Browser Security Pack v4.56 [Proxomitron]

Discussion in 'other security issues & news' started by Kye-U, Jan 7, 2006.

Thread Status:
Not open for further replies.
  1. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Version 4.56 is Released!

    Last Updated: January 7, 2006 - 4:56 PM EST

    What's New?

    http://kyeu.info/proxo/forums/viewtopic.php?p=1115#1115

    Download here!

    MD5: EC93A1D1AD29AEF4DF709D9D73B7F14D

    ---------------------

    For those who have problems with Proxomitron after merging this set, try my standalone version.

    http://kyeu.info/proxo/forums/docs/Kye-U.Browser.Security.Pack.v4.56.Standalone.zip

    Download, Extract to Your Proxomitron Folder, Open Proxomitron.exe, click on Load Config, select "Kye-U.Browser.Security.Pack.v4.56.Standalone.cfg".

    (The difference in this one is that it has window settings and everything a normal config has)

    ---------------------

    WMF-Exploit Filters only. You need both.

    Web Page Filter:

    Code:
    [Patterns]
    Name = "Windows: Nullify Suspected WMF-Exploit Files [Kye-U] {JJoe}"
    Active = TRUE
    Limit = 6
    Match = "[%00-%02][%00][%09][%00][%00]([%01]|[%03])$SET(SS=1)PrxNeverMatch"
            "|[%26][%00-%FF][%09][%00]$TST(SS=1)"
    Replace = "\k$ALERT(Suspected WMF-Exploit File Nullified on:\n\n\u\n\nProbable exploit and payload has been removed from the file.\n\nThe file is now harmless.)"
    Header Filter:

    Code:
    [HTTP headers]
    In = TRUE
    Out = FALSE
    Key = "Content-Type: !!!Filter All File Types {P} [Kye-U] {JJoe} (In)"
    URL = "(^local.ptron/)$FILTER(true)"
    Match = "(*|)image/gif(*|)$SET(1=image/jpeg)|\1"
    Replace = "\1"
     

    Attached Files:

Loading...
Thread Status:
Not open for further replies.