tags:

views:

14

answers:

1
Q: 

DJango Dev Server strange output ppcfinder.net/judge.php

Hi all,

I wonder if anyone has seen this. I am developing a web app and the dev server just output the following when I was doing some testing.

logging on
[21/Oct/2010 13:42:56] "POST /members/logon/ HTTP/1.1" 302 0
[21/Oct/2010 13:42:57] "GET / HTTP/1.1" 200 20572
[21/Oct/2010 13:42:59] "GET http://ppcfinder.net/judge.php HTTP/1.1" 404 1744
----------------------------------------
Exception happened during processing of request from ('221.195.73.68', 2884)
Traceback (most recent call last):
  File "C:\Python26\lib\SocketServer.py", line 281, in _handle_request_noblock
    self.process_request(request, client_address)
  File "C:\Python26\lib\SocketServer.py", line 307, in process_request
    self.finish_request(request, client_address)
  File "C:\Python26\lib\SocketServer.py", line 320, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "C:\Python26\lib\site-packages\django\core\servers\basehttp.py", line 562
, in __init__
    BaseHTTPRequestHandler.__init__(self, *args, **kwargs)
  File "C:\Python26\lib\SocketServer.py", line 615, in __init__
    self.handle()
  File "C:\Python26\lib\site-packages\django\core\servers\basehttp.py", line 602
, in handle
    self.raw_requestline = self.rfile.readline()
  File "C:\Python26\lib\socket.py", line 406, in readline
    data = self._sock.recv(self._rbufsize)
    error: [Errno 10054] An existing connection was forcibly closed by the remote ho
    st
    ----------------------------------------
    logging on
    [21/Oct/2010 13:43:44] "POST /members/signup/ HTTP/1.1" 302 0
----------------------------------------
Exception happened during processing of request from ('221.195.73.68', 3227)
Traceback (most recent call last):
  File "C:\Python26\lib\SocketServer.py", line 281, in _handle_request_noblock
    self.process_request(request, client_address)
      File "C:\Python26\lib\SocketServer.py", line 307, in process_request
    self.finish_request(request, client_address)
  File "C:\Python26\lib\SocketServer.py", line 320, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "C:\Python26\lib\site-packages\django\core\servers\basehttp.py", line 562
, in __init__
    BaseHTTPRequestHandler.__init__(self, *args, **kwargs)
  File "C:\Python26\lib\SocketServer.py", line 615, in __init__
    self.handle()
  File "C:\Python26\lib\site-packages\django\core\servers\basehttp.py", line 602
, in handle
    self.raw_requestline = self.rfile.readline()
  File "C:\Python26\lib\socket.py", line 406, in readline
    data = self._sock.recv(self._rbufsize)
error: [Errno 10054] An existing connection was forcibly closed by the remote ho
st
----------------------------------------
checking for entry_details, oh yeh
member invitation

Everything until the /ppcfinder.net/judge.php line is expected, I have no idea what this judge.php is doing or where it came from. Myoutput starts again at 

checking for entry_details, oh yeh
    member invitation

I searched through all Python / django source in case I got something nasty in there but nothing. I searched through all my own source and it's not in there either.

What on earth is it and where did it come from. I saw it last week as well but couldn't find it. Last week judge.php was being accessed via an IP address rather than ppcfinder.net URL. I checked out ppcfinder.net after turning off Javascript and it appears to be a rubbish search site. It's a bit scary in case something has got enbeded somewhere in Python source and mighjt be stealing stuff but I can't find it.

Has anyone seen this?

Rich

+2  A: 

Seems like a bot in another host hit yours searching for known vulnerabilities to exploit.

Paulo Scardine  2010-10-21 03:30:05
It's all obvious now, ppcfinder.net, the name says it all. They should be shut down! Oops, I am pretty upset by this. I have never been so stupid! It's OK when I am at home because I am behind my wireless router but I am working away from home and have my wireless network card online so I had no firewall, had the django dev server listening on public IP address and I just tested it from my iphone and low and behold, my dev site was on line to the world!
Rich  2010-10-21 03:47:36
Oh well, I hope they didn't care what they found and I hope this post might help someone realise there is danger in running a dev server on 0.0.0.0 unless you are real careful! 0.0.0.0 is now gone and my firewall is on! I switched it off so I could test from my ipad at home where I knew it was safe but forgot to switch back on before using wireless card! Unbelievably stupid.
Rich  2010-10-21 03:47:57

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python