Extensions :
K-Meleon Web Browser Forum
(update: Version 1.1)
This is for sending a fake "vendor" (=browser name) to sites that won't let you in otherwise. There's also a menu entry to check the current User Agent String.
More explanations below inside macro
---------------------------------------------------
Copy the blue text into a text file and save it as "useragent2.kmm" in the macros folder:
# K-Meleon Macros (http://kmeleon.sourceforge.net/wiki/index.php?id=MacroLanguage)
#
# ------------------ useragent2.kmm -------------- (Version 1.1) -----------------
# Menu entry: Tools > Privacy > User Agent, and optional UA button on privacy bar (right-click)
# Version: 1.1 / 2010-02-04 / by Siria
# Forum: http://kmeleonbrowser.org/forum/read.php?9,101185
#----------------------------------------------------------------------------
#
# To TOGGLE "USERAGENT.VENDOR" and "USERAGENT.VENDORSUB" in about:config
#
# This is just meant additionally to the default macro useragent.kmm, which switches useragents.
# This macro here can fake the vendor string (="K-Meleon"), according to the useragent
# set by the default macro. Wrote this because possibly there may be nasty websites out there
# which ignore the useragent and rather decide by the vendor whether to let you in or not.
# At any rate you can try out with this macro ;-)
# TIP: Check on a site like www.browserspy.dk how much your settings reveal!
#
# NOTES:
# ** At each browser restart the vendor will be reset to K-Meleon, to change that read at bottom.
# ** And if you want to change the vendor strings automatically when switching UserAgent, open
# useragent.kmm and insert 3 lines, with a comment line before (e.g. ##### useragent2.kmm)
# 1) insert as the last line before "}" in submacro "_UserAgent_Reset{" (ca line-75):
# getpref(BOOL,$_UserAgent_Reset)?&useragent2_vendorKM:0;
# 2) insert as the last line before "}" in submacro "_UserAgent{" (ca line-44):
# &useragent2_vendorXY;
# 3) insert as the last line before "}" in submacro "UserAgent{" (ca line-17):
# $ARG==""?&useragent2_vendorKM:0;
# ** The User Agent strings are defined in K-Meleon/defaults/pref/I10n.js (use notepad)
# Strings for FF3 and Opera-Linux: kmeleonbrowser.org/forum/read.php?1,101141
#----------------------------------------------------------------------------
useragent2_vendorKM{
macroinfo="Reset pref ''general.useragent.vendor'' to K-Meleon";
menuchecked=(getpref(STRING,"general.useragent.vendor")=="K-Meleon");
$ua2_vendor="K-Meleon";
$ua2_vensub=readfile(getfolder(RootFolder)."\\defaults\\pref\\kmeleon.js");
$ua2_vensub=substr($ua2_vensub,index($ua2_vensub,"vendorSub")+13,5);
&_useragent2_setprefs;
}
useragent2_vendorXY{
macroinfo="Set pref ''general.useragent.vendor'' like in UserAgent";
menuchecked=(index(getpref(STRING,"general.useragent.override"),$ua2_vendor)>-1);
$ua2_vendor="K-Meleon";
$ua2_fakestring=getpref(STRING,"general.useragent.override");
index($ua2_fakestring,"Firefox")>-1 ? $ua2_vendor="Firefox" : 0;
index($ua2_fakestring,"SeaMonkey")>-1 ? $ua2_vendor="SeaMonkey" : 0;
index($ua2_fakestring,"Opera")>-1 ? $ua2_vendor="Opera" : 0;
index($ua2_fakestring,"MSIE")>-1 ? $ua2_vendor="MSIE" : 0;
$ua2_vensub=substr($ua2_fakestring,index($ua2_fakestring,$ua2_vendor)+length($ua2_vendor)+1);
index($ua2_vensub," ")>-1 ? $ua2_vensub=substr($ua2_vensub,0,index($ua2_vensub," ")) : 0;
index($ua2_vensub,";")>-1 ? $ua2_vensub=substr($ua2_vensub,0,index($ua2_vensub,";")) : 0;
$ua2_vendor=="MSIE" ? $ua2_vendor=="msie" : 0;
$ua2_fakestring=="" ? &useragent2_vendorKM : &_useragent2_setprefs;
}
useragent2_vendor0{
macroinfo="Delete prefs ''general.useragent.vendor''";
