cli icon indicating copy to clipboard operation
cli copied to clipboard

Published 20 hours ago verified publisher icon loophole

Loophole is sending exploit attempts to my web server?!

Open CherryDT opened this issue 2 months ago • 8 comments

When I start Loophole, I get this kind of "hacking attempt" requests on my webserver immediately. How is this possible? Surely nobody could guess the ID in your URL (especially not within seconds). Have you been hacked?

  <-- GET / 127.0.0.1
  --> GET / 127.0.0.1 200 2ms 3.71kb
  <-- GET / 127.0.0.1
  --> GET / 127.0.0.1 200 1ms 3.71kb
  <-- GET / 127.0.0.1
  --> GET / 127.0.0.1 200 1ms 3.71kb
  <-- GET /server 127.0.0.1
  --> GET /server 127.0.0.1 200 2ms 3.71kb
  <-- GET / 127.0.0.1
  --> GET / 127.0.0.1 200 2ms 3.71kb
  <-- GET /debug/default/view?panel=config 127.0.0.1
  --> GET /debug/default/view?panel=config 127.0.0.1 200 2ms 3.71kb
  <-- GET /v2/_catalog 127.0.0.1
  --> GET /v2/_catalog 127.0.0.1 200 2ms 3.71kb
  <-- GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application 127.0.0.1
  --> GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application 127.0.0.1 200 2ms 3.71kb
  <-- GET /server-status 127.0.0.1
  --> GET /server-status 127.0.0.1 200 1ms 3.71kb
  <-- GET /_all_dbs 127.0.0.1
  --> GET /_all_dbs 127.0.0.1 200 22ms 3.71kb
  <-- GET /.DS_Store 127.0.0.1
  --> GET /.DS_Store 127.0.0.1 404 1ms -
  <-- GET /.env 127.0.0.1
  --> GET /.env 127.0.0.1 404 0ms -
  <-- GET /s/2373e2632313e2130323e2833313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties 127.0.0.1
  --> GET /s/2373e2632313e2130323e2833313/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties 127.0.0.1 200 3ms 3.71kb
  <-- GET /config.json 127.0.0.1
  --> GET /config.json 127.0.0.1 200 2ms 3.71kb
  <-- GET /telescope/requests 127.0.0.1
  --> GET /telescope/requests 127.0.0.1 200 2ms 3.71kb
  <-- GET /?rest_route=/wp/v2/users/ 127.0.0.1
  --> GET /?rest_route=/wp/v2/users/ 127.0.0.1 200 2ms 3.71kb
  <-- HEAD / 127.0.0.1
  --> HEAD / 127.0.0.1 200 1ms 3.71kb
  <-- GET / 127.0.0.1
  --> GET / 127.0.0.1 200 1ms 3.71kb
  <-- GET / 127.0.0.1
  --> GET / 127.0.0.1 200 1ms 3.71kb
  <-- GET /.git/config 127.0.0.1
  --> GET /.git/config 127.0.0.1 404 1ms -

CherryDT avatar May 07 '24 06:05 CherryDT