Apple's search bot leaked internal IP

A security researcher discovered that bots her που ανίχνευσαν τη σειρά podcast του, είχαν διαρροή εσωτερικών IP, λόγω ενός λανθασμένου διαμορφωμένου διακομιστή μεσολάβησης.

For its part, Apple took a little over 9 months to fix this leak, for no apparent reason.

Applebot refers to the web program of Apple that scans the web to find content for its users.

"Applebot is the web crawler for Apple. "Products like Siri and Spotlight Suggestions use Applebot," according to Apple.

Last month, the researcher and podcaster David Coomber, discovered that Applebot had used a proxy server that leaked Apple's internal IP addresses.

A sample request made to Coomber's website contained both headers () που αποκάλυπταν την εσωτερική IP of the device behind the proxy server.

17.XXX “HEAD /mixes/podcast.jpg HTTP / 1.1” 301 “iTMS” “1.1 pv50XXX.apple.com (proxy product)” “XXX12”

The fields listed respectively are the external IP address of the proxy server, the route requested, the HTTP response, the web browser's user agent information, and the Via and X-Forwarded-For header values.

Although I've seen some bots that were not set up properly, I was surprised to see Apple's Podcast bot looking for updates on my podcast (Deep House Mixes) using a proxy that displayed internal IPs and hostnames from "Via" , ”X - Forwarded-For”.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).