menuchecked=(getpref(STRING,"general.useragent.vendor")=="");
$ua2_vendor="";
$ua2_vensub="";
&_useragent2_setprefs;
}
_useragent2_setprefs{
setpref(STRING,"general.useragent.vendor",$ua2_vendor);
setpref(STRING,"general.useragent.vendorSub",$ua2_vensub);
}
useragent2_check{
macroinfo="View current user agent and vendor settings";
alert(getpref(STRING,"general.useragent.override")."\n\ngeneral.useragent.vendor + vendorsub: ".getpref(STRING,"general.useragent.vendor")." ".getpref(STRING,"general.useragent.vendorSub"),"View current UA settings (can also be set and checked in about:config)");
}
useragent2_help{
alert("(help under construction yet ;-)\n\nFor now take this for easier experimenting with getting nasty websites to work.\nAt each browser restart the vendor setting will be reset to K-Meleon.\n\nIf you want to change the vendor strings automatically when switching User Agents, insert this in the last line (ca. L42) of the submacro ''_UserAgent'', in macro useragent.kmm (perhaps with a comment line before, starting with #):\n\n&useragent2_vendorXY;\n\nTIP: Check on a site like www.browserspy.dk how much your settings reveal!","help");
}
_useragent2_BuildMenu{
setmenu("&User Agent",separator,-1);
setmenu("&User Agent",macro,"Set Vendor: K-Meleon",useragent2_vendorKM,-1);
setmenu("&User Agent",macro,"Set Vendor: User Agent",useragent2_vendorXY,-1);
setmenu("&User Agent",macro,"Set Vendor: --",useragent2_vendor0,-1);
setmenu("&User Agent",macro,"View Settings",useragent2_check,-1);
setmenu("&User Agent",macro,"Help",useragent2_help,-1);
}
#------------------------ BROWSER START --------------------
# Reset vendor to K-Meleon at browser start. To avoid this, set a # in front of the next line:
$OnInit=$OnInit."useragent2_vendorKM;";
$OnInit=$OnInit."_useragent2_BuildMenu;";
$macroModules=$macroModules."useragent2;";
Edited 5 time(s). Last edit at 02/04/2010 11:06AM by siria.
Which sites sniff the vendor and block access?
It is a potential "give away/betrayal".
Sites sniff for browser name not engine. No idea whether this hole in 2 tier browser camouflage is already exploited.
It can be used. Thus, if possible, it should be IMHO covered preemptively like any other evil code or exploit - no matter whether exploits are already in the wild.
Your wording makes it sound like it's a grave security risk Yes I understand your point and that some may want to COMPLETELY disguise KM for whatever reason and that's their right of course. I just wondered if Siria or any others had found sites that actually sniffed the vendor specifically to disable features or block access like some sites do now by sniffing the name only. It's been addressed in the forums years ago as you may remember, but I've never actually come across a site that necessitated the vendor/vendorSub strings inclusion in the macros. IMNSHO KM should be recognized at all times possible.
Feel free to alter/edit my post so that its English wording comes across better.
You are an admin and I do not mind.
Personally I think that the sites baring K-Meleon are maybe not evil but they are crippling o.ps' software, that is IMHO a PC sabotage and AFAIK a criminal offense in some countries. They do it deliberately. And they do it for gain. Lets face it: browsers are potential big business receiving venture capital. AFAIK browser vendors get paid for selling their browser's default search engine position. And IMHO some sites that buy them bar browsers that a not part of their cartel/deal. Other sites that bar browsers (K-Meleon) are fully or partially owned by browser vendors themselves (Google: GMail, Maps..., MS: Hotmail, etc.).
Yes I agree best would be always K-Meleon - & use AutoSwicher when You often use sites that need camouflage. Siria's code should become part of AutoSwitcher. My ideal candidate for improving the potential effectiveness/stealth of the camouflage.
p.s. I do not remember the older macro from 2005. I do not remember many details of what was before 2007. There were cases when spoofing K-Meleons were excluded - potentially betrayed from the vendor strings. But no proof that this was the reason.
Edited 2 time(s). Last edit at 02/06/2010 03:39PM by guenter.
Thanks for sharing this informative tutorial. Especially your way of describing is very good and easy to use.
Marry
wow siria !! you really cranking them out !! I missed this one...
imo, should always change this if changing UA.
and the problem isn't so much security or malicious denial of server ( haha) attacks, it's unintentional sloppy programming where websites use this info to decide what type of js or page to serve. When they see "KMeleon", they have no response coded for it so they send nothing or return an error page.
most web programmers copy/paste code with little understanding what's inside it, few have ever heard of Kmeleon anyways, so they do not code for it.
Edited 2 time(s). Last edit at 07/01/2010 08:10AM by snuz2.
Useragent2 macro is ok for 1.6?
All about K-Meleon extensions.
Useragent2: Fake also vendor pref, acc. to User Agent
Posted by:
siria
Date: February 03, 2010 10:39PM
(update: Version 1.1)
This is for sending a fake "vendor" (=browser name) to sites that won't let you in otherwise. There's also a menu entry to check the current User Agent String.
More explanations below inside macro
---------------------------------------------------
Copy the blue text into a text file and save it as "useragent2.kmm" in the macros folder:
# K-Meleon Macros (http://kmeleon.sourceforge.net/wiki/index.php?id=MacroLanguage)
#
# ------------------ useragent2.kmm -------------- (Version 1.1) -----------------
# Menu entry: Tools > Privacy > User Agent, and optional UA button on privacy bar (right-click)
# Version: 1.1 / 2010-02-04 / by Siria
# Forum: http://kmeleonbrowser.org/forum/read.php?9,101185
#----------------------------------------------------------------------------
#
# To TOGGLE "USERAGENT.VENDOR" and "USERAGENT.VENDORSUB" in about:config
#
# This is just meant additionally to the default macro useragent.kmm, which switches useragents.
# This macro here can fake the vendor string (="K-Meleon"), according to the useragent
# set by the default macro. Wrote this because possibly there may be nasty websites out there
# which ignore the useragent and rather decide by the vendor whether to let you in or not.
# At any rate you can try out with this macro ;-)
# TIP: Check on a site like www.browserspy.dk how much your settings reveal!
#
# NOTES:
# ** At each browser restart the vendor will be reset to K-Meleon, to change that read at bottom.
# ** And if you want to change the vendor strings automatically when switching UserAgent, open
# useragent.kmm and insert 3 lines, with a comment line before (e.g. ##### useragent2.kmm)
# 1) insert as the last line before "}" in submacro "_UserAgent_Reset{" (ca line-75):
# getpref(BOOL,$_UserAgent_Reset)?&useragent2_vendorKM:0;
# 2) insert as the last line before "}" in submacro "_UserAgent{" (ca line-44):
# &useragent2_vendorXY;
# 3) insert as the last line before "}" in submacro "UserAgent{" (ca line-17):
# $ARG==""?&useragent2_vendorKM:0;
# ** The User Agent strings are defined in K-Meleon/defaults/pref/I10n.js (use notepad)
# Strings for FF3 and Opera-Linux: kmeleonbrowser.org/forum/read.php?1,101141
#----------------------------------------------------------------------------
useragent2_vendorKM{
macroinfo="Reset pref ''general.useragent.vendor'' to K-Meleon";
menuchecked=(getpref(STRING,"general.useragent.vendor")=="K-Meleon");
$ua2_vendor="K-Meleon";
$ua2_vensub=readfile(getfolder(RootFolder)."\\defaults\\pref\\kmeleon.js");
$ua2_vensub=substr($ua2_vensub,index($ua2_vensub,"vendorSub")+13,5);
&_useragent2_setprefs;
}
useragent2_vendorXY{
macroinfo="Set pref ''general.useragent.vendor'' like in UserAgent";
menuchecked=(index(getpref(STRING,"general.useragent.override"),$ua2_vendor)>-1);
$ua2_vendor="K-Meleon";
$ua2_fakestring=getpref(STRING,"general.useragent.override");
index($ua2_fakestring,"Firefox")>-1 ? $ua2_vendor="Firefox" : 0;
index($ua2_fakestring,"SeaMonkey")>-1 ? $ua2_vendor="SeaMonkey" : 0;
index($ua2_fakestring,"Opera")>-1 ? $ua2_vendor="Opera" : 0;
index($ua2_fakestring,"MSIE")>-1 ? $ua2_vendor="MSIE" : 0;
$ua2_vensub=substr($ua2_fakestring,index($ua2_fakestring,$ua2_vendor)+length($ua2_vendor)+1);
index($ua2_vensub," ")>-1 ? $ua2_vensub=substr($ua2_vensub,0,index($ua2_vensub," ")) : 0;
index($ua2_vensub,";")>-1 ? $ua2_vensub=substr($ua2_vensub,0,index($ua2_vensub,";")) : 0;
$ua2_vendor=="MSIE" ? $ua2_vendor=="msie" : 0;
$ua2_fakestring=="" ? &useragent2_vendorKM : &_useragent2_setprefs;
}
useragent2_vendor0{
macroinfo="Delete prefs ''general.useragent.vendor''";
menuchecked=(getpref(STRING,"general.useragent.vendor")=="");
$ua2_vendor="";
$ua2_vensub="";
&_useragent2_setprefs;
}
_useragent2_setprefs{
setpref(STRING,"general.useragent.vendor",$ua2_vendor);
setpref(STRING,"general.useragent.vendorSub",$ua2_vensub);
}
useragent2_check{
macroinfo="View current user agent and vendor settings";
alert(getpref(STRING,"general.useragent.override")."\n\ngeneral.useragent.vendor + vendorsub: ".getpref(STRING,"general.useragent.vendor")." ".getpref(STRING,"general.useragent.vendorSub"),"View current UA settings (can also be set and checked in about:config)");
}
useragent2_help{
alert("(help under construction yet ;-)\n\nFor now take this for easier experimenting with getting nasty websites to work.\nAt each browser restart the vendor setting will be reset to K-Meleon.\n\nIf you want to change the vendor strings automatically when switching User Agents, insert this in the last line (ca. L42) of the submacro ''_UserAgent'', in macro useragent.kmm (perhaps with a comment line before, starting with #):\n\n&useragent2_vendorXY;\n\nTIP: Check on a site like www.browserspy.dk how much your settings reveal!","help");
}
_useragent2_BuildMenu{
setmenu("&User Agent",separator,-1);
setmenu("&User Agent",macro,"Set Vendor: K-Meleon",useragent2_vendorKM,-1);
setmenu("&User Agent",macro,"Set Vendor: User Agent",useragent2_vendorXY,-1);
setmenu("&User Agent",macro,"Set Vendor: --",useragent2_vendor0,-1);
setmenu("&User Agent",macro,"View Settings",useragent2_check,-1);
setmenu("&User Agent",macro,"Help",useragent2_help,-1);
}
#------------------------ BROWSER START --------------------
# Reset vendor to K-Meleon at browser start. To avoid this, set a # in front of the next line:
$OnInit=$OnInit."useragent2_vendorKM;";
$OnInit=$OnInit."_useragent2_BuildMenu;";
$macroModules=$macroModules."useragent2;";
Edited 5 time(s). Last edit at 02/04/2010 11:06AM by siria.
Re: Useragent2: Fake also vendor pref, acc. to User Agent
Posted by:
jsnj
Date: February 03, 2010 11:45PM
Which sites sniff the vendor and block access?
Re: Useragent2: Fake also vendor pref, acc. to User Agent
Posted by:
guenter
Date: February 04, 2010 01:44AM
Quote
jsnj
Which sites sniff the vendor and block access?
It is a potential "give away/betrayal".
Sites sniff for browser name not engine. No idea whether this hole in 2 tier browser camouflage is already exploited.
It can be used. Thus, if possible, it should be IMHO covered preemptively like any other evil code or exploit - no matter whether exploits are already in the wild.
Re: Useragent2: Fake also vendor pref, acc. to User Agent
Posted by:
jsnj
Date: February 04, 2010 06:08AM
Quote
guenter
Quote
jsnj
Which sites sniff the vendor and block access?
It is a potential "give away/betrayal".
Sites sniff for browser name not engine. No idea whether this hole in 2 tier browser camouflage is already exploited.
It can be used. Thus, if possible, it should be IMHO covered preemptively like any other evil code or exploit - no matter whether exploits are already in the wild.
Your wording makes it sound like it's a grave security risk
Yes I understand your point and that some may want to COMPLETELY disguise KM for whatever reason and that's their right of course. I just wondered if Siria or any others had found sites that actually sniffed the vendor specifically to disable features or block access like some sites do now by sniffing the name only. It's been addressed in the forums years ago as you may remember, but I've never actually come across a site that necessitated the vendor/vendorSub strings inclusion in the macros. IMNSHO KM should be recognized at all times possible.Re: Useragent2: Fake also vendor pref, acc. to User Agent
Posted by:
guenter
Date: February 06, 2010 02:45PM
Feel free to alter/edit my post so that its English wording comes across better.
You are an admin and I do not mind.
Personally I think that the sites baring K-Meleon are maybe not evil but they are crippling o.ps' software, that is IMHO a PC sabotage and AFAIK a criminal offense in some countries. They do it deliberately. And they do it for gain. Lets face it: browsers are potential big business receiving venture capital. AFAIK browser vendors get paid for selling their browser's default search engine position. And IMHO some sites that buy them bar browsers that a not part of their cartel/deal. Other sites that bar browsers (K-Meleon) are fully or partially owned by browser vendors themselves (Google: GMail, Maps..., MS: Hotmail, etc.).
Yes I agree best would be always K-Meleon - & use AutoSwicher when You often use sites that need camouflage. Siria's code should become part of AutoSwitcher. My ideal candidate for improving the potential effectiveness/stealth of the camouflage.
p.s. I do not remember the older macro from 2005. I do not remember many details of what was before 2007. There were cases when spoofing K-Meleons were excluded - potentially betrayed from the vendor strings. But no proof that this was the reason.
Edited 2 time(s). Last edit at 02/06/2010 03:39PM by guenter.
Re: Useragent2: Fake also vendor pref, acc. to User Agent
Posted by:
Rosemarry
Date: June 30, 2010 04:10AM
Thanks for sharing this informative tutorial. Especially your way of describing is very good and easy to use.
Marry
Re: Useragent2: Fake also vendor pref, acc. to User Agent
Posted by:
snuz2
Date: July 01, 2010 08:03AM
wow siria !! you really cranking them out !! I missed this one...
imo, should always change this if changing UA.
and the problem isn't so much security or malicious denial of server ( haha) attacks, it's unintentional sloppy programming where websites use this info to decide what type of js or page to serve. When they see "KMeleon", they have no response coded for it so they send nothing or return an error page.
most web programmers copy/paste code with little understanding what's inside it, few have ever heard of Kmeleon anyways, so they do not code for it.
Edited 2 time(s). Last edit at 07/01/2010 08:10AM by snuz2.
Re: Useragent2: Fake also vendor pref, acc. to User Agent
Posted by:
km2
Date: September 30, 2011 01:57PM
Useragent2 macro is ok for 1.6?
English