mirror of
https://codeberg.org/crimeflare/cloudflare-tor
synced 2025-01-25 12:52:05 +00:00
This commit is contained in:
parent
9ac04f516b
commit
21b9f07586
@ -1,25 +0,0 @@
|
|||||||
The MIT License
|
|
||||||
|
|
||||||
Copyright (c) 2017 Project BCMA
|
|
||||||
Copyright (c) 2017 cypherpunks
|
|
||||||
Copyright (c) 2017 nullius <nullius@nym.zone>
|
|
||||||
Copyright (c) 2018 Searxes <searxes.danwin1210.me>
|
|
||||||
Copyright (c) 2018 Jeff Cliff <pleroma.oniichanylo2tsi4.onion/users/e51638c3>
|
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
||||||
of this software and associated documentation files (the "Software"), to deal
|
|
||||||
in the Software without restriction, including without limitation the rights
|
|
||||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
||||||
copies of the Software, and to permit persons to whom the Software is
|
|
||||||
furnished to do so, subject to the following conditions:
|
|
||||||
|
|
||||||
The above copyright notice and this permission notice shall be included in all
|
|
||||||
copies or substantial portions of the Software.
|
|
||||||
|
|
||||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
||||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
||||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
||||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
||||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
||||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
||||||
SOFTWARE.
|
|
File diff suppressed because one or more lines are too long
Binary file not shown.
Before Width: | Height: | Size: 612 B |
Binary file not shown.
Before Width: | Height: | Size: 729 B |
Binary file not shown.
Before Width: | Height: | Size: 1.2 KiB |
Binary file not shown.
Before Width: | Height: | Size: 1.9 KiB |
Binary file not shown.
Before Width: | Height: | Size: 2.3 KiB |
@ -1,42 +0,0 @@
|
|||||||
{
|
|
||||||
"manifest_version": 2,
|
|
||||||
"name": "Block Cloudflare MITM Attack",
|
|
||||||
"description": "Submit to global surveillance or resist. The choice is yours.",
|
|
||||||
"version": "1.0.5.1",
|
|
||||||
"author": "Project BCMA",
|
|
||||||
"homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351",
|
|
||||||
"permissions": [
|
|
||||||
"<all_urls>",
|
|
||||||
"activeTab",
|
|
||||||
"tabs",
|
|
||||||
"webRequest",
|
|
||||||
"webRequestBlocking",
|
|
||||||
"webNavigation"
|
|
||||||
],
|
|
||||||
"icons": {
|
|
||||||
"32": "icons/icon-32.png",
|
|
||||||
"48": "icons/icon-48.png",
|
|
||||||
"64": "icons/icon-64.png"
|
|
||||||
},
|
|
||||||
"background": {
|
|
||||||
"scripts": [
|
|
||||||
"anticloudflare.js"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"options_ui": {
|
|
||||||
"page": "mydata.html",
|
|
||||||
"browser_style": false
|
|
||||||
},
|
|
||||||
"browser_action": {
|
|
||||||
"browser_style": false,
|
|
||||||
"default_icon": {
|
|
||||||
"32": "icons/cf_0.png"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"applications": {
|
|
||||||
"gecko": {
|
|
||||||
"id": "24351@trac.torproject.org",
|
|
||||||
"strict_min_version": "52.0"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,35 +0,0 @@
|
|||||||
<html>
|
|
||||||
<head>
|
|
||||||
<meta charset="utf-8">
|
|
||||||
<link rel="stylesheet" href="style.css">
|
|
||||||
</head>
|
|
||||||
<body style="display:none">
|
|
||||||
Temporary configurations
|
|
||||||
<hr>
|
|
||||||
<b>☞ Built-in Cloudflare list</b> <small>(powered by <a href="https://searxes.danwin1210.me/" target="_blank">Searxes</a>)</small><br>
|
|
||||||
<label><input type="radio" id="bi0" name="bi" value="0"> Use built-in list</label> <small>(Default)</small><br>
|
|
||||||
<label><input type="radio" id="bi1" name="bi" value="1"> Don't use built-in list</label><br>
|
|
||||||
<br>
|
|
||||||
<b>♞ Take Action</b><br>
|
|
||||||
<label><input type="radio" id="ta0" name="ta" value="0"> Block request immediately <small>(first-party + third-party)</small></label> <small>(Default)</small><br>
|
|
||||||
<label><input type="radio" id="ta1" name="ta" value="1"> Block request immediately <small>(third-party only / ignore first-party)</small></label><br>
|
|
||||||
<label><input type="radio" id="ta2" name="ta" value="2"> Redirect to Internet Archive(first-party) + Ignore third-party</label><br>
|
|
||||||
<label><input type="radio" id="ta3" name="ta" value="3"> Notify only</label><br>
|
|
||||||
<br>
|
|
||||||
<b>✍ Your Cloudflare Domain collection</b> <small>(Last 500)</small><br>
|
|
||||||
<small>(please share with <a href="https://notabug.org/themusicgod1/cloudflare-tor/" target="_blank">cloudflare-tor@notabug</a>)</small><br>
|
|
||||||
<textarea cols="50" rows="12" id="t" wrap="off" spellcheck="false" placeholder="Cloudflare domains"></textarea>
|
|
||||||
<br>
|
|
||||||
<button type="button" id="exp">[ ⇓ Export ]</button>
|
|
||||||
|
|
||||||
<button type="button" id="clr">[ ↺ Clear ]</button><br>
|
|
||||||
<br>
|
|
||||||
<b>✍ Your Cloudflare Ignore list (NOT RECOMMEND!)</b><br>
|
|
||||||
<textarea cols="50" rows="10" id="g" wrap="off" spellcheck="false" placeholder="hypothes.is"></textarea>
|
|
||||||
<br>
|
|
||||||
<button type="button" id="ign">[ ⇑ Apply ]</button>
|
|
||||||
<hr>
|
|
||||||
"<i>Welcome to PRISM 2.0</i>"
|
|
||||||
<script src="mydata.js"></script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
105
bcma/mydata.js
105
bcma/mydata.js
@ -1,105 +0,0 @@
|
|||||||
function onError(e) {
|
|
||||||
console.log(`Error:${e}`);
|
|
||||||
}
|
|
||||||
|
|
||||||
document.addEventListener('DOMContentLoaded', function () {
|
|
||||||
browser.runtime.sendMessage(['cf']).then(function (r) {
|
|
||||||
if (r[0] == 'ok') {
|
|
||||||
document.getElementById('t').value = JSON.parse(r[1]).join("\n");
|
|
||||||
document.getElementById('g').value = JSON.parse(r[2]).join("\n");
|
|
||||||
if (r[3]) {
|
|
||||||
document.getElementById('bi0').checked = true;
|
|
||||||
document.getElementById('bi1').checked = false;
|
|
||||||
} else {
|
|
||||||
document.getElementById('bi0').checked = false;
|
|
||||||
document.getElementById('bi1').checked = true;
|
|
||||||
}
|
|
||||||
switch (r[4]) {
|
|
||||||
case 1:
|
|
||||||
document.getElementById('ta0').checked = false;
|
|
||||||
document.getElementById('ta1').checked = true;
|
|
||||||
document.getElementById('ta2').checked = false;
|
|
||||||
document.getElementById('ta3').checked = false;
|
|
||||||
break;
|
|
||||||
case 2:
|
|
||||||
document.getElementById('ta0').checked = false;
|
|
||||||
document.getElementById('ta1').checked = false;
|
|
||||||
document.getElementById('ta2').checked = true;
|
|
||||||
document.getElementById('ta3').checked = false;
|
|
||||||
break;
|
|
||||||
case 3:
|
|
||||||
document.getElementById('ta0').checked = false;
|
|
||||||
document.getElementById('ta1').checked = false;
|
|
||||||
document.getElementById('ta2').checked = false;
|
|
||||||
document.getElementById('ta3').checked = true;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
document.getElementById('ta0').checked = true;
|
|
||||||
document.getElementById('ta1').checked = false;
|
|
||||||
document.getElementById('ta2').checked = false;
|
|
||||||
document.getElementById('ta3').checked = false;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
document.body.style.display = 'block';
|
|
||||||
document.addEventListener('contextmenu', function (z) {
|
|
||||||
if (z.target.tagName != 'TEXTAREA') {
|
|
||||||
z.preventDefault();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
} else {
|
|
||||||
document.getElementById('t').value = '!!! LOAD ERROR !!!';
|
|
||||||
document.getElementById('g').value = '!!! LOAD ERROR !!!';
|
|
||||||
}
|
|
||||||
}, onError);
|
|
||||||
});
|
|
||||||
|
|
||||||
document.getElementById('exp').addEventListener('click', function () {
|
|
||||||
browser.tabs.create({
|
|
||||||
active: true,
|
|
||||||
url: 'about:blank'
|
|
||||||
}).then(function (t) {
|
|
||||||
browser.tabs.executeScript(t.id, {
|
|
||||||
matchAboutBlank: true,
|
|
||||||
code: "document.documentElement.innerHTML='<html><head><title>Data</title></head><body><pre>'+atob('" + btoa(document.getElementById('t').value) + "')+'</pre></body></html>';window.stop();"
|
|
||||||
}).then(function (e) {}, onError);
|
|
||||||
}, onError);
|
|
||||||
});
|
|
||||||
|
|
||||||
document.getElementById('clr').addEventListener('click', function () {
|
|
||||||
browser.runtime.sendMessage(['erosman']).then(function (r) {
|
|
||||||
document.getElementById('t').value = '';
|
|
||||||
}, onError);
|
|
||||||
});
|
|
||||||
document.getElementById('bi0').addEventListener('click', function () {
|
|
||||||
if (this.checked) {
|
|
||||||
browser.runtime.sendMessage(['bi', 'y']).then(function (r) {}, onError);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
document.getElementById('bi1').addEventListener('click', function () {
|
|
||||||
if (this.checked) {
|
|
||||||
browser.runtime.sendMessage(['bi', 'n']).then(function (r) {}, onError);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
document.getElementById('ta0').addEventListener('click', function () {
|
|
||||||
if (this.checked) {
|
|
||||||
browser.runtime.sendMessage(['ta', '0']).then(function (r) {}, onError);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
document.getElementById('ta1').addEventListener('click', function () {
|
|
||||||
if (this.checked) {
|
|
||||||
browser.runtime.sendMessage(['ta', '1']).then(function (r) {}, onError);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
document.getElementById('ta2').addEventListener('click', function () {
|
|
||||||
if (this.checked) {
|
|
||||||
browser.runtime.sendMessage(['ta', '2']).then(function (r) {}, onError);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
document.getElementById('ta3').addEventListener('click', function () {
|
|
||||||
if (this.checked) {
|
|
||||||
browser.runtime.sendMessage(['ta', '3']).then(function (r) {}, onError);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
document.getElementById('ign').addEventListener('click', function () {
|
|
||||||
browser.runtime.sendMessage(['ig', document.getElementById('g').value.split("\n")]).then(function (r) {}, onError);
|
|
||||||
});
|
|
@ -1,52 +0,0 @@
|
|||||||
*::-moz-focus-inner {
|
|
||||||
border: 0
|
|
||||||
}
|
|
||||||
|
|
||||||
*:focus {
|
|
||||||
outline: none;
|
|
||||||
outline-style: none
|
|
||||||
}
|
|
||||||
|
|
||||||
button {
|
|
||||||
background-color: transparent;
|
|
||||||
background-repeat: no-repeat;
|
|
||||||
border: 0;
|
|
||||||
overflow: hidden;
|
|
||||||
outline: none;
|
|
||||||
outline-style: none
|
|
||||||
}
|
|
||||||
|
|
||||||
body {
|
|
||||||
font: 13px Verdana;
|
|
||||||
overflow-x: hidden;
|
|
||||||
-webkit-user-select: none;
|
|
||||||
-moz-user-select: none;
|
|
||||||
cursor: default
|
|
||||||
}
|
|
||||||
|
|
||||||
button {
|
|
||||||
display: inline-block;
|
|
||||||
height: 27px
|
|
||||||
}
|
|
||||||
|
|
||||||
div {
|
|
||||||
-webkit-user-select: none;
|
|
||||||
-moz-user-select: none
|
|
||||||
}
|
|
||||||
|
|
||||||
hr {
|
|
||||||
color: #dcdcdc;
|
|
||||||
height: 0;
|
|
||||||
background: #dcdcdc
|
|
||||||
}
|
|
||||||
|
|
||||||
label {
|
|
||||||
-webkit-user-select: none;
|
|
||||||
-moz-user-select: none
|
|
||||||
}
|
|
||||||
|
|
||||||
textarea {
|
|
||||||
white-space: pre;
|
|
||||||
overflow-wrap: normal;
|
|
||||||
overflow-x: scroll
|
|
||||||
}
|
|
@ -1,21 +0,0 @@
|
|||||||
The MIT License
|
|
||||||
|
|
||||||
Copyright (c) 2019 Maslin Bossé
|
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
||||||
of this software and associated documentation files (the "Software"), to deal
|
|
||||||
in the Software without restriction, including without limitation the rights
|
|
||||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
||||||
copies of the Software, and to permit persons to whom the Software is
|
|
||||||
furnished to do so, subject to the following conditions:
|
|
||||||
|
|
||||||
The above copyright notice and this permission notice shall be included in all
|
|
||||||
copies or substantial portions of the Software.
|
|
||||||
|
|
||||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
||||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
||||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
||||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
||||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
||||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
||||||
SOFTWARE.
|
|
@ -1,5 +0,0 @@
|
|||||||
This is a source code of Maslin Bossé's "*Are links vulnerable to MITM?*".
|
|
||||||
|
|
||||||
PRs are welcome.
|
|
||||||
|
|
||||||
AMO: https://addons.mozilla.org/en-US/firefox/addon/are-links-vulnerable-to-mitm/
|
|
@ -1,77 +0,0 @@
|
|||||||
let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
|
|
||||||
let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php';
|
|
||||||
|
|
||||||
fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/hi.php', {
|
|
||||||
method: 'GET',
|
|
||||||
mode: 'cors'
|
|
||||||
}).then(r => r.text()).then(r => {
|
|
||||||
if (r == 'hi') {
|
|
||||||
apiurl = TORapiurl;
|
|
||||||
}
|
|
||||||
}).catch(() => {});
|
|
||||||
|
|
||||||
function is_infected(f) {
|
|
||||||
return new Promise((g, b) => {
|
|
||||||
fetch(apiurl, {
|
|
||||||
method: 'POST',
|
|
||||||
mode: 'cors',
|
|
||||||
headers: {
|
|
||||||
'Content-Type': 'application/x-www-form-urlencoded'
|
|
||||||
},
|
|
||||||
body: 'f=' + f
|
|
||||||
}).then(r => r.json()).then(r => {
|
|
||||||
if (r[0]) {
|
|
||||||
g(r[1]);
|
|
||||||
} else {
|
|
||||||
b();
|
|
||||||
}
|
|
||||||
}).catch(b);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
function i_already_know_you(f) {
|
|
||||||
if (!/^([a-z0-9_.-]{1,255})\.([a-z]{2,80})$/.test(f)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
return new Promise((g, b) => {
|
|
||||||
browser.storage.local.get(f).then((ff) => {
|
|
||||||
if (ff[f]) {
|
|
||||||
if (ff[f] == 'y') {
|
|
||||||
g(1);
|
|
||||||
} else {
|
|
||||||
g(-1);
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
g(0);
|
|
||||||
}
|
|
||||||
}, () => {
|
|
||||||
g(0);
|
|
||||||
});
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
function i_remember_you(f, t) {
|
|
||||||
browser.storage.local.set({
|
|
||||||
[f]: ((t) ? 'y' : 'n')
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
browser.storage.local.clear().then(() => {
|
|
||||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
|
||||||
if (request && sender) {
|
|
||||||
i_already_know_you(request).then((r) => {
|
|
||||||
if (r == 1 || r == -1) {
|
|
||||||
browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]);
|
|
||||||
}
|
|
||||||
if (r == 0) {
|
|
||||||
is_infected(request).then((a) => {
|
|
||||||
i_remember_you(request, a);
|
|
||||||
browser.tabs.sendMessage(sender.tab.id, [request, a]);
|
|
||||||
}, () => {
|
|
||||||
browser.tabs.sendMessage(sender.tab.id, [request, false]);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}, () => {});
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}, () => {});
|
|
@ -1,32 +0,0 @@
|
|||||||
if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
|
|
||||||
let cs = (function () {
|
|
||||||
let s = document.createElement('style');
|
|
||||||
document.head.appendChild(s);
|
|
||||||
return s.sheet;
|
|
||||||
})();
|
|
||||||
if (cs) {
|
|
||||||
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
|
|
||||||
cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1);
|
|
||||||
cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2);
|
|
||||||
cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
|
|
||||||
}
|
|
||||||
let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'];
|
|
||||||
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
|
|
||||||
let aF = (new URL(a.href)).hostname;
|
|
||||||
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
|
|
||||||
asked.push(aF);
|
|
||||||
browser.runtime.sendMessage(aF);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
|
||||||
if (request.length == 2) {
|
|
||||||
if (request[1]) {
|
|
||||||
document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
|
|
||||||
a.dataset.mitm = 1;
|
|
||||||
a.title = 'DANGER! DANGER! MITM!';
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
sendResponse(null);
|
|
||||||
});
|
|
||||||
}
|
|
Binary file not shown.
Before Width: | Height: | Size: 2.0 KiB |
@ -1,38 +0,0 @@
|
|||||||
{
|
|
||||||
"manifest_version": 2,
|
|
||||||
"name": "Are links vulnerable to MITM attack?",
|
|
||||||
"description": "Scan FQDN using Searxes' API",
|
|
||||||
"version": "1.0.4",
|
|
||||||
"homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink",
|
|
||||||
"author": "Maslin Bossé",
|
|
||||||
"permissions": [
|
|
||||||
"storage",
|
|
||||||
"unlimitedStorage"
|
|
||||||
],
|
|
||||||
"icons": {
|
|
||||||
"32": "icons/32.png"
|
|
||||||
},
|
|
||||||
"background": {
|
|
||||||
"scripts": [
|
|
||||||
"bg.js"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"content_scripts": [
|
|
||||||
{
|
|
||||||
"matches": [
|
|
||||||
"http://*/*",
|
|
||||||
"https://*/*"
|
|
||||||
],
|
|
||||||
"js": [
|
|
||||||
"cs.js"
|
|
||||||
],
|
|
||||||
"run_at": "document_end"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"applications": {
|
|
||||||
"gecko": {
|
|
||||||
"id": "ismitm@searxes.danwin1210.me",
|
|
||||||
"strict_min_version": "56.0"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
Loading…
x
Reference in New Issue
Block a user