[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why no "Banner Ad Eaters"?




[email protected] (Matthew Ghio) writes:

> ratbert at nym dot alias dot net wrote:
>
> > Junkbusters (http://www.junkbusters.com/) offers a personal proxy server
> > kind of thing that lets you mash just about everything: HTTP headers, user
> > agent info, referer URL, cookies, etc. It runs on either NT or Unix
>
> Yep, I've got it running on www.myriad.ml.org:8000.  It works great - the
> only site I've had problems with so far is nytimes (it tries to set a
> cookie when you log in as cypherpunks/cypherpunks)

Junkbusters works very nicely for me. I highly recommend it.

A warning about cookies: no proxy server I know can
stop the server from trying to set the cookie by

a) putting a <META HTTP-EQUIV="Cookie:" CONTENT="foo=bar;expires...">
in the header;

b) if you have JavaScript enabled (not a good idea), running something like
<SCRIPT SCRIPT TYPE="text/javascript"><!--
document.cookie="foo=bar;expires=Sunday, 04-Jul-2010 00:00:00 GMT;path=/";//--></SCRIPT>

You need to tell the browser to turn off the cookies even if you have
an anti-cookie prixy server.


Cookies and the NYTIMES subscription: NYTIMES.COM tries to store your
userid and password in the cookie with keywords PW= and ID=. Problem is,
it tries to encode them using 8-bit characters. Lucky for us, at this time
NYTIMES.COM does not check if userid/password are valid, just that they're
a part of the cookie!! So, just add these two lines to your junkbuster config:

wafer PW=0
wafer ID=0

and nytimes.com will greet you as "0" and let you right in.

Sure junkbuster feeds every wafer to every server, but I don't care.

If you really want to send "cypherpunks", replace both 0s by the character
representation of the hex string a1252e36392c2e2930332bdf. I'm not even
trying to mail it verbatim because I know it would get mangled.


Another site that uses weakly encrypted cookies is DEJANEWS.COM.
For them, I've added these two lines to junkbuster config:

wafer GTUID=03.35644.0.0.1145.00000
wafer DNUID=02717fb0f47d3544510927a15805ab3640987332e4ed6e58e78660744bc8320d260963691c27f34ef4b292e93258a7c7a6ea6b78200c6ade8f378833d6d5

This lets you post as [email protected] and if and
when dejanews locks it out, drop me a line and I'll cook up another one. :-)

(Warning: when you post to usenet via dejanews, it adds your ip address
to the header; use a proxy.)

Hang Chris Lewis by his empty scrotum (he has no balls, or we'd hang him
by his balls)!

---

<a href="mailto:[email protected]">Dr.Dimitri Vulis KOTM</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps