ovXag888rv1S221MwGu1kHRZrF
> >>>>>>> >
> >>>>>>> > for more help - mention message type [WNC-633200].
> >>>>>>> >
> >>>>>>> > Google Inc. 1600 Amphitheatre Parkway Mountain View, CA
> 94043
> >>>>>>> > |
> >>>>>>> > Unsubscribe
> >>>>>>> >
> >>>>>>> > <
> >>>>>>> [43]https://www.google.com/appserve/mkt/p/
> nD7NcGKMjSxCRFdqrYmqkL7hvzslENpmCZMgpewUjQhJa8Y3IGhAn89ccuRCUkWOuTf5YyzJCYxX0gomovUPNbNSks2EX6CeQsbJ3U39wrbENLoAoJgF2YmZ6NdumTzBxHR3erjkR92y7Fv7QpLly4IS93wNFYQYYOGhysjJLJ60gwhvItjpmW6p-A
> ==
> >>>>>>> >
> >>>>>>> > Add partners
> >>>>>>> >
> >>>>>>> > <
> >>>>>>> [44]https://www.google.com/appserve/mkt/p/
> qTjtKM7FKDMWcpoZIrRbnRQOfhxVo6TyQct8JuQPryv-Ov_yf7iqFkiNR_wU8HLKO5ksfov9m5IVJki2NB0YDH1Jm-7KEXDMHFkAFu5ka67xYh1d1SL3hT0VuzTq99m4jFvLm0xQr0nTwz6TDTOBbeZKywq9JWpM_2HXJJrI8CgyO7_rdp7TIPdbc3kzCzJGA_xOBL-ktb1uoJAcHmk-FIJhuDu91iioHwpjGAC3o0WN06RKsDkeHjzQ2mDV_0ksYVzhx4V3yyoc-I8MQ0QvuBWU_aKms694WJmI_Q
> ==
> >>>>>>> >who
> >>>>>>> > should receive messages for this Search Console account.
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > --
> >>>>>>> > Sent from my Android device with K-9 Mail. Please excuse my
> >>>>>>> brevity.
> >>>>>>> >
> >>>>>>> >
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > Systems mailing list
> >>>>>>> > [45]Systems at lists.sugarlabs.org
> >>>>>>> > [46]http://lists.sugarlabs.org/listinfo/systems
> >>>>>>> >
> >>>>>>> > --
> >>>>>>> > I+D SomosAzucar.Org
> >>>>>>> > "icarito" #somosazucar en Freenode IRC
> >>>>>>> > "Nadie libera a nadie, nadie se libera solo. Los seres humanos
> se
> >>>>>>> liberan en
> >>>>>>> > comunión" - P. Freire
> >>>>>>> >
> >>>>>>> >
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > --
> >>>>>>> > Sent from my Android device with K-9 Mail. Please excuse my
> >>>>>>> > brevity.
> >>>>>>> >
> >>>>>>> >
> >>>>>>> > _______________________________________________
> >>>>>>> > Systems mailing list
> >>>>>>> > [47]Systems at lists.sugarlabs.org
> >>>>>>> > [48]http://lists.sugarlabs.org/listinfo/systems
> >>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>> _______________________________________________
> >>>>>> Systems mailing list
> >>>>>> [49]Systems at lists.sugarlabs.org
> >>>>>> [50]http://lists.sugarlabs.org/listinfo/systems
> >>>>>>
> >>>>>>
> >>>>>
> >>>> Systems mailing list
> >>>> [51]Systems at lists.sugarlabs.org
> >>>> [52]http://lists.sugarlabs.org/listinfo/systems
> >>>>
> >>>>
> >>> --
> >>> Sent from my Android device with K-9 Mail. Please excuse my brevity.
> >>>
> >>
> >
>
> --
> Ignacio Rodríguez
> SugarLabs at Facebook
> <[53]https://www.facebook.com/pages/SugarLabs/187845102582>
>
> References:
>
> [1] mailto:nachoel01 at gmail.com
> [2] http://sugarlabs.org/
> [3] http://www.sam.today/
> [4] mailto:bernie at codewiz.org
> [5] mailto:scanterog at gmail.com
> [6] http://sugarlabs.org/index.php/cheap-canadian-viagra/
> [7] http://sugarlabs.org/index.php/cheap-canadian-viagra/
> [8] http://sugarlabs.org/index.php/viagra
> [9] http://sugarlabs.org/index.php/viagra
> [10] http://www.fpaste.org/278824/
> [11] http://snag.gy/BmcA1.jpg
> [12] http://walterbender.org/
> [13] http://www.fpaste.org/278658/47310741/
> [14] https://github.com/walterbender/www-sugarlabs/issues/11
> [15] mailto:scanterog at gmail.com
> [16] mailto:quozl at laptop.org
> [17] mailto:scanterog at gmail.com
> [18] http://www.sugarlabs.org/images/
> [19] http://www.sugarlabs.org/index.php/cialis-10mg/
> [20] mailto:bernie at codewiz.org
> [21] mailto:nachoel01 at gmail.com
> [22] http://sugarlabs.org/
> [23] mailto:sebastian at fuentelibre.org
> [24] mailto:bernie at codewiz.org
> [25] mailto:bernie at codewiz.org
> [26] mailto:sc-noreply at google.com
> [27] mailto:sc-noreply at google.com
> [28] mailto:bernie.codewiz at gmail.com
> [29] mailto:bernie.codewiz at gmail.com
> [30] http://www.sugarlabs.org/
> [31] http://www.sugarlabs.org/
> [32] http://www.sugarlabs.org/
> [33] http://git.sugarlabs.org/python-xkb/mainline/commits/35bdff6
> [34] http://meeting.sugarlabs.org/publiclab/meetings
> [35] http://meeting.sugarlabs.org/sugar-meeting/2015-06-07
> [36] https://www.google.com/appserve/mkt/p/kVgkGZKCN3DzN06od04KKAtZ0MELd5xT3j6zpU-JXhXWycXm6bg2W2xxZcBHQshGY9Dbo6BoOE6t4b1qxyCKXO2Q-JbiMgnsBSipGOHR246wqlLQhLLeM2-Pn6UVjijAxh4IQbS8msvmyuCEhUM7SaaWo_iSJfqhdrGgwaX47_mqJlPAYaytPzxHn_TzI8idMH-b6vmj470TW8hQl-j2jruE55uGYSy_3fwvNKAOjSLNHJ11QWPMjSaVMX4IpasNLfbmYxP5PZW_0mGwbkoWtSMNVe3Mq7WU
> [37] https://www.google.com/appserve/mkt/p/I3Dm05ZvmwWJtGtmHNGyYK86h2nzUYGDM-1dIVEnmSHrHs0N84tDyBfUA5iDb72j6B-yiwNg-OrBO0P0PQbrU3v8R5tcVAdzYMv3OpcObaRWw6HuB_hF_vBUQ0wZEYtCIbe16MSxBLicOuFq6SP20C3-AbQorJKlU227T3AeC21nVaTf-KFMOvGO-OFQMdU8_Rthc-UT-ZB7e9_xKK8fusESgfkMAlFFnhedw1Mmy6z-7H7n_sA47L5Kf5TfpXQWf4tNFKZzfwYoKnY8NFJkNqyEOVpVQkAX
> [38] https://www.google.com/appserve/mkt/p/mkMChrLY5uOSnnaQ5gbTAFDfGwF9b6RURLy_mBu1favZezzi13VSZPX07YO4eT4qaxKtQQFbGwR5lgEHDrnmLOaVzvClgPw3zw4P5NW1tQCDpPfXWL3li5UfVcsWLvABq0-kSdP0RwG3S-icgEz1HOe4fAssqjSSFWSwdgGpDcsqBZK8h8zWXqgHmAnfU3-a93zxp54EiQASOsPPnMSvqx8oBIco-F5o-Ro4Da3xmZU6HpjdwyGPq_PYyPJ1utqx1VNivc0ptczU9Ga6kc6x_HzwsjXAtvwTwFDuzAqE
