Moz Morris

dee double-you emm – web developer & tea drinker

Usenet, Newzleech and the annoying trend of password protected .rar’s

October11

EDIT 15/11/2009: Jimbeer has created a database of passwords, you can find it here: http://www.jimbeeer.com/?page_id=432

Since getting back from holiday a few weeks ago I’ve come across an annoying trend popping up on Usenet, and in particular from my search engine of choice, Newzleech. This is the practice of password protecting .rar archives that require you to visit some lead generation site & fill out a survey etc. to unlock your ‘premium content’. The lead generation site in question is CPALead and I’m not even going to entertain the thought of linking to them here.

The idea

I haven’t bothered to research the site in that much depth but as far as I’m aware the user…

  • Signs up to the site and is presented with a referral ID of some sort
  • creates some premium content, in this case a password to unlock a .rar archive
  • now builds a load of .rar archives with accompanying referral id encoded url to lead site
  • uploads this all to Usenet
  • awaits a steady stream of income from cpalead when visitors have filled out the surveys etc etc to get access to the premium content.

Huh?

Here’s a screenshot incase all that was a bit confusing.

Screenshot of Finder Window

Where i’m at

Firstly, you can probably tell this has irritated me more than just a little.

Secondly, and more annoyingly, I’ve already wasted over an hour trying to bypass the damn thing. The lead page contains a whole host of scripts that I’ve tried running to unlock the content, but with with no success.

Thirdly, I know there are various pieces of software out there, that can unlock password protected archives but I can’t seem to find any for os x.

Any advice/help/nudges would be gratefully received

Edit: Figured it out!

The Fix

The ‘Click Here For Password .url’ file was actually directing me straight to the cpalead site. I don’t think it was actually meant to do this. In fact, it should have been directing me to the site of whoever uploaded the .rar in question. Here, the same bunch of scripts were running but hidden in the source was the password I was looking for.

When I opened up the web shortcut? file I found the following: (real addresses removed)

[DEFAULT]
BASEURL=http://hiddenforthispurpose.com/
[DOC_mygateway_iframe]
BASEURL=http://www.thecpealeadsite.com/
[InternetShortcut]
URL=http://hiddenforthispurpose.com/
Modified=00B9783DDB48CA015C

I was being taken straight to http://www.thecpealeadsite.com/blahblahblah instead of http://hiddenforthispurpose.com/2009/10/01/. Perhaps this actually has more to do with Safari’s handling of these shortcut files. Anyway, crisis averted ;)

posted under usenet | 15 Comments »