Home » suspected attack on home server

suspected attack on home server

by Reddit » Hacking
0 comment

first off im not a security expert im not even sure if this was a attack but i just want to be safe and ask since this happened on my pc

im running a small django api on my pc for a friend to test few things, i forwarded the port 8080 to be accessible from lan

to access the api you need to know the ip of my machine and port 8080 then i got these weird requests


i got a get on / which does not exist then later on i got a post on “/GponForm/diag_Form?images/” and im pretty sure this is not from my friend which is the only one that has the ip and port

i googled this string and i found a cve CVE-2018-10561 the description of which says

“An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending “?images” to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.”

i dont have a dasan gpon homerouter in fact i have a huawei one and i dont understand the connection between the homerouter and the server as far as i know the homerouter is not exposed by django or any other server no? speaking if the person behind this thought this was a homerouter why does a router have a ip and port accessible from lan?

and the weird part is django returned code 400 bad request bad to who??????? it should return 404 and thats it, is there is a intended post request here?

i tried recreating this in python but only got 404 i could not recreate the 400 code


what is going on here?

submitted by /u/notoriousboii[visit reddit] [comments]

Source: Read More

You may also like

Leave a Comment


Cybernonstop is created to bring news and knowledge through articles to visitors.

Do not forget to subscribe.

Laest News

@2021 – All Right Reserved. Designed and Developed by PenciDesign