"Yahoo: Auto Login" filter
|
Jan. 15, 2008, 07:38 PM
Post: #1
|
|||
|
|||
"Yahoo: Auto Login" filter
Greetings.
I remember with Sidki's config in the past all we needed to login to Yahoo! Mail was add "YOUR_NICK" and "YOUR_PW" into Proxo's "Yahoo: Auto Login" filter and it worked, but now it doesn't seem to work. Upon a little investigation I see in the ReadMe file we also need the OpenSSL DLLs, and keep "Use SSLeay/OpenSSL..." enabled in Proxomitron's preferences. Is this true and what happens if we don't use Proxo's SSLeay/OpenSSL to filter secure pages? Does that mean the Yahoo Mail filter doesn't function? Thanks. Thanks so much. |
|||
Jan. 17, 2008, 06:22 PM
Post: #2
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
Works for me just fine but I use SSLeay/OpenSSL and have " Use Half-SSL " checked in Headers .
|
|||
Jan. 17, 2008, 08:28 PM
Post: #3
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
Ralph Wrote:Works for me just fine but I use SSLeay/OpenSSL and have " Use Half-SSL " checked in Headers . Thanks for the comment Ralph. I've heard there are some security risks involved with using SSLeay/OpenSSL, the developer of Proxomitron, Scott, I think had some words about this, unless I'm mistaken. Any comment? Does anyone know if you have to use SSLeay/OpenSSL in order for Sidki's "Yahoo: Auto Login" filter (auto login to Yahoo email) to work? Thank you very much. Have a good day. |
|||
Jan. 18, 2008, 11:46 AM
Post: #4
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
apacallyps Wrote:I've heard there are some security risks involved with using SSLeay/OpenSSL, the developer of Proxomitron, Scott, I think had some words about this, unless I'm mistaken. Any comment?the last Proxo version was released on June 1, 2003... OpenSSL was sitting at version 0.9.7b at that time... current Proxo OpenSSL is version 0.9.8 found here - http://www.geocities.com/sidki3003/prox-ssl.html there are NO security risks, none... though you may not want to block "as much" on secure sites as you do on non-secure sites (ie, Spoofing, Scripts, Redir, various headers)... but filtering SSL is perfectly SAFE... |
|||
Jan. 18, 2008, 12:36 PM
Post: #5
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
OpenSSL update history (pertaining to June 2003 Proxo release) -
OpenSSL 0.9.7b, 10 Apr 2003 OpenSSL 0.9.6k, 30 Sep 2003 OpenSSL 0.9.7c, 30 Sep 2003 OpenSSL 0.9.6l, 04 Nov 2003 OpenSSL 0.9.6m, 17 Mar 2004 OpenSSL 0.9.7d, 17 Mar 2004 OpenSSL 0.9.7e, 25 Oct 2004 OpenSSL 0.9.7f, 22 Mar 2005 OpenSSL 0.9.7g, 11 Apr 2005 OpenSSL 0.9.8, 05 Jul 2005 OpenSSL 0.9.7h, 11 Oct 2005 OpenSSL 0.9.8a, 11 Oct 2005 OpenSSL 0.9.7i, 15 Oct 2005 OpenSSL 0.9.7j, 4 May 2006 OpenSSL 0.9.8b, 4 May 2006 OpenSSL 0.9.7k, 5 Sep 2006 OpenSSL 0.9.8c, 5 Sep 2006 OpenSSL 0.9.7l, 28 Sep 2006 OpenSSL 0.9.8d, 28 Sep 2006 OpenSSL 0.9.7m, 23 Feb 2007 OpenSSL 0.9.8e, 23 Feb 2007 OpenSSL 0.9.8f, 11 Oct 2007 |
|||
Jan. 19, 2008, 08:30 AM
Post: #6
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
apacallyps;
As I see it, the direct answer to your question is 'no, you don't need to enable any SSL stuff in order to log in to Yahoo'. The deal is, one probably doesn't have to fear any 'nasties' when surfing an HTTPS page, but it's nice to filter it anyway, to make it look like what one wants, not what the author wants. Yahoo makes no distinction between secured and regular pages, when it comes to BTW, I use my own brand of 'auto login' for Yahoo. If you're interested, let me know. HTH Oddysey I'm no longer in the rat race - the rats won't have me! |
|||
Jan. 20, 2008, 10:31 PM
Post: #7
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
Hey, thanks for the replies everyone.
