Post Reply 
mediafire downloads
Aug. 17, 2010, 01:49 AM
Post: #1
mediafire downloads
I needed to download some file from Mediafire, and couldn't unless I bypassed proxo (using sidki's alpha4). So I started to play around a bit, and finally came up with this addition to my Exceptions-U (proxo was messing with function names in some inline javascript):

Code:
www.mediafire.com/        $SET(0=a_jsprop.)

Example link: http://www.mediafire.com/?uo1ywm1yzt3nhty

I don't know if it's the best way to solve it...
Comments/suggestions are welcome!
Add Thank You Quote this message in a reply
Aug. 17, 2010, 04:59 PM
Post: #2
RE: mediafire downloads
The blocking filter is

Block/Modify: Sel. JS Properties 07.04.02 [sd] (d.2)

As I do not like to add too many exceptions, I just UNTICK this WEBFILTER whenever I have to DL smthg from MEDIAFIRE

Regards.
Add Thank You Quote this message in a reply
Aug. 17, 2010, 05:21 PM
Post: #3
RE: mediafire downloads
(Aug. 17, 2010 01:49 AM)eclipse Wrote:  
Code:
www.mediafire.com/        $SET(0=a_jsprop.)

seems to be working perfectly for me...
many thanks for the catch - i "was" doing an "a_js" for mediafire when i didn't need to go that far after all...
Add Thank You Quote this message in a reply
Aug. 18, 2010, 12:40 AM
Post: #4
RE: mediafire downloads
(Aug. 17, 2010 05:21 PM)ProxRocks Wrote:  many thanks for the catch - i "was" doing an "a_js" for mediafire when i didn't need to go that far after all...

Hey, thanks ProxRocks, you are making me feel even prouder! I'm glad to be of help.
Add Thank You Quote this message in a reply
Aug. 22, 2010, 10:13 AM
Post: #5
RE: mediafire downloads
I've added that entry to the general exception list.
Add Thank You Quote this message in a reply
Aug. 23, 2010, 05:31 PM
Post: #6
RE: mediafire downloads
I just tried adding
Code:
www.mediafire.com/        $SET(0=a_jsprop.)

either to Exceptions or Exceptions-U with No success.

The link to download doesn't appear unless I untick the filter

Block/Modify: Sel. JS Properties 07.04.02 [sd] (d.2).

This makes the download box always appear.

(last alpha config, all last updates, including google complete, advanced mode).

It's something with the $SET(0=a_jsprop.) probably. I remember having had the same issue with another site not freed by this keyword.

How comes ???
Add Thank You Quote this message in a reply
Aug. 23, 2010, 09:34 PM
Post: #7
RE: mediafire downloads
The respective filters/lists definitely obay to their keywords.

From what i can imagine, there are three causes left that can cause keywords to not kick in immediately:
-1- The browser cache isn't cleared.
-2- Proxomitron was still observing open connections. In this case, edited lists aren't reloaded, but you have to do it manually, e.g. via the tray icon context menu: Add to List -> Reload Lists (or similar).
-3- User modifications to the config are breaking functionality: In release configs there is a fallback config file for such situations, called sidki_oob.ptron.
Add Thank You Quote this message in a reply
Aug. 23, 2010, 11:48 PM
Post: #8
RE: mediafire downloads
Hello Sidki, thanks for your quick answer!

I did a few quick tests to check:

Same problem with:
- browser freshly restarted, every session data cleared (as I always do when experimenting)
- browser cache absolutely emptied (as I always do in case of doubt)
- Active connections: 00
- Config systematically forced to reload
- Log window always open (on left margin of my left monitor): I use it to constantly monitor what's going on with internet

Same with: Firefox 3.019 - Chromium latest - Opera 9.64

Same with these configs taken oob from your zips:
- sidki_oob.ptron and sidki_2009-02-13.ptron from prox-config-sidki-2009-02-13.zip

But ... it WORKS (download link box appears) with the "sidki_2009-05-24.ptron" as taken oob from the "prox-config-sidki-2009-05-24-alpha.zip".

