mirror of
https://codeberg.org/crimeflare/cloudflare-tor
synced 2024-11-05 17:02:39 +00:00
This commit is contained in:
parent
9ac04f516b
commit
21b9f07586
@ -1,25 +0,0 @@
|
||||
The MIT License
|
||||
|
||||
Copyright (c) 2017 Project BCMA
|
||||
Copyright (c) 2017 cypherpunks
|
||||
Copyright (c) 2017 nullius <nullius@nym.zone>
|
||||
Copyright (c) 2018 Searxes <searxes.danwin1210.me>
|
||||
Copyright (c) 2018 Jeff Cliff <pleroma.oniichanylo2tsi4.onion/users/e51638c3>
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
File diff suppressed because one or more lines are too long
Binary file not shown.
Before Width: | Height: | Size: 612 B |
Binary file not shown.
Before Width: | Height: | Size: 729 B |
Binary file not shown.
Before Width: | Height: | Size: 1.2 KiB |
Binary file not shown.
Before Width: | Height: | Size: 1.9 KiB |
Binary file not shown.
Before Width: | Height: | Size: 2.3 KiB |
@ -1,42 +0,0 @@
|
||||
{
|
||||
"manifest_version": 2,
|
||||
"name": "Block Cloudflare MITM Attack",
|
||||
"description": "Submit to global surveillance or resist. The choice is yours.",
|
||||
"version": "1.0.5.1",
|
||||
"author": "Project BCMA",
|
||||
"homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351",
|
||||
"permissions": [
|
||||
"<all_urls>",
|
||||
"activeTab",
|
||||
"tabs",
|
||||
"webRequest",
|
||||
"webRequestBlocking",
|
||||
"webNavigation"
|
||||
],
|
||||
"icons": {
|
||||
"32": "icons/icon-32.png",
|
||||
"48": "icons/icon-48.png",
|
||||
"64": "icons/icon-64.png"
|
||||
},
|
||||
"background": {
|
||||
"scripts": [
|
||||
"anticloudflare.js"
|
||||
]
|
||||
},
|
||||
"options_ui": {
|
||||
"page": "mydata.html",
|
||||
"browser_style": false
|
||||
},
|
||||
"browser_action": {
|
||||
"browser_style": false,
|
||||
"default_icon": {
|
||||
"32": "icons/cf_0.png"
|
||||
}
|
||||
},
|
||||
"applications": {
|
||||
"gecko": {
|
||||
"id": "24351@trac.torproject.org",
|
||||
"strict_min_version": "52.0"
|
||||
}
|
||||
}
|
||||
}
|
@ -1,35 +0,0 @@
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<link rel="stylesheet" href="style.css">
|
||||
</head>
|
||||
<body style="display:none">
|
||||
Temporary configurations
|
||||
<hr>
|
||||
<b>☞ Built-in Cloudflare list</b> <small>(powered by <a href="https://searxes.danwin1210.me/" target="_blank">Searxes</a>)</small><br>
|
||||
<label><input type="radio" id="bi0" name="bi" value="0"> Use built-in list</label> <small>(Default)</small><br>
|
||||
<label><input type="radio" id="bi1" name="bi" value="1"> Don't use built-in list</label><br>
|
||||
<br>
|
||||
<b>♞ Take Action</b><br>
|
||||
<label><input type="radio" id="ta0" name="ta" value="0"> Block request immediately <small>(first-party + third-party)</small></label> <small>(Default)</small><br>
|
||||
<label><input type="radio" id="ta1" name="ta" value="1"> Block request immediately <small>(third-party only / ignore first-party)</small></label><br>
|
||||
<label><input type="radio" id="ta2" name="ta" value="2"> Redirect to Internet Archive(first-party) + Ignore third-party</label><br>
|
||||
<label><input type="radio" id="ta3" name="ta" value="3"> Notify only</label><br>
|
||||
<br>
|
||||
<b>✍ Your Cloudflare Domain collection</b> <small>(Last 500)</small><br>
