Author Topic: Identify password protected uploads  (Read 30410 times)

Offline JSee

  • Contributor
  • ***
  • Posts: 5
Re: Identify password protected uploads
« Reply #15 on: September 30, 2010, 11:44:01 pm »
I hope it's OK to post this here (couldn't find any rules against it):

I just recently found a Tool called nzbSCAN (http://www.jongma.org/nzbscan/) that does what you are asking for here.
If you just want to check if a download possibly has a password I'd recommend setting "scanpresent=0" in the ini-file. Anyway you have to setup some things in the ini first (like newsserver, username, password etc).

Just beware: This saves your password unencrypted (as of version 0.5) in the ini-file!!!
But as far as I can tell it doesn't steal your passwords (I checked the traffic with Wireshark).

It's a nice little tool although it sometimes says "possibly password-protected" when there's just another rar-file inside (without a password).

Offline Hecks

  • Contributor
  • ***
  • Posts: 2011
  • naughty cop
Re: Identify password protected uploads
« Reply #16 on: October 01, 2010, 05:18:53 am »
As others have pointed out, this is pretty useless in the most common situation where passworded RARs are packed in unpassworded ones, since these can only be checked after everything is dl'ed.

Although Alt.Binz might have an option to autopause these or require user confirmation to dl them, it could get annoying e.g. with subs or similar that often have another legit RAR inside. Generally it's better just to be sensible about where you source your NZBs, and learn from experience. It's not hard to recognize the dodgy ones. ;)

Edit: ah, I see the OP suggests comparing size of RAR within RAR. Note that most recent passworded crap has been in .ace format (WinAce). For straighforwardly passworded files you can of course check the output of 'unrar l foo.rar' for an asterisk next to the filename.
« Last Edit: October 01, 2010, 06:20:23 am by Hecks »

Offline JSee

  • Contributor
  • ***
  • Posts: 5
Re: Identify password protected uploads
« Reply #17 on: October 01, 2010, 03:30:01 pm »
Quote
As others have pointed out, this is pretty useless in the most common situation where passworded RARs are packed in unpassworded ones, since these can only be checked after everything is dl'ed.

Not quite. The tool I mentioned above is able to detect password-protected RARs in unpassworded ones (I tested it myself). While it may not be 100% accurate, it is possible (and without downloading everything).

You can also determine it by hand if you just download the first part (even the first article is enough), unpack it and use the "keep broken files" option in WinRar. But it's really not that hard to tell even before the download (just stick to the oldest post for example).

Quote
Note that most recent passworded crap has been in .ace format (WinAce).

Hmm, I haven't come across those. But as I said just download the first part and if it contains an ace-file just skip the rest. ;)
« Last Edit: October 01, 2010, 03:42:49 pm by JSee »

Offline Hecks

  • Contributor
  • ***
  • Posts: 2011
  • naughty cop
Re: Identify password protected uploads
« Reply #18 on: October 01, 2010, 04:56:32 pm »
Well, it's able to detect if a password was set for any file when it was added to the archive (i.e. the file is encrypted).  So if a RAR is added and a password set for the RAR itself, then yes. But if the contents of that RAR were encrypted but the RAR itself wasn't, then no.

I have no idea what your tool does.
« Last Edit: October 01, 2010, 05:02:37 pm by Hecks »

Offline CmdrX3

  • Contributor
  • ***
  • Posts: 10
Re: Identify password protected uploads
« Reply #19 on: October 01, 2010, 05:10:35 pm »
Would be nice, but although initially annoying I've found the best way for me, particularly with regular TV shows is to download the earliest version of it thats released, even if it's only a few hours earlier, it rarely fails me. Anything else it's a case of download the first rar and open it, if it contains a rar, ace, zip or any other archive it's a case of cancel and delete. I see it now as more of a minor nuisance than anything, but then I have a connection that allows me to view it as that, I can understand someone on a slower connection getting frustrated though.

Offline gazix

  • Contributor
  • ***
  • Posts: 24
Re: Identify password protected uploads
« Reply #20 on: April 22, 2012, 05:37:03 pm »
nzbindex has this supported on their website searches. Guess there is no way to implement via this program? Or have I just not seen any yet?


Offline Hecks

  • Contributor
  • ***
  • Posts: 2011
  • naughty cop
Re: Identify password protected uploads
« Reply #21 on: April 22, 2012, 07:24:12 pm »
@gazix

I think you need to read the thread again.  Incidentally, Binsearch also does the same - passworded files where detectable have a [ * ] prepended to their subject in the search tab; and Mysterbin has a 'No pass' search option.
« Last Edit: April 22, 2012, 07:26:16 pm by Hecks »

Offline j4ckth3ripp3r

  • Contributor
  • ***
  • Posts: 6
Re: Identify password protected uploads
« Reply #22 on: March 15, 2013, 04:50:14 am »
+1

Sorry if this is considered grave-digging since its been over 120 days since anyone posted here but it'd be awesome if a new release were able to check the first .rar file after downloading it for a "Click Here for Password File" and if it finds one, cancel the rest of the download not to waste bandwidth and space. Thanks guys and keep up the great work  ;D

Offline Slinky

  • Contributor
  • ***
  • Posts: 187
Check for Passworded content
« Reply #23 on: March 18, 2013, 11:01:31 am »
Morning,
Is there any way for Alt.Binz to check during (at the start of!) downloading to see if the content contained within the file set is encrypted or reqires a password ?

Too many times lately, file sets are unpacking to one fake file that claims requirement of a password.
Any way to save us the grief of multiple downloads ?

Offline zoned

  • Contributor
  • ***
  • Posts: 115
Re: Identify password protected uploads
« Reply #24 on: March 20, 2013, 02:19:15 pm »
Or if was possible to auto check after download open the first rar part .r00 If any file named password inside aborts the download for the rest of the parts. Or pause that file continues download with the next file

Offline Raiser72

  • Contributor
  • ***
  • Posts: 3
Re: Check for Passworded content
« Reply #25 on: April 02, 2013, 08:55:10 pm »
+1

No clue how this could work in detail but it would be a great feature.

Offline dacaid

  • Contributor
  • ***
  • Posts: 246
Re: Check for Passworded content
« Reply #26 on: April 03, 2013, 12:14:58 pm »
Hi,
As far as i remember, this has already been requested, i'm too lazy to search for you guys but it must be somewhere.

About those paswword encrypted downloads, here is a little hint :
When you search some content, you'll sometimes find multiple versions of the same post.
Download the oldest one, there is a chance that some guys downloaded it, encrypted and reupload it after. The oldest is usually (always?) not password protected.
Second hint : some tabs like NZBsearch and NZBclub has "not passworded" search option, check it !

Offline Slinky

  • Contributor
  • ***
  • Posts: 187
Re: Check for Passworded content
« Reply #27 on: April 03, 2013, 12:20:50 pm »
Some good tips there, especially the grab oldest, that i find is usually the case.

There are a lot of these repacked passworded crap sets around, where the only files are one large fake content RAR file, and a text file saying download password here, with a link to some useless data mining site that will never give you anything.

If i hit one bad set, as soon as i unrar it asks to overwrite existing rar file, i cancel and delete the set, dont even bother going any further, after that i grab the next set on restricted speed and test open the first rar file, if it's another inside i trash the download, and try the next until i find a genuine one.

For me, it is not the ISP bandwidth or speed/time that annoys me with these, but that some of them are coming off my pre-paid "pay by download" astraweb account, so it is costing me for every fake piece of crap i download.

I sometimes wonder if a black list of posters would be handy

Offline Raiser72

  • Contributor
  • ***
  • Posts: 3
Re: Check for Passworded content
« Reply #28 on: April 05, 2013, 09:53:28 am »
I just realized that SABnzbd on my NAS supports the "no password" functionality very effectively. So there must be a way to implement this in Alt.Binz, I guess. :)

Thanks for the idea to download the oldest fileset.  ;D


Second hint : some tabs like NZBsearch and NZBclub has "not passworded" search option, check it !

Offline Hecks

  • Contributor
  • ***
  • Posts: 2011
  • naughty cop
Re: Identify password protected uploads
« Reply #29 on: April 05, 2013, 04:33:52 pm »
I merged these threads to keep the discussion on track.

The hardest issue currently is that a main source of such spam is single-volume RARs *without passwords* packed within multi-volume RAR sets, with the first volume (usually '*.rar') deliberately removed by the spammer before posting.

This means that the whole set needs to be downloaded and PAR2 repaired to recreate the missing .rar before you can know what the single-volume archive contains ... because that's where the file header info is, and only there (the RAR spec does not include separate central directory file records at the end like ZIP does).  Not even sabnzbd can make up missing bytes :P

And what it usually contains is a file that *does* need a password to extract, but you can't know that in advance .... these spammers are devious.

On the easier options, a solution is on the way, I gather.

Edit: another thing to note is that these spammers usually include a file like 'CLICK HERE FOR THE PASSWORD.html' at the end of the final RAR volume (e.g. '*.r26') so a strategy might be to download the last volume first and check its contents, but that's obviously a PITA.
« Last Edit: April 05, 2013, 04:57:50 pm by Hecks »