Trouble on the way?

I have been using Proxomitron for about six months and I thoroughly enjoy my new found power. While I make no claims to being a filter monkey (outside photoshop) I have created some of my own filters. As I lack finesse I shall keep my TheOnion filters to myself to avoid public taunting.

I do, however, wonder if I am the only proxomitron user to stumble across these annoying people:

http://antiadbuster.com/

Thoughts? Solutions? Kudos requests?

TIA

I think I ran across something similar before, but the beast you gave is certainly new to me. I went to a site which has the antiad code in place: http://www.supercheats.com/ and sure enough was presented with a message that I'm using an adblocker and that to continue I had to disable it.

Interesting.. I'm curious to see what filters will be developed to circumvent this nasty bug.

It's been discussed on Yahoo groups & diff filters were posted, but I don't think anybody posted everything needed to circumvent it. So, here ya go.

NOTE: Make sure the "Anti AdBusters" filter is placed before your Ad filters.

[Blocklists]
List.AdBusters = "..\Lists\AdBusters.txt"

[HTTP headers]
EDIT: Look at the post below by TEggHead

[Patterns]
Name = "Anti AdBusters"
Active = TRUE
URL = "$LST(AdBusters)"
Bounds = "<textarea\s*</textarea>"
Limit = 256
Match = "\1"
Replace = "\1"


-------[ make an "AdBusters.txt" file & place the following in it. ]-------

# AdBuster list.
# This list contains URLs that block Ad killers.
#
www.supercheats.com/

BTW, what they do is; they place a hidden form with ad code inside, if the code is modified your sent to the adblocker page, if it's not modified your sent to the real page. Then they place a cookie "ad_blocker_found=false" or "ad_blocker_found=true". If you don't allow cookies, they won't let you in.


Here's the page with the hidden form.
http://www.supercheats.com/adbust/antiadbuster_b1.php?rand_id=120&p_loc=/index.php

Ooops, forgot to allow cookies/login.... hehehe

Very nice, thanks for sharing that information.

Stunning! Thank you much for sharing.

The headers filters remain arcane to me. Though I've adopted TeggHead's variant instead of your OR'd combo.

This doesn't seem to work for cdcovers.cc

Before adding these I would get a page telling me to remove my filtering software, after adding these it seems to be in a repeating loop loading the page and the page for failing its check.

To test it, click Covers at the top and then any cover page.

Correct, although it is not that it not works, it's more that the 'filtered' version is still in your cache and getting retrieved instead of a fresh copy, I've got the same problem with the next proxy in the chain.

Another alternative is to use one of the allowed spiders as addition to a fake user-agent

see the Adbuster Disected thread

I'm using this one and doesn't need a cookie too...

In = FALSE
Out = TRUE
Key = "User-Agent: AntiAdbuster"
URL = "*$LST(zUA_Fake_AntiAdbuster)*"
Replace = "Slurp/0.01 [fu] (Win67; X; KnifeCollector)"

The List is just a blocklist with sites using this technique...

I added that to my headers as well, but i'm still stuck in a repeating loop of this:

I must say, these guys at cdcovers do have a warped sense of legalities...they call the person using an adblocker, the bandwidth thief, must be because they're looking in a mirror, how else can they have it backwards?

At any rate, this goes to show how dynamic the internet is, one day the name of a user-agent that works is posted, the next day it stops working already, curious how long this one survives...


*** Log Reset ***

+++GET 1354+++
Using Proxy - CRasher:8181
GET http://www.cdcovers.cc/dvd_b.php HTTP/1.1
Accept: image/gif, image/jpeg, image/pjpeg, images/png, image/x-xbitmap, */*
Accept-Language: 12-34
Accept-Encoding: deflate, gzip
User-Agent: Road Runner
Host: www.cdcovers.cc
Connection: keep-alive

+++RESP 1354+++
HTTP/1.0 200 OK
Server: Apache/1.3.23 (Unix) mod_gzip/1.3.19.1a PHP/4.1.2
X-Powered-By: PHP/4.1.2
Connection: close
Content-Type: text/html
+++CLOSE 1354+++

+++GET 1355+++
Using Proxy - CRasher:8080
GET http://www.cdcovers.cc/antiadbuster_blank.htm HTTP/1.1
Accept: image/gif, image/jpeg, image/pjpeg, images/png, image/x-xbitmap, */*
Referer: http://www.cdcovers.cc/dvd_b.php
Accept-Language: 12-34
Accept-Encoding: deflate, gzip
User-Agent: Road Runner
Host: www.cdcovers.cc
Connection: keep-alive

+++GET 1356+++
Using Proxy - CRasher:8080
GET http://www.cdcovers.cc/antiadbuster_ad.php?rand_id=2121578463&page_location=/dvd_b.php HTTP/1.1
Accept: image/gif, image/jpeg, image/pjpeg, images/png, image/x-xbitmap, */*
Referer: http://www.cdcovers.cc/dvd_b.php
Accept-Language: 12-34
Accept-Encoding: deflate, gzip
User-Agent: Road Runner
Host: www.cdcovers.cc
Connection: keep-alive

+++RESP 1355+++
HTTP/1.1 200 OK
Server: Apache/1.3.23 (Unix) mod_gzip/1.3.19.1a PHP/4.1.2
Last-Modified: Wed, 15 May 2002 22:18:51 GMT
Accept-Ranges: bytes
Content-Length: 6
Content-Type: text/html
Connection: close
+++CLOSE 1355+++

+++RESP 1356+++
HTTP/1.1 200 OK
Server: Apache/1.3.23 (Unix) mod_gzip/1.3.19.1a PHP/4.1.2
X-Powered-By: PHP/4.1.2
Transfer-Encoding: chunked
Content-Type: text/html
Connection: close
+++CLOSE 1356+++

+++GET 1357+++
Using Proxy - CRasher:8080
POST http://www.cdcovers.cc/antiadbuster_bust.php HTTP/1.1
Accept: image/gif, image/jpeg, image/pjpeg, images/png, image/x-xbitmap, */*
Referer: http://www.cdcovers.cc/antiadbuster_ad.php?rand_id=2121578463&page_location=/dvd_b.php
Accept-Language: 12-34
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: deflate, gzip
User-Agent: Road Runner
Host: www.cdcovers.cc
Content-Length: 232
Pragma: no-cache
Connection: keep-alive
Browser reload detected...
Posting 232 bytes...

+++RESP 1357+++
HTTP/1.1 302 Found
Server: Apache/1.3.23 (Unix) mod_gzip/1.3.19.1a PHP/4.1.2
X-Powered-By: PHP/4.1.2
Location: http://www.cdcovers.cc/dvd_b.php
Transfer-Encoding: chunked
Content-Type: text/html
Connection: close
+++CLOSE 1357+++

The User-Agent filter might work with cdcovers (though, as we see, they can keep banning those). However, the cookie fiter doesn't. They don't use "ad_blocker_found=false", but rather, "check_done=" and a long string that may apply to a session ID. For the time being, I can get by with faking that cookie, but I suspect that is a short lived solution:


GET http://www.cdcovers.cc/audio_b.php HTTP/1.0
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */*
Referer: http://www.cdcovers.cc/antiadbuster_ad.php?rand_id=800756015&page_location=/audio_b.php
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.0.3705)
Host: www.cdcovers.cc
Pragma: no-cache
Cookie: check_done=9c5819505cf1b345128ed4cfcf091d41
Connection: keep-alive