|
||||
<small>(please share with <a href="https://notabug.org/themusicgod1/cloudflare-tor/" target="_blank">cloudflare-tor@notabug</a>)</small><br>
|
||||
<textarea cols="50" rows="12" id="t" wrap="off" spellcheck="false" placeholder="Cloudflare domains"></textarea>
|
||||
<br>
|
||||
<button type="button" id="exp">[ ⇓ Export ]</button>
|
||||
|
||||
<button type="button" id="clr">[ ↺ Clear ]</button><br>
|
||||
<br>
|
||||
<b>✍ Your Cloudflare Ignore list (NOT RECOMMEND!)</b><br>
|
||||
<textarea cols="50" rows="10" id="g" wrap="off" spellcheck="false" placeholder="hypothes.is"></textarea>
|
||||
<br>
|
||||
<button type="button" id="ign">[ ⇑ Apply ]</button>
|
||||
<hr>
|
||||
"<i>Welcome to PRISM 2.0</i>"
|
||||
<script src="mydata.js"></script>
|
||||
</body>
|
||||
</html>
|
105
bcma/mydata.js
105
bcma/mydata.js
@ -1,105 +0,0 @@
|
||||
function onError(e) {
|
||||
console.log(`Error:${e}`);
|
||||
}
|
||||
|
||||
document.addEventListener('DOMContentLoaded', function () {
|
||||
browser.runtime.sendMessage(['cf']).then(function (r) {
|
||||
if (r[0] == 'ok') {
|
||||
document.getElementById('t').value = JSON.parse(r[1]).join("\n");
|
||||
document.getElementById('g').value = JSON.parse(r[2]).join("\n");
|
||||
if (r[3]) {
|
||||
document.getElementById('bi0').checked = true;
|
||||
document.getElementById('bi1').checked = false;
|
||||
} else {
|
||||
document.getElementById('bi0').checked = false;
|
||||
document.getElementById('bi1').checked = true;
|
||||
}
|
||||
switch (r[4]) {
|
||||
case 1:
|
||||
document.getElementById('ta0').checked = false;
|
||||
document.getElementById('ta1').checked = true;
|
||||
document.getElementById('ta2').checked = false;
|
||||
document.getElementById('ta3').checked = false;
|
||||
break;
|
||||
case 2:
|
||||
document.getElementById('ta0').checked = false;
|
||||
document.getElementById('ta1').checked = false;
|
||||
document.getElementById('ta2').checked = true;
|
||||
document.getElementById('ta3').checked = false;
|
||||
break;
|
||||
case 3:
|
||||
document.getElementById('ta0').checked = false;
|
||||
document.getElementById('ta1').checked = false;
|
||||
document.getElementById('ta2').checked = false;
|
||||
document.getElementById('ta3').checked = true;
|
||||
break;
|
||||
default:
|
||||
document.getElementById('ta0').checked = true;
|
||||
document.getElementById('ta1').checked = false;
|
||||
document.getElementById('ta2').checked = false;
|
||||
document.getElementById('ta3').checked = false;
|
||||
break;
|
||||
}
|
||||
document.body.style.display = 'block';
|
||||
document.addEventListener('contextmenu', function (z) {
|
||||
if (z.target.tagName != 'TEXTAREA') {
|
||||
z.preventDefault();
|
||||
}
|
||||
});
|
||||
} else {
|
||||
document.getElementById('t').value = '!!! LOAD ERROR !!!';
|
||||
document.getElementById('g').value = '!!! LOAD ERROR !!!';
|
||||
}
|
||||
}, onError);
|
||||
});
|
||||
|
||||
document.getElementById('exp').addEventListener('click', function () {
|
||||
browser.tabs.create({
|
||||
active: true,
|
||||
url: 'about:blank'
|
||||
}).then(function (t) {
|
||||
browser.tabs.executeScript(t.id, {
|
||||
matchAboutBlank: true,
|
||||
