Group: alt.discuss.webtv.technical Date: Thu, Jun 1, 2000 From: ulTRAX@webtv.net Re: Where's The URL Access Killer? repost from a.d.w.h Reading my own post I don't think I laid out the facts or the arguement very well. Obviously one of the browser's prime functions is accessing WTV URLs. This it can do with no problem on "trusted" WebTV pages. Obviously even on "non-trusted" pages some those WTV IP services are exempt... such as mailto:, http:// wtv-tricks, wtv-content (or is it wtv-guide?) Once the non-exempt WTV URLs appear on any regular "non-trusted" web page the browser red flags them. We get the infamous "pink link" and the warning that address's typically need an http://. There are some differences between boxes. An old Classic I use could access all the file:/rom URLs. My Derby Plus could not. I once thought that the WTV URLs were removed and replaced before our boxes even received them.... transformed into wtv-dummy-links by WNI's proxie servers. But if you use the JS Utility to read the HREF codes on these web pages it shows the WTV URLs are intact. Even if I use the JS Utility to rewrite the HREF link... in the same manner one changes the bgcolor of a page... the Killer is not fooled. The link remains pink. The Killer must be implemented only on the click... and involve a stage unrelated to the actual code on the page. What's may be more interesting is not that there are exempt IP services.... but that on occasion some IPs that are normally targeted.... such as wtv-flashrom, are suddenly active on "non-trusted" web pages for short periods. So the question is why? Is this a failure of the Client? If only the Client were involved... there should be no variability.... since the Client (and it's URL Killer) has already been downloaded into our boxes. But what if the Client's URL Killer is really just activated with a command from the WNI servers? Maybe the Killer is always on..... waiting for a deactivation command. There might even be more than one command. A less secure one might allow the use of flashrom commands. Sorry if this is confusing. Just still looking for that theory that explains all we have seen. Group: alt.discuss.webtv.technical Date: Thu, Jun 1, 2000 From: pixel8@webtv.net (wtv-cookie:/cutter) Re: Where's The URL Access Killer? Wouldn't hurt to also take the approach of deducing the rule by examining the exceptions.Perhaps we can reveal the nature of the various url-killers by examination of what they are not. Please continue to periodically repost findings and speculations or place them on your website so long as you are inclined to do so. Group: alt.discuss.webtv.technical Date: Sat, Jun 3, 2000 From: ulTRAX@webtv.net Re: Where's The URL Access Killer? There's some fascinating data being found using a packet sniffer hooked up to the Viewer. I'll try to post some once I can sanitize out any personal info. Group: alt.discuss.webtv.technical Date: Mon, Jun 5, 2000 From: NeMAK@webtv.net Re: Where's The URL Access Killer? Maybe the answer is simply thinking of the programming style along with several server glitches. Since WE (I) know that the box is written in the "C" language it might be file allocations. Much like perl programmers can allow access to their files via certain pages instead of direct linking off email and others pages. Pac's old accessor and Cookie's irc were good examples of things that only worked when embedded in email. But then again, I believe that a code