Hi there,
I am posting to a web-based forum which runs on ASP and uses
JavaScript. I post via a proxy-server which rewrites JavaScript, does
not send cookies back to the forum server, and which changes its IP
address every few minutes within the whole class A network.
The moderator says he banned my IP address (let's put the moral issues
of it aside for the sake of the technical discussion). This means he
banned the whole network of the Class A, within which the IP addresses
of my proxy-server change. It is hard to believe, but it might be
possible. The strange thing is that when I try to do posting through
the proxy-server using the Firefox browser (which I traditionally use),
the forum server returns a message saying that I was banned from
posting. However I could make a posting using the IE6 web browser !
I have a hypothesis that the moderator bans not only my IP address. The
forum might send a JavaScript code to my computer, it computes a hash
based on the computer configuration (using the information about the
installed web browser as well), and sends this hash number (which is
unique for this computer system) back to the forum server. The postings
made with this hash are banned.
However, I looked through the JavaScript code by my non-specialist eye,
and I could not see anything suspicious. Can someone comment on how
this ban was possibly done (and how to overcome it), or at least direct
me at the Internet resource where I could read more ? Thanks.
...
6  2766 
flash objects are a good way to store persistent data on a client
machine. much better than javascript.
You haven't given anything like enough info though to be definite about
the method used in this case however and I'm just guessing.
I find it hard to believe that a proxy with "changing" class A IP,
would be rewriting javascript and not sending cookies, are you SURE
about that?
Anyway the solution to your woes is to use a proxy yourself, as well as
a packet sniffer. If you liek writing c# you could code a filter into
fiddlertool and proceed from there. As with all web traffic it is
entirely possible for you to stop ANY prevention mechanism he uses, you
just have to know how. However if you do so, despite his warnings, you
may well be in violation of real world law, so dont use any techniques
for bad.
When posting an ASP page, quite often the viewstate function which is a
blunt and bloated thing, can be hijacked to send more data about you,
as it is needed to browse the site, my guess is that is where the
persistent data is being wrapped up and sent, look around for the code
that plugs into that.
In order for a hash to be used, it would have to be sent from YOUR
computer through the proxy to them, so you can see and stop it, unless
it is wrapped into the viewstate, or just appended.
"minnesøtti " <mi********@yah oo.comwrote in message
news:11******** **************@ j44g2000cwa.goo glegroups.com.. .
Hi there,
I am posting to a web-based forum which runs on ASP and uses
JavaScript. I post via a proxy-server which rewrites JavaScript, does
not send cookies back to the forum server, and which changes its IP
address every few minutes within the whole class A network.
The moderator says he banned my IP address (let's put the moral issues
of it aside for the sake of the technical discussion). This means he
banned the whole network of the Class A, within which the IP addresses
of my proxy-server change. It is hard to believe, but it might be
possible. The strange thing is that when I try to do posting through
the proxy-server using the Firefox browser (which I traditionally use),
the forum server returns a message saying that I was banned from
posting. However I could make a posting using the IE6 web browser !
I have a hypothesis that the moderator bans not only my IP address. The
forum might send a JavaScript code to my computer, it computes a hash
based on the computer configuration (using the information about the
installed web browser as well), and sends this hash number (which is
unique for this computer system) back to the forum server. The postings
made with this hash are banned.
However, I looked through the JavaScript code by my non-specialist eye,
and I could not see anything suspicious. Can someone comment on how
this ban was possibly done (and how to overcome it), or at least direct
me at the Internet resource where I could read more ? Thanks.
Writing ASP code to block by IP or subnet is trivial, I've done it in
several projects: simply split the return from
Request.ServerV ariables("REMOT E_ADDR") at the dots into an array, coerce the
elements to a numeric typs (if you want to use masks) and efficiently
arrange a ban (or allow) list.
If it's a Windows server, your IP and/or subnet could be IPSEC'ed away too,
but then you wouldn't get a ban notice, the server just wouldn't seem to be
there?
So are you saying you have a whole class C (or substantial part thereof) of
address space for a proxy to hop around in? The addresses it uses would
have to be allocated to it persistently, unless its integrated with DHCP...
If I were the forum admin, I'd ban you too, that sort of activity looks
malevolent, what's the incentive to take a chance you don't have darker
intentions than?
Regardless, the public IP from which a client connected is always available
to a server app at some level; ASP exposes it to scripts running under it
quite readily. Aside from an anonymizer, shell accounts in eastern block
countries, or buying more address space, I doubt you'll find a way through
half-way decent code... but the larger issue might be, why would you want
to?
