|
Freehost solutions to a warez problem
All you freehost owners out there,
how do you deal with those Gifs and Jpegs that contain warez? Do you go manually hunting for them, or do you have a script for that? Just wanna which way you do it. |
cant u just limit filesize?
|
Do you wanna know how its done in the 21st century? :)
|
A special software cuts a Zip file into thousands of Gifs and Jpegs @50-70kb and uploads them to the server. Another proggie is used to leech them off and restore the original file...
|
Don't allow hotlinking of your images it might help
|
Fuck that sucks how do you stop them from doing that? Can you tell the diff in the file like is it a .jpg or something else?
fuel |
Zubr, they are going to eat you alive......
Yes there are scripts you can run to find some of them, but that doesnt catch them all. You aint seen nothing yet. This has nothing todo with hotlinking, cyborg. Its what Zubr said, its hundreds of images (.gif, .jpg) etc... that when all downloaded and put back together are full programs, movies, etc....all kinds of different shit. |
I'm pretty sure they are just renamed compressed files... maybe a program that looks for the jpeg/gif header (if it exists) would confirm its a pic.
I'm sure something particular can let someone know its a picture or not! :2 cents: |
Wiredoctor, they've been eating me and i made a script myself and so far its 95% successful :)
|
Quote:
|
It is a valid gif or jpeg file so detecting the header won't work. Our software kills them on both the upload level, and also can detect the client most of them use for download. They just found a way around our system recently and we had it corrected the next day. So it can be done, except our software is only for our hosting clients :)
|
Quote:
|
have any of you guys tried busting them and contacting their isp? i'm sure some of them are dumb enough to not block their ip. or mabye you can use email the admin of the proxy server to get their ip if they use a proxy.
|
Why don't you put the files back together, insert a nasty virus and take it back apart. People will get the idea pretty fast not too use your freehost for warez. :Graucho
|
Quote:
|
I been having the same problem. I been trying to use a number of solutions. So far no perfect soution.
|
There is a unix utility called "file". It reads the file information, not extension, and reports on the file that is uploaded. I use it on my freehost. Example: gzip file copied to a .jpg returns the result:
test.jpg: gzip compressed data, deflated, last modified: Thu May 9 02:45:59 2002, os: Unix Sounds like these are actual images. Thats a new one by me. |
There are tools to compress images. Many free hosts used those in the past to make pictures smaller. Good part in this case: it distorts the pictures... So if you'd compress all images to 99.9% of their original size (which wouldn't affect the image quality, but would totally alter the code in the picture) any program trying to use the data in those pictures wouldn't work anymore.
Try making a JPEG in PhotoShop. Save it. Then save it again setting the quality of the image 1% less. Try to find ANY difference in the results picturewise. You will not find it. But compare the two files in a text-editor. Totally different. It would take some extra processing power on the upload script, but this pretty much takes care of all these warez programs combining JPEGS to full files |
good advice hun.... but is it really possible to do that when a freehost gives you ftp access... i really wonder if there is a software that does what you said after the pics have been uploaded
|
I can write you a simple perl script if you want ... which checks the jpgs or gifs ?
contact me 13605110 |
A new solution just occoured to me. There *MUST* be a utility designed for the sole purpose of stripping trailing garbage off of an image. Most likely a unix utility under GNU license.
|
Let us begin:
JPEGTRAN(1) JPEGTRAN(1) NAME jpegtran - lossless transformation of JPEG files One down, one to go. |
Alright, due to patent restrictions, this is going to be a harder game to play for GIF's. I'm going to start with the haxor'd version of GD that handles gif's. My goal is to make a lossless version of the image, which contains only image data.
|
This is a bit of a stab in the dark, but I think imagemagick will handle the gif's.. probably the mogrify utility.
Too tired to actually piece this together right now, but in the spirit of sharing, hopefully if one of you bright souls figures it out, you'll post more details here. |
here we go...
just install Image::Size as a perl module perl -MCAN -e shell install Image::Size This script scansyour complete httpd tree for gifs and jpg files and checks them ... Like FAAAAAAASSSST! Here's to code... done in 5 mins :eek7 #!/usr/bin/perl use Image::Size; use File::Find; local @files; #your httpd dir; local $datapath="/home/httpd"; local @filelist; get_files(); foreach (@filelist) { $filename = $_; @tmp = split (/\//,$filename); $filename_last = $tmp[$#tmp]; ($dummy,$ext) = split(/\./,$filename_last); if ($ext =~ /gif/i || $ext =~ /jpg/i) { push (@pics,$filename) } } foreach (@pics) { $filename=$_; $W=0; $H=0; ($W,$H)=pic_info($filename); if ($W == 0 || $H == 0) { #your action... print "$filename is NOT a valid jpg or gif ... \n"; }else{ print "$filename is a valid jpg or gif ... \n"; } } ################################################## ############################ sub get_files { print "Reading files for...\n"; @filelist = (); @DIRLIST = ("$datapath"); find (\&process_file, @DIRLIST); } ################################################## ##### sub process_file { if (-f $_) { push (@filelist,$File::Find::name, -d && '/'); } } ################################################## ############################# sub pic_info { $fullfilename=$_[0]; ($x, $y) = imgsize("$fullfilename"); return ($x,$y); } |
What kind of image optimizing software can you use on your server? I see thumbnail size images taking up 100K
|
I use nconvert on my linux boxes...
