Browser Security Pack v4.55 [Proxomitron]

Discussion in 'other security issues & news' started by Kye-U, Jan 3, 2006.

Thread Status:
Not open for further replies.
  1. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Version 4.55 is Released!

    Last Updated: January 3, 2006 - 10:36 PM EST

    What's New?

    http://kyeu.info/proxo/forums/viewtopic.php?p=1115#1115

    Download here!

    MD5: C786223CCD8752EA70533ECDCFE0F300

    ---------------------

    For those who have problems with Proxomitron after merging this set, try my standalone version.

    http://kyeu.info/proxo/forums/docs/Kye-U.Browser.Security.Pack.v4.55.Standalone.zip

    Download, Extract to Your Proxomitron Folder, Open Proxomitron.exe, click on Load Config, select "Kye-U.Browser.Security.Pack.v4.55.Standalone.cfg".

    (The difference in this one is that it has window settings and everything a normal config has)

    ---------------------

    WMF-Exploit Filters only. You need both.

    Web Page Filter:

    Code:
    [Patterns]
    Name = "Windows: Nullify Suspected WMF-Exploit Files [Kye-U] {JJoe}"
    Active = TRUE
    Limit = 18
    Match = "[%00-%02][%00][%09][%00][%00][%03]([%00-%FF]+{10})[%00][%00]$SET(SS=1)PrxNeverMatch"
            "|[%26][%00-%FF][%09][%00]$TST(SS=1)"
    Replace = "\k$ALERT(Suspected WMF-Exploit File Nullified on:\n\n\u\n\nProbable exploit and payload has been removed from the file.\n\nThe file is now harmless.)"
    Header Filter:

    Code:
    [HTTP headers]
    In = TRUE
    Out = FALSE
    Key = "Content-Type: !!!Filter All File Types {P} [Kye-U] {JJoe} (In)"
    URL = "(^local.ptron/)$FILTER(true)"
    Match = "(*|)image/gif(*|)$SET(1=image/jpeg)|\1"
    Replace = "\1"
     
  2. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
  3. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Ok, here you go xD

    Save Target As.

    Rename to .ZIP

    ;)
     

    Attached Files:

  4. oldBear

    oldBear Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    37
    thanks - able to get it ok via opera - something must be diff in maxthorn - will investigate.

    cheers
     
  5. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    They are already in the config file :) Welcome to Proxomitron!
     
  6. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    ahah.. sorry reread your readme... whoops. Thanks!
     
Loading...
Thread Status:
Not open for further replies.