Solution for passworded downloads

If you got suggestions for new features or feature changes in NewsLeecher, go ahead and let santa know.
B@z
Posts: 11
Joined: Wed Jan 03, 2007 2:33 pm

Solution for passworded downloads

Post by B@z »

Please all, help think of the best way to attack the passworded-rar-in-download problem.

This seems a new wat to spead mallware and receive ad fundings, but sure is annoying.

I thought something like to open file after the first few rar's have downloaded to review the contents.
But a better solution would be some sort of nuke system where if more than x nukes the post will be filtered. I don't know how this extends to newsgroup policy.

But the bottom line must be, this has to stop. So help brainstorm for the best (long term) solution.

Digitoxin
Posts: 6
Joined: Sun Aug 29, 2010 10:17 am

Post by Digitoxin »

Seems like there should be a way to analyze the rar file and abort as soon as Newsleecher is able to detect that is is password protected. This could also be extended to a content filter that can scan within the rar file to get rid of downloads containing files with extensions like .avi.exe

User avatar
Downstream
Posts: 225
Joined: Fri Dec 09, 2005 7:42 am
Location: Somewhere downstream

Post by Downstream »

Some free .nzb sites mark hits with "password protected".
But they are not failproof.

https://bugs.launchpad.net/sabnzbd/+bug/562296
I want to add if the header of the first RAR is corrupted this test can give false results.

===========================
Sorry, that is not true. It is true that WinRAR can not distinguish between password protected data and corrupted data based on the data and the checksum alone, but the RAR format has a flag for password protected files in the header, this is the way the software knows when to prompt the user for a password.
Password protected files can usually be detected by just having the first MESSAGE PART of the first .rar file, like this:
The following is some code I have used for another project:
$data is the first n bytes of a RAR archive file.
$rar=unpack('H14header/H6junk/S1encrypted', $data);
if ($rar['header']!='526172211a0700') {
output('Not a RAR archive: '.$filename.' - header is '.$rar['header']);
}
if ($rar['encrypted'] & 128) {
output('Encrypted archive!');
$encrypted=true;
} else {
$file=tempnam('/tmp','unrar-test-file');
file_put_contents($file, $data);
exec('unrar lt -ep -c- -id -r -kb -p- '.$file, $output);
unlink($file);
foreach ($output as $line) if (substr($line,0,1)=='*') $encrypted=true;
if ($encrypted) {
output('Encrypted file in archive!');
}
}

User avatar
Downstream
Posts: 225
Joined: Fri Dec 09, 2005 7:42 am
Location: Somewhere downstream

Post by Downstream »

Anyone got a similar header check for .wmv files?

deedubb
Posts: 10
Joined: Sat Feb 14, 2009 5:29 pm

Post by deedubb »

I would love to see this feature

tygrys
Posts: 2
Joined: Tue Nov 23, 2010 7:00 pm

Post by tygrys »

One way is to download the first rar and open it..can be annoying but I find it easier then downloading the whole thing lol

User avatar
Downstream
Posts: 225
Joined: Fri Dec 09, 2005 7:42 am
Location: Somewhere downstream

Post by Downstream »

tygrys wrote:One way is to download the first rar and open it..can be annoying but I find it easier then downloading the whole thing lol
NL could/should do that.

B@z
Posts: 11
Joined: Wed Jan 03, 2007 2:33 pm

Post by B@z »

Downstream wrote:NL could/should do that.
Agreed, and thanks tygrys for bumping this up again.

This should not be that hard to implement.

Could a NL developer/admin/mod at least say if this is on the roadmap?

User avatar
Spiril
Site Admin
Posts: 4278
Joined: Fri Nov 07, 2003 3:11 am

Post by Spiril »

A feature that prevents NewsLeecher from downloading RAR-in-RAR sets is on the roadmap for NewsLeecher V4.1 or NewsLeecher V5.0.
bug fixed. no idea how. hate it when that happens. trying to break it again now. will. not. be. defeated.

Malignant
Posts: 16
Joined: Thu Dec 02, 2004 9:37 am

Post by Malignant »

Is it also possible to enter a password in R&E ?

I.E.

Right click on a set and have the option to "Set extraction password" ?

This way NL can cope with PW protected files.

BlizzardUK
Posts: 44
Joined: Tue Feb 20, 2007 10:15 pm

Post by BlizzardUK »

That feature of stopping rar in rar downloads sounds great. These people uploading all these passworded files must be making money, but surely after a while people should have learnt just to bin them and not go to the site they send you to.

Just a handy little tip, always download the LAST rar file and not the first one, the last one is usually not only much smaller than the first, but also the one that contains the password.txt file.

Also perhaps there is a way to use http://www.mysterbin.com software within the supersearch ?

Lazruss66
Posts: 1
Joined: Wed Mar 02, 2011 5:27 am

Post by Lazruss66 »

Spiril wrote:A feature that prevents NewsLeecher from downloading RAR-in-RAR sets is on the roadmap for NewsLeecher V4.1 or NewsLeecher V5.0.
So does the 5.0 beta contain this? REALLY tired of downloading crap or having to download what I dont need so that I can view what is inside. A preview feature would be the bomb.

Thanks

dlmvegas
Posts: 38
Joined: Mon Aug 25, 2008 7:56 pm

Post by dlmvegas »

There is only one retard that is doing most, if not all of the passworded crap on the news servers. DO NOT WASTE YOUR TIME DOWNLOADING ANYTHING POSTED BY [b]Yenc-PP-A&A[/b]. Movies by this scum are showing up primarily in A.B.Movies group. I have seen some in other groups by this same scum bag.

Makes you wish there were group monitors out there that could just filter out or have an auto delete for certain poster's files.

highwaykind
Posts: 30
Joined: Fri Oct 01, 2004 7:27 pm

Post by highwaykind »

I would LOVE a 'passworded' alert too!
binsearch and other have this, so I hope NL can mark passworded posts a certain color (grey them out? red?)

Blocking the Yenc-PP-A&A poster does NOT work - it's what Yenc defaults to so this will mean you also block good posts..

mrpopo
Posts: 2
Joined: Sat Jan 22, 2011 10:44 am

Post by mrpopo »

I would love the ability to add a password to a download.

So if I download something of which I know the password. I would like to enter this password for that specific download so NL can download and unrar it when done downloading / repairing.

Post Reply