search

humitos / pyfispot

Hotspot running with Python 2.7 + Flask + nginx + uWSGI + dnsmasq + hostapd
GNU General Public License v2.0
60 stars 23 forks source link

Strange access to the hostspot Flask app #18

Open humitos opened 8 years ago

humitos commented 8 years ago 
192.168.10.52 - - [20/Oct/2015:12:52:57 -0500] "\xEF\x12?\xA0\x8E%\xD5\x8E\xAB.j \xFA\x06LbXqd\xDE@A>\xE5\x7F\x5C\x18c\x91#\x83i\x8D\x7F\x9F\x96?kn\x8E\xC6\xB7>\xC8\xAF\xE4f\xE1\xD1\x10\xF9\xED\xEB\x84\x13b:h\xB8\x93\x1B\xE7\xD3Sb\xCDe\x8A\x1C)\x10_y\x97\x12?\xA0\x8E%\xD5\x8E\xAB.\x81\x94\x8CN\xA5|\xC0\x88\xA4Njf\xD3\xC4\x82=\xFE\x95\xF6\xABo\xD9\xAA8a4\xA9\x7F\x87\xB9\xF5kl+FUe\xD4&\x8D\x9DX9C\xE6\xA5P\x89\xCE\xF9$By\x8E\xDB\xBC" 400 172 "-" "-"
192.168.10.52 - - [20/Oct/2015:12:53:01 -0500] "\xEF\x12?\xA0\x8E%\xD5\x8E\xAB.6\x8A5z\x0C\x04\x9F\x9B\xD5n\xE0\x83\x81+O\xDC\xF2\xD6\x8D\x13\xD4Z\xC2\x11i\xDA\xF6:D\xE4a\x98*\xD9\xB5\xC1\xBD\xA3\xB5)\x0E\xA1\xBC\xB5\xD7n*oC\xFE\xAB_i\xD9/?0\x93\xBE\x12N0\xC9\xD5\x12?\xA0\x8E%\xD5\x8E\xAB.\xBB\xFC\xCC\xC1\xE9\xFD\x88\xE2|O\xBF\xF3x]J\x98jY\xE7G\xF4#\xAFd.\xE4\x80\xEC\x0C\x5C\x15\x10/\xDDIX=I\xE8,?~\x87\xDC*\x9EF\xE8K9,\x17#?\xA8u5\xF3k.C\xFF\xA9\xDB" 400 172 "-" "-"
192.168.10.52 - - [20/Oct/2015:12:53:05 -0500] "\xEF\x12?\xA0\x8E%\xD5\x8E\xAB.\x80\xB7\xD6\xDA\x0C3\xCAx\x164\xB9D\xC2\x92{Do\xF6\x9E\xD4v;t7\xC3\x98\xEB{\x86z\xA3\xFE\x90\x04\xF3\x84\xF4V" 400 172 "-" "-"
192.168.10.52 - - [20/Oct/2015:12:56:12 -0500] "\xEF\x12?\xA0\x8E%\xD5\x8E\xAB.\x83F\xF6W$m\x13\x12\xC2\x05\xD0\x95\x11\x88\x81$TW\xC4xGo\x84\xED&\xFF\xD7\xDC\xE8\xDE\xD1\xA6\x85\x80\xE0\x92\xF7f\x88\xFE\xE0\x86\xFA/\xC2\xD3\xF0\xB9G\xAD\xB7\xD2\xBDaK\xFC~5\xB9\xC5E4\xAF!\x12?\xA0\x8E%\xD5\x8E\xAB.\x12\x1B\xC9\x0FItm\x9B-\x0CY\xB2\x05d\xD82P\xA4Ug\x9E \x05\xF1uX*\x84\xDA\x0F\xAA\xD6'x\x93$\x87\x9F\x01" 400 172 "-" "-"
192.168.10.52 - - [20/Oct/2015:12:56:16 -0500] "\xEF\x12?\xA0\x8E%\xD5\x8E\xAB.\xE4\xBB3X\x1E\x8A\xD4\x8A]\xAE.j-\xB5\xA0\xCFt,\xCF\xC7UY\xFC\xCC|\xD2\xEE\x01X\xF1\x22N\xCC" 400 172 "-" "-"
192.168.10.52 - - [20/Oct/2015:12:56:20 -0500] "\xEF\x12?\xA0\x8E%\xD5\x8E\xAB.x\x18" 400 172 "-" "-"
192.168.10.52 - - [20/Oct/2015:12:56:24 -0500] "\xEF\x12?\xA0\x8E%\xD5\x8E\xAB.o\x9B\xF4m\xF6\xAA\x14\x9C\x8D\xBA\xFF\x05{z\x07_!\xBE,\xB8w\x13\xA2;(\x81,\xB7\x15\x90#1\x91`\xAB\x22j\x09l\x1B\xAE\xD46\xC5\x9C\xFAH\xFE\x1AT\x1B5L{\xFE`\x90,\xC8FU\xE7\x97\x22\x12?\xA0\x8E%\xD5\x8E\xAB._\xC5nYf\x9F=Q\xCC\x15\xEB\x99\x06\x08\xF0b\xC0\x92\xE8\x93!\xEFy\x17^o\xC2\xC6\xD7u\xCE\xF8\xEE\x14!\x22\xC4\x80w\x9F\xF8\xD16K\x8B\xFD\xEC\x02\xB1S>\xA4<" 400 172 "-" "-"

Some Android smartphones tries to access to our hotspot at this addresses. We need a way to debug this and take a decision about what to do.

humitos commented 8 years ago

Command to debug:

sudo tcpdump -i wlan0 -vvv -A "src host android-ec07e9e3c67239d0 and port 80"