|
compressing and editing will not solve the problem - if you are the host or the webmaster... it will only solve the problem of the person downloading the warez.
reason: they pics will still take space on the disk, no-one will see the page/ads anyway (they download the pics with software), the bandwidth (lots of it) will still be consumed (and paid for...); so the ONLY person who is not going to benefit from this is the end user, while the webmaster/host still pay the price. the only way is to detect those files, and remove them at upload. i know that all the big freehosts do that already. at least those i worked with (smutserver, sexplanets etc.) i can recomend you, however, to use payinghost.com system instead of a freehost, because it is entirely behind a dialer. this way, you can sit and pray that lots and lots of people will come to your host and download this crap all day, while you are getting rich! |
Quote:
Those image files actually have valid sizes... And where do you get that "Nconvert" utility? |
Quote:
Works for me... Anyway, nconvert is here: ftp://www.zoo-logique.org/xnview/dow...2.x-static.tgz |
Quote:
|
Quote:
Is nconvert as stand-alone utility? or do i need another Perl script to call it? |
its a stand alone util. But very powerfull
|
Just out of curiousity, how are you using nconvert? Are you using it to:
- make a lossy copy of the images - make a lossless copy of the images - detect warez images ?? Can you help me with the command line? This programs got a shitload of options. |
I use it to generate thumbs from a uploaded zip file :
./nconvert -quiet -c 6 -q 95 -in jpeg -resize 80 50 -out jpeg -o output_filename input_filename B. |
Quote:
We just need to compress the files a bit.... |
Quote:
|
FTP access is logged too. So just by going though the log files someone should be able to find out what pictures were uploaded/renamed.
Problems with cheaters are the reason many free hosts stay away from FTP. What also could be a good solution is to give people FTP-access to a sort of upload hatch. Once you're done uploading and disconnect a script could synchronize the "real" webpage with what is in the upload hatch. But not after checking what's in it of course. |
Do all mpgs have the same header? Anyone know the actually head of jpg, jpeg, mpeg, mpg and gif?
That would get rid of 80% of the warez. I have seen 100K files that are actually images but they are very small. Only thumbnail size. How do you filter these type of files? |
Our freehosts check each image file as its uploaded, if its warez they nuke it.
|
Like said before, these images are REAL images. If you open 'em in IE you get an image. It looks like nothing, but it's an image. The header is correct, everything looks ok, so there's no software in the world that will detect it as Warez... that's why we're trying to find a good alternative for this so the warez programs can't use the data anymore
|
Quote:
contact me on icq - maybe we can help you |
Hun, I know it's hard to manage. Lot's of warez gets uploaded overnight and I try my best to nuke it all. (Lot's of manual work)
Oh, did you get e-mail from Parney G? |
Quote:
Then there must be some zip/rar header in it aswell ? You can search for this header type and then nuke it ... How is the youngest Hun ? Growing up a bit ? |
Quote:
|
If you take some "random" data which could be either image data or part of a program, and the create a header for a JPEG file which would hold the exact information to go with the data it would show in an image viewer as a bunch of garbage, but it has all signs of an image. I don't think a PERL script would be able to detect such a file. Maybe it's an idea for one of the free host operators to post one of those JPEGS here so people can have a go at it. I think we all want to get down cheaters
|
here's a url, but you have to paste it into browser in a new window, because of my htacess restrictions.
http://adultprohost.com/kkohm/a1376/a13760507.gif |
See, the file is 69 kb, and the pic is only 32x32.... Thats how my script found it, the ratio of file size and dimensions was way off
|
The biggest problems with this stuff is one imagic magic is VERY slow at recompressing. We tried it and it was way to slow to be usable on a decient size freehost. Also the images actually crash image magick alot of the time.
The images can be real small images with garbage attached on the end, or very large images. We have seen both. Also they can be in gifs or jpegs. btw the compressing at 99.9% would actually increase the size of all your other images, so thats not a good idea :) |
Amazing how that image looks, beeing a warez file.
Do you know that you can prevent all imgs to be directly accessed ? They will be visible only on an html page. I'd like to see who has the patience to download all the files one by one |
| All times are GMT -7. The time now is 03:32 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123