like or some variation (hence I always give clues and never the direct answer) will allow direct linking. But then again, what do I know. So the big question, client or server. Client, pages with file://rom & file://disk. Server, wtv-flashrom and others related to server movement. Group: alt.discuss.webtv.technical Date: Mon, Jun 5, 2000 From: NeMAK@webtv.net Re: Where's The URL Access Killer? One more question we should ask is why the little logo appears on the bottom right of the screen. Even when we scroll or looking at a page, it pops up until a key is hit or not, then disappears. It seems to have some relay correlation with the box, since it pops up during inactivity. But that might not have to deal with the screen saver, rather a time period where no informations is being sent in or out (I/O). Therefore, webtv might take advantage of this time of nothingness and send somewhat of a killer signal of some sort. Since we have no modem awareness icon, and to depend on watching a blinking yellow light, the data might be so small (one line) that the light does not have to blink. Again, the little logo could be random until we fill up our cache and it has to send it again. Group: alt.discuss.webtv.technical Date: Mon, Jun 5, 2000 From: RONINEXETER@webtv.net Re: The URL Access Alive Wene deleting http use CMD & DELETE AND THE URL ACCESS WORKS Group: alt.discuss.webtv.technical Date: Sat, Jun 24, 2000 From: ulTRAX@webtv.net Re: Where's The URL (login sequence) Thanks to Salad for getting a packet sniffer to work with the Viewer last Oct. I haven't checked yet but in there are "flags" in each service on the IP List. We need to compare the flags on the "exempt" services like wtv-tricks and "http" to those flags on IPs we know are targeted. If the URL Killer involves a signal from the servers, it would make sense that they are "IP service specific". Connection: Keep-Alive wtv-encrypted: true wtv-visit: client:killprotocols wtv-boot-url: wtv-head-waiter:/login?new_registration=1 wtv-visit: wtv-head-waiter:/login?new_registration=2 Content-length: 0 Content-type: text/html wtv-transition: light 200 OK Connection: Keep-Alive wtv-encrypted: true wtv-country: US wtv-language-header: en-US,en wtv-visit: client:closeallpanels wtv-expire-all: client:closeallpanels wtv-client-time-zone: PDT -0700 wtv-client-date: Sat, 23 Oct 1999 05:07:42 GMT wtv-datadownload-url: wtv-disk:/download-list wtv-datadownload-login-url: wtv-head-waiter:/login?DataDownload=1 wtv-datadownload-checktimeoffset: 44395 wtv-messagewatch-checktimeoffset: 2770 wtv-messagewatch-url: wtv-head-waiter:/login?MessageWatch=1 wtv-spotad-url: wtv-spot:/get-ad wtv-sí wtv-spot-clickthru-url: wtv-spot:/ad-clickthrough?ad-click-ref=%s wtv-spot-impression-time: 10 wtv-spot-minimum-time: 2 wtv-transition-override: normal wtv-transition-page: wtv-home:/shared/transition/en-US/pageWithAd.html wtv-force-lightweight-targets: webtv.net:/ wtv-spot-purge-queue: 0 wtv-spot-purge-queue: 1 wtv-name-server: 209.240.194.204 wtv-name-server: 209.240.194.203 wtv-smartcard-inserted-message: Contacting service wtv-bypass-proxy: true wtv-allow-dsc: true wtv-ticket: 9HbEqlqzAxfnfEazAE/AqPzRrb...... wtv-expire-all: wtv-head-waiter:/ValidateLogin wtv-noback-all: wtv- wtv-service: reset wtv-service: name=wtv-aroundtown host=209.240.194.215 port=1628 flags=0x00000010 connections=3 wtv-service: name=wtv-aroundtown host=209.240.194.216 port=1628 flags=0x00000010 connections=3 