> [39] https://www.google.com/appserve/mkt/p/IV-1opuTX8iamyLtoalATOnDHD7nAlmgL8CVzxJazsopWNGnaydlADoMVjEnxX6PPmcoakoeoAI_pi9Fr94XUsVcDgZ_5t0jCV4eFMo3ehPi0RqjmdUphK8AeWrRaiNuPE-G8mLJo_0ZxqlIaNYBxdHxDhw9idMBli6GQxEjRhkJdZHPB7crjABDHO7pW3yIGDi2MuVI09y1bKc7QlGI6OTxGFTLmpQsLxGTCflqCA==
> [40] https://www.google.com/appserve/mkt/p/9Ir-Bt-67WRNvKE9owMrZLp8oZJ1HImuPu4xcaEPRb0JtnzPu6aTmg2CUheZmi-tuwqORJVIvjiPKkndT4yNd0YpPysKDsWv32eQNwCtJ4If7XJl13TyrO9HotNhwd7K9lpUYNvbMjVNl7nYSBHZ7AP4nWHNjelPl4jlZIRAMWdMtDDlsvyDT79bBAs83a7NjBY2D8FnVFd5b7MV3B4prCLse477PGMw_ADsoybItKdyR1bpPjsQ288=
> [41] https://www.google.com/appserve/mkt/p/aQ8PKvfwLMXzVU_Y2JKYswOlSi_DMZlgJxl_1pKoECDrfGb2bMv7ktikhnlpXYFo5pFod5pV_5MID2lXxPnG8JXg2IT2QK4EEHFK5CKy_jEld6vmacZzTy5qkLiQ_KXYEpR3IHJRXl_5bAzuInboteGdP3kowTaHbH0k5_KGdQ-7x_7Uc9S6ZuON2GRJgf_l7VBFlCpYx63dthhREfGl3aJAmrrd5B12fcQXpUS-XivElQ5E4tuW7TZJ6-2t
> [42] https://www.google.com/appserve/mkt/p/ciVSXy1Lws4CbKwqiPW7Vh6w0QYywSigyhOIHLlIjWP3nj6-NftgW0tj9Q7pqbfedTFBQzUv2xyKSI6xfNA58JuQX50x7h1ytUIKOkQiKXj_ERqHQ2gb03stUwFcck5XtNQmsaC97h1gYDzzEc9Znv0rvIn8yn7rZTLHocA63VlvS7nA4uEpsVVNhe_z53A40yKJiZ6MjC4w-CPfWa_U9yssivxOXqpB3412s9ovXag888rv1S221MwGu1kHRZrF
> [43] https://www.google.com/appserve/mkt/p/nD7NcGKMjSxCRFdqrYmqkL7hvzslENpmCZMgpewUjQhJa8Y3IGhAn89ccuRCUkWOuTf5YyzJCYxX0gomovUPNbNSks2EX6CeQsbJ3U39wrbENLoAoJgF2YmZ6NdumTzBxHR3erjkR92y7Fv7QpLly4IS93wNFYQYYOGhysjJLJ60gwhvItjpmW6p-A==
> [44] https://www.google.com/appserve/mkt/p/qTjtKM7FKDMWcpoZIrRbnRQOfhxVo6TyQct8JuQPryv-Ov_yf7iqFkiNR_wU8HLKO5ksfov9m5IVJki2NB0YDH1Jm-7KEXDMHFkAFu5ka67xYh1d1SL3hT0VuzTq99m4jFvLm0xQr0nTwz6TDTOBbeZKywq9JWpM_2HXJJrI8CgyO7_rdp7TIPdbc3kzCzJGA_xOBL-ktb1uoJAcHmk-FIJhuDu91iioHwpjGAC3o0WN06RKsDkeHjzQ2mDV_0ksYVzhx4V3yyoc-I8MQ0QvuBWU_aKms694WJmI_Q==
> [45] mailto:Systems at lists.sugarlabs.org
> [46] http://lists.sugarlabs.org/listinfo/systems
> [47] mailto:Systems at lists.sugarlabs.org
> [48] http://lists.sugarlabs.org/listinfo/systems
> [49] mailto:Systems at lists.sugarlabs.org
> [50] http://lists.sugarlabs.org/listinfo/systems
> [51] mailto:Systems at lists.sugarlabs.org
> [52] http://lists.sugarlabs.org/listinfo/systems
> [53] https://www.facebook.com/pages/SugarLabs/187845102582
--
James Cameron
http://quozl.linux.org.au/
More information about the Systems
mailing list