Oddysey, I use Sidki's latest config. The instructions for his "Yahoo: Auto Login" filter are as follows. Copied from his ReadMe.txt - If you use Yahoo! services, edit the "Yahoo: Auto Login" filter, replace "YOUR_NICK" and "YOUR_PW" with your personal data, and activate it. Most login screens are using the secure protocol, so you'll need the OpenSSL DLLs (see below), and keep "Use SSLeay/OpenSSL..." enabled in Proxomitron's preferences. As mentioned in my first post, I'm not using the OpenSSL DLLs and have "Use SSLeay/OpenSSL..." unchecked. But, I tried Sidki's filter anyways by editing the "Yahoo: Auto Login" filter, and added "MY_NICK" and "MY_PW" with my personal data to activate it, but it didn't work. I couldn't sign in to Yahoo email. Here's the link I use. http://login.yahoo.com/ which turns into this after accepting the security certificate. https://login.yahoo.com/config/login_verify2? I read your comment it "will" work without the SSL stuff and that would be great, but I don't know what else to say because I tried it and it failed? Also, you said you had your own version, I wouldn't mind giving that a try if Sidki's is not going to work. That would be awesome. Thanks. Am I missing a step in getting Sidki's Yahoo filter operational? Thank you. Best regards, apacallyps |
|||
Jan. 21, 2008, 09:13 AM
Post: #8
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
apacallyps Wrote:......Dunno, I don't use his config set, so I'm not the one to ask, sorry. My filter is a "bit" simpler, it goes like this: PHP Code: Name = "Yahoo login page cleaner, semi-auto login" Explanation: Note that I do not include my password. For some reason, I can't bring myself to do that. I do it for nearly all my other secure logins, but not for Yahoo. Call me a Luddite, but there we are. What I've done is simply to make the onload statement supply the form's field with my username, and then set the focus to the password field, making it ready for me to type in said password. To add the already-filled-in password to your filter, remove the word 'focus()', and replace it with value='YourPasswordHere', and that should take care of the job at hand. I'm sure you noticed that the name of the filter is "page cleaner", right? So the filter actually looks for the first thing to ordinarily appear on the page, matches all the way to the form fields, and then tosses it all out the window. That's half the battle. At this point, another filter kicks in, and it "cleans" the rest of the page, like so: PHP Code: Name = "kill Yahoo's mail crap at bottom" This filter looks for some crud with a particular id parameter, or else the end of the fieldset (Yahoo sometimes mixes things up), which comes immediately after the fields but before the submit button. It then captures everything up to the closing Body tag. The replacement text simply puts the Submit button back, politely closes the Body and HTML tags, then kills the connection. All you see are two fields and a button - how cool is that?! (Let alone how much quicker it loads.) One more thing..... if you are using a filter to block the onLoad function in the Body tag, you'll have to either exclude it in the Match field, or use a list (like I did), here: PHP Code: Name = "OnLoad unloader" In every instance where I use the onLoad function, I completely rewrite it for my needs. Otherwise, I let Scott do his thing. OK, I think that's it. A two-part filter, and a list to use with the onLoad blocker (supplied in the default config set), and we're off to the races! HTH Oddysey I'm no longer in the rat race - the rats won't have me! |
|||
Jan. 21, 2008, 01:35 PM
Post: #9
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
Oddysey Wrote: does the match field need to be "case sensitive"? that aside, i think i like the "body LoadOff" login process as a means-to-an-end for a UNIVERSAL auto-login filter - ie, the replace "in blue" being dependent upon the URL and a 'look-up table' that the filter references... just thinking out loud, but it seems that this "might" be a good way for ONE filter that references ONE "list" to automatically log a user in to Yahoo, MSN, Gmail, Forum 1, Forum 2, Bank Account 1, Bank Account 2, Credit Card 1, Credit Card 2, 401k 1, 401k 2, et cetera... |
|||
Jan. 22, 2008, 04:56 AM
Post: #10
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
ProxRocks,
I gave your idea some thought, after the second or third 'specific' log-in filter, but I quickly came to the conclusion that it won't work (easily!) for the reason that each page names their forms differently, their fields differently, their..... it's all different. Supplying the appropriate names can be done from a list (several lists?) but that makes the filter almost unmanagable from the standpoint of which field to supply for whichever website. Clearly, my way is brute force, with no elegance whatsoever. However, it is dirt simple to maintain, and to copy to a new filter for additional sites, when the need arises. When Yahoo changes their field names, or even their processes, no problem. I just dbug.. the page, find the new info, and plug it in - Presto! Let alone that my filter is doing double duty in that it's stripping off a LARGE amount of unsightly crap! Not every page presents itself in the same way, so that'd really complicate my life, trying to keep up with that! Still, for some people, your idea would be meritorious. Oddysey I'm no longer in the rat race - the rats won't have me! |
|||
Jan. 22, 2008, 05:52 PM
Post: #11
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
Thanks so much, Odyssey.
I really appreciate your effort. I'm going to see if I can get your Yahoo filter working. I have to admit though, it will take me a few days before I can report back and tell you if it works because these things take me time as I am not as advanced as you guy's are with the Proxo language. I know alot about some things and not much about others I am going to have to go through your explanation carefully and follow the instructions. This could take me a couple hours .. lol... so I have to set aside some time to do it. Just wondering about something though, you said "I do not include my password. For some reason, I can't bring myself to do that. I do it for nearly all my other secure logins, but not for Yahoo." That caught my attention. Is this for security purposes that you don't include your password? Thanks. Thanks everbody. You too ProxRocks. Best regards, apacallyps |
|||
Jan. 23, 2008, 08:59 AM
Post: #12
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
appy;
As a matter of fact, it is a security issue for me. I feel that if someone were to break into my home and physically steal my 'puter, I don't want them to have all the pieces needed to read my Yahoo mail. For most other stuff, it's pretty innocuous, so I don't care, I just fill in the password too, and be done with it. Gauge your own needs as you see fit. When you do get down to sifting through all the mumbly-jumble above (my code), feel free to ask questions! If I'm not quick to answer, someone else will be, you can rest assured of that! HTH Oddysey I'm no longer in the rat race - the rats won't have me! |
|||
Jan. 23, 2008, 02:55 PM
Post: #13
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
iffen someone were to break into my home, my Yahoo mail would be the *last* thing that i'd be worryin' about, lol...
|
|||
Jan. 24, 2008, 02:24 AM
Post: #14
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
ProxRocks,
It ain't the fact it's mail, it's the potential for blackmail, by going to the other half! Oddysey I'm no longer in the rat race - the rats won't have me! |
|||
Jan. 24, 2008, 10:43 AM
Post: #15
|
|||
|
|||
RE: "Yahoo: Auto Login" filter
lol...
|
|||
« Next Oldest | Next Newest »
|