code: "document.documentElement.innerHTML='<html><head><title>Data</title></head><body><pre>'+atob('" + btoa(document.getElementById('t').value) + "')+'</pre></body></html>';window.stop();"
|
||||
}).then(function (e) {}, onError);
|
||||
}, onError);
|
||||
});
|
||||
|
||||
document.getElementById('clr').addEventListener('click', function () {
|
||||
browser.runtime.sendMessage(['erosman']).then(function (r) {
|
||||
document.getElementById('t').value = '';
|
||||
}, onError);
|
||||
});
|
||||
document.getElementById('bi0').addEventListener('click', function () {
|
||||
if (this.checked) {
|
||||
browser.runtime.sendMessage(['bi', 'y']).then(function (r) {}, onError);
|
||||
}
|
||||
});
|
||||
document.getElementById('bi1').addEventListener('click', function () {
|
||||
if (this.checked) {
|
||||
browser.runtime.sendMessage(['bi', 'n']).then(function (r) {}, onError);
|
||||
}
|
||||
});
|
||||
document.getElementById('ta0').addEventListener('click', function () {
|
||||
if (this.checked) {
|
||||
browser.runtime.sendMessage(['ta', '0']).then(function (r) {}, onError);
|
||||
}
|
||||
});
|
||||
document.getElementById('ta1').addEventListener('click', function () {
|
||||
if (this.checked) {
|
||||
browser.runtime.sendMessage(['ta', '1']).then(function (r) {}, onError);
|
||||
}
|
||||
});
|
||||
document.getElementById('ta2').addEventListener('click', function () {
|
||||
if (this.checked) {
|
||||
browser.runtime.sendMessage(['ta', '2']).then(function (r) {}, onError);
|
||||
}
|
||||
});
|
||||
document.getElementById('ta3').addEventListener('click', function () {
|
||||
if (this.checked) {
|
||||
browser.runtime.sendMessage(['ta', '3']).then(function (r) {}, onError);
|
||||
}
|
||||
});
|
||||
document.getElementById('ign').addEventListener('click', function () {
|
||||
browser.runtime.sendMessage(['ig', document.getElementById('g').value.split("\n")]).then(function (r) {}, onError);
|
||||
});
|
@ -1,52 +0,0 @@
|
||||
*::-moz-focus-inner {
|
||||
border: 0
|
||||
}
|
||||
|
||||
*:focus {
|
||||
outline: none;
|
||||
outline-style: none
|
||||
}
|
||||
|
||||
button {
|
||||
background-color: transparent;
|
||||
background-repeat: no-repeat;
|
||||
border: 0;
|
||||
overflow: hidden;
|
||||
outline: none;
|
||||
outline-style: none
|
||||
}
|
||||
|
||||
body {
|
||||
font: 13px Verdana;
|
||||
overflow-x: hidden;
|
||||
-webkit-user-select: none;
|
||||
-moz-user-select: none;
|
||||
cursor: default
|
||||
}
|
||||
|
||||
button {
|
||||
display: inline-block;
|
||||
height: 27px
|
||||
}
|
||||
|
||||
div {
|
||||
-webkit-user-select: none;
|
||||
-moz-user-select: none
|
||||
}
|
||||
|
||||
hr {
|
||||
color: #dcdcdc;
|
||||
height: 0;
|
||||
background: #dcdcdc
|
||||
}
|
||||
|
||||
label {
|
||||
-webkit-user-select: none;
|
||||
-moz-user-select: none
|
||||
}
|
||||
|
||||
textarea {
|
||||
white-space: pre;
|
||||
overflow-wrap: normal;
|
||||
overflow-x: scroll
|
||||
}
|
@ -1,21 +0,0 @@
|
||||
The MIT License
|
||||
|
||||
Copyright (c) 2019 Maslin Bossé
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
@ -1,5 +0,0 @@
|
||||
This is a source code of Maslin Bossé's "*Are links vulnerable to MITM?*".
|
||||
|
||||
PRs are welcome.
