Browser Security Pack v4.54 [Proxomitron]

Discussion in 'other security issues & news' started by Kye-U, Jan 3, 2006.

Thread Status:
Not open for further replies.
  1. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Version 4.54 is Released!

    Last Updated: January 3, 2006 - 4:40 AM EST

    What's New?

    http://kyeu.info/proxo/forums/viewtopic.php?p=1115#1115

    Download here!

    MD5: 1E602D6E8BD5816E1CD9D945221F2C1E

    ---------------------

    For those who have problems with Proxomitron after merging this set, try my standalone version.

    http://kyeu.info/proxo/forums/docs/Kye-U.Browser.Security.Pack.v4.54.Standalone.zip

    Download, Extract to Your Proxomitron Folder, Open Proxomitron.exe, click on Load Config, select "Kye-U.Browser.Security.Pack.v4.54.Standalone.cfg".

    (The difference in this one is that it has window settings and everything a normal config has)

    ---------------------

    WMF-Exploit Filters only. You need both.

    Web Page Filter:

    Code:
    [Patterns]
    Name = "Windows: Nullify Suspected WMF-Exploit Files [Kye-U] {JJoe}"
    Active = TRUE
    Limit = 18
    Match = "[%00-%02][%00][%09][%00][%00][%03]([%00-%FF]+{10})[%00][%00]$SET(SS=1)PrxNeverMatch"
            "|[%26][%00-%FF][%09][%00]$TST(SS=1)"
    Replace = "\k$ALERT(Suspected WMF-Exploit File Nullified on:\n\n\u\n\nProbable exploit and payload has been removed from the file.\n\nThe file is now harmless.)"
    Header Filter:

    Code:
    [HTTP headers]
    In = TRUE
    Out = FALSE
    Key = "Content-Type: !!!Filter All File Types {P} [Kye-U] {JJoe} (In)"
    URL = "$FILTER(true)"
    Match = "(*|)image/gif(*|)$SET(1=image/jpeg)|\1"
    Replace = "\1"
     
  2. masqueofhastur

    masqueofhastur Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    109
    Forgive me for not reading up fully on this program before asking, but since Proxomitron is a local proxy, I'm assuming it would use localhost - would there be any issues with using a hosts file that would redirect certain sites to localhost to block them?
     
  3. dog

    dog Guest

    Hi masqueofhastur,

    No, not at all. :)

    Steve
     
  4. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
    The standalone version referenced above appears to be blocked. 403 error.

    cheers
     
  5. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    It should be working, I haven't written any hotlink protection script for that folder. :(
     
  6. dog

    dog Guest

    It works for me. :doubt:
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    The site is working for me. o_O
     
  8. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
  9. dog

    dog Guest

    Last edited by a moderator: Jan 3, 2006
  10. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
    Got it!:)

    Many thanks

    cheers
     
  11. dog

    dog Guest

    Great, Good to Hear :)
     
Loading...
Thread Status:
Not open for further replies.