Active Topics

 


Page 1 of 2 1 2
Reply
Thread Tools
Vento is offline Vento
2015-02-18 , 11:37
Posts: 178 | Thanked: 91 times | Joined on May 2011 @ Mira (Venice) - Italy
#1
Read this page one the wiki if you don't know what I'm talking about (the page talk about ad-blocking on N900 but the hosts file method works with nearly every OS ever created).

And maybe a look here shuld be useful too.

So first of all you need root acces, so type: devel-su

Backup your current hosts file with:
Code:
cp /etc/hosts /etc/hosts.base
hosts.base will be used by the script to create the new hosts file so do not delete it!

Now create a file (example: vi update-hosts) with these commands:
Code:
#!/bin/bash

URL=http://winhelp2002.mvps.org/hosts.txt
TEMP=/etc/hotst.tmp
BASE=/etc/hosts.base
HOSTS=/etc/hosts

rm -f $TEMP 2> /dev/null
curl $URL | grep ^0.0.0.0 | cut -d "#" -f 1 | grep -v localhosts >> $TEMP && rm -f $HOSTS && cat $BASE $TEMP | sed -e "s/^\s*//g" -e "s/\s*$//g" -e "/^\s*$/d" -e "/^$/d" >> $HOSTS
rm -f $TEMP 2> /dev/null
The third line of commands goes from curl to >> $HOSTS, it's only 1 line with a lot of commands... I know... this looks bad but it's a safe way to menage the hosts file without break anything.

Make it executable, writable and readable only by root with:
Code:
chown root:root update-hosts
chmod 770 update-hosts
Execute it with (or without devel-su if you have are the root)
Code:
devel-su ./update-hosts
Run this file to update the hosts file. "hosts.tmp" will be created to store the file downloaded from http://winhelp2002.mvps.org/hosts.txt. The script automatically remove the temp file and every comment or usless strings and characters in the file to reduce the size (not so much, ~100KB).

To restore the original hosts file type:
Code:
rm -f /etc/hosts
mv /etc/hosts.base /etc/hosts
Btw this ad-blocking method is very simple and works only with the well know ads... but...

You can test it by yourself on your Jolla with these sites:
1) http://ads-blocker.com/testing (partially works)
2) http://thepcspy.com/blockadblock/ (works!)
3) http://simple-adblock.com/faq/testing-your-adblocker/ (do not work)
Last edited by Vento; 2015-08-12 at 10:50. Reason: Script update
 

The Following 7 Users Say Thank You to Vento For This Useful Post:
Manatus is offline Manatus
2015-02-18 , 11:50
Posts: 334 | Thanked: 616 times | Joined on Sep 2010
#2
First of all thanks for this.

It might be a good idea to evaluate the contents for anything else than lines with localhost addresses 127.0.0.1 and ::1. Otherwise you are trusting the provider of hosts.txt file that it does not contain any redirects to malicious proxy sites.
 

The Following User Says Thank You to Manatus For This Useful Post:
Vento is offline Vento
2015-02-18 , 11:55
Posts: 178 | Thanked: 91 times | Joined on May 2011 @ Mira (Venice) - Italy
#3
Originally Posted by Manatus View Post
First of all thanks for this.

It might be a good idea to evaluate the contents for anything else than lines with localhost addresses 127.0.0.1 and ::1. Otherwise you are trusting the provider of hosts.txt file that it does not contain any redirects to malicious proxy sites.
Every reference to localhosts from that providere is replaced byt the original Jolla hosts settings (that why I use the file hosts.base).

The provider of that hosts file is really famous and everyone download the hosts file from him, but if anyone whuold like to check for malicious redirect fell fre to do it and report your progres here pls.
 
Manatus is offline Manatus
2015-02-18 , 12:31
Posts: 334 | Thanked: 616 times | Joined on Sep 2010
#4
Originally Posted by Vento View Post
Every reference to localhosts from that providere is replaced byt the original Jolla hosts settings (that why I use the file hosts.base).

The provider of that hosts file is really famous and everyone download the hosts file from him, but if anyone whuold like to check for malicious redirect fell fre to do it and report your progres here pls.
I apologize if I'm wrong here, as I'm not very proficient with unix tools. I may miss some sed and regex magic...

But what I see is that you grep all the lines that mention localhost. That is fine. But ipv4 record can consist of more than that such as

Code:
112.112.112.112 im.malicious.com localhost.localdomain localhost
And currently you would insert that into the newly created host-file.

I think you need first to drop any lines that contain any other IP than 127.0.0.1 and ::1.

And also 127.0.0.1 must not be in the form #127.0.0.1 in the end of line like this (on one line although visible here on two):

Code:
112.112.112.112 im.malicious.com localhost.localdomain localhost #127.0.0.1
or

Code:
112.112.112.112 im.malicious.com #localhost.localdomain #localhost #127.0.0.1
EDIT: added second example line. I haven't checked yet what would happen, though.
Last edited by Manatus; 2015-02-18 at 12:49.
 