|
||||
|
||||
AMO: https://addons.mozilla.org/en-US/firefox/addon/are-links-vulnerable-to-mitm/
|
@ -1,77 +0,0 @@
|
||||
let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
|
||||
let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php';
|
||||
|
||||
fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/hi.php', {
|
||||
method: 'GET',
|
||||
mode: 'cors'
|
||||
}).then(r => r.text()).then(r => {
|
||||
if (r == 'hi') {
|
||||
apiurl = TORapiurl;
|
||||
}
|
||||
}).catch(() => {});
|
||||
|
||||
function is_infected(f) {
|
||||
return new Promise((g, b) => {
|
||||
fetch(apiurl, {
|
||||
method: 'POST',
|
||||
mode: 'cors',
|
||||
headers: {
|
||||
'Content-Type': 'application/x-www-form-urlencoded'
|
||||
},
|
||||
body: 'f=' + f
|
||||
}).then(r => r.json()).then(r => {
|
||||
if (r[0]) {
|
||||
g(r[1]);
|
||||
} else {
|
||||
b();
|
||||
}
|
||||
}).catch(b);
|
||||
});
|
||||
}
|
||||
|
||||
function i_already_know_you(f) {
|
||||
if (!/^([a-z0-9_.-]{1,255})\.([a-z]{2,80})$/.test(f)) {
|
||||
return false;
|
||||
}
|
||||
return new Promise((g, b) => {
|
||||
browser.storage.local.get(f).then((ff) => {
|
||||
if (ff[f]) {
|
||||
if (ff[f] == 'y') {
|
||||
g(1);
|
||||
} else {
|
||||
g(-1);
|
||||
}
|
||||
} else {
|
||||
g(0);
|
||||
}
|
||||
}, () => {
|
||||
g(0);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
function i_remember_you(f, t) {
|
||||
browser.storage.local.set({
|
||||
[f]: ((t) ? 'y' : 'n')
|
||||
});
|
||||
}
|
||||
|
||||
browser.storage.local.clear().then(() => {
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request && sender) {
|
||||
i_already_know_you(request).then((r) => {
|
||||
if (r == 1 || r == -1) {
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]);
|
||||
}
|
||||
if (r == 0) {
|
||||
is_infected(request).then((a) => {
|
||||
i_remember_you(request, a);
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, a]);
|
||||
}, () => {
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, false]);
|
||||
});
|
||||
}
|
||||
}, () => {});
|
||||
}
|
||||
});
|
||||
}, () => {});
|
@ -1,32 +0,0 @@
|
||||
if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
|
||||
let cs = (function () {
|
||||
let s = document.createElement('style');
|
||||
document.head.appendChild(s);
|
||||
return s.sheet;
|
||||
})();
|
||||
if (cs) {
|
||||
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
|
||||
cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1);
|
||||
cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2);
|
||||
cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
|
||||
}
|
||||
let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'];
|
||||
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
|
||||
let aF = (new URL(a.href)).hostname;
|
||||
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
|
||||
asked.push(aF);
|
||||
browser.runtime.sendMessage(aF);
|
||||
}
|
||||
});
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request.length == 2) {
|
||||
if (request[1]) {
|
||||
document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
|
||||
a.dataset.mitm = 1;
|
||||
a.title = 'DANGER! DANGER! MITM!';
|
||||
});
|
||||
}
|
||||
}
|
||||
sendResponse(null);
|
||||
});
|
||||
}
|
Binary file not shown.
Before Width: | Height: | Size: 2.0 KiB |
@ -1,38 +0,0 @@
|
||||
{
|
||||
"manifest_version": 2,
|
||||
"name": "Are links vulnerable to MITM attack?",
|
||||
"description": "Scan FQDN using Searxes' API",
|
||||
"version": "1.0.4",
|
||||
"homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink",
|
||||
"author": "Maslin Bossé",
|
||||
"permissions": [
|
||||
"storage",
|
||||
"unlimitedStorage"
|
||||
],
|
||||
"icons": {
|
||||
"32": "icons/32.png"
|
||||
},
|
||||
"background": {
|
||||
"scripts": [
|
||||
"bg.js"
|
||||
]
|
||||
},
|
||||
"content_scripts": [
|
||||
{
|
||||
"matches": [
|
||||
"http://*/*",
|
||||
"https://*/*"
|
||||
],
|
||||
"js": [
|
||||
"cs.js"
|
||||
],
|
||||
"run_at": "document_end"
|
||||
}
|
||||
],
|
||||
"applications": {
|
||||
"gecko": {
|
||||
"id": "ismitm@searxes.danwin1210.me",
|
||||
"strict_min_version": "56.0"
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user