Exploitkings.com appearing in Octoprint logs


#1

Hi,

I have noticed the following log line coming up in my logs from time to time. The domain of course is rather concerning. Based on the traceback I think it's a plugin that has used the M33 Fio library (I don't have the library installed directly), that's then looking for updates to show in the announcements.

I'm pretty sure it's OK, but after grepping the installed code I can't see any mention of the exploitkings.com domain name - so just making doubly sure (and for others) :smile:

2018-08-21 14:26:50,039 - octoprint.plugins.announcements - ERROR - Could not fetch channel _m33fio from https://exploitkings.com/scripts/M33 Fio.xml: HTTPSConnectionPool(host='exploitkings.com', port=443): Max retries exceeded with url: /scripts/M33%20Fio.xml (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7fbb10065ed0>, 'Connection to exploitkings.com timed out. (connect timeout=30)'))
Traceback (most recent call last):
  File "/opt/octoprint/venv/lib/python2.7/site-packages/OctoPrint-1.3.9-py2.7.egg/octoprint/plugins/announcements/__init__.py", line 355, in _get_channel_data_from_network
    r = requests.get(url, timeout=30)
  File "/opt/octoprint/venv/lib/python2.7/site-packages/requests-2.19.1-py2.7.egg/requests/api.py", line 72, in get
    return request('get', url, params=params, **kwargs)
  File "/opt/octoprint/venv/lib/python2.7/site-packages/requests-2.19.1-py2.7.egg/requests/api.py", line 58, in request
    return session.request(method=method, url=url, **kwargs)
  File "/opt/octoprint/venv/lib/python2.7/site-packages/requests-2.19.1-py2.7.egg/requests/sessions.py", line 512, in request
    resp = self.send(prep, **send_kwargs)
  File "/opt/octoprint/venv/lib/python2.7/site-packages/requests-2.19.1-py2.7.egg/requests/sessions.py", line 622, in send
    r = adapter.send(request, **kwargs)
  File "/opt/octoprint/venv/lib/python2.7/site-packages/requests-2.19.1-py2.7.egg/requests/adapters.py", line 501, in send
    raise ConnectTimeout(e, request=request)
ConnectTimeout: HTTPSConnectionPool(host='exploitkings.com', port=443): Max retries exceeded with url: /scripts/M33%20Fio.xml (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7fbb10065ed0>, 'Connection to exploitkings.com timed out. (connect timeout=30)'))

#2

Um, it appears you have your Octoprint open to the 'net. That is very bad.


#3

Never mind- it appears the plugin creator has an invalid domain/URL for fetching plugin versions for updates. What version of the plugin do you have? It may be fixed in v21 (or it may needs some stuff from the mothership that configures a list of repos to check.


#4

The weird thing is I don't have the "M33-Fio" plugin installed - that's the reference I found as well when trying to see if others also had the issue. I have grep'd my entire venv source code and can see no mention of "exploitkings" anywhere. It's super confusing (hence posting).

But in writing this I realised that I have not actually grep'd my config directories, there was a reference to it in there... For whatever reason (may have been installed at some point in the past), I have an announcements section for "M33 Fio Announcements and News" (also in my config.yml). So I have just disabled this in the UI, and pretty sure it's going to fix the issue... :confused:

Thanks for getting back to me!


#5

@foosel correct me if I'm wrong, but this looks like a check for the latest version of a plugin in the repository, and is not necessarily related to installed plugins?


#6

I think it maybe (ie: it's not actually installed) - but hard to tell (I would imagine everyone would be seeing the error if that's the case). However I do have this in my config.yaml (I certainly didn't put it there, so assuming a plugin did - I have installed and removed a number of plugins since I have been using Octoprint :smile: ):

  announcements:
    _config_version: 1
    channels:
      _blog:
        read_until: 1529054100
      _important:
        read_until: 1521111600
      _m33fio:
        description: Announcements and news related to M33 Fio.
        name: M33 Fio Announcements and News
        priority: 2
        read_until: 1503238131
        type: rss
        url: https://exploitkings.com/scripts/M33 Fio.xml
      _octopi:
        read_until: 1527588900
      _plugins:
        read_until: 1534118400
      _releases:
        read_until: 1532527200

#7

Mostly correct. Looks like the plugin actually did add this announcement entry to the config on install. There's no other API available for extending the sources of the announcement plugin and the author took measure into their own hand here from the looks of it - sadly they didn't think of what would happen if a user uninstalled the plugin, which of course would not automatically clean that up. I would open a ticket in the plugin's issue tracker here to be honest - it's adding things to a place where it can't clean them up on uninstall and that's somewhat tricky.