Browser Security Pack v4.55 [Proxomitron]

Discussion in 'other security issues & news' started by Kye-U, Jan 3, 2006.

Thread Status:
Not open for further replies.
  1. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Version 4.55 is Released!

    Last Updated: January 3, 2006 - 10:36 PM EST

    What's New?

    http://kyeu.info/proxo/forums/viewtopic.php?p=1115#1115

    Download here!

    MD5: C786223CCD8752EA70533ECDCFE0F300

    ---------------------

    For those who have problems with Proxomitron after merging this set, try my standalone version.

    http://kyeu.info/proxo/forums/docs/Kye-U.Browser.Security.Pack.v4.55.Standalone.zip

    Download, Extract to Your Proxomitron Folder, Open Proxomitron.exe, click on Load Config, select "Kye-U.Browser.Security.Pack.v4.55.Standalone.cfg".

    (The difference in this one is that it has window settings and everything a normal config has)

    ---------------------

    WMF-Exploit Filters only. You need both.

    Web Page Filter:

    Code:
    [Patterns]
    Name = "Windows: Nullify Suspected WMF-Exploit Files [Kye-U] {JJoe}"
    Active = TRUE
    Limit = 18
    Match = "[%00-%02][%00][%09][%00][%00][%03]([%00-%FF]+{10})[%00][%00]$SET(SS=1)PrxNeverMatch"
            "|[%26][%00-%FF][%09][%00]$TST(SS=1)"
    Replace = "\k$ALERT(Suspected WMF-Exploit File Nullified on:\n\n\u\n\nProbable exploit and payload has been removed from the file.\n\nThe file is now harmless.)"
    Header Filter:

    Code:
    [HTTP headers]
    In = TRUE
    Out = FALSE
    Key = "Content-Type: !!!Filter All File Types {P} [Kye-U] {JJoe} (In)"
    URL = "(^local.ptron/)$FILTER(true)"
    Match = "(*|)image/gif(*|)$SET(1=image/jpeg)|\1"
    Replace = "\1"
     
  2. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
  3. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Ok, here you go xD

    Save Target As.

    Rename to .ZIP

    ;)
     

    Attached Files:

  4. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
    thanks - able to get it ok via opera - something must be diff in maxthorn - will investigate.

    cheers
     
  5. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    They are already in the config file :) Welcome to Proxomitron!
     
  6. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    ahah.. sorry reread your readme... whoops. Thanks!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.