Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

10-HUT Hosts Updating Tool #84

Closed
ltguillaume opened this issue Oct 21, 2017 · 8 comments
Closed

10-HUT Hosts Updating Tool #84

ltguillaume opened this issue Oct 21, 2017 · 8 comments

Comments

@ltguillaume
Copy link

ltguillaume commented Oct 21, 2017
edited
Loading

For what it's worth, since I didn't like HostsMan much, I had a look and found this thing: it'll just download the list(s) you want and merge them with hosts. Use a scheduled task to periodically run it (batch file to create such a task is included).

Pros:

  • Portable
  • Nothing permanently running
  • .ini-file to choose spy/extra/update (it'll check for win7/8.1/10 automatically)
  • 10 Custom lists can be added
  • No prompts, unless something goes wrong
  • Creates a backup if any changes are to be made
  • Keeps the downloaded lists for comparison, if you want

Cons:

  • Won't delete hosts that were dropped from the list

10-hut.zip
@ltguillaume ltguillaume changed the title 10-HUT 10-HUT Hosts Updating Tool Oct 21, 2017
@Atavic
Copy link

Atavic commented Oct 21, 2017

VT: https://www.virustotal.com/en/file/f5458d806ff57dfaab44987c216ea4bfb4a2796d86d2a01b4f3e935faabb63cf/analysis/1508627216/

Detection ratio: 11 / 66

@ltguillaume
Copy link
Author

ltguillaume commented Oct 22, 2017
edited
Loading

It's packed with UPX, that triggers some stupid AV's, results are already different if unpacked. And it changes the hosts file, some heuristics will pick up on such behavior, that's all.
https://www.virustotal.com/en/file/d06b398da800660940a89bd05449bf074a2d99ff4da0e5bd18e67a2c82235df0/analysis/1508644290/

@ltguillaume
Copy link
Author

Ran it in a virtual machine with Process Monitor and Regshot: it runs for mere second(s) and touches only the hosts file.

@Atavic
Copy link

Atavic commented Oct 22, 2017

Seems legit, Kaspersky doesn't flag it. Once unpacked the detection rate is: 8/66

@crazy-max be aware of false positives with UPX.

@Atavic Atavic mentioned this issue Oct 22, 2017
Closed
@ltguillaume
Copy link
Author

ltguillaume commented Oct 22, 2017
edited
Loading

Did some Wiresharking, too (about 50 runs of 10-HUT). Only contacts the download locations, nothing else. I like it, maybe @crazy-max will, too.

@crazy-max
Copy link
Owner

Hi @ltguillaume,

Thanks for your input
Your features sound great and i have some ideas to implement some of them in WSB like:

  • Auto check the operating system
  • Add non-interactive mode (pass args to WSB exe)
  • Rollback feature
  • Archive old rules

What do you think ?

@ltguillaume
Copy link
Author

Sounds fantastic! As soon as command line arguments are implemented, you could also allow people to create an auto-update task from within the program. :)

@crazy-max
Copy link
Owner

As soon as command line arguments are implemented, you could also allow people to create an auto-update task from within the program.

Exactly!

I will create separate issues for each feature and close this one.

This was referenced Oct 26, 2017
Closed
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@crazy-max @ltguillaume @Atavic