Browser Security Pack v4.54 [Proxomitron]

Discussion in 'other security issues & news' started by Kye-U, Jan 3, 2006.

Thread Status:
Not open for further replies.
  1. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Version 4.54 is Released!

    Last Updated: January 3, 2006 - 4:40 AM EST

    What's New?

    http://kyeu.info/proxo/forums/viewtopic.php?p=1115#1115

    Download here!

    MD5: 1E602D6E8BD5816E1CD9D945221F2C1E

    ---------------------

    For those who have problems with Proxomitron after merging this set, try my standalone version.

    http://kyeu.info/proxo/forums/docs/Kye-U.Browser.Security.Pack.v4.54.Standalone.zip

    Download, Extract to Your Proxomitron Folder, Open Proxomitron.exe, click on Load Config, select "Kye-U.Browser.Security.Pack.v4.54.Standalone.cfg".

    (The difference in this one is that it has window settings and everything a normal config has)

    ---------------------

    WMF-Exploit Filters only. You need both.

    Web Page Filter:

    Code:
    [Patterns]
    Name = "Windows: Nullify Suspected WMF-Exploit Files [Kye-U] {JJoe}"
    Active = TRUE
    Limit = 18
    Match = "[%00-%02][%00][%09][%00][%00][%03]([%00-%FF]+{10})[%00][%00]$SET(SS=1)PrxNeverMatch"
            "|[%26][%00-%FF][%09][%00]$TST(SS=1)"
    Replace = "\k$ALERT(Suspected WMF-Exploit File Nullified on:\n\n\u\n\nProbable exploit and payload has been removed from the file.\n\nThe file is now harmless.)"
    Header Filter:

    Code:
    [HTTP headers]
    In = TRUE
    Out = FALSE
    Key = "Content-Type: !!!Filter All File Types {P} [Kye-U] {JJoe} (In)"
    URL = "$FILTER(true)"
    Match = "(*|)image/gif(*|)$SET(1=image/jpeg)|\1"
    Replace = "\1"
     
  2. masqueofhastur

    masqueofhastur Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    109
    Forgive me for not reading up fully on this program before asking, but since Proxomitron is a local proxy, I'm assuming it would use localhost - would there be any issues with using a hosts file that would redirect certain sites to localhost to block them?
     
  3. dog

    dog Guest

    Hi masqueofhastur,

    No, not at all. :)

    Steve
     
  4. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
    The standalone version referenced above appears to be blocked. 403 error.

    cheers
     
  5. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    It should be working, I haven't written any hotlink protection script for that folder. :(
     
  6. dog

    dog Guest

    It works for me. :doubt:
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    172,026
    Location:
    Texas
    The site is working for me. o_O
     
  8. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
  9. dog

    dog Guest

    Last edited by a moderator: Jan 3, 2006
  10. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
    Got it!:)

    Many thanks

    cheers
     
  11. dog

    dog Guest

    Great, Good to Hear :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.