New nzbgeek obfuscated nzbs not working in Alt.Binz

[sidbib]

Recently nzbs from the NZBGeek indexer are using a new / different obfuscation technique that Alt.Binz is not handling well.

As part of the obfuscation, even the segment count on the subject line is fake / randomized. This is causing Alt.Binz to not parse all segments of a file when the "fake" segment count is less than the actual segment count. I spoke with NZBGeek staff in their Discord channel and was shown a snippet of the release notes of a usenet uploading software, but they were not comfortable with naming the software. Here is the snippet I was shown:

Code: [Select]

# Use a random usenet message subject instead of the filename
# this extra obfuscation method makes it harder to reconstruct a message from usenet posts
# but might introduce issues with less advanced downloaders that check the message headers instead of the yenc headers.

UseRandomMessageSubjects=yes
The default value of this setting is no so the new method will only be used when you enable this setting.

Right now I have only seen this on NZBGeek, but since this is a feature of the posting software it could be adopted by other uploaders associated with other index sites in the future.

Any chance this is an easy fix?

[sidbib]

Ok, so I found the posing program that has this new "break Alt.Binz" option: nntpPoster Version 0.12.3 - released 11 days ago.

The full release info has a bit more detail than the snipped i was given
https://github.com/boranblok/nntpPoster/releases

Code: [Select]

This version fixes a potential security issue with the log4net version used. (improbable to affect previous versions due to what is used of log4net)

Additionally a new message obfuscation method is available.

To enable this add a new setting to your folder configuration:

# Use a random usenet message subject instead of the filename
# this extra obfuscation method makes it harder to reconstruct a message from usenet posts
# but might introduce issues with less advanced downloaders that check the message headers instead of the yenc headers.
UseRandomMessageSubjects=yes

The default value of this setting is no so the new method will only be used when you enable this setting.

What this new obfuscation method does:
For NZB's it seems the message subject does not matter at all, only the yenc header is looked at by the downloader. This setting makes it so all posted messages have a completely nonsensical subject. Only the nzb downloader with the nzb can reassemble the files.
It is possible downloaders other than sabnzbd and nzbget encounter issues with these nzbs, be aware of this possibility.

[sidbib]

Update: After speaking with the NZBGeek admin, I have been told  that he will ask the nntpPoster dev if he can put the segment count at the end of the subject line back to a true/accurate value without hurting the desired level of obfuscation. We walked through an nzb edited to work properly in Alt.Binz so he understands the issue. I will update this post once I hear more.

[Rdl]

No need. I've added support for this kind of posts. Nothing good to say about poster program or mentioned site...

[sidbib]

I saw today that this has now popped up on the NZBPlanet indexer as well. Someone was complaining in their forum about new nzbs not working with a different newsreader. I checked the example nzb and sure enough it was full of incorrect yEnc segment counts. The download worked fine in Alt.Binz 0.47.3.6.

I have no idea how widespread this new obfuscation technique will become, so thank you again for updating Alt.Binz to handle it.

[tvholic]

One issue remaining with these types of NZBs is that large PAR files aren't paused on import, so all the PAR files get downloaded.  The PAR files do have subject names ending with ".par2".

[Rdl]

nzb -> pm

[Rdl]

There's volxxx-xxx part missing from the name of the recovery files. What they are doing is wrong on so many levels. This will not be addressed by me.