more info on how a pc can add itself into the webpanel without knowing the address

[zaromarco]

Hi , i need to understand if a pc could be able to add itself to the webpanel without knowing the webpanel url. could use the wallet address retrieved from a pastebin setup for remote url? many thank's

[UnamSanctam]

Well you need to let the miner know the URL in some way, you can add "api-endpoint": "WEB PANEL URL" into the "Remote Configuration" to change the web panel URL that way.

[zaromarco]

Thanks for the info, the question arise because yesterday I have opened the web panel and found that a pc called Johnpc from Czech Republic was connected to my web panel and was mining xmr on my Monero wallet address...when I found it it was offline but I don't know where it was able to find my Monero wallet address and my web panel address since is not written nowhere...

[UnamSanctam]

Hmm, did you ever give your settings to someone? So that maybe they used it for testing if the miner works?

[zaromarco]

No never , no one knows my wallet address and no one the web panel because I'm using for solo operation The only one who knows the wallet address is obviously moneroocean service but not the url of the web panel ....with details related to that pc (thanks to your great product) I was able to understand it was a hyper-v vm on Xeon gold , which is not an hardware of mine (I thought an hacking on my machine at the beginning)

[UnamSanctam]

Then yeah that's weird then, no one should be able to mine to it without the URL of course.

[TeKGameR950]

I have the same issue, people keeps connecting randomly... I didn't published the software. So idk how they find my domain api endpoint... Its like this software is sending your endpoint somewhere.

I've added a $_GET password in endpoint, so my miners use endpoint.php?pass=thePassword & php endpoint.php die if wrong password.

And even with that they manage to add themselves. Its so weird because nothing is released, told the endpoint to nobody and the domain is a fresh domain from a few hours ago.

There's something wrong.

[UnamSanctam]

If they're connecting then they know your API endpoint because you've published it somewhere, have you not uploaded the file anywhere? If you upload the file to somewhere like MediaFire then they will send it to VirusTotal which will test run the miner on many antiviruse sandbox VMs and they would appear in the list.

[TeKGameR950]

Oh yeah, i've uploaded it to virustotal, i understand now..