Post by: hpguru on June 15, 2002, 07:29:20 AM
Then I got to thinking that it might be nice to obfuscate all outgoing URLs but I don't want to do it if it will slow me down too much.Facing each other,
a thousand miles apart.
Post by: Arne on June 15, 2002, 07:52:16 AM
http://www.searchlores.org/zipped/unfrozen3.zip
Data from the url field when I go to All Nettols:
http://3629961137/pr.htm
Best wishes
Arne
Imici username= Arne
Post by: Arne on June 15, 2002, 07:57:54 AM
(Bypass List and other which are related to an URL)
Best wishes
Arne
Imici username= Arne
Post by: hpguru on June 15, 2002, 08:00:35 AM
Facing each other,
a thousand miles apart.
Post by: hpguru on June 15, 2002, 08:16:46 AM
Facing each other,
a thousand miles apart.
Post by: Arne on June 15, 2002, 08:25:49 AM
This is a nice project though and I will be spending some of my day trying to make this work in a filter and have it been done automatically. I invite the others to try to make one too.
Best wishes
Arne
Imici username= Arne
Post by: hpguru on June 15, 2002, 08:25:59 AM
http://yoda.w3.to/
Edit: This version is better. Check it out!
Facing each other,
a thousand miles apart.
Edited by - hpguru on 15 Jun 2002 09:48:54
Post by: pooms on June 16, 2002, 03:10:29 AM
http://www.pc-help.org/obscure.htm
Also, here's some javascript to do it:
http://www.searchlores.org/son_33_1.htm
it's a bit long, though.
Post by: sidki3003 on June 16, 2002, 03:39:42 AM
However, too difficult for me.
Post by: Arne on June 16, 2002, 09:12:13 AM
and I will take the problem with me on the laptop this summer. Why do you guys think I ended up making a new logo up there in the left corner? LOL!!!Best wishes
Arne
Imici username= Arne
Post by: Arne on June 16, 2002, 11:58:31 AM
<script language="JavaScript">
<!--
var text1 = 'TheURL';
var text2=' ';
for (i=0;i<text1.length;i++){
text2 += '%'
text2 += text1.charCodeAt(i).toString(16);
}
document.write (text2); //Just for testing
//-->
</script>
Best wishes
Arne
Imici username= Arne
Post by: Arne on June 16, 2002, 12:08:37 PM
%68%74%74%70%3a%2f%2f%77%77%77%2e%79%61%68%6f%6f%2e%63%6f%6d
Which would get you to the site if pasted into the URL field. But how to do this in RL stands to find out
Best wishes
Arne
Imici username= Arne
Post by: Arne on June 16, 2002, 12:19:19 PM
Best wishes
Arne
Imici username= Arne
Post by: hpguru on June 16, 2002, 04:50:00 PM
Facing each other,
a thousand miles apart.
Post by: Arne on June 16, 2002, 05:10:40 PM
Best wishes
Arne
Imici username= Arne
Post by: JakBeNymble on June 18, 2002, 05:44:01 PM
I had a couple of ideas, but no sucess, . . . "Yet".
I know it would take a lot of time, but You could Obscure the URLs in Your Favorite Book-marks and replace them.
There is also a filter and list that I saw once in a default config. for "Aliases" I thought that might be examined, but again You would have to enter the URLs one at a time in the list. But the idea would be something that would work "on-the-fly" without having to do that.
I have to think of things in blocks and then in the details of how to accomplish it. [I don't know if Proxo could be set-up to change the URL to Hex & convert the IP to dword or octal]. But that would be the Trick!
So I tried to do something more simple.
First to match the URL(Which is no problem), then recombine it with a fake URLs or usless character in between the Http:// and the @ with the real one trailing,( still not a problem), but how to make Proxo reload the Replacement string back into the address line of the browser without "looping" I don't know, I was just trying to get something simple working to build on. Maybe, . . .
http://!$%^&^%*@www.someweb-site.com.,
or
http://www.1fakeWeb-site.com%www.2FakeWeb-site%www.3FakeWeb-site.com@www.REALWeb-Site.com.
Maybe someone whose more Up on this could take a look and see.
KEY=URL:"Obcure Urls"(Out)
Match="u"
REPLACEMENT="$JUMP(ManyManyUslessCharactersORFakeWeb-Sites.com@h)"
Well at least I was trying, . . .LOL!
Have a Great and Wonderful Day, My Friends!
'jak'
Edited by - JakBeNymble on 19 Jun 2002 04:00:20
Post by: hpguru on June 18, 2002, 07:39:47 PM
Another approach (which is probably more feasable) would be to insert a script at the end of the page that will cycle through the links array replacing their href values with the hex converted values.
A couple of things I've noted about Arne's script:
The protocol field (e.g. "http://") must be removed and added back in after the conversion.
Opera won't support this at all since it is kind enough to unescape the hex url. I don't know if this behavior can be disabled or not.
As for converting bookmarks or favorites, yes it's a good idea but I have thousands of them. So it would be really too tedious an undertaking and if I changed my mind, well I don't want to create a lot of work for myself. As a solution we could create a header filter to redir unencoded urls to a local page that will convert the url and redirect the browser using the converted url.
Well, all I lack is the time to work on it but if anyone else want's to have at it then like Arne said, it's a good project.
Facing each other,
a thousand miles apart.
Edited by - hpguru on 18 Jun 2002 20:43:10
Post by: Jor on June 18, 2002, 11:44:24 PM
quote:
Opera won't support this at all since it is kind enough to unescape the hex url. I don't know if this behavior can be disabled or not.
To disable, unselect 'Encode all addresses with UTF-8' under 'Network' in the preferences.
Post by: hpguru on June 19, 2002, 02:07:34 AM
Facing each other,
a thousand miles apart.
Post by: JakBeNymble on June 26, 2002, 05:45:37 PM
I've been thinking, . . .(A dangerous 'pass-time' I know), but what if You could set-up a couple of James Marshall's CGI Proxy scripts that can obscures Urls or possibly "encrypt" them as well, and then chain it together with Proxo like a Remote Proxy. James Marshal has a "pack-up and carry with You" proxy. It's only two Scripts, but You need perl 5.5 or higher to run the scripts. Out of my league all together! I think I'm flying if I can get the"Url match" to work in Proxo!
Here's the link and an excerpt from the download site:
http://www.jmarshall.com/tools/cgiproxy/
[(Requires minor programming.) You can customize the encoding of destination URLs by modifying these routines. The default is a simple unobscured URL, but sample obscuring code is included in the comments.]
Anyway it was a thought I wanted to share with You, just in case someone else might want to "pick-up-the-ball" and run with it. I'm real interested in this Url obscuring, or encryption. Maybe someone else might know of some other program that might be a good canidate instead of James's Proxy.
Have a Great & Wonderful Day, My Friends!
'jak'
Post by: TEggHead on June 27, 2002, 12:50:07 PM
here's what I ran into
when using the Hexer routines I ran into troubles with the Host: header also including the path to the requested document (it did not recognize where the hostname ended, so I had to exclude all / from getting hexed)
During all this I noticed that the Prox logwindow would never indicate at all any sign of a hexed URL, just as if it does its own UESC ...? That's how I noticed tha path not getting stripped from the host header
I also played with the insertion of a bogus website address like
www.many-many-many-many-wonderful-places-to-goto-today-but-I-Am-Not-Going-There-Now.com@
between the http:// and hostname, nice as it looks in my addressbar I also did not see any sign of using this return in the logwindow, as if the browser did something else with it...
Mind you, during this the address bar always nicely showed a hexed or gobledygook inserted URL, but not once did I ever saw anything of it back in the Prox logwindow...
Since I have no way of verifying that it actually is sent through as intended, other than the errorpages I get from a site if it did not understand the request it got (some got mighty confused from partly hexed URLs) I gave up and think that the encountered problems are such that it would only be possible with a function in a header filter or something sitting between prox and the net (oh no, not another layer...)
hopefully maybe someone else is more lucky or capable...
JarC
Post by: Scott Lemmon on June 27, 2002, 04:45:25 PM
Tricks like IP obfuscation depend on the program doing the DNS. This will be your browser, or a proxy, but in the end usually comes down to how the system's name resolver library works. In general though you can't depend on them working through a proxy.
Really these are all just tricks - they're generally non standard and browser dependant. Also they don't do much to hide your real destination. Mainly they seem to be used to fool the end user - not any eavesdroppers. That's why spammers seem to love them - it can make it more difficult to figure out what URL they're hosting themselves at by looking at the HTML, but the browser decodes the stuff before making the actual request.
For real security it would be better to have two proxies convert everything to HTTPS and back again. HTTPS encrypts the URL and all headers so nothing would be left visible - all an intermediary could see is that you're connecting to the second (decrypting) proxy. Of course the second proxy would still have to make the final leg in the clear. Really, you might as well just set up a VPN to do the same thing for all traffic.
Edited by - Scott Lemmon on 27 Jun 2002 17:49:17
Post by: JakBeNymble on June 27, 2002, 06:19:14 PM
Thankx for the responses TEggHead & Scott!
I'm glad for the information, and being able to understand alittle more about the "ends & the Outs" of it. The only thing is that when You do run through "https://", it makes me slower than Christmas. LOL! I'm like ARNE though I'd like to give My Good Friend over at the ISP something to do with his spare time. *Smile* I can't complain about Them though, after they gave up trying to access my machine and give me open access, we get along quite well. [Just as long as I pay my bill every month and I'm not "bothering" anybody.]
It's very good to have Friends like you, Scott & TEgghead, that will do all they can to help when they can. I appreciate You and ALL of Your Talents and efforts. As I do with ALL MY TALENTED FRIENDS on THE FORUM!
I hope that All Have a Great & Wonderful Day,
"Jak"
--------
PS: "Oh, and Scott I'd just like to say that I haven't had one Problem with Your Latest version of PROXO, it seems to work just fine unless I try make adustments while a page is loading, and that's just every once in a great while"
Edited by - JakBeNymble on 27 Jun 2002 19:23:28