97
My JDownloader wants me to share my screen (swg-empire.de)
submitted 6 days ago* (last edited 6 days ago) by bjoern_tantau@swg-empire.de to c/piracy@lemmy.dbzer0.com
14 comments fedilink hide all child comments

Does anyone know what's up with that? Couldn't find anything via Google. Seems really fishy to me.

Edit: Got the official explanation from the dev on Reddit:

AutoClick Feature of JDownloader works as following. Open the browser and wait few seconds, then take screenshot and search for the Recaptcha click area and auto click on it. Screenshot is needed so JDownloader knows where to click. You can disable this feature, see https://support.jdownloader.org/de/knowledgebase/article/jd-opens-my-browser-to-display-captchas

On Linux, JDownloader creates screenshot to find out the color of tray area so it can try to find it's tray icon and calculate the correct background color for transparency. You see the JDownloader icon having white background. You can disable this via Settings->Advanced Settings->Tray.gnometrayicontransparentenabled

you are viewing a single comment's thread
view the rest of the comments
[-] smb@lemmy.ml -1 points 6 days ago* (last edited 6 days ago)

you ... installed the JackassDownloader !!?!

maybe check your routers and pc's dns settings, if you have a router from your provider, maybe its outdated as hell and jdownloaders updater got redirected by someone who hijacked it?

[-] bjoern_tantau@swg-empire.de 5 points 6 days ago

Router is my own and up to date. JDownloader is installed via flatpak, which I thought I could trust. Thanks to flatpak it also doesn't have the ability to see anything else from my system.

[-] smb@lemmy.ml 2 points 6 days ago

Router is my own and up to date.

that does not say its dns settings are as you set them. if you use a default or weak password for your routers config page, an attacker could change its setting from the outside via dns rebinding, then scanning your net, finding your router, trying passwords and when succesfull changing firewall rules or change dns settings to make your programs check the attackers repository proxies instead of their vendor ones.

dns rebind: https://www.packetlabs.net/posts/what-are-dns-rebinding-attacks/

so better check its dns settings, that it likely is pushing to dhcp clients, too.

Thanks to flatpak it also doesn’t have the ability to see anything else from my system. it at least seems to asks for seeing way more..

jdownloader could theoretically also got hacked by a site you were downloading from. maybe having a complete list of what you downloaded and check those again but using source provided (and signed?) hashes could reveal something fishy.

maybe (if thats possible there) make a memory/debug dump from the process in that condition and ask the vendor to look at it.

maybe check your downloaders binary hashes and compare it to the vendors signed ones.

load more comments (4 replies)
load more comments (7 replies)
this post was submitted on 31 Jan 2025
97 points (98.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

56352 readers
777 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others

Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):

🏴‍☠️ Other communities

Torrenting:

Gaming:

💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
db0@lemmy.dbzer0.com
sunbrothersco@lemmy.dbzer0.com
dataprolet@lemmy.dbzer0.com
Flatworm7591@lemmy.dbzer0.com
RandomLegend@lemmy.dbzer0.com
Andromxda@lemmy.dbzer0.com
CosmicTurtle0@lemmy.dbzer0.com
tenchiken@lemmy.dbzer0.com