So, some modif I made in my config, some additional filter I suppose, is responsible for it. I'll throw an eye as soon as I'll have a few hours.

Anyhow, I just have to untick that filter whenever I wanna download from mediafire till I find the culprit.
Add Thank You Quote this message in a reply
Aug. 24, 2010, 01:54 AM
Post: #9
RE: mediafire downloads
Worked hard, but finally picked up the culprit:

It was a Header filter whose name was:
Code:
Key = "URL :0_3.4 Kill tracking scripts (Ghostery) {ln}090316 TEST"

and it's its mere name that was causing the issue !

I renamed it ...
Code:
"X-URL:0_3.4 Kill tracking scripts (Ghostery) {ln}090316 (out) TEST"

and -wonder- it worked like a charm: mediafire DL-link-box show up (with it's exception listed in ExceptionU.ptxt, of course)

I'm amazed at the susceptibility of Proxo about Header-filters' names!
Add Thank You Quote this message in a reply
Aug. 24, 2010, 04:46 AM
Post: #10
RE: mediafire downloads
maybe it's not the "name" of the header filter, but that entire header filter?

could it be that EVERY header filter parsed "after" that filter is NOT working? and by renaming it, you've only effected "where" that point in the header list is whereby everything AFTER it is no longer working?
Add Thank You Quote this message in a reply
Aug. 24, 2010, 01:00 PM (This post was last modified: Aug. 24, 2010 01:18 PM by fpout.)
Post: #11
RE: mediafire downloads
(Aug. 24, 2010 04:46 AM)ProxRocks Wrote:  maybe it's not the "name" of the header filter, but that entire header filter?

could it be that EVERY header filter parsed "after" that filter is NOT working? and by renaming it, you've only effected "where" that point in the header list is whereby everything AFTER it is no longer working?

Hello ProxRocks,

I was tempted to this immediate reply that everything seems to work well in my config by now, but to clear it up, as this new name sent the filter to the end of the list, I did a few trials:

Renamed the filter from
Code:
"X-URL:0_3.4 Kill tracking scripts (Ghostery) {ln}090316 (out) TEST"
to:
Code:
"!woof:0_3.4 Kill tracking scripts (Ghostery) {ln}090316 (out) TEST"
and saved/reloaded/save/ etc... the config, so that the filter is now near the top, just below the last of the
! :.Set Header Variables 09.07.04 [sd] (d.r) (In) filters

... and as far as the few pages I visited after that, the whole config seems to work as neatly as possible, included Mediafire & co.

It seems to really be the name of the filter that was the cause. EVERY filter beyond is working normally AFTER I renamed my "ghostery" filter ...

Here is the full text of that filter, which catches some more crap sites I extracted from the Firefox Ghostery addon list.
Works fine. Doesn't seem to be that useful, but gets touched from time to time.

Code:
[Blocklists]
List.Ghostery = "..\Lists\Ghostery.txt"

[HTTP headers]
In = FALSE
Out = TRUE
Key = "!URL Killer: Kill tracking scripts (Ghostery) {ln} 090316 (out) TEST"
URL = "(^local.ptron)"
Match = "((\w)\0|*((^(http|ftp)://|//)(http|.|/)\w)\0)$TST(\0=(.|/|)($LST(Ghostery))\9*)"
Replace = "$ADDLST(debug,0_3.4  Kill tracking scripts (\4)\t$DTM(Y/M/D H:m:s't)\t$GET(uDom)\t$GET(uExt)\t$GET(ContentType)\t$GET(Resp)\t$GET(ContentLength)\t\u\t\9\t\1\t\3) $LOG(R$DTM(c),0_3.4  Kill tracking scripts (\4): \u) $ALERT(Ghostery - Touched = \u) \k"

Added "$ALERT(Ghostery - Touched = \u)" to be advised when the filter is triggered - To be removed if annying.

I attach the list of sites to filter, if smbdy' interested.

-------------- EDIT --------------
Credit =
Couldn't remember where I got that filter from. A quick Googling gave me the answer: It's an Inminente filter from:
http://prxbx.com/forums/archive/index.ph...-1312.html (page bottom) 17-03-2009
-----------------------------------


Attached File(s)
.zip  ghostery-list_for_filter.zip (Size: 3.34 KB / Downloads: 337)
Add Thank You Quote this message in a reply
Aug. 24, 2010, 01:21 PM
Post: #12
RE: mediafire downloads
ah, interesting...

why don't you just block ALL scripts "by default"?
then only allow 'script kiddies' to do their 'thing' on an "as needed" basis?


i've been doing that for several years now and it's been a godsend...
during that span, there have been "several" coworkers that have needed full reinstalls due to web browsing "scripts" (primarily stemming from "college humor" types of website, nothing "x-rated")...

the script-crippling that "crashed" these several company machines were not isolated to any "browser" (IE8 and Firefox were BOTH "hit")...

blocking scripts kept me safe even though i browse the same "college humor" types of web sites...

Comodo Firewall (the OLD version, v2.4.18.184) kept me safe from the "creepy crawlies" that then infiltrated our server...

we ran "TDSSKiller" (from Kaspersky) on ALL of our machines and i was the ONLY one that it didn't find anything on - (i even got a free lunch out of the IT guy, "i'll bet you today's lunch that my PC is CLEAN!")...


anymore nowadays, "script blocking" is MORE important than running "antivirus" software !!!


</ two cents>
Add Thank You Quote this message in a reply
Aug. 24, 2010, 04:05 PM (This post was last modified: Aug. 24, 2010 04:20 PM by fpout.)
Post: #13
RE: mediafire downloads
Add Thank You Quote this message in a reply
Aug. 24, 2010, 04:37 PM (This post was last modified: Aug. 24, 2010 04:41 PM by ProxRocks.)
Post: #14
RE: mediafire downloads
couldn't agree more!...

i think we might be twins, lol...

a) nLite'd fresh installs every 2 to 3...
b) no "suggest" crap-ola...
c) block ANY and ALL phone-home auto-updates...
d) blocking favicon's (i thought i was alone on this one, lol)...
e) "iexplore.exe" is blocked ALL access (IE "clones" work withOUT "iexplore.exe"!)...
f) "firefox.exe" is NOT allowed ANY TCP 'connections'...
g) the ONLY executable 'allowed' access to Port 53 is Proxo !!!
h) very limited "installs", almost everything has been "portablized"...
i) NEVER install to an installer's "default" directory location...
j) and the most IMPORTANT, svchost.exe is NOT given "free reign" (in fact, it is denied ALL access to the internet if i'm "wired", i have to allow a "few" items for my wireless)...


i grant that blocking scripts is a 'nuisance' AT FIRST, but you get used to it Big Teeth
and ya can always allow "some" sites to do their scripting Smile!


edit: gasp! you installed Outpost to "Program Files"?! YIKES! lol...
Add Thank You Quote this message in a reply
Aug. 24, 2010, 05:21 PM
Post: #15
RE: mediafire downloads
a-b-c-d-e- Yes,yes,yes

f) "firefox.exe" is NOT allowed ANY TCP 'connections'...
Yes, NO TCP except localhost/local LAN, but quite hard to keep, with mozilla addons to update and visit !

g) the ONLY executable 'allowed' access to Port 53 is Proxo !!!
... never tried, seems nice, gonna give a try some day

h) very limited "installs", almost everything has been "portablized"...
i) NEVER install to an installer's "default" directory location...
... so do I
svchost.exe, absolutely agree ! though I had a hard time trying to find what to allow exactly !

Quote:edit: gasp! you installed Outpost to "Program Files"?! YIKES! lol...
No way else, only works from there I think.

In fact, you know, You and Odissey are the ones who (through all your posts) really opened my eyes on what a prey and how much vulnerable we can be on the web ...

Not talking about cross-reference tracking, history stealing, etc, like here explained here : http://panopticlick.eff.org/

I think anyone should start from that excellent collection of stand-alones: http://www.liberkey.com/en/catalog/browse.html
and for portabilizing, I find AutoHotkey (included in LIBERKEY) and AutoIt are very handy. What do you use ?
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: