Author Topic: Yahoo Groups Auto Authorize  (Read 1223 times)

Admin

  • Forum Admin
  • Administrator
  • Jr. Member
  • *****
  • Posts: 62
    • ICQ Messenger - 1448105
    • AOL Instant Messenger -
    • Yahoo Instant Messenger -
    • View Profile
    • Email
Yahoo Groups Auto Authorize
« on: July 31, 2001, 10:52:11 PM »
Yahoo has changed and this is here only for educational purpose!
Greetings, All!

Here is an auto-authorize filter. You have to log-on, capture the
outgoing Cookie header, place it into the replace box, log off and
activate the filter for OUT. When you come back to Yahoo Groups, you
will appear as logged in.

This filter is useful for Prox-List members as well as for other Yahoo
Groups users.

[HTTP Headers]

In = FALSE
Out = FALSE
Key = "Cookie: (PVT) Y! Groups authorization (YahooID) (out)"
URL = "groups.yahoo.com"
Match = "*|"
Replace = "place=your; cookie=here"

In order to prevent the saving of this cookie by the browser, insert
groups.yahoo.com/ in the URL of "never accept cookies" filter.

Your cookie authenticates you and should be given to nobody.

Here are two other filters - delete logo and banner and win 100 pixels! ;-)

[Patterns]
Name = "Ads: Yahoo Groups logo and banner (pt1)"
Active = TRUE
URL = "groups.yahoo.com"
Limit = 64
Match = "<BODY bgcolor="FFFFFF" text="000000" > <table"
Replace = "<BODY bgcolor="FFFFFF" text="000000" > <noscript> "
          "<script language="ShonenScript">"
          "<table"

Name = "Ads: Yahoo Groups logo and banner (pt2)"
Active = TRUE
URL = "groups.yahoo.com"
Limit = 64
Match = "</table> <font size="-1"> "
        "<table width="100%" border="0""
Replace = "</table>  </script></noscript> "
          "<font size="-1"> <table width="100%" border="0""

--
WBR, Homeric.
With regards from
Admin

Admin

  • Forum Admin
  • Administrator
  • Jr. Member
  • *****
  • Posts: 62
    • ICQ Messenger - 1448105
    • AOL Instant Messenger -
    • Yahoo Instant Messenger -
    • View Profile
    • Email
Yahoo Groups Auto Authorize
« Reply #1 on: August 01, 2001, 11:37:39 AM »
I'm trying to learn how to do all this "Neat" stuff, but the "curve" is
damned steep (read "cliff-like")

Your first filter sounds REALLY useful, but I have absolutely NO idea
how to do any of the things you tell me to. <S..t>
i.e.
1. How do I "capture the outgoing Cookie header"?
2. Place it in what "Replace box"?
3. Activate what filter OUT? (How and Where)?
4. Where do I find this "never accept cookies" filter?
5. How do I 'insert groups.yahoo.com/ in the URL of "never accept
cookies" filter'?

I will now post a complete step-by-step instruction. Hope it helps.

1. Open your configuration file with a text editor, find the section
[HTTP Headers] and insert the following filter:

In = FALSE
Out = FALSE
Key = "Cookie: (PVT) Y! Groups authorization (YahooID) (out)"
URL = "groups.yahoo.com"
Match = "*|"

Then save the config file.

2. In Proxomitron, press the blue disk icon to reload the config.

3. Log in to Yahoo Groups site.

4. Open the Proxomitron log window, then click any link within the
Yahoo groups site in your browser.

You will see the request of type

+++GET 3+++
GET /group/prox-list/messages/ HTTP/1.0
Cookie: B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;
Connection: keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 4.01; Windows 98) Opera 5.11  [ru]
Host: groups.yahoo.com
Accept: text/html, image/png, image/jpeg, image/gif, image/x-xbitmap, */*
Accept-Language: ru
Accept-Charset: windows-1251,cp-1251

You need the contents of the Cookie header. Just copy the cookie line
from the request.  

5. Go to Header Filters. Find the filter "Cookie: (PVT) Y! Groups
authorization (YahooID) (out)", open it and paste the header in the
replace box. You will get something like

Cookie: B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;

Do not forget to come at the beginning of the replace field (the
string will be very long) and remove the keyword Cookie:, so that you
see in the Replace box something like this:

B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;F=g;B=c,D=e;

Click OK, then save the config.

6. Log out of Yahoo Groups.

7. Open the Header Filters window, find the filter "Cookie: (PVT) Y!
Groups authorization (YahooID) (out)" and enable it for outgoing
connections (put a checkmark in the Out column).

8. Then come back to your favorite group at Yahoo. The server will
recognize you as logged in.

With this filter, you do not have to log on each time, because the
filter sends your cookie to the server each time you come to the
Yahoo groups site.

If you wish to save 100 pixels of screen space, you can do so by
removing the logo and the banner. To do this, open your CFG file with a
text editor, paste the following filters in the [Patterns] section:

Name = "Ads: Yahoo Groups logo and banner (pt1)"
Active = TRUE
URL = "groups.yahoo.com"
Limit = 64
Match = "<BODY bgcolor="FFFFFF" text="000000" > <table"
Replace = "<BODY bgcolor="FFFFFF" text="000000" > <noscript> "
          "<script language="ShonenScript">"
          "<table"

Name = "Ads: Yahoo Groups logo and banner (pt2)"
Active = TRUE
URL = "groups.yahoo.com"
Limit = 64
Match = "</table> <font size="-1"> "
        "<table width="100%" border="0""
Replace = "</table>  </script></noscript> "
          "<font size="-1"> <table width="100%" border="0""

then save the config and reload it in Proxomitron (blue floppy disk icon)

Hope this helps.

--
Best regards, Homeric.


With regards from
Admin
With regards from
Admin

Admin

  • Forum Admin
  • Administrator
  • Jr. Member
  • *****
  • Posts: 62
    • ICQ Messenger - 1448105
    • AOL Instant Messenger -
    • Yahoo Instant Messenger -
    • View Profile
    • Email
Yahoo Groups Auto Authorize
« Reply #2 on: August 01, 2001, 12:01:44 PM »
...
I tested this cookie authentication principle on following services:

Yahoo! Groups  http://groups.yahoo.com/
TV Grid        http://tvgrid.looksmart.com/
Horaire Tele   http://horairetele.infinit.com/

For TV Grid and Horaire Tele, sending out a cookie allows to retrieve
the TV listing for my region without filling out long forms.

Remember that the cookie should be given to nobody, it is the
equivalent of your password and will enable anybody to use your
account with your privileges.

Homeric


With regards from
Admin
With regards from
Admin