Post Reply 
Reading IP with Java from Javascript
Mar. 29, 2007, 12:54 PM
Post: #16
RE: Reading IP with Java from Javascript
you could just have it match EVERY site you land on via URL = "$TYPE(htm)", but like it has been said, you're trying to kill something that can be written in so many formats that an ingenius web coder can sneak past your filter quite easily...

may i suggest to do as i do, block scripts by default AND do NOT install Java... problem solved - no matter how clever the coder...


edit: never mind, with the new skin, i hadn't noticed until now that this was a BFilter question, not a Proxo question...
Add Thank You Quote this message in a reply
Mar. 29, 2007, 06:43 PM
Post: #17
RE: Reading IP with Java from Javascript
Quote:url = http://*.(js|html|htm)
This will work as you expect, but these days most content is dynamic, so HTML content is served with various extensions, such as .php, .asp, .jsp, .cfm, or even with no extension.
Add Thank You Quote this message in a reply
Mar. 30, 2007, 12:21 AM
Post: #18
RE: Reading IP with Java from Javascript
Thanks muchly. I shall take that advice into account as well. Now to try it out...
It does not seem to work. I have made an entirely new file for it, and a .enable file.
I tried a Prox filter with the same basic content and it stopped the IP reading on my PC, but not the other info grabbing.
What step did I forget?
I am using the Location with (BF) in front of it, Firefox has the connection for HTTP set to go thru 127.0.0.1:8080, I put the new filter with the others in the Filters directory in the BFilter section of the Library, and I did the BFilter restart from the Terminal. What else needs to be done?
Add Thank You Quote this message in a reply
Mar. 30, 2007, 10:51 AM
Post: #19
RE: Reading IP with Java from Javascript
Sorry, my fault. The url pattern must be a regex for | to work:
Code:
url = /http://.*\.(js|html|htm)/
Add Thank You Quote this message in a reply
Mar. 30, 2007, 06:21 PM
Post: #20
RE: Reading IP with Java from Javascript
I understand why the slashes have to enclose the expression, and the backslash in front of the dot before the extensions, but why is there an extra dot after http://?
Why do you not need to enclose the search expression in slashes?

I modified a Prox filter on the PC to deal with the same exploit, but the match of
"(host|)name = \wAddress \(\)" was much more effective than matching "java.net.".
Could I adapt that to BFilter? Besides enclosing the search expression in slashes, what else would have to be done to it?
Add Thank You Quote this message in a reply
Mar. 30, 2007, 07:27 PM
Post: #21
RE: Reading IP with Java from Javascript
Quote:why is there an extra dot after http://?
Because in regular expressions, dot means "any character", while asterisk means "any number of whatever precedes me".
Quote:"(host|)name = \wAddress \(\)"
This match is lame, as it matches a variable name. It's chances of working on anything but your test site are close to zero.
Try this:
Code:
search = getLocalAddress
replace = getRemoteAddress
Again, this solution is only good for comforting yourself. The real solution is to disable Java.
Add Thank You Quote this message in a reply
Mar. 31, 2007, 09:00 PM
Post: #22
RE: Reading IP with Java from Javascript
Thanks for the tutorial. Both versions of the filter work to block the IP info on the Macintosh.
Add Thank You Quote this message in a reply
Apr. 09, 2007, 11:02 PM
Post: #23
RE: Reading IP with Java from Javascript
I just discovered something interesting: Safari shows my private IP behind the router, but Firefox does not. I tried the test at: http://www.auditmypc.com/anonymous-surfing.asp

Supposedly both browsers are going through BFilter, so what is going on?
Add Thank You Quote this message in a reply
Apr. 10, 2007, 02:56 PM
Post: #24
RE: Reading IP with Java from Javascript
In my case it works with FF, unless I disable Java. The site you linked to uses a Java applet for fetching the real IP. You can't hope to defeat such things without disabling Java completely.
Add Thank You Quote this message in a reply
Apr. 10, 2007, 06:50 PM
Post: #25
RE: Reading IP with Java from Javascript
agreed...

Siamesecat, why won't you just disable Java and be done with it? lol...
Add Thank You Quote this message in a reply
Apr. 11, 2007, 04:22 AM
Post: #26
RE: Reading IP with Java from Javascript
jart Wrote:In my case it works with FF, unless I disable Java. The site you linked to uses a Java applet for fetching the real IP. You can't hope to defeat such things without disabling Java completely.
I am talking about the filter you helped me to create. It works with Firefox, but not with Safari, but Safari will be going through the setup in the Location for networking without the additional redirection that Firefox needs, right?
So why did that filter (the one with search = getLocalAddress
replace = getRemoteAddress) work on Firefox but not on Safari?
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: