0
0
mirror of https://codeberg.org/crimeflare/cloudflare-tor synced 2024-11-09 02:42:42 +00:00

Merge branch 'master' of mia21/cloudflare-tor into master

This commit is contained in:
Jeff Cliff 2019-03-21 17:06:56 +00:00 committed by Gogs
commit 7150b8065a
4 changed files with 68 additions and 35 deletions

View File

@ -1,7 +1,6 @@
const apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php'; const apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
let mymemory = {};
function ismitm(f) { function is_infected(f) {
return new Promise((g, b) => { return new Promise((g, b) => {
fetch(apiurl, { fetch(apiurl, {
method: 'POST', method: 'POST',
@ -22,29 +21,51 @@ function ismitm(f) {
}); });
} }
function i_already_know_you(f) {
if (!/^([a-z0-9_.-]{1,255})\.([a-z]{2,80})$/.test(f)) {
return false;
}
return new Promise((g, b) => {
browser.storage.local.get(f).then((ff) => {
if (ff[f]) {
if (ff[f] == 'y') {
g(1);
} else {
g(-1);
}
} else {
g(0);
}
}, () => {
g(0);
});
});
}
function i_remember_you(f, t) {
browser.storage.local.set({
[f]: ((t) ? 'y' : 'n')
});
}
browser.storage.local.clear().then(() => {
browser.runtime.onMessage.addListener((request, sender, sendResponse) => { browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
if (request && sender) { if (request && sender) {
if (mymemory[request] != undefined) { i_already_know_you(request).then((r) => {
let rlt = mymemory[request]; if (r == 1 || r == -1) {
if (Object.keys(mymemory).length > 20000) { browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]);
let cnt = 1;
for (let t in mymemory) {
if (cnt > 10) {
break;
} }
mymemory[t] = null; if (r == 0) {
delete mymemory[t]; is_infected(request).then((a) => {
cnt++; i_remember_you(request, a);
}
}
browser.tabs.sendMessage(sender.tab.id, [request, rlt]);
} else {
ismitm(request).then(function (a) {
mymemory[request] = a;
browser.tabs.sendMessage(sender.tab.id, [request, a]); browser.tabs.sendMessage(sender.tab.id, [request, a]);
}, function () { }, () => {
browser.tabs.sendMessage(sender.tab.id, [request, false]); browser.tabs.sendMessage(sender.tab.id, [request, false]);
}); });
} }
}, () => {});
} }
}); });
}, (e) => {
console.log(e);
});

View File

@ -1,5 +1,5 @@
if (document.body) { if (document.body) {
if (!['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) { if (!['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'].includes(location.hostname)) {
let cs = (function () { let cs = (function () {
let s = document.createElement('style'); let s = document.createElement('style');
document.head.appendChild(s); document.head.appendChild(s);
@ -7,12 +7,14 @@ if (document.body) {
})(); })();
if (cs) { if (cs) {
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0); cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
cs.insertRule("a[data-mitm]::after{content:'[MITM!]';font-weight:bold}", 1); cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1);
cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2);
cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
} }
let asked = [location.hostname, 'searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb']; let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'];
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => { document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
let aF = (new URL(a.href)).hostname; let aF = (new URL(a.href)).hostname;
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3}))$/.test(aF) && !asked.includes(aF)) { if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
asked.push(aF); asked.push(aF);
browser.runtime.sendMessage(aF); browser.runtime.sendMessage(aF);
} }
@ -22,7 +24,7 @@ if (document.body) {
if (request[1]) { if (request[1]) {
document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => { document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
a.dataset.mitm = 1; a.dataset.mitm = 1;
a.title = 'MITM!'; a.title = 'DANGER! DANGER! MITM!';
}); });
} }
} }

View File

@ -2,9 +2,13 @@
"manifest_version": 2, "manifest_version": 2,
"name": "Are links vulnerable to MITM attack?", "name": "Are links vulnerable to MITM attack?",
"description": "Scan FQDN using Searxes' API", "description": "Scan FQDN using Searxes' API",
"version": "1.0.2", "version": "1.0.3",
"homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink",
"author": "Maslin Bossé", "author": "Maslin Bossé",
"permissions": [], "permissions": [
"storage",
"unlimitedStorage"
],
"icons": { "icons": {
"32": "icons/32.png" "32": "icons/32.png"
}, },

View File

@ -72,9 +72,9 @@ If Cloudflare leak your information, it's not our fault. [*]
| [Block Cloudflare MITM Attack](https://trac.torproject.org/projects/tor/attachment/ticket/24351/block_cloudflare_mitm_attack-1.0.14.1-an%2Bfx.xpi) | nullius | [Link](https://github.com/nym-zone/block_cloudflare_mitm_fx) | **Yes** | **Yes** | | [Block Cloudflare MITM Attack](https://trac.torproject.org/projects/tor/attachment/ticket/24351/block_cloudflare_mitm_attack-1.0.14.1-an%2Bfx.xpi) | nullius | [Link](https://github.com/nym-zone/block_cloudflare_mitm_fx) | **Yes** | **Yes** |
| [Are links vulnerable to MITM?](https://addons.mozilla.org/en-US/firefox/addon/are-links-vulnerable-to-mitm/) | Maslin Bossé | [Link](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink) | No | **Yes** | | [Are links vulnerable to MITM?](https://addons.mozilla.org/en-US/firefox/addon/are-links-vulnerable-to-mitm/) | Maslin Bossé | [Link](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink) | No | **Yes** |
| [Third-party Request Blocker (AMO)](https://addons.mozilla.org/en-US/firefox/addon/tprb/) | Searxes #Addon | [Link](https://searxes.danwin1210.me/) | **Yes** | **Yes** | | [Third-party Request Blocker (AMO)](https://addons.mozilla.org/en-US/firefox/addon/tprb/) | Searxes #Addon | [Link](https://searxes.danwin1210.me/) | **Yes** | **Yes** |
| [TPRB](https://searxes.danwin1210.me/collab/tprb0/get_tprb0.php) | Sw | [Link](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/___go.php?go=sw) | **Yes** | **Yes** | | [TPRB](https://sw.skusklxqaqnrmszytky4vfyrg625erw4hqhiokyc2ufnokd2aitb47yd.onion/) | Sw | [Link](https://sw.skusklxqaqnrmszytky4vfyrg625erw4hqhiokyc2ufnokd2aitb47yd.onion/) | **Yes** | **Yes** |
| [Detect Cloudflare](https://addons.mozilla.org/en-US/firefox/addon/detect-cloudflare/) | Frank Otto | [Link](https://github.com/traktofon/cf-detect) | No | **Yes** | | [Detect Cloudflare](https://addons.mozilla.org/en-US/firefox/addon/detect-cloudflare/) | Frank Otto | [Link](https://github.com/traktofon/cf-detect) | No | **Yes** |
| [Cloud Firewall](https://addons.mozilla.org/en-US/firefox/addon/cloud-firewall/) [*] | Gokulakrishna Sudharsan | [Link](https://gitlab.com/gkrishnaks/cloud-firewall/) | Yes | No | | [Cloud Firewall](https://addons.mozilla.org/en-US/firefox/addon/cloud-firewall/) [*] | Gokulakrishna Sudharsan | [Link](https://gitlab.com/gkrishnaks/cloud-firewall/) | **Yes** | No |
[*] Do not use it if you're using proxy/VPN/Tor because it has "[DNS leak](https://en.wikipedia.org/wiki/DNS_leak)". [*] Do not use it if you're using proxy/VPN/Tor because it has "[DNS leak](https://en.wikipedia.org/wiki/DNS_leak)".
@ -98,6 +98,12 @@ If Cloudflare leak your information, it's not our fault. [*]
- Do you need HTTPS certificate? Use "[Let's Encrypt](https://letsencrypt.org/)" or just buy it from CA company. - Do you need HTTPS certificate? Use "[Let's Encrypt](https://letsencrypt.org/)" or just buy it from CA company.
- Do you need DNS server? Can't set up your own server? Then how about [Dyn.com](https://dyn.com/dns/), [Hurricane Electric Free DNS](https://dns.he.net/) or [this](https://freedns.afraid.org/)?
- Looking for hosting service? "Free" only? Well, [how about this](https://www.reddit.com/r/webdev/comments/5m8tr4/how_do_i_host_the_website_i_just_built/dc1qpk7/)?
- Are you using "cloudflare-ipfs.com"? Do you know [Cloudflare IPFS is bad](https://ieji.de/@crimeflare/101779952797884218)?
- Install Web Application Firewall (such as OWASP) and Fail2Ban on _your_ server and configure it _properly_. - Install Web Application Firewall (such as OWASP) and Fail2Ban on _your_ server and configure it _properly_.
- Set up [Tor Onion Service](https://www.torproject.org/docs/onion-services.html.en) or I2P insite if you believe in freedom and welcome anonymous users. - Set up [Tor Onion Service](https://www.torproject.org/docs/onion-services.html.en) or I2P insite if you believe in freedom and welcome anonymous users.