-Mark
shimmyshack wrote:
flash objects are a good way to store persistent data on a client
machine. much better than javascript.
You haven't given anything like enough info though to be definite about
the method used in this case however and I'm just guessing.
I find it hard to believe that a proxy with "changing" class A IP,
would be rewriting javascript and not sending cookies, are you SURE
about that?
I am using an anonymizer. That's what it does.
>
Anyway the solution to your woes is to use a proxy yourself, as well as
a packet sniffer. If you liek writing c# you could code a filter into
fiddlertool and proceed from there. As with all web traffic it is
entirely possible for you to stop ANY prevention mechanism he uses, you
just have to know how. However if you do so, despite his warnings, you
may well be in violation of real world law, so dont use any techniques
for bad.
When posting an ASP page, quite often the viewstate function which is a
blunt and bloated thing, can be hijacked to send more data about you,
as it is needed to browse the site, my guess is that is where the
persistent data is being wrapped up and sent, look around for the code
that plugs into that.
I am not an IT person. However, I found on the Internet that if
ViewState sends anything back to the forum server, then I should find
the following piece of code in the HTML webpage code:
<input type="hidden" name="__VIEWSTA TE"
value="dDwxNDg5 OTk5MzM7Oz7DblW pxMjE3ATl4Jx621 QnCmJ2VQ==" />
In the forum's code, there is no mentioning of "ViewState" . Does that
mean that this is not the culprit ?
Any other suggestions ? (Thanks for those you gave, so far they were
the most informatve).
...
>
In order for a hash to be used, it would have to be sent from YOUR
computer through the proxy to them, so you can see and stop it, unless
it is wrapped into the viewstate, or just appended.
minnesøtti wrote:
Hi there,
I am posting to a web-based forum which runs on ASP and uses
JavaScript. I post via a proxy-server which rewrites JavaScript, does
not send cookies back to the forum server, and which changes its IP
address every few minutes within the whole class A network.
The moderator says he banned my IP address (let's put the moral issues
of it aside for the sake of the technical discussion). This means he
banned the whole network of the Class A, within which the IP addresses
of my proxy-server change. It is hard to believe, but it might be
possible. The strange thing is that when I try to do posting through
the proxy-server using the Firefox browser (which I traditionally use),
the forum server returns a message saying that I was banned from
posting. However I could make a posting using the IE6 web browser !
I have a hypothesis that the moderator bans not only my IP address. The
forum might send a JavaScript code to my computer, it computes a hash
based on the computer configuration (using the information about the
installed web browser as well), and sends this hash number (which is
unique for this computer system) back to the forum server. The postings
made with this hash are banned.
However, I looked through the JavaScript code by my non-specialist eye,
and I could not see anything suspicious. Can someone comment on how
this ban was possibly done (and how to overcome it), or at least direct
me at the Internet resource where I could read more ? Thanks.
..
Nah, I doubt it could be JavaScript alone that is doing it.
It's not that powerfull, try disableing JS and see what happens.
I would say it's done useing a server side script and a Cookie placed
on the clients web browser, the cookie would contain the IP addie and
the web browser, so just delete cookies and refresh the browser a few
times before posting, I bet you that it works.
--
Regards Chad. http://freewebdesign.cjb.cc
I am afraid that in order to track down the reason you will need to be
an IT person, you will need to know not just what anon. says it does
but what it is actually doing, after all, you claim that anon. fails to
protect you when in FF, but somehow does in IE. This made me suspicious
that you were using anon. at all. I would question your info on other
grounds as well - how for instance does the forum keep track of who is
logged in, of your session - without using either javascript, headers,
a postback, hidden inputs on a form, or some other method that gets
through your anon. proxies - or you wouldnt be able to log in. And how
once you have logged in using IE can it let you post unless you use
another username - which again supports it being js. That is assuming
you log in of course, what self respecting forum owner attempts to ban
people when his forum requires no authentication!
You haven't given enough info I'm afraid, and the whole IE/FF thing
really says that it must be js, a web bug or flash. because there can
only be two other main reasons: user-agent, and different proxy IP. not
picked up by the forum for the duration of your IE session
the user-agent thing is too gross a solution,
the diff anon. IP would be a reason, but I assume youve tried it more
than once! so I discounted this.
It is probable that a decent forum owner bans many of these types of
anon. proxies. But has some he misses - after all they are all pretty
easy to track down!!
Unless you are willing to get your hands dirty and packet capture you
wont find the answer, and even if you do its possible that the stuff is
going via UDP anyway. This is a pretty easy one to solve! - but not
without there being a transference of info from you to us.
