mirror of
https://codeberg.org/crimeflare/cloudflare-tor
synced 2024-12-24 00:20:41 +00:00
This commit is contained in:
commit
0f3c764bd7
16
NEWS.md
16
NEWS.md
@ -1,3 +1,19 @@
|
||||
*2019.03.13*
|
||||
|
||||
@thexpaw@birdsite:
|
||||
```
|
||||
So why did I get that email anyway if I'm opted out of all email communication in the account settings?
|
||||
Which part of the privacy policy allows you to share data with marketing crap like trustpilot?
|
||||
```
|
||||
|
||||
https://twitter.com/thexpaw/status/1108424723233419264
|
||||
|
||||
*2019.03.12*
|
||||
|
||||
```Cool new tool : Cloud Firewall```
|
||||
|
||||
https://framapiaf.org/@gkrishnaks/101727497214557035
|
||||
|
||||
*2019.03.03*
|
||||
|
||||
```
|
||||
|
22
PEOPLE.md
22
PEOPLE.md
@ -7,7 +7,7 @@ format:
|
||||
"[TITLE](https://full.link/blog.html)" by [Who](Link)
|
||||
|
||||
Sort:
|
||||
New article: top
|
||||
Recent article: top
|
||||
|
||||
Disqualify:
|
||||
- Cloudflared website
|
||||
@ -23,10 +23,26 @@ Disqualify:
|
||||
|
||||
"[Don’t Use Cloudflare Because You Impose This on People Who Least Want It](http://techrights.org/2019/02/17/the-cloudflare-trap/)" by [Dr. Roy Schestowitz](http://techrights.org/)
|
||||
|
||||
"[Cloudflare: The bad, the worse and the ugly?](http://webschauder.de/cloudflare-the-bad-the-worse-and-the-ugly/)" by [Alle Beiträge](http://webschauder.de/author/jw/)
|
||||
|
||||
"[I don’t trust Cloudflare with IPFS](https://blog.kareldonk.com/i-dont-trust-cloudflare-with-ipfs/)" by [Karel Donk](https://blog.kareldonk.com/)
|
||||
|
||||
"[Cloudflare IPFS experiment](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/cloudflare-IPFS-experiment.html)" by [Joe](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/index.html) - ([archive](http://archive.fo/139z1))
|
||||
|
||||
"[Don't Trust CloudFlare](https://write.lain.haus/thufie/dont-trust-cloudflare)" by [@lunaterra@cyberia.social](https://cyberia.social/@lunaterra)
|
||||
|
||||
"[Stay away from CloudFlare](http://www.unixsheikh.com/articles/stay-away-from-cloudflare.html)" by [Unix Sheikh](http://www.unixsheikh.com/)
|
||||
|
||||
"[Support End-to-End Encryption on the Web](https://www.wordfence.com/blog/2017/03/support-end-to-end-encryption/)" by [Mark Maunder](https://www.wordfence.com/)
|
||||
|
||||
"[Journal CloudFlare au milieu](https://linuxfr.org/users/thibg/journaux/cloudflare-au-milieu)" by [ThibG](https://linuxfr.org/)
|
||||
|
||||
"[why you shouldn’t use Cloudflare](https://tech.tiq.cc/2016/01/why-you-shouldnt-use-cloudflare/)" by [tiq](https://tech.tiq.cc/)
|
||||
|
||||
"[The CloudFlare MITM](https://web.archive.org/web/20160311163431/https://blog.paymium.com/2014/02/19/the-cloudflare-mitm/)" by [David FRANCOIS](https://blog.paymium.com/)
|
||||
|
||||
"[Allergique à Cloudflare ? Voici comment vous soigner…](https://korben.info/cloudflare-mitm.html)" by [KORBEN](https://korben.info/)
|
||||
|
||||
"[CloudFlare, We Have A Problem](http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/)" by [joepie91](http://cryto.net/~joepie91/)
|
||||
|
||||
"[On Cloudflare](https://www.tyil.nl/post/2017/12/17/on-cloudflare/)" by [tyil](https://www.tyil.nl/)
|
||||
@ -45,4 +61,8 @@ Disqualify:
|
||||
|
||||
"[Ditch Cloudflare - Broken HTTPS/MiTM](https://greysec.net/showthread.php?tid=1256)" by [NO-OP](https://greysec.net/member.php?action=profile&uid=47)
|
||||
|
||||
"[Cloudflare as a Security Risk - Support - Whonix Forum](http://forums.whonix.org/t/cloudflare-as-a-security-risk/2162)" by [entr0py](https://forums.whonix.org/u/entr0py)
|
||||
|
||||
"[How likely is it that CloudFlare is an NSA operation?](https://www.quora.com/How-likely-is-it-that-CloudFlare-is-an-NSA-operation/answer/Hamid-Sarfraz)" by quora
|
||||
|
||||
"[cloudflare 是如何转发 HTTPS 流量的?](https://www.v2ex.com/t/406759)" by [feast](https://www.v2ex.com/member/feast)
|
||||
|
24
README.md
24
README.md
@ -16,19 +16,31 @@ And their DNS service, [1.1.1.1](https://1.1.1.1/), is also filtering out users
|
||||
|
||||
![](image/dnscensor.jpg)
|
||||
|
||||
And here you might think, "_I am not using Tor or VPN, why should I care?_".
|
||||
If you visit website which use Cloudflare, you are sharing your information not only to website owner _but also Cloudflare_.
|
||||
It is impossible to analyze without [decrypting TLS traffic](https://github.com/nym-zone/block_cloudflare_mitm_fx/issues/15#issuecomment-354773389). Cloudflare knows all your data such as raw password.
|
||||
[Cloudbeed](https://en.wikipedia.org/wiki/Cloudbleed) can happen anytime.
|
||||
Do you really want to share your data with Cloudflare, and also 3-letter agency?
|
||||
|
||||
![](image/dhssaid.jpg)
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
This repository is a list of websites that are behind The Great Cloudwall, and also actively blocking Tor users.
|
||||
|
||||
|
||||
List
|
||||
Domain list
|
||||
* [Domains using Cloudflare](split/)
|
||||
* [Non-Cloudflare but filtering/blocking Tor users](not_cloudflare/)
|
||||
|
||||
Information
|
||||
* [Padlock icon indicates a secure SSL connection established w MitM-ed](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835)
|
||||
* [Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351)
|
||||
* [Problem with CloudFlare](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544)
|
||||
|
||||
* [Padlock icon indicates a secure SSL connection established w MitM-ed](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831835) by Anonymous
|
||||
* [Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351) by nym-zone
|
||||
* [Problem with CloudFlare](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544) by libBletchley
|
||||
* [Criticism and controversies](https://en.wikipedia.org/wiki/Cloudflare#Criticism_and_controversies) by Wikipedia
|
||||
|
||||
There are more details of why what they are doing is wrong available [here](cloudflare-philosophy.md).
|
||||
Also see [Frequently Asked Questions](faq.md).
|
||||
@ -44,7 +56,7 @@ Also see [Frequently Asked Questions](faq.md).
|
||||
* Add WTF-Cloudflare news to [NEWS.md](NEWS.md)
|
||||
* Search something on [Searxes Tor](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) or [clearnet](https://searxes.danwin1210.me/) (this will help collecting Searxes' "MITM domains")
|
||||
* Take a look at [add-on code](ismitmlink/) (how to use "MITM test API")
|
||||
* Subscribe to an ![](image/feed.png) RSS feed: "[The Great Cloudwall News](https://searxes.danwin1210.me/collab/open/getrss.php?q=tmg1news)" or follow ![](image/mstdn.jpg) [crimeflare@ieji.de](https://ieji.de/@crimeflare)
|
||||
* Subscribe to ![](image/feed.png) RSS feed: "[The Great Cloudwall News](https://ieji.de/users/crimeflare.rss)" or follow ![](image/mstdn.jpg) [crimeflare@ieji.de](https://ieji.de/@crimeflare)
|
||||
|
||||
|
||||
![WTF](image/wtfcf.jpg)
|
||||
|
@ -1,62 +1,101 @@
|
||||
abby.ns.cloudflare.com
|
||||
adrian.ns.cloudflare.com
|
||||
aida.ns.cloudflare.com
|
||||
alan.ns.cloudflare.com
|
||||
albert.ns.cloudflare.com
|
||||
alex.ns.cloudflare.com
|
||||
alina.ns.cloudflare.com
|
||||
alla.ns.cloudflare.com
|
||||
amanda.ns.cloudflare.com
|
||||
amber.ns.cloudflare.com
|
||||
amy.ns.cloudflare.com
|
||||
andy.ns.cloudflare.com
|
||||
anna.ns.cloudflare.com
|
||||
apollo.ns.cloudflare.com
|
||||
arch.ns.cloudflare.com
|
||||
aria.ns.cloudflare.com
|
||||
art.ns.cloudflare.com
|
||||
asa.ns.cloudflare.com
|
||||
athena.ns.cloudflare.com
|
||||
austin.ns.cloudflare.com
|
||||
ben.ns.cloudflare.com
|
||||
bella.ns.cloudflare.com
|
||||
ben.ns.cloudflare.com
|
||||
beth.ns.cloudflare.com
|
||||
bob.ns.cloudflare.com
|
||||
brit.ns.cloudflare.com
|
||||
chan.ns.cloudflare.com
|
||||
coby.ns.cloudflare.com
|
||||
coco.ns.cloudflare.com
|
||||
cody.ns.cloudflare.com
|
||||
cory.ns.cloudflare.com
|
||||
darwin.ns.cloudflare.com
|
||||
dee.ns.cloudflare.com
|
||||
dom.ns.cloudflare.com
|
||||
demi.ns.cloudflare.com
|
||||
dina.ns.cloudflare.com
|
||||
dom.ns.cloudflare.com
|
||||
dora.ns.cloudflare.com
|
||||
dorthy.ns.cloudflare.com
|
||||
drew.ns.cloudflare.com
|
||||
duke.ns.cloudflare.com
|
||||
ed.ns.cloudflare.com
|
||||
edna.ns.cloudflare.com
|
||||
elinore.ns.cloudflare.com
|
||||
elmo.ns.cloudflare.com
|
||||
emma.ns.cloudflare.com
|
||||
etta.ns.cloudflare.com
|
||||
fay.ns.cloudflare.com
|
||||
foo.ns.cloudflare.com
|
||||
fred.ns.cloudflare.com
|
||||
gabe.ns.cloudflare.com
|
||||
gail.ns.cloudflare.com
|
||||
glen.ns.cloudflare.com
|
||||
guy.ns.cloudflare.com
|
||||
hank.ns.cloudflare.com
|
||||
heather.ns.cloudflare.com
|
||||
hugh.ns.cloudflare.com
|
||||
ian.ns.cloudflare.com
|
||||
igor.ns.cloudflare.com
|
||||
iris.ns.cloudflare.com
|
||||
jasmine.ns.cloudflare.com
|
||||
jeff.ns.cloudflare.com
|
||||
jerry.ns.cloudflare.com
|
||||
jill.ns.cloudflare.com
|
||||
jim.ns.cloudflare.com
|
||||
john.ns.cloudflare.com
|
||||
jonah.ns.cloudflare.com
|
||||
josh.ns.cloudflare.com
|
||||
kate.ns.cloudflare.com
|
||||
kevin.ns.cloudflare.com
|
||||
kim.ns.cloudflare.com
|
||||
kip.ns.cloudflare.com
|
||||
leah.ns.cloudflare.com
|
||||
lee.ns.cloudflare.com
|
||||
leia.ns.cloudflare.com
|
||||
lex.ns.cloudflare.com
|
||||
lily.ns.cloudflare.com
|
||||
lucy.ns.cloudflare.com
|
||||
matt.ns.cloudflare.com
|
||||
max.ns.cloudflare.com
|
||||
megan.ns.cloudflare.com
|
||||
melinda.ns.cloudflare.com
|
||||
miki.ns.cloudflare.com
|
||||
nelly.ns.cloudflare.com
|
||||
newt.ns.cloudflare.com
|
||||
nina.ns.cloudflare.com
|
||||
norm.ns.cloudflare.com
|
||||
norman.ns.cloudflare.com
|
||||
olga.ns.cloudflare.com
|
||||
pam.ns.cloudflare.com
|
||||
paul.ns.cloudflare.com
|
||||
pete.ns.cloudflare.com
|
||||
peyton.ns.cloudflare.com
|
||||
rachel.ns.cloudflare.com
|
||||
rick.ns.cloudflare.com
|
||||
rob.ns.cloudflare.com
|
||||
rose.ns.cloudflare.com
|
||||
seth.ns.cloudflare.com
|
||||
sofia.ns.cloudflare.com
|
||||
tegan.ns.cloudflare.com
|
||||
terin.ns.cloudflare.com
|
||||
theo.ns.cloudflare.com
|
||||
zoe.ns.cloudflare.com
|
@ -6,6 +6,7 @@ cloudflare-quic.com
|
||||
cloudflare.com
|
||||
cloudflare.com.ve
|
||||
cloudflare.net
|
||||
workers.dev
|
||||
cloudflareapi.com
|
||||
cloudflareapps.com
|
||||
cloudflarechallenge.com
|
||||
|
BIN
image/dhssaid.jpg
Normal file
BIN
image/dhssaid.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 184 KiB |
Binary file not shown.
Before Width: | Height: | Size: 130 KiB After Width: | Height: | Size: 162 KiB |
@ -72,7 +72,9 @@ IMPORTANT: Please add only "Base Domain"
|
||||
| -------- | -------- |
|
||||
| list_error403.txt | Returns HTTP Error 403 (Forbidden) |
|
||||
| list_customerror.txt | Returns custom error message (not HTTP 403) |
|
||||
| list_other.txt | (not necessary?) |
|
||||
| list_other.txt | any other form of tor-hostility or mistreatment |
|
||||
| list_siteground.txt | siteground.com is a Tor-hostile hosting service that indiscriminately DoSes all Tor users with the collective judgement: "our system thinks you might be a robot!" Sometimes the site functions, and sometimes it times out, but the robot accusation is very common. |
|
||||
| list_formerly_tor-hostile.txt | was previously on one of the above tor-hostile lists |
|
||||
|
||||
```
|
||||
IMPORTANT: Please add only "Base Domain" or "(base domain)[space](comment here)"
|
||||
@ -93,4 +95,4 @@ Add them to [/not_cloudflare/](not_cloudflare/) (formerly "*TorBlocker Hall of S
|
||||
|
||||
This is a collection of websites that ban Tor exits, other than through Cloudflare(e.g. showing access denied pages, systematic timing out connections, ...).
|
||||
|
||||
[This add-ons](https://addons.mozilla.org/en-US/firefox/addon/which-website-rejected-me/) will help your list_error403 collection.
|
||||
[This add-ons](https://addons.mozilla.org/en-US/firefox/addon/which-website-rejected-me/) will help your list_error403 collection.
|
||||
|
@ -1,7 +1,16 @@
|
||||
const apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
|
||||
let mymemory = {};
|
||||
let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
|
||||
let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php';
|
||||
|
||||
function ismitm(f) {
|
||||
fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/hi.php', {
|
||||
method: 'GET',
|
||||
mode: 'cors'
|
||||
}).then(r => r.text()).then(r => {
|
||||
if (r == 'hi') {
|
||||
apiurl = TORapiurl;
|
||||
}
|
||||
}).catch(() => {});
|
||||
|
||||
function is_infected(f) {
|
||||
return new Promise((g, b) => {
|
||||
fetch(apiurl, {
|
||||
method: 'POST',
|
||||
@ -10,9 +19,7 @@ function ismitm(f) {
|
||||
'Content-Type': 'application/x-www-form-urlencoded'
|
||||
},
|
||||
body: 'f=' + f
|
||||
}).then(function (r) {
|
||||
return r.json();
|
||||
}).then(function (r) {
|
||||
}).then(r => r.json()).then(r => {
|
||||
if (r[0]) {
|
||||
g(r[1]);
|
||||
} else {
|
||||
@ -22,29 +29,49 @@ function ismitm(f) {
|
||||
});
|
||||
}
|
||||
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request && sender) {
|
||||
if (mymemory[request] != undefined) {
|
||||
let rlt = mymemory[request];
|
||||
if (Object.keys(mymemory).length > 20000) {
|
||||
let cnt = 1;
|
||||
for (let t in mymemory) {
|
||||
if (cnt > 10) {
|
||||
break;
|
||||
}
|
||||
mymemory[t] = null;
|
||||
delete mymemory[t];
|
||||
cnt++;
|
||||
}
|
||||
}
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, rlt]);
|
||||
} else {
|
||||
ismitm(request).then(function (a) {
|
||||
mymemory[request] = a;
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, a]);
|
||||
}, function () {
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, false]);
|
||||
});
|
||||
}
|
||||
function i_already_know_you(f) {
|
||||
if (!/^([a-z0-9_.-]{1,255})\.([a-z]{2,80})$/.test(f)) {
|
||||
return false;
|
||||
}
|
||||
});
|
||||
return new Promise((g, b) => {
|
||||
browser.storage.local.get(f).then((ff) => {
|
||||
if (ff[f]) {
|
||||
if (ff[f] == 'y') {
|
||||
g(1);
|
||||
} else {
|
||||
g(-1);
|
||||
}
|
||||
} else {
|
||||
g(0);
|
||||
}
|
||||
}, () => {
|
||||
g(0);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
function i_remember_you(f, t) {
|
||||
browser.storage.local.set({
|
||||
[f]: ((t) ? 'y' : 'n')
|
||||
});
|
||||
}
|
||||
|
||||
browser.storage.local.clear().then(() => {
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request && sender) {
|
||||
i_already_know_you(request).then((r) => {
|
||||
if (r == 1 || r == -1) {
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]);
|
||||
}
|
||||
if (r == 0) {
|
||||
is_infected(request).then((a) => {
|
||||
i_remember_you(request, a);
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, a]);
|
||||
}, () => {
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, false]);
|
||||
});
|
||||
}
|
||||
}, () => {});
|
||||
}
|
||||
});
|
||||
}, () => {});
|
@ -1,32 +1,32 @@
|
||||
if (document.body) {
|
||||
if (!['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
|
||||
let cs = (function () {
|
||||
let s = document.createElement('style');
|
||||
document.head.appendChild(s);
|
||||
return s.sheet;
|
||||
})();
|
||||
if (cs) {
|
||||
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
|
||||
cs.insertRule("a[data-mitm]::after{content:'[MITM!]';font-weight:bold}", 1);
|
||||
}
|
||||
let asked = [location.hostname, 'searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'];
|
||||
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
|
||||
let aF = (new URL(a.href)).hostname;
|
||||
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3}))$/.test(aF) && !asked.includes(aF)) {
|
||||
asked.push(aF);
|
||||
browser.runtime.sendMessage(aF);
|
||||
}
|
||||
});
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request.length == 2) {
|
||||
if (request[1]) {
|
||||
document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
|
||||
a.dataset.mitm = 1;
|
||||
a.title = 'MITM!';
|
||||
});
|
||||
}
|
||||
}
|
||||
sendResponse(null);
|
||||
});
|
||||
if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
|
||||
let cs = (function () {
|
||||
let s = document.createElement('style');
|
||||
document.head.appendChild(s);
|
||||
return s.sheet;
|
||||
})();
|
||||
if (cs) {
|
||||
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
|
||||
cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1);
|
||||
cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2);
|
||||
cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
|
||||
}
|
||||
let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'];
|
||||
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
|
||||
let aF = (new URL(a.href)).hostname;
|
||||
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
|
||||
asked.push(aF);
|
||||
browser.runtime.sendMessage(aF);
|
||||
}
|
||||
});
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request.length == 2) {
|
||||
if (request[1]) {
|
||||
document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
|
||||
a.dataset.mitm = 1;
|
||||
a.title = 'DANGER! DANGER! MITM!';
|
||||
});
|
||||
}
|
||||
}
|
||||
sendResponse(null);
|
||||
});
|
||||
}
|
@ -2,9 +2,13 @@
|
||||
"manifest_version": 2,
|
||||
"name": "Are links vulnerable to MITM attack?",
|
||||
"description": "Scan FQDN using Searxes' API",
|
||||
"version": "1.0.2",
|
||||
"version": "1.0.4",
|
||||
"homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink",
|
||||
"author": "Maslin Bossé",
|
||||
"permissions": [],
|
||||
"permissions": [
|
||||
"storage",
|
||||
"unlimitedStorage"
|
||||
],
|
||||
"icons": {
|
||||
"32": "icons/32.png"
|
||||
},
|
||||
|
@ -1,4 +1,5 @@
|
||||
# Which websites are hostile to Tor users?
|
||||
|
||||
Don't block us!
|
||||
|
||||
Don't block us!
|
||||
See [instructions.md](file://../instructions.md) for file purpose and format specifications.
|
||||
|
23
not_cloudflare/get_fqdn_tmg1.php
Normal file
23
not_cloudflare/get_fqdn_tmg1.php
Normal file
@ -0,0 +1,23 @@
|
||||
<?php
|
||||
//License: WTFPL
|
||||
|
||||
define('F_INPUT','noncloudflarelist.txt');
|
||||
define('F_OUTPUT','fqdnlist.txt');
|
||||
|
||||
if (!file_exists(F_INPUT)){
|
||||
die('File not found');
|
||||
}
|
||||
|
||||
$result = array();
|
||||
|
||||
foreach(explode("\n",file_get_contents(F_INPUT)) as $t){
|
||||
$t = explode(' ',$t)[0];
|
||||
if (preg_match("/^([a-z0-9-\.]{1,255})\.([a-z]{2,40})$/",$t)){
|
||||
$result[] = $t;
|
||||
}
|
||||
}
|
||||
|
||||
$result = array_unique($result);
|
||||
file_put_contents(F_OUTPUT,implode("\n",$result));
|
||||
|
||||
echo('Done');
|
@ -1,9 +1,11 @@
|
||||
|
||||
abclive.in
|
||||
aboutdebian.com
|
||||
adidas.de
|
||||
adsabs.harvard.edu
|
||||
aidspolicyproject.org
|
||||
airbnb.com
|
||||
Akamai
|
||||
Akamai's
|
||||
altcoins.com
|
||||
amazon.com
|
||||
@ -30,6 +32,7 @@ blocktrail.com
|
||||
bloglovin.com
|
||||
bloomberg.com
|
||||
bodhizazen.net
|
||||
busbud.com
|
||||
casw-acts.ca
|
||||
cc.gatech.edu
|
||||
cessfull.com
|
||||
@ -92,6 +95,7 @@ forums.linuxmint.com
|
||||
forums.whirlpool.net.au
|
||||
forum.synology.com
|
||||
foxnews.com
|
||||
Freenode
|
||||
gchq.gov.uk
|
||||
geizhals.at
|
||||
gemal.dk
|
||||
@ -123,6 +127,7 @@ koelnspd.de
|
||||
leblogdebetty.com
|
||||
lenovo.com
|
||||
libertygb.org.uk
|
||||
lifewire.com
|
||||
linuxquestions.org
|
||||
livejournal.com
|
||||
loebner.net
|
||||
@ -138,15 +143,18 @@ meaningness.com
|
||||
midtnmusic.com
|
||||
mixcloud.com
|
||||
moodle.org
|
||||
mosquitomagnet.com
|
||||
motorcyclecruiser.com
|
||||
mottweilerstudio.com
|
||||
n2value.com
|
||||
nacns.org
|
||||
nakedcapitalism.com
|
||||
nbnco.com.au
|
||||
nemlog-in.dk/login.aspx/noeglekort
|
||||
nepalmonitor.org
|
||||
netbank.com.au
|
||||
networktools.nl
|
||||
NetZone
|
||||
newark.com
|
||||
newgrounds.com
|
||||
news.ycombinator.com
|
||||
@ -211,6 +219,8 @@ technologyreview.com
|
||||
thecultureblend.com
|
||||
thegrommet.com
|
||||
theislamicseminary.org
|
||||
thespruceeats.com
|
||||
thoughtco.com
|
||||
ti.com
|
||||
tineye.com
|
||||
tocloud.com
|
||||
@ -237,6 +247,7 @@ vpforums.org
|
||||
walmart.com
|
||||
wayfair.com
|
||||
wbai.org
|
||||
webstix.com
|
||||
weforum.org
|
||||
whatthefuckshouldimakefordinner.com
|
||||
whiterose.samizdata.net
|
||||
|
@ -1,7 +1,10 @@
|
||||
abebooks.com
|
||||
ajc.com
|
||||
asus.com
|
||||
bitvps.com
|
||||
caot.ca
|
||||
captaintrain.com
|
||||
catbox.moe
|
||||
dluat.com
|
||||
europa.eu
|
||||
expo2015.org
|
||||
@ -12,15 +15,26 @@ geocaching.com
|
||||
gutenberg.org
|
||||
hot-topic.co.nz
|
||||
hubpages.com
|
||||
intra.ruc.dk
|
||||
irs.gov
|
||||
knowyourmeme.com
|
||||
lastword.at
|
||||
libertymutual.com
|
||||
logon.e-boks.dk
|
||||
moodle.ruc.dk
|
||||
no2nsa.x10.bz
|
||||
republicbuzz.com
|
||||
rijksoverheid.nl
|
||||
safeco.com
|
||||
securifi.com
|
||||
signon.ruc.dk
|
||||
singpolyma.net
|
||||
stadssb.ruc.dk
|
||||
stefanv.com
|
||||
study.com
|
||||
theverge.com
|
||||
tomshardware.com
|
||||
wayfair.com
|
||||
wigle.net
|
||||
wikidevi.com
|
||||
witopia.net
|
||||
|
11
not_cloudflare/list_formerly_tor-hostile.txt
Normal file
11
not_cloudflare/list_formerly_tor-hostile.txt
Normal file
@ -0,0 +1,11 @@
|
||||
20-kudk.queue-it.net 403
|
||||
europa.eu 403
|
||||
gutenberg.org 403
|
||||
hot-topic.co.nz 403
|
||||
rijksoverheid.nl 403
|
||||
stefanv.com 403
|
||||
tomshardware.com 403
|
||||
usa.gov customerror
|
||||
wigle.net 403
|
||||
wikidevi.com 403
|
||||
witopia.net 403
|
@ -1 +1,3 @@
|
||||
(add FQDN here)
|
||||
borger.dk Click "Digital Post" and get redirected to nemlog-in.dk, which tells Tor users "A technical error has occurred."
|
||||
botsin.space The admin don't care Tor users. Tor user can't login or register at all.
|
||||
chase.com The bank gives you an opportunity to provide your login creds and then denies the user access and locks their credit card account permanently for "using an unauthorized device". The action is irreversible, and card holders must sign up for a new card with new number if they want service.
|
||||
|
2
not_cloudflare/list_siteground.txt
Normal file
2
not_cloudflare/list_siteground.txt
Normal file
@ -0,0 +1,2 @@
|
||||
livingmoldfree.com
|
||||
thewimpyvegetarian.com
|
@ -59123,6 +59123,7 @@ advisory.business
|
||||
advisorycloud.com
|
||||
advisory.co.uk
|
||||
advisory-count.review
|
||||
advisoryexcellence.com
|
||||
advisorygroupmkt.com
|
||||
advisoryhq.com
|
||||
advisoryhq.xyz
|
||||
|
@ -80907,6 +80907,7 @@ lhzqjmget.cn
|
||||
l-hzqpdf.cf
|
||||
lhzttz.com
|
||||
lhzxc.com
|
||||
li.me
|
||||
li02.com
|
||||
li0516os.com
|
||||
li09.com
|
||||
|
@ -72,9 +72,11 @@ If Cloudflare leak your information, it's not our fault. [*]
|
||||
| [Block Cloudflare MITM Attack](https://trac.torproject.org/projects/tor/attachment/ticket/24351/block_cloudflare_mitm_attack-1.0.14.1-an%2Bfx.xpi) | nullius | [Link](https://github.com/nym-zone/block_cloudflare_mitm_fx) | **Yes** | **Yes** |
|
||||
| [Are links vulnerable to MITM?](https://addons.mozilla.org/en-US/firefox/addon/are-links-vulnerable-to-mitm/) | Maslin Bossé | [Link](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink) | No | **Yes** |
|
||||
| [Third-party Request Blocker (AMO)](https://addons.mozilla.org/en-US/firefox/addon/tprb/) | Searxes #Addon | [Link](https://searxes.danwin1210.me/) | **Yes** | **Yes** |
|
||||
| [TPRB](https://searxes.danwin1210.me/collab/tprb0/get_tprb0.php) | Sw | [Link](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/___go.php?go=sw) | **Yes** | **Yes** |
|
||||
| [TPRB](https://sw.skusklxqaqnrmszytky4vfyrg625erw4hqhiokyc2ufnokd2aitb47yd.onion/) | Sw | [Link](https://sw.skusklxqaqnrmszytky4vfyrg625erw4hqhiokyc2ufnokd2aitb47yd.onion/) | **Yes** | **Yes** |
|
||||
| [Detect Cloudflare](https://addons.mozilla.org/en-US/firefox/addon/detect-cloudflare/) | Frank Otto | [Link](https://github.com/traktofon/cf-detect) | No | **Yes** |
|
||||
| [Cloud Firewall](https://addons.mozilla.org/en-US/firefox/addon/cloud-firewall/) [*] | Gokulakrishna Sudharsan | [Link](https://gitlab.com/gkrishnaks/cloud-firewall/) | **Yes** | No |
|
||||
|
||||
[*] Do not use it if you're using proxy/VPN/Tor because it has "[DNS leak](https://en.wikipedia.org/wiki/DNS_leak)".
|
||||
|
||||
- Convince your friends to use [Tor Browser](https://www.torproject.org/) on the daily basis. Anonymity should be the standard of the open internet!
|
||||
|
||||
@ -96,6 +98,12 @@ If Cloudflare leak your information, it's not our fault. [*]
|
||||
|
||||
- Do you need HTTPS certificate? Use "[Let's Encrypt](https://letsencrypt.org/)" or just buy it from CA company.
|
||||
|
||||
- Do you need DNS server? Can't set up your own server? Then how about [Dyn.com](https://dyn.com/dns/), [Hurricane Electric Free DNS](https://dns.he.net/) or [this](https://freedns.afraid.org/)?
|
||||
|
||||
- Looking for hosting service? "Free" only? Well, [how about this](https://www.reddit.com/r/webdev/comments/5m8tr4/how_do_i_host_the_website_i_just_built/dc1qpk7/)?
|
||||
|
||||
- Are you using "cloudflare-ipfs.com"? Do you know [Cloudflare IPFS is bad](https://ieji.de/@crimeflare/101779952797884218)?
|
||||
|
||||
- Install Web Application Firewall (such as OWASP) and Fail2Ban on _your_ server and configure it _properly_.
|
||||
|
||||
- Set up [Tor Onion Service](https://www.torproject.org/docs/onion-services.html.en) or I2P insite if you believe in freedom and welcome anonymous users.
|
||||
@ -132,12 +140,20 @@ Let's talk about _other software's privacy_...
|
||||
|
||||
- PaleMoon developer [loves Cloudflare](https://github.com/mozilla-mobile/focus-android/issues/1743#issuecomment-345993097).
|
||||
|
||||
- Waterfox actively using [Cloudflare on their servers](https://www.digwebinterface.com/?hostnames=www.waterfoxproject.org&type=A&ns=resolver&useresolver=8.8.4.4&nameservers=) and their software have [severe "phones home" problem](https://spyware.neocities.org/articles/waterfox.html).
|
||||
|
||||
- Chrome is a [spyware](https://www.gnu.org/proprietary/malware-google.en.html).
|
||||
|
||||
- Brave Browser [whitelist Facebook/Twitter trackers](https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/).
|
||||
- SRWare Iron make too many [phones home connection](https://spyware.neocities.org/articles/iron.html). It also connect to google domains.
|
||||
|
||||
- Brave Browser [whitelist Facebook/Twitter trackers](https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/). Here's [more issues](https://spyware.neocities.org/articles/brave.html).
|
||||
|
||||
- Microsoft Edge lets Facebook [run Flash code behind users' backs](https://www.zdnet.com/article/microsoft-edge-lets-facebook-run-flash-code-behind-users-backs/).
|
||||
|
||||
- Vivaldi [does not respect your privacy](https://spyware.neocities.org/articles/vivaldi.html).
|
||||
|
||||
Therefore we recommend "Tor Browser" only. Nothing else.
|
||||
|
||||
------------
|
||||
|
||||
###### "Mozilla Firefox" user
|
||||
@ -164,9 +180,17 @@ Let's talk about _other software's privacy_...
|
||||
|
||||
![](image/firefoxdns.jpg)
|
||||
|
||||
- If you really need to use non-ISP DNS, consider using [OpenNIC Tier2 DNS service](https://wiki.opennic.org/start).
|
||||
- If you would like to use non-ISP DNS, consider using [OpenNIC Tier2 DNS service](https://wiki.opennic.org/start)
|
||||
![](image/opennic.jpg) or any of non-Cloudflare DNS services.
|
||||
|
||||
![](image/opennic.jpg)
|
||||
- You can use Tor as DNS resolver. If you're not Tor expert, [ask question here](https://tor.stackexchange.com/).
|
||||
|
||||
> **How?**
|
||||
> 1. Download [Tor](https://www.torproject.org/) and install it on your computer.
|
||||
> 2. Add this line to "torrc" file. [DNSPort description](https://www.torproject.org/docs/tor-manual.html.en).
|
||||
> DNSPort 127.0.0.1:53
|
||||
> 3. Restart Tor.
|
||||
> 4. Set your computer's DNS server to "127.0.0.1".
|
||||
|
||||
- Tell us if you see [this functionality](https://ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/) start to creep up beyond Firefox Nightly into more stable versions of Firefox.
|
||||
|
||||
@ -190,6 +214,8 @@ Let's talk about _other software's privacy_...
|
||||
|
||||
- Let us know of any alternatives to help at least provide multiple layered defence against Cloudflare.
|
||||
|
||||
- If you are a Cloudflare customer, set your privacy settings, and wait for them to violate them. Then bring them under [anti-spam / privacy violation charges](https://twitter.com/thexpaw/status/1108424723233419264).
|
||||
|
||||
- Try using [globalist](globalist.txt) to maintain this list.
|
||||
|
||||
- If you are in the **United States of America** and the website in question is a bank or an accountant, try to bring legal pressure under the [Gramm–Leach–Bliley Act](https://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Act), or the [Americans with DIsabilities Act](https://www.ada.gov/cguide.htm) and report back to us how far you get.
|
||||
|
Loading…
Reference in New Issue
Block a user