Manatus is offline Manatus
2015-02-18 , 13:07
Posts: 334 | Thanked: 616 times | Joined on Sep 2010
#5
Aaaand... I stand corrected. You are right.

Lines formed in the way I suggested get cleaned away properly.
 
Vento is offline Vento
2015-02-18 , 14:14
Posts: 178 | Thanked: 91 times | Joined on May 2011 @ Mira (Venice) - Italy
#6
Originally Posted by Manatus View Post
Aaaand... I stand corrected. You are right.

Lines formed in the way I suggested get cleaned away properly.
Actually thanks to your exemples I've done a little fix. Thank you
 

The Following User Says Thank You to Vento For This Useful Post:
Manatus is offline Manatus
2015-02-18 , 14:15
Posts: 334 | Thanked: 616 times | Joined on Sep 2010
#7
I'm correcting myself again. Try hosts.txt (all # on the same line as IP):

Code:
127.0.0.1 im.not.malicious
112.112.112.112 im.malicious.com #localhost.localdomain #localhost #127.0.0.1
112.112.112.113 im.malicious.com localhost.localdomain localhost #127.0.0.1
111.111.111.114 colocalhosted #127.0.0.1 #colocalhosted
111.111.111.115 evil.com  #127.0.0.1
This resulted in a host-file:
Code:
127.0.0.1 localhost localhost.localdomain
::1 localhost6 localhost6.localdomain6
127.0.0.1 im.not.malicious
111.111.111.115 evil.com
The last line got through, only #127.0.0.1 was cut away.

The original hosts-file was:
Code:
127.0.0.1 localhost localhost.localdomain
::1 localhost6 localhost6.localdomain6
EDIT: Doing edits at the same time you answered. Previous was tested with original command (curl replaced with cat here):
Code:
cat hosts.txt | grep -v ^# | grep -v localhost | cut -d "#" -f 1 >> /etc/hosts.tmp && cat /etc/hosts.base /etc/hosts.tmp >> /etc/hosts && rm /etc/hosts.tmp && sed 's/^ *//; s/ *$//; /$/d' /etc/hosts
Last edited by Manatus; 2015-02-18 at 14:25.
 
Manatus is offline Manatus
2015-02-18 , 14:42
Posts: 334 | Thanked: 616 times | Joined on Sep 2010
#8
With:
Code:
cat hosts.txt | grep -v ^# | cut -d "#" -f 1 | grep -v localhost >> /etc/hosts.tmp && cat /etc/hosts.base /etc/hosts.tmp >> /etc/hosts && rm /etc/hosts.tmp && sed 's/^ *//; s/ *$//; /$/d' /etc/hosts
evil.com and now im.malicious.com from previous example still got through.

But with:
Code:
cat hosts.txt | grep -v "#" | grep -v localhost >> /etc/hosts.tmp && cat /etc/hosts.base /etc/hosts.tmp >> /etc/hosts && rm /etc/hosts.tmp && sed 's/^ *//; s/ *$//; /$/d' /etc/hosts
it works. Since #-char has no purpose (except in malicious intent here), you can grep the lines with them all away.
 
Vento is offline Vento
2015-02-18 , 14:54
Posts: 178 | Thanked: 91 times | Joined on May 2011 @ Mira (Venice) - Italy
#9
Originally Posted by Manatus View Post
With:
Code:
cat hosts.txt | grep -v ^# | cut -d "#" -f 1 | grep -v localhost >> /etc/hosts.tmp && cat /etc/hosts.base /etc/hosts.tmp >> /etc/hosts && rm /etc/hosts.tmp && sed 's/^ *//; s/ *$//; /$/d' /etc/hosts
evil.com and now im.malicious.com from previous example still got through.

But with:
Code:
cat hosts.txt | grep -v "#" | grep -v localhost >> /etc/hosts.tmp && cat /etc/hosts.base /etc/hosts.tmp >> /etc/hosts && rm /etc/hosts.tmp && sed 's/^ *//; s/ *$//; /$/d' /etc/hosts
it works. Since #-char has no purpose (except in malicious intent here), you can grep the lines with them all away.
But in this way you delete every line that contains a comment or localhost, even if the word localhost is placed in the comment.
 
Manatus is offline Manatus
2015-02-18 , 15:13
Posts: 334 | Thanked: 616 times | Joined on Sep 2010
#10
Originally Posted by Vento View Post
But in this way you delete every line that contains a comment or localhost, even if the word localhost is placed in the comment.
Aww, blast! You are correct; hosts.txt from http://winhelp2002.mvps.org contains comments on the same line. Never paid attention to them before...

Example in the end of the file:
Code:
# [ZEDO]
0.0.0.0 zedo.com #[WebBug]
0.0.0.0 ads.zedo.com
0.0.0.0 c1.zedo.com
0.0.0.0 c2.zedo.com #[Tracking.Cookie]
0.0.0.0 c3.zedo.com
 
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 23:26.

Contact Us - Home - Archive - Top