As for javascript not being advanced? There are implementations of AES
and other encryption algos, as well as a host of other things which are
capable of sending data from your browser to the server without YOU
being able to decrypt it. Of course these things are rarely implemented
CPU constraints, however javascript is a very advanced language indeed,
and is more than capable of keeping tabs on a non IT person. XSS
attacks etc.. - js!
minnesøtti wrote:
I am posting to a web-based forum which runs on ASP and uses
JavaScript. I post via a proxy-server which rewrites JavaScript, does
not send cookies back to the forum server, and which changes its IP
address every few minutes within the whole class A network.
Hard to believe in it taking into account that class A networks (as
well as B and C) do not exist for more than 10 years by now. The ban
can be set to a particular IP, to the server cross-range IP pair or to
the entire server IP range. Respectively any anonymizer can switch IP
only withing the range of its own IP addresses; on many hight grade
solutions there are updating lists of IP ranges of known anonymizing
services (anonymizer.com , anonymouse.net etc) banned by default.
The fact that you can still use some UA for posting suggests that the
admin used "soft ban" by particular IP(s), not killing the entire
range. As suggested clean your cookies and try again. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Alexander N. Spitzer |
last post by:
If I have a machine with 3 virtual IP addresses (192.168.1.), how
can I start 3 instances of the same RMI application (each started with
different properties/configs), each listening on the port 1234, but each
instance binds to a different ip address.
that is to say:
instance #1 binds to 192.168.1.5/port 1234
instance #2 binds to 192.168.1.6/port 1234
instance #3 binds to 192.168.1.7/port 1234
|
by: YAN |
last post by:
Hi,
I want to get the mac address from a machine, which i have the IP address of
that machine, how can i do that?
I know how to get the mac address of the local machine from the following
code:
Dim mc As System.Management.ManagementClass
Dim mo As System.Management.ManagementObject
mc = New
System.Management.ManagementClass("Win32_NetworkAdapterConfiguration")
|
by: Privacy Advocate |
last post by:
//crossposted to: comp.lang.javascript, alt.comp.lang.javascript in an
effort to get factual answers from JavaScript experts//
Simply put; Is it possible to obtain the real (actual) IP address of
someone (client) that visits a web site through an anonymous proxy if
this person ONLY has JavaScript enabled in their browser? This is NOT
a question about PHP, perl, VBScript, Java(.class), or ActiveX. Let us
_only_ deal with JavaScript for...
|
by: baumann.Pan |
last post by:
hi all,
i want to get the address of buf, which defined as
char buf = "abcde";
so can call
strsep(address of buf, pointer to token);
|
by: andreas.w.h.k. :-\) |
last post by:
How do I change the address location in the wsdl
<wsdl:port name="SearchSoap12" binding="tns:SearchSoap12">
<soap12:address location="http://searchservices/engine/search.asmx" />
</wsdl:port>
Anderas
| | |
by: Phoenix_ver10 |
last post by:
I have a mailing list with multiple names going to the same addresses.
I need one address with all the names for that address on it. I checked
out the example on microsoft's site, but A: It doesn't work (error that
there is an extra parenthise (sp?) ) and B: Will only let in two names
for each record. If there are three, the middle on is deleted.
Or to make things simpler, if nothing else, I'd like to add a field in
the table that shows...
|
by: Jamie J. Begin |
last post by:
I'm very new to the world of Python and am trying to wrap my head around
it's OOP model. Much of my OOP experience comes from VB.Net, which is
very different.
Let's say I wanted to create an object that simply outputted something
like this:
Developer
Detroit
Michigan
|
by: Nicolas Noakes |
last post by:
Hello,
I would like to convert to following process to code. Any advice is
welcome.
I have a hardware device which requires the this procedure to set it's
IP address. First create an static ARP entry for the device's MAC
address and the desired IP address. Then telnet to this IP address on
TCP port 1. This will set the device to temporarily respond to that IP
address. Now you can use HTTP to access the device's web interface and
|
by: Julienne Walker |
last post by:
Ignoring implementation details and strictly following the C99
standard in terms of semantics, is there anything fundamentally flawed
with describing the use of a (non-inline) function as an address? I
keep feeling like I'm missing something obvious.
-Jul
To keep things in context, this is in reference to describing
functions to a beginner.
|
by: saravanatmm |
last post by:
I need javascript code for validate the email address.
Email address field cannot allowed the capital letters, special characters except '@' symbol.
But can allowed the small letters, numeric numbers.
Now i use this script for validate the email address. But it allows the cpital letters otherwise its working correctly.
SCRIPT FUNCTION
************************************************
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
| | |
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
