Trap for cdn abusers with a specific map/app version #89

biodranik · 2024-10-24T07:20:18Z

Upd: это вот эти ребята: https://apps.apple.com/us/app/mapxplorer-navigation-radar/id6463052823

Есть и аппа под андроид: https://play.google.com/store/apps/details?id=com.maps.radar.navigation.android2023

За сутки нагнали трафика почти на 1000 установок iOS.

Сервер настроен и работает, отдавая данные со скоростью 6кб/с, и логает все айпишники.

Цель: чтобы пользователи "левого" приложения на базе ОМ, которое использует наши серверы, начали жаловаться или лепить плохие оценки приложению. Если разработчики выпустят обновление с мастера, мы увидим айди и название их приложения в iCloud логах (если они конечно не догадаются и их не выпилят).

Этот код уже словил несколько клиентов за 20 минут:

alex@cdn-fi2:~$ sudo cat /var/log/nginx/badguys-access.log
105.40.99.11 [24/Oct/2024:06:55:17 +0000] "HEAD / HTTP/2.0" 200 0 "Organic%20Maps/4 CFNetwork/1568.100.1.2.1 Darwin/24.0.0"
84.72.175.236 [24/Oct/2024:06:56:45 +0000] "HEAD / HTTP/2.0" 200 0 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
178.115.43.201 [24/Oct/2024:06:57:50 +0000] "HEAD / HTTP/2.0" 200 0 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
84.72.175.236 [24/Oct/2024:06:58:03 +0000] "GET /maps/240702/Switzerland_Eastern.mwm HTTP/2.0" 200 522091 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
71.222.4.4 [24/Oct/2024:06:58:39 +0000] "HEAD / HTTP/2.0" 200 0 "Organic%20Maps/4 CFNetwork/1568.100.1.2.1 Darwin/24.0.0"
71.222.4.4 [24/Oct/2024:06:59:36 +0000] "GET /maps/240702/US_Nevada.mwm HTTP/2.0" 200 374799 "Organic%20Maps/4 CFNetwork/1568.100.1.2.1 Darwin/24.0.0"
71.222.4.4 [24/Oct/2024:06:59:47 +0000] "GET /maps/240702/US_Nevada.mwm HTTP/2.0" 200 60134 "Organic%20Maps/4 CFNetwork/1568.100.1.2.1 Darwin/24.0.0"
128.124.204.122 [24/Oct/2024:07:00:59 +0000] "HEAD / HTTP/2.0" 200 0 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
128.124.204.122 [24/Oct/2024:07:01:13 +0000] "GET /maps/240702/Ukraine_Kyiv%20Oblast.mwm HTTP/2.0" 200 93611 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
99.69.200.84 [24/Oct/2024:07:07:15 +0000] "GET /maps/240702/US_Missouri_Kansas.mwm HTTP/2.0" 206 4023556 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
178.115.43.201 [24/Oct/2024:07:08:05 +0000] "GET /maps/240702/Austria_Tyrol.mwm HTTP/2.0" 200 4083831 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
49.32.233.141 [24/Oct/2024:07:08:42 +0000] "HEAD / HTTP/2.0" 200 0 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
51.81.46.212 [24/Oct/2024:07:08:47 +0000] "GET / HTTP/1.1" 200 1548 "-"
49.32.233.141 [24/Oct/2024:07:09:12 +0000] "GET /maps/240702/India_Maharashtra.mwm HTTP/2.0" 200 194035 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
46.121.198.142 [24/Oct/2024:07:10:31 +0000] "HEAD / HTTP/2.0" 200 0 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
178.115.43.201 [24/Oct/2024:07:10:58 +0000] "GET /maps/240702/Austria_Tyrol.mwm HTTP/2.0" 206 1164793 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
185.12.130.72 [24/Oct/2024:07:11:54 +0000] "HEAD / HTTP/2.0" 200 0 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
46.121.198.142 [24/Oct/2024:07:12:03 +0000] "GET /maps/240702/Israel.mwm HTTP/2.0" 200 615819 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
185.12.130.72 [24/Oct/2024:07:13:23 +0000] "GET /maps/240702/Switzerland_Zurich.mwm HTTP/2.0" 200 595734 "Organic%20Maps/4 CFNetwork/1498.700.2 Darwin/23.6.0"
105.40.99.11 [24/Oct/2024:07:15:08 +0000] "GET /maps/240702/Egypt.mwm HTTP/2.0" 200 7980329 "Organic%20Maps/4 CFNetwork/1568.100.1.2.1 Darwin/24.0.0"
87.88.180.187 [24/Oct/2024:07:17:21 +0000] "HEAD / HTTP/2.0" 200 0 "Organic%20Maps/4 CFNetwork/1568.200.51 Darwin/24.1.0"

Signed-off-by: Alexander Borsuk <[email protected]>

vng · 2024-10-24T11:59:12Z

src/servers.ts

@@ -122,6 +122,11 @@ export async function getServersList(request: Request) {
  if (dataVersion === null) {
    // Older clients download from the archive.
    servers = [SERVER.backblaze];
+  } else if (dataVersion == 240702 && request.headers.get('x-om-appversion') == '1.8.6-4-ios') {


Я бы жестко задал типа version.starts_with("1.8.") без версии данных.

Тогда разрабы вскроют лимит до аплоада в стор.

Ну ок. Тогда надо подумать как ловить их апдейты. Может тогда еще сделать что-то типа алерта starts_with("1.") на последней ветке else

vng · 2024-10-24T12:01:09Z

Этот fi2 в нашей собственной раздаче не участвует?

biodranik · 2024-10-24T16:48:23Z

Не участвует.

src/servers.ts

Signed-off-by: Alexander Borsuk <[email protected]>

Trap for cdn abusers with a specific map/app version

1a23f72

Signed-off-by: Alexander Borsuk <[email protected]>

biodranik requested a review from vng October 24, 2024 07:20

biodranik assigned rtsisyk Oct 24, 2024

vng approved these changes Oct 24, 2024

View reviewed changes

rtsisyk approved these changes Oct 24, 2024

View reviewed changes

biodranik commented Oct 25, 2024

View reviewed changes

src/servers.ts Outdated Show resolved Hide resolved

Update src/servers.ts

9c8eea6

Signed-off-by: Alexander Borsuk <[email protected]>

biodranik merged commit 50c140e into master Oct 25, 2024
1 check passed

biodranik deleted the ab-trap-server branch October 25, 2024 12:18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Trap for cdn abusers with a specific map/app version #89

Trap for cdn abusers with a specific map/app version #89

biodranik commented Oct 24, 2024 •

edited

Loading

vng Oct 24, 2024

biodranik Oct 25, 2024

vng Oct 25, 2024

vng commented Oct 24, 2024

biodranik commented Oct 24, 2024

Trap for cdn abusers with a specific map/app version #89

Trap for cdn abusers with a specific map/app version #89

Conversation

biodranik commented Oct 24, 2024 • edited Loading

vng Oct 24, 2024

Choose a reason for hiding this comment

biodranik Oct 25, 2024

Choose a reason for hiding this comment

vng Oct 25, 2024

Choose a reason for hiding this comment

vng commented Oct 24, 2024

biodranik commented Oct 24, 2024

biodranik commented Oct 24, 2024 •

edited

Loading