wtv-service: name=wtv-* host=209.240.194.215 port=16 flags=0x00000007 wtv-service: name=wtv-* host=209.240.194.216 port=1603 flags=0x00000007 wtv-service: name=wtv-center host=209.240.194.215 port=1639 flags=0x00000010 connections=3 wtv-service: name=wtv-center host=209.240.194.216 port=1639 flags=0x00000010 connections=3 wtv-service: name=wtv-chat host=209.240.194.215 port=1630 connections=3 wtv-service: name=wtv-chat host=209.240.194.216 port=1630 connections=3 wtv-service: name=wtv-content host=209.240.194.215 port=1629 connections=3 wtv-service: name=wtv-content host=209.240.194.216 port=1629 connections=3 wtv-service: name=wtv-cookie host=209.240.194.215 port=1619 connections=1 wtv-service: name=wtv-cookie host=209.240.194.216 port=1619 connections=1 wtv-service: name=wtv-disk host=209.240.194.215 port=1635 connections=3 wtv-service: name=wtv-disk host=209.240.194.216 port=1635 connections=3 wtv-service: name=wtv-explore2 host=209.240.194.215 port=1625 flags=0x00000010 connections=3 wtv-service: name=wtv-explore2 host=209.240.194.216 port=1625 flags=0x00000010 connections=3 wtv-service: name=wtv-explore host=209.240.194.215 port=1625 connections=3 wtv-service: name=wtv-explore host=209.240.194.216 port=1625 connections=3 wtv-service: name=wtv-favorite host=209.240.194.215 port=1611 connections=3 wtv-service: name=wtv-favorite host=209.240.194.216 port=1611 connections=3 wtv-service: name=wtv-flashrom host=209.240.194.215 port=1618 wtv-service: name=wtv-flashrom host=209.240.194.216 port=1618 wtv-service: name=wtv-guide host=209.240.194.215 port=1621 connections=3 wtv-service: name=wtv-guide host=209.240.194.216 port=1621 connections=3 wtv-service: name=wtv-head-waiter host=209.240.194.215 port=1601 flags=0x00000001 connections=1 wtv-service: name=wtv-head-waiter host=209.240.194.216 port=1601 flags=0x00000001 connections=1 wtv-service: name=wtv-home host=209.240.194.215 port=1612 flags=0x00000010 connections=3 wtv-service: name=wtv-home host=209.240.194.216 port=1612 flags=0x00000010 connections=3 wtv-service: name=wtv-intro host=209.240.194.215 port=1621 wtv-service: name=wtv-intro host=209.240.194.216 port=1621 wtv-service: name=wtv-log host=209.240.194.215 port=1609 flags=0x00000001 connections=1 wtv-service: name=wtv-log host=209.240.194.216 port=1609 flags=0x00000001 connections=1 wtv-service: name=mailto host=209.240.194.215 port=1608 connections=1 wtv-service: name=mailto host=209.240.194.216 port=1608 connections=1 wtv-service: name=wtv-mail host=209.240.194.216 port=1608 connections=1 wtv-service: name=wtv-mail host=209.240.194.215 port=1608 connections=1 wtv-service: name=http host=209.240.194.215 port=1650 connections=3 wtv-service: name=http host=209.240.194.216 port=1650 connections=3 wtv-service: name=ftp host=209.240.194.215 port=1650 wtv-service: name=ftp host=209.240.194.216 port=1650 wtv-service: name=file host=209.240.194.215 port=1650 wtv-service: name=file host=209.240.194.216 port=1650 wtv-service: name=gopher host=209.240.194.215 port=1650 wtv-service: name=gopher host=209.240.194.216 port=1650 wtv-service: name=news host=209.240.198.191 port=1605 flags=0x00000010 wtv-service: name=news host=209.240.198.191 port=1605 flags=0x00000010 wtv-service: name=wtv-notices host=209.240.194.215 port=1622 connections=1 wtv-service: name=wtv-onair host=209.240.194.215 port=1648 connections=3 wtv-service: name=wtv-onair host=209.240.194.216 port=1648 connections=3 wtv-service: name=wtv-customscript host=209.240.194.215 port=1623 wtv-service: name=wtv-customscript host=209.240.194.216 port=1623 wtv-service: name=wtv-setup host=209.240.194.215 port=1613 flags=0x00000010 connections=3 wtv-service: name=wtv-setup host=209.240.194.216 port=1613 flags=0x00000010 connections=3 wtv-service: name=wtv-smartcard host=209.240.194.215 port=1632 connections=1 wtv-service: name=wtv-smartcard host=209.240.194.216 port=1632 connections=1 wtv-service: name=wtv-spot host=209.240.194.215 port=1642 flags=0x00000010 connections=1 wtv-service: name=wtv-spot host=209.240.194.216 port=1642 flags=0x00000010 connections=1 wtv-service: name=wtv-star host=209.240.194.215 port=1603 flags=0x00000007 wtv-service: name=wtv-star host=209.240.194.216 port=1603 flags=0x00000007 wtv-service: name=wtv-tricks host=209.240.194.215 port=1602 flags=0x00000004 wtv-service: name=wtv-tricks host=209.240.194.216 port=1602 flags=0x00000004 wtv-service: name=wtv-tutorial host=209.240.194.215 port=1636 connections=3 wtv-service: name=wtv-tutorial host=209.240.194.216 port=1636 connections=3 wtv-service: name=wtv-video host=209.240.194.215 port=1634 connections=3 wtv-service: name=wtv-video host=209.240.194.216 port=1634 connections=3 wtv-service: name=wtvchat host=209.240.194.215 port=1630 wtv-service: name=wtvchat host=209.240.194.216 port=1630 wtv-service: name=wtv-forum host=209.240.194.216 port=1605 wtv-service: name=wtv-forum host=209.240.194.215 port=1605 wtv-service: name=wtv-news host=209.240.194.216 port=1605 flags=0x00000010 connections=3 wtv-service: name=wtv-news host=209.240.194.215 port=1605 flags=0x00000010 connections=3 wtv-service: name=wtv-author host=209.240.194.215 port=1643 connections=3 wtv-service: name=wtv-author host=209.240.194.216 port=1643 connections=3 user-id: XXXXXXXXX wtv-user-name: XXXXXXX wtv-human-name: XXXXXXX wtv-irc-nick: XXXXXXX wtv-expire-all: wtv-partner:/weather wtv-expire-all: wtv-partner:/custom-info-teaser wtv-expire-all: wtv-partner:/custom-info-page wtv-expire-all: wtv-partner:/customize wtv-input-timeout: 600 wtv-inactive-timeout: 0 wtv-connection-timeout: 90 wtv-fader-timeout: 900 wtv-tourist-enabled: true wtv-boot-url: wtv-head-waiter:/login wtv-favorite-url: wtv-favorite:/favorite wtv-favorite-index-url: wtv-favorite:/favorite-index? wtv-home-url: wtv-home:/home wtv-settings-url: wtv-setup:/get-settings wtv-log-url: wtv-log:/log wtv-show-time-enabled: true wtv-print-log-url: wtv-log:/log wtv-mail-url: wtv-mail:/listmail wtv-addresses-url: wtv-mail:/addresslist wtv-notifications-url: wtv-notices:/notices wtv-tvconnection-timeout: 600 wtv-ssl-log-url: wtv-log:/log wtv-favorites-folders-url: wtv-favorite:/list-folders wtv-smartcard-inserted-url: wtv-smartcard:/insert wtv-smartcard-removed-url: wtv-smartcard:/remove wtv-ssl-timeout: 240 wtv-login-timeout: 7200 wtv-open-isp-disabled: false wtv-search-url: wtv-center:/search-page wtv-phone-log-url: wtv-log:/phone-log wtv-explore-url: wtv-explore2:/top wtv-mail-count: 1 wtv-expire-all: wtv-mail:/listmail wtv-demo-mode: 0 wtv-service-cookie: fakaUcRWWD2gmsCc7y0mMvymGYAXRHEde1+sSM7Xq6sA+3VJmGxHi+FTohVUqMNCINrKCMzTEcRx I3za... wtv-user-id: XXXXXXX GET wtv-head-waiter:/check-tellyscript?next-url=wtv-home:/home&dummy=0x3811429e Referer: wtv-head-waiter:/login-stage-two?new_registration=2 wtv-show-time: 0 wtv-request-type: prefetch wtv-incarnation: 26 wtv-connect-session-id: f4edc09a wtv-client-serial-number: OEMCOMPUTERa wtv-encryption: true wtv-capability-flags: 1bd9afcf wtv-system-version: 32767 wtv-script-id: -507887770 wtv-script-mod: 940655113 wtv-incarnation:27 200 OK Connection: Keep-Alive wtv-visit: wtv-home:/home Content-length: 0 Content-type: text/html 200 OK Connection: Keep-Alive wtv-encrypted: true wtv-backgroundmusic-load-playlist: wtv-setup:/get-playlist wtv-printer-model: -1,-1 wtv-printer-pen: 0,0,1,0 wtv-printer-setup: 0,0,1,0 wtv-language-header: en-US,en wtv-lzpf: 0 Content-length: 447 Content-type: text/html 200 OK Connection: Keep-Alive wtv-encrypted: true Content-Type: x-wtv-addresses Content-length: 0 200 OK Connection: Keep-Alive wtv-encrypted: true wtv-backgroundmusic-clear: no_zits wtv-backgroundmusic-add: wtv-setup:/MusicCache/headspace/RMF/moods/mystical.rmf wtv-backgroundmusic-add: wtv-setup:/MusicCache/headspace/RMF/moods/quietude.rmf wtv-backgroundmusic-add: wtv-setup:/MusicCache/headspace/RMF/underground/windows-everywhere.rmf wtv-backgroundmusic-add: wtv-setup:/MusicCache/headspace/RMF/ambient/cave.rmf wtv-backgroundmusic-add: wtv-setup:/MusicCache/headspace/RMF/ambient/cozy.rmf wtv-backgroundmusic-add: wtv-setup:/Mus 200 OK Connection: Keep-Alive wtv-encrypted: true wtv-spot-queue-add: queue=1&adID=0000001102cbda8500000000&creative=wtv-spot:/shared/ads/test/win e.gif wtv-videoad-playid: 0000001c02cbda8500000000 wtv-videoad-playname: joinus.mpg Content-length: 0 Content-type: text/html Group: alt.discuss.webtv.technical Date: Sat, Jun 24, 2000 From: ulTRAX@webtv.net Re: Where's The URL (IP flags?) This is a preliminary break down of the ShowServices IP list with Flags and Connections left in. If the URL Access Killer is in the Flags I detect no pattern yet. wtv-aroundtown flags=0x00000010 connections=3 wtv-* flags=0x00000007 wtv-center flags=0x00000010 connections=3 wtv-chat connections=3 wtv-content connections=3 wtv-cookie connections=1 wtv-cookie connections=1 wtv-disk connections=3 wtv-explore2 flags=0x00000010 connections=3 wtv-explore connections=3 wtv-favorite connections=3 wtv-flashrom wtv-guide connections=3 wtv-guide connections=3 wtv-head-waiter flags=0x00000001 connections=1 wtv-home flags=0x00000010 connections=3 wtv-intro wtv-log flags=0x00000001 connections=1 mailto connections=1 wtv-mail connections=1 http connections=3 ftp file gopher news flags=0x00000010 wtv-notices connections=1 wtv-onair connections=3 wtv-customscript wtv-setup flags=0x00000010 connections=3 wtv-smartcard connections=1 wtv-spot flags=0x00000010 connections=1 wtv-star flags=0x00000007 wtv-tricks flags=0x00000004 wtv-tutorial connections=3 wtv-video connections=3 wtvchat wtv-forum wtv-news flags=0x00000010 connections=3 wtv-author connections=3 Group: alt.discuss.webtv.technical Date: Sat, Jun 24, 2000 From: ulTRAX@webtv.net Re: Where's The (flag breakdown) Here's the IP List breakdown by Flags. http connections=3 ftp file gopher wtv-tutorial connections=3 wtv-video connections=3 wtvchat wtv-forum wtv-author connections=3 wtv-smartcard connections=1 wtv-notices connections=1 wtv-onair connections=3 wtv-customscript mailto connections=1 wtv-mail connections=1 wtv-explore connections=3 wtv-favorite connections=3 wtv-flashrom wtv-guide connections=3 wtv-guide connections=3 wtv-intro wtv-chat connections=3 wtv-content connections=3 wtv-cookie connections=1 wtv-cookie connections=1 wtv-disk connections=3 ==================== wtv-head-waiter flags=0x00000001 connections=1 wtv-log flags=0x00000001 connections=1 ==================== wtv-tricks flags=0x00000004 ==================== wtv-* flags=0x00000007 wtv-star flags=0x00000007 ==================== wtv-aroundtown flags=0x00000010 connections=3 wtv-home flags=0x00000010 connections=3 wtv-center flags=0x00000010 connections=3 wtv-explore2 flags=0x00000010 connections=3 news flags=0x00000010 wtv-setup flags=0x00000010 connections=3 wtv-spot flags=0x00000010 connections=1 wtv-news flags=0x00000010 connections=3 Group: alt.discuss.webtv.technical Date: Sat, Jun 24, 2000 From: ulTRAX@webtv.net Re: Where's (Connection Breakdown) Still no pattern. Mailto and http are exempt yet have "connections". ============= wtv-flashrom wtv-intro ftp file gopher wtv-customscript wtvchat news flags=0x00000010 wtv-forum wtv-tricks flags=0x00000004 wtv-* flags=0x00000007 wtv-star flags=0x00000007 ============== wtv-smartcard connections=1 wtv-notices connections=1 mailto connections=1 wtv-mail connections=1 wtv-cookie connections=1 wtv-cookie connections=1 wtv-head-waiter flags=0x00000001 connections=1 wtv-log flags=0x00000001 connections=1 wtv-spot flags=0x00000010 connections=1 ================= wtv-tutorial connections=3 http connections=3 wtv-video connections=3 wtv-author connections=3 wtv-onair connections=3 wtv-explore connections=3 wtv-favorite connections=3 wtv-guide connections=3 wtv-guide connections=3 wtv-chat connections=3 wtv-content connections=3 wtv-disk connections=3 wtv-aroundtown flags=0x00000010 connections=3 wtv-home flags=0x00000010 connections=3 wtv-center flags=0x00000010 connections=3 wtv-explore2 flags=0x00000010 connections=3 wtv-setup flags=0x00000010 connections=3 wtv-news flags=0x00000010 connections=3 Group: alt.discuss.webtv.technical Date: Sat, Jun 24, 2000 From: ulTRAX@webtv.net Re: Where's (Exempt Status Breakdown) This is the IP breakdown according to how "exempt" each IP serivce is from being "killed". In other words whether it works in the GoTo. Still no pattern. So maybe the Flags and Connections mean nothing. Or maybe they are different for the Viewer. ============== ftp file gopher wtvchat mailto connections=1 news flags=0x00000010 wtv-tricks flags=0x00000004 wtv-* flags=0x00000007 wtv-star flags=0x00000007 http connections=3 ================== SOMETIMES WORKS wtv-content connections=3 wtv-flashrom wtv-cookie connections=1 ============== TARGETED URLS wtv-intro wtv-customscript wtv-forum wtv-smartcard connections=1 wtv-notices connections=1 wtv-mail connections=1 wtv-head-waiter flags=0x00000001 connections=1 wtv-log flags=0x00000001 connections=1 wtv-spot flags=0x00000010 connections=1 wtv-tutorial connections=3 wtv-video connections=3 wtv-author connections=3 wtv-onair connections=3 wtv-explore connections=3 wtv-favorite connections=3 wtv-guide connections=3 wtv-chat connections=3 wtv-disk connections=3 wtv-aroundtown flags=0x00000010 connections=3 wtv-home flags=0x00000010 connections=3 wtv-center flags=0x00000010 connections=3 wtv-explore2 flags=0x00000010 connections=3 wtv-setup flags=0x00000010 connections=3 wtv-news flags=0x00000010 connections=3 Group: alt.discuss.webtv.technical Date: Sat, Jun 24, 2000 From: cookies_home@webtv.net (Known Known) Re: Where's (Exempt Status Breakdown) Any of this content saved in your favs ? Group: alt.discuss.webtv.technical Date: Sun, Jun 25, 2000 From: NeMAK@webtv.net Re: Where's (Connection Breakdown) Something is still missing. Another prefix and the flag for login. :) "Take no mind to the rhyme."