Wrong USER Agent during SSL hand shake

[ds1718]

Lets see if I can explain this right

I am posting ads on an HTTPS site

I am using fiddler to capture all the traffic and headers to test a problem I am having.

I have found the the session creates some connect - keep alive session randomly, these send the machines default User agent and information.
Then the next get or post sends the User agent in the profile.

I need to make sure that the headers that are sent from the session match 100% on all get / post / connect during that instance

Please help with a quick hot fix..

From the log..

GET https://post.craigslist.org/k/zlt7q_Ey4xGud24s2kfsJg/QXcFH HTTP/1.1
Host: post.craigslist.org
User-Agent: Mozilla/5.0 (Linux; Android 4.0.4; KFJWI Build/IMM76D) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.58 Safari/537.31 OPR/14.0.1074.57453
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: en-US
Accept-Encoding: gzip, deflate
Connection: close
Referer: https://accounts.craigslist.org/
Cookie: cl_b=vkl6q_Ey4xGgtivgwAfFvwoK4dc


next line

CONNECT post.craigslist.org:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:19.0) Gecko/20100101 Firefox/19.0
Proxy-Connection: keep-alive
Host: post.craigslist.org

You can see the CONNECT session is a different User agent

 

[rostonix]

You see different user agents within 1 run of template? Without break of it?

 

[ds1718]

no change it template

You see different user agents within 1 run of template? Without break of it?

This is from 1 series don within under 1 second, with 20 or so cal back and forth

each call created by zenno = UA assigned

Each call created by SSL tunnel = default UA

Zenno is not handling the UA properly or ALL communications

 

[ds1718]

In Fiddler after each POST ( from zenno) there is a Tunnel to call. this contains default UA not the assigned one

 

[rostonix]

Thanks. Will be fixed.

 

[lokiys]

Really this problem is there ? :O
That mean all this time we was without anonymity ?

Hotfix will be today ? ? ?

 

[darkdiver]

Fix is available start from 5.0.7.0
This is not a big problem this user agent is not available for in scripts.
It can be found only after deep log parsing and if these logs are enabled.
Also it can happen only with http proxy.
Socks and direct connections are not affected.

 

[ds1718]

Fix is available start from 5.0.7.0
This is not a big problem this user agent is not available for in scripts.
It can be found only after deep log parsing and if these logs are enabled.
Also it can happen only with http proxy.
Socks and direct connections are not affected.

Don't forget to tell people in order to do this, you have to set zenno to 1 thread per instance.

It takes up alot more memory to run the same number of threads

 

[darkdiver]

False alarm EVERYTHING WORKS FINE
How it works:
First request to proxy please open a tunnel for ssl. (only proxy see your user agent) Proxy creates an encrypted tunnel to the host. No headers sent, nothing sent, just tcp/ip connection created.
Second request over this encrypted will be transferred to the server. This was made to protect you data form decryption on proxy side.

This means we have 1 request on the server 2 request on proxy side.
This means the end server never saw your real user agent.

But if you worried about proxies you have a solution in 5.0.7.0 version.