Moz Morris

dee double-you emm – web developer & tea drinker

Usenet, Newzleech and the annoying trend of password protected .rar’s

October11

EDIT 15/11/2009: Jimbeer has created a database of passwords, you can find it here: http://www.jimbeeer.com/?page_id=432

Since getting back from holiday a few weeks ago I’ve come across an annoying trend popping up on Usenet, and in particular from my search engine of choice, Newzleech. This is the practice of password protecting .rar archives that require you to visit some lead generation site & fill out a survey etc. to unlock your ‘premium content’. The lead generation site in question is CPALead and I’m not even going to entertain the thought of linking to them here.

The idea

I haven’t bothered to research the site in that much depth but as far as I’m aware the user…

  • Signs up to the site and is presented with a referral ID of some sort
  • creates some premium content, in this case a password to unlock a .rar archive
  • now builds a load of .rar archives with accompanying referral id encoded url to lead site
  • uploads this all to Usenet
  • awaits a steady stream of income from cpalead when visitors have filled out the surveys etc etc to get access to the premium content.

Huh?

Here’s a screenshot incase all that was a bit confusing.

Screenshot of Finder Window

Where i’m at

Firstly, you can probably tell this has irritated me more than just a little.

Secondly, and more annoyingly, I’ve already wasted over an hour trying to bypass the damn thing. The lead page contains a whole host of scripts that I’ve tried running to unlock the content, but with with no success.

Thirdly, I know there are various pieces of software out there, that can unlock password protected archives but I can’t seem to find any for os x.

Any advice/help/nudges would be gratefully received

Edit: Figured it out!

The Fix

The ‘Click Here For Password .url’ file was actually directing me straight to the cpalead site. I don’t think it was actually meant to do this. In fact, it should have been directing me to the site of whoever uploaded the .rar in question. Here, the same bunch of scripts were running but hidden in the source was the password I was looking for.

When I opened up the web shortcut? file I found the following: (real addresses removed)

[DEFAULT]
BASEURL=http://hiddenforthispurpose.com/
[DOC_mygateway_iframe]
BASEURL=http://www.thecpealeadsite.com/
[InternetShortcut]
URL=http://hiddenforthispurpose.com/
Modified=00B9783DDB48CA015C

I was being taken straight to http://www.thecpealeadsite.com/blahblahblah instead of http://hiddenforthispurpose.com/2009/10/01/. Perhaps this actually has more to do with Safari’s handling of these shortcut files. Anyway, crisis averted ;)

posted under usenet
15 Comments to

“Usenet, Newzleech and the annoying trend of password protected .rar’s”

  1. On October 23rd, 2009 at 7:35 pm BarryScott Says:

    Hey! I’ve got this exact same issue! How did you eventually get the password? I got one but then it never actually worked…

  2. On October 26th, 2009 at 3:19 pm Moz Says:

    I opened up the “click here for password.url” file in TextMate, and followed it to the first address listed.

    Click ‘View Source’ / ‘Page Source’ depending on your browser.

    Scroll to near the bottom and you’ll find the password.

    Hope this helps.

  3. On November 12th, 2009 at 4:25 pm Matth Says:

    Hi

    I tried your method but can’t find any usefull information. I’m not that good in HTML code. How can you find the password? Is it a new url? Or a word that get’s displayed.

    Thanks in advance

  4. On November 12th, 2009 at 5:22 pm Moz Says:

    It’s usually a word. I’ve come across the password issue on quite a few occasions now.

    Look for something like “pass: random-word”

    ‘random-word’ would be the password.

  5. On February 9th, 2010 at 1:03 pm Jimbeeer Says:

    I built that database as an antithesis to these passworded sites. They were getting on my nerves as much as everyone elses.

    The password survey sites are getting worse now. They do give you what you’re after but you have to jump through too many hoops for my liking, hence the db.

    There’s no trick, no spyware and no bullshit to my site. I make about £20 a month from the google ads and the occassional generous person chucks me a quid every now and then. That’s it.

    But i get about 15 new password submissions per day so if something’s passworded, then I’m highly likely to have it.

    http://www.jimbeeer.com

  6. On February 10th, 2010 at 10:04 pm Moz Says:

    @jimbeer
    Fair play mate for sorting out that database. Keep up the good work.
    I’ve now started using nbxmatrix where the .nzb’s are verified by other users. It saves me a lot of hassle and the subscription is worth the outlay.

  7. On February 16th, 2010 at 11:33 pm Eddie Says:

    Who in the hell started all of this passworded crap. It would be nice if the poster would add in their nfo that a password is needed so I would not waste my time. Now I have gone old school on scene releases by downloading from Irc instead. That is most likely where they got it in the first place.

    Do a search for xdcc guide to learn how.

    All is needed is a chat program called Mirc and a search engine like packetfind http://www.packetfind.com/index.php

    Of course you will have to learn how to setup Mirc to auto get and learn the commands , It is easy and has been around since windows 3.1.

    I could post a guide if needed.

  8. On March 30th, 2010 at 3:09 am bob Says:

    no password available in the source for latest Pacific ep by Dimension or immerse.

    looks like they have hanged to using a gif

  9. On March 30th, 2010 at 3:10 am bob Says:

    that’s “changed” not “hanged” of course … perhaps a freudian slip as to what we’d like to do to the culprits

  10. On April 16th, 2010 at 3:29 pm Chainfire Says:

    Sorry for the spam, but I released a small tool that may be helpful (win32 only though) to people with this issue:

    http://www.chainfire.eu/articles/73/nzbSCAN_v0_5_released/

    It’s not perfect but has prevented me from downloading a bunch of password protected RARs :)

  11. On April 29th, 2010 at 1:39 pm woot Says:

    Hi Chainfire, I like the idea and it’s great that your contributing to the usenet community. Unfortunately, i’m not a fan of programs that I cannot see the source for, or ones I don’t have the time to inspect (RE). You should write a plugin for the open source SAB client, I think it would be very helpful to many usenet users.

    When you say point it to the NZB I assume u download the 1st .rar and inspect the files within it?

    Regards,
    Woot.

  12. On May 7th, 2010 at 3:37 pm Dex' Says:

    Hi Moz, thanks for taking the time to give us tips to bypass this password crap. Thanks even more for making me discover nzbmatrix. I’m currently testing usenet after a long time spent on bittorent and without that, I would probably have givent up.

    Cheers!

  13. On May 9th, 2010 at 2:05 pm Moz Says:

    @Dex, no worries my friend. Usenet FTW :)

  14. On August 31st, 2010 at 2:06 am EM Says:

    If I find a posting that I want, I first try to find out if that same file was posted earlier. They’re just copy cat leechers.

  15. On August 31st, 2010 at 3:18 am anon Says:

    These survey passwords are driving me crazy. The latest ones require entering your mobile # and it will then SMS the password to you (at a cost of $5)

    the nfo’s for these files should definitely carry the disclaimer “We are giant retards”
    no offense to retards.

Email will not be published

Website example

Your Comment: