This commit is contained in:
Jeff Cliff 2019-05-05 15:24:19 -04:00
commit 37bdd4b6da
23 changed files with 1625 additions and 9 deletions

View File

@ -1,9 +1,9 @@
### License
* /cloudflare-tor/bcma (Block Cloudflare MITM Attack) -- [MIT License](https://notabug.org/themusicgod1/cloudflare-tor/src/master/bcma/LICENSE.txt)
* /cloudflare-tor/globalist (Globalist) -- [GNU GPLv3](https://notabug.org/themusicgod1/cloudflare-tor/src/master/globalist/LICENSE)
* /cloudflare-tor/ismitmlink/ (Are links vulnerable to MITM attack?) -- [MIT License](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink/LICENSE)
* /cloudflare-tor/not_cloudflare/whyrejectme (Which website rejected me?) -- [MIT License](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink/LICENSE)
* addon_firefox/* -- MIT License
* addon_chrome/* -- MIT License
* globalist (Globalist) -- [GNU GPLv3](https://notabug.org/themusicgod1/cloudflare-tor/src/master/globalist/LICENSE)
* not_cloudflare/whyrejectme (Which website rejected me?) -- [MIT License](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink/LICENSE)
* Else -- [PUBLIC DOMAIN (CC0)](https://web.archive.org/web/https://creativecommons.org/share-your-work/public-domain/cc0/)

View File

@ -108,6 +108,14 @@ Disqualify:
###### Twitter (aka "Birdsite")
"Cloudflare's CEO and abuse head block me over arguing about their support of abusive websites. Trolls fear transparency." by @[dxgl_org](https://twitter.com/dxgl_org/status/1123622959124549632)
"Defenders are screwed. Plus users are screwed as they lose all control of privacy to companies like cloudflare." by @[hrbrmstr](https://twitter.com/hrbrmstr/status/1121180307091271680)
"CloudFlare is breaking everything." by @[sukarodo](https://twitter.com/sukarodo/status/1124283685304512512)
"Thought my Website was a Phishing Suspect, Cloudflare decided to force a Nasty Don't Enter notice on my E-store domain. No notifications to me at all!" by @[modaitalysuits](https://twitter.com/modaitalysuits/status/1122986421109682176)
"RSS Feed is behind the Cloudflare DDoS protection. My RSS Reader is self hosted, so it is impossible for it to retrieve any feeds" by @[GarcaMan2](https://twitter.com/GarcaMan2/status/1121234101657321474)
"Mais comment osez-vous parler de "respect des données personnelles"? Votre site est bourré de traceur en tout genre! Pire vous routez vos utilisateurs via cloudflare aux USA!" by @[Armdias](https://twitter.com/Armdias/status/1120957817693847557)
@ -310,6 +318,8 @@ Disqualify:
"People really ought to stop using/trusting cloudflare. it's a disgusting centralized morally compromised CDN." by @[drwdal](https://twitter.com/drwdal/status/1113171715234902018)
"anyone who uses cloudflare as an authority is promoting corporatization and effectively introducing an opportunity for MITM" by @[drwdal](https://twitter.com/drwdal/status/1113172243981496320)
"Please stop using Cloudflare's CDN. They blocked my IP" by @[actual_mishaor](https://twitter.com/actual_mishaor/status/1112285872311934976)
"Cloudflare is a threat to the internet, and makes it harder for visitors of your website to protect their right to privacy." by @[Mr. Jeff](https://twitter.com/jeffcliff1/status/1105832648096862208)

View File

@ -45,7 +45,7 @@ You might already know about the [PRISM](https://en.wikipedia.org/wiki/PRISM_(su
This repository is a list of websites that are behind The Great Cloudwall, and also actively blocking Tor users.
Domain list
Domain list - mirrors: [NixNet](https://git.nixnet.xyz/Username/cloudflare-tor), [CodeBerg](https://codeberg.org/Username/cloudflare-tor)
* [Domains using Cloudflare](split/)
* [Non-Cloudflare but filtering/blocking Tor users](not_cloudflare/)
@ -67,13 +67,27 @@ Also see [Frequently Asked Questions](faq.md).
# What can you do?
* Read [our list of recommended actions](what-to-do.md) and share it with your friends
* Read [other user's voice](PEOPLE.md) (if you write a blog, tell us your URL)
* Update the domain list: [List instructions](instructions.md)
* Add WTF-Cloudflare news to [NEWS.md](NEWS.md)
* Search something on [Searxes Tor](http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/) or [clearnet](https://searxes.danwin1210.me/) (this will help collecting Searxes' "MITM domains")
* Take a look at [add-on code](ismitmlink/) (how to use "MITM test API")
* [Tool / Script](https://notabug.org/themusicgod1/cloudflare-tor/src/master/tool)
* Subscribe to ![](image/feed.png) RSS feed: "[The Great Cloudwall News](https://ieji.de/users/crimeflare.rss)" or follow ![](image/mstdn.jpg) [crimeflare@ieji.de](https://ieji.de/@crimeflare)
* Take a look at add-on code and try it
| Name | Firefox | Chrome |
| -------- | -------- | -------- |
| Block Cloudflare MITM Attack | [Code](https://notabug.org/themusicgod1/cloudflare-tor/src/master/addon_firefox/bcma) | [Code](https://notabug.org/themusicgod1/cloudflare-tor/src/master/addon_chrome/bcma) |
| Are links vulnerable to MITM? | [Code](https://notabug.org/themusicgod1/cloudflare-tor/src/master/addon_firefox/ismitmlink) | [Code](https://notabug.org/themusicgod1/cloudflare-tor/src/master/addon_chrome/ismitmlink) |
| Which website rejected me? | [Code](https://notabug.org/themusicgod1/cloudflare-tor/src/master/not_cloudflare/whyrejectme) | - |
![WTF](image/wtfcf.jpg)
@ -92,3 +106,4 @@ flagged for spam and will be deleted. See "List of services blocking Tor" for de
* [Searxes](https://searxes.danwin1210.me/) meta-search engine
* [Block Cloudflare MITM Attack](https://addons.mozilla.org/en-US/firefox/addon/bcma/) add-on
* Some Firefox Add-ons

1
addon_chrome/README.md Normal file
View File

@ -0,0 +1 @@
# Add-ons for Ungoogled-Chrome

View File

@ -0,0 +1 @@
.

View File

@ -0,0 +1 @@
.

1
addon_firefox/README.md Normal file
View File

@ -0,0 +1 @@
# Add-ons for Tor Browser / Firefox ESR

View File

@ -0,0 +1,25 @@
The MIT License
Copyright (c) 2017 Project BCMA
Copyright (c) 2017 cypherpunks
Copyright (c) 2017 nullius <nullius@nym.zone>
Copyright (c) 2018 Searxes <searxes.danwin1210.me>
Copyright (c) 2018 Jeff Cliff <@jeffcliff@niu.moe>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

View File

@ -0,0 +1,854 @@
/*
"Welcome to PRISM 2.0"
*/
var cf_flag_ok = 'icons/cf_0.png';
var cf_flag_ng = 'icons/cf_1.png';
var force_whitelist = ['searxes.cf', 'thunderbird.net', 'mozilla.org', 'archive.org', 'cloudflare.com', 'cloudflareapps.com', 'cloudflare-dns.com', 'cloudflarestatus.com', 'cloudflareapi.com', 'cloudflare-ipfs.com', 'cloudflare-quic.com'];
var cfdomains = [];
var known_cf_domains = [];
fetch('bcmadata.txt',{method:'GET'}).then(function (b) {
return b.text();
}).then(function (b) {
cfdomains = b.split("\n").filter(v=>v!='');
known_cf_domains = cfdomains;
});
var my_cf_collection = [];
var my_cf_ignore = [];
var my_action = 2;
function onError(e) {
console.log(`BCMA: Error:${e}`);
}
function get_realdomain(w) {
var wa = w.split('.');
wa.reverse();
var wa_l = wa.length;
if (wa_l <= 2) {
return w;
}
if (wa_l >= 3) {
if (wa[0] == 'by' || wa[0] == 'ki' || wa[0] == 'na' || wa[0] == 'tm' || wa[0] == 'vc') {
if (wa[1] == 'com') {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'af' || wa[0] == 'bz' || wa[0] == 'lb' || wa[0] == 'lc' || wa[0] == 'mm' || wa[0] == 'mt' || wa[0] == 'ng' || wa[0] == 'sb' || wa[0] == 'sc' || wa[0] == 'sl') {
if (wa[1] == 'com' || wa[1] == 'edu' || wa[1] == 'gov' || wa[1] == 'net' || wa[1] == 'org') {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'org') {
if (wa[1] == 'ae') {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'gg' || wa[0] == 'je') {
if (wa[1] == 'co' || wa[1] == 'net' || wa[1] == 'org') {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'name') {
return wa[2] + "." + wa[1] + "." + wa[0];
}
if (wa[0] == 'ag') {
if (['com', 'net', 'org', 'co', 'nom', 'edu', 'gov'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ai') {
if (['off', 'com', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ao') {
if (['co', 'ed', 'it', 'og', 'pb'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ar') {
if (['com', 'edu', 'gov', 'gob', 'int', 'mil', 'net', 'org', 'tur'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'at') {
if (['gv', 'ac', 'co', 'or'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'au') {
if (['com', 'net', 'org', 'edu', 'gov', 'csiro', 'asn', 'id', 'act', 'nsw', 'nt', 'qld', 'sa', 'tas', 'vic', 'wa'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'az') {
if (['biz', 'com', 'edu', 'gov', 'info', 'int', 'mil', 'name', 'net', 'org', 'pp'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ba') {
if (['com', 'co', 'rs'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'bd') {
if (['com', 'edu', 'ac', 'net', 'gov', 'org', 'mil'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'bh') {
if (['com', 'info', 'cc', 'edu', 'biz', 'net', 'org', 'gov'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'bi') {
if (['ac', 'co', 'com', 'edu', 'gouv', 'gov', 'int', 'mil', 'net', 'or', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'bn') {
if (['com', 'net', 'org', 'edu'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'bo') {
if (['com', 'edu', 'gob', 'gov', 'int', 'mil', 'net', 'org', 'tv'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'br') {
if (['adm', 'adv', 'agr', 'am', 'arq', 'art', 'ato', 'bio', 'blog', 'bmd', 'cim', 'cng', 'cnt', 'com', 'coop', 'ecn', 'edu', 'eng', 'esp', 'etc', 'eti', 'far', 'flog', 'fm', 'fnd', 'fot', 'fst', 'g12', 'ggf', 'gov', 'imb', 'ind', 'inf', 'jor', 'lel', 'mat', 'med', 'mil', 'mus', 'net', 'nom', 'not', 'ntr', 'odo', 'org', 'ppg', 'pro', 'psc', 'psi', 'qsl', 'rec', 'slg', 'srv', 'tmp', 'trd', 'tur', 'tv', 'vet', 'vlog', 'wiki', 'zlg'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'bw') {
if (['org', 'ac', 'co', 'gov'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ci') {
if (['ac', 'co', 'com', 'ed', 'edu', 'go', 'int', 'net', 'or', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ck') {
if (['biz', 'co', 'edu', 'gen', 'gov', 'info', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'cn') {
if (['ac', 'ah', 'bj', 'com', 'cq', 'edu', 'fj', 'gd', 'gov', 'gs', 'gx', 'gz', 'ha', 'hb', 'he', 'hi', 'hk', 'hl', 'hn', 'jl', 'js', 'jx', 'ln', 'mil', 'mo', 'net', 'nm', 'nx', 'org', 'qh', 'sc', 'sd', 'sh', 'sn', 'sx', 'tj', 'tw', 'xj', 'xz', 'yn', 'zj'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'co') {
if (['com', 'edu', 'gov', 'mil', 'net', 'nom', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'com') {
if (['ar', 'br', 'cn', 'de', 'eu', 'gr', 'hu', 'jpn', 'kr', 'no', 'qc', 'ru', 'sa', 'se', 'uk', 'us', 'uy', 'za'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'cr') {
if (['ac', 'co', 'ed', 'fi', 'go', 'or', 'sa'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'cu') {
if (['com', 'edu', 'org', 'net', 'gov', 'inf'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'cy') {
if (['ac', 'biz', 'com', 'ekloges', 'gov', 'ltd', 'name', 'net', 'org', 'parliament', 'press', 'pro', 'tm'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'do') {
if (['art', 'com', 'edu', 'gob', 'gov', 'mil', 'net', 'org', 'sld', 'web'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'dz') {
if (['art', 'asso', 'com', 'edu', 'gov', 'net', 'org', 'pol'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ec') {
if (['com', 'info', 'net', 'fin', 'med', 'pro', 'org', 'edu', 'gob', 'gov', 'mil'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ee') {
if (['com', 'pri', 'fie', 'med', 'edu', 'lib', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'eg') {
if (['com', 'edu', 'eun', 'gov', 'mil', 'name', 'net', 'org', 'sci'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'es') {
if (['com', 'nom', 'org', 'gob', 'edu'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'et') {
if (['com', 'gov', 'org', 'edu', 'net', 'biz', 'name', 'info'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'fj') {
if (['ac', 'biz', 'com', 'info', 'mil', 'name', 'net', 'org', 'pro'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ge') {
if (['com', 'edu', 'gov', 'mil', 'net', 'org', 'pvt'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'gh') {
if (['com', 'edu', 'gov', 'org', 'mil'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'gi') {
if (['com', 'edu', 'gov', 'ltd', 'mod', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'gl') {
if (wa[1] == 'co' || wa[1] == 'com') {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'gr') {
if (['co', 'com', 'edu', 'gov', 'mil', 'mod', 'net', 'org', 'sch'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'gt') {
if (['com', 'edu', 'net', 'gob', 'org', 'mil', 'ind'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'gy') {
if (['co', 'com', 'edu', 'gov', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'hk') {
if (['com', 'edu', 'gov', 'idv', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'hn') {
if (['com', 'edu', 'gob', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'hr') {
if (wa[1] == 'com' || wa[1] == 'from') {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'hu') {
if (['2000', 'agrar', 'bolt', 'casino', 'city', 'co', 'erotica', 'erotika', 'film', 'forum', 'games', 'hotel', 'info', 'ingatlan', 'jogasz', 'konyvelo', 'lakas', 'media', 'news', 'org', 'priv', 'reklam', 'sex', 'shop', 'sport', 'suli', 'szex', 'tm', 'tozsde', 'utazas', 'video'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'id') {
if (['ac', 'co', 'go', 'mil', 'net', 'or', 'sch', 'web'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'il') {
if (['ac', 'co', 'gov', 'idf', 'k12', 'muni', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'im') {
if (['ac', 'co', 'com', 'gov', 'net', 'org', 'ro'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'in') {
if (['ac', 'co', 'edu', 'ernet', 'firm', 'gen', 'gov', 'ind', 'mil', 'net', 'org', 'res'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'it') {
if (['co', 'edu', 'gov'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'jm') {
if (['com', 'net', 'org', 'edu', 'gov', 'mil'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'jo') {
if (['com', 'edu', 'gov', 'mil', 'name', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'jp') {
if (['ac', 'ad', 'co', 'ed', 'go', 'gr', 'lg', 'ne', 'or'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ke') {
if (['ac', 'co', 'go', 'ne', 'or', 'sc'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'kg') {
if (['com', 'edu', 'gov', 'mil', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'kh') {
if (['com', 'edu', 'gov', 'mil', 'net', 'org', 'per'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'kr') {
if (['ac', 'busan', 'chungbuk', 'chungnam', 'co', 'daegu', 'daejeon', 'es', 'gangwon', 'go', 'gwangju', 'gyeongbuk', 'gyeonggi', 'gyeongnam', 'hs', 'incheon', 'jeju', 'jeonbuk', 'jeonnam', 'kg', 'mil', 'ms', 'ne', 'or', 'pe', 're', 'sc', 'seoul', 'ulsan'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'kw') {
if (['edu', 'com', 'net', 'org', 'gov'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'kz') {
if (['com', 'edu', 'gov', 'mil', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'lk') {
if (['assn', 'com', 'edu', 'gov', 'grp', 'hotel', 'int', 'ltd', 'net', 'ngo', 'org', 'sch', 'soc', 'web'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ls') {
if (['ac', 'co', 'gov', 'net', 'nul', 'org', 'parliament', 'quadrant'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'lv') {
if (['asn', 'com', 'conf', 'edu', 'gov', 'id', 'mil', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ly') {
if (['com', 'edu', 'gov', 'id', 'med', 'net', 'org', 'plc', 'sch'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ma') {
if (['ac', 'co', 'gov', 'net', 'org', 'press'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'mk') {
if (['com', 'edu', 'gov', 'inf', 'name', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'mu') {
if (['ac', 'co', 'com', 'gov', 'net', 'or', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'mx') {
if (['com', 'edu', 'gob', 'net', 'ngo', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'my') {
if (['com', 'edu', 'gov', 'mil', 'name', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'mz') {
if (['co', 'net', 'org', 'ac', 'gov', 'edu'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'net') {
if (['gb', 'se', 'uk', 'jp'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'nf') {
if (['com', 'net', 'arts', 'store', 'web', 'firm', 'info', 'other', 'per', 'rec'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ni') {
if (['gob', 'co', 'com', 'ac', 'edu', 'org', 'nom', 'net', 'mil'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'np') {
if (['aero', 'asia', 'biz', 'com', 'coop', 'edu', 'gov', 'info', 'jobs', 'mil', 'mobi', 'museum', 'name', 'net', 'org', 'pro', 'travel'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'nr') {
if (['biz', 'com', 'edu', 'gov', 'info', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'nz') {
if (['ac', 'co', 'cri', 'geek', 'gen', 'govt', 'health', 'iwi', 'maori', 'mil', 'net', 'org', 'parliament', 'school'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'om') {
if (['co', 'com', 'edu', 'gov', 'med', 'museum', 'net', 'org', 'pro'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'pa') {
if (['abo', 'ac', 'com', 'edu', 'gob', 'ing', 'med', 'net', 'nom', 'org', 'sld'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'pe') {
if (['com', 'edu', 'gob', 'mil', 'net', 'nom', 'org', 'sld'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'pg') {
if (['com', 'net', 'ac', 'gov', 'mil', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ph') {
if (['com', 'edu', 'gov', 'mil', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'pk') {
if (['biz', 'com', 'edu', 'fam', 'gob', 'gok', 'gon', 'gop', 'gos', 'gov', 'net', 'org', 'web'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'pl') {
if (['art', 'bialystok', 'biz', 'com', 'edu', 'gda', 'gdansk', 'gov', 'info', 'katowice', 'krakow', 'lodz', 'lublin', 'mil', 'net', 'ngo', 'olsztyn', 'org', 'poznan', 'radom', 'slupsk', 'szczecin', 'torun', 'warszawa', 'waw', 'wroc', 'wroclaw', 'zgora'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'pn') {
if (['in', 'