Jump to content

Problems accessing certain sites (Https aka TLS)


Recommended Posts

On 11/6/2018 at 10:41 AM, Thomas S. said:

There is a bug in the modules of python, which are used for the build of HTTPSProxy, that allow weak and unsafe ciphers.

You can test it yourself by open the site https://www.howsmyssl.com/ in IE8, it reports "BAD" because of this weak ciphers.

IE8-HTTPSPROX.jpg

I could not find this problem in my compiled version (REV2m) of HTTPSProxy. :no:

:)

Edited by heinoganda
Link to comment
Share on other sites


The bug has disappeared with the last update of urllib3 v1.24.1 (2018-11-02), which was just a few days after my buggy version of HTTPSProxy (2018-10-24).
I simply did not notice the error because all pages were displayed flawlessly.
Before that, all the other releases were fine. There may be more other dependencies, but now everything is fine again.

Sometimes it is better not to change a running system...

:yes:

Link to comment
Share on other sites

The 7z archive has two folders.

For the first installation please use the folder "HTTPSProxy". It has all files needed. See "Installation-Update_EN,txt" in the "Docs" folder for the few steps of setup.

The other folder ("Update HTTPSProxy") is only for a update of a existing older proxy installation. To safe the existing configuration a copy and paste of this folder do not override config.ini and Launcher.ini. But config.ini is needed for the Proxy, without it won't work properly.

Link to comment
Share on other sites

Am trying to download since half an hour, but as so often no chance. When clicking the link, GMX only keeps giving a foggy "unsupported browser or missing settings" error and redirects to main page. Tried different browsers and settings, but no luck yet. Any chance to get it from a more userfriendly (or old system friendly) hoster? Perhaps tinyupload?

Link to comment
Share on other sites

i downloaded the suite, and couldn't even send to myself, since gmail detects it as a virus.

no offense, but why is all this so shady? the base version is only sent through PMs, in a randomized named rar, with a randomized password, on a rather uncomfortable file upload site full of ads, the suite is on a german site only accessible from the newest browsers, file has a randomized password and is detected as a virus.

i'm not saying any of this is malicious, but its pretty uncomfortable for programs which supposedly control all your internet traffic.

Link to comment
Share on other sites

And that is not the whole story, you have to config the Proxy settings if you have trouble with an connection.

The proxy project bases on a python script which is compiled to a single exe with "pyinstaller".

The resulting exe is marked as malicious on several scanners, see this picture of Process Explorer, column "Virus Total":

ProcExplorer.thumb.jpg.4e220913837624d83255bdabff300fa6.jpg

Similar the Launcher, it is scripted for and compiled with AutoHotkey to a single exe.

Sorry, I can't solve this problem, it is as it is...

The site for download is here in my browser without limitation, I can't see any add, may be because I use uBlock Origin?

PW is to prevent a wide open door, and I am able to stop the access (if a bug or other issue requires it).

Edited by Thomas S.
Link to comment
Share on other sites

okay, but it gave a virus error, not a "security reason" error.

anyway, ProxHTTPSProxy gives an 'entry point of DecodePointer not found in KERNEL32.DLL' error. so im assuming it would need a newer xp service pack. but then, i see some people here have "98SE" as their OS, so i wonder how that works

Link to comment
Share on other sites

@Youse ProxHTTPSProxy is not my project.

If you have such an exe I can't support you.

HTTPSProxy and Launcher have both the min requirement WinXP SP3 plus the patches until April 2014 (it works with PosReady too, but I think that it is not the platform the developers testet).

They are realy new and not much distributed, so it might be that it gives a error on some systems, but I have it tested much on XP.

Not lower, but also on 7 and 10, but there it makes no sense to run the suite.

Edited by Thomas S.
Link to comment
Share on other sites

@Youse

Unfortunately there is an abuse with Python, with which a malware can be realized quite easily. Here only helps one, at the corresponding virus scanner manufacturer (test with virustotal.com) to report positive as false and submit the files. The files that are generated with PYInstaller from version 3.4, have become synonymous with me several times at Virustotal conspicuous, so I once stayed at PYInstaller 3.3.1. With many small programs there is an increasing number of problems with a false positive message from the virus scanner.

:)

Edited by heinoganda
Link to comment
Share on other sites

so i guess there isn't a (older) version of either program which doesn't require service pack 2 or 3, and still has TLS 1.1 support at least?

or any other similar program like that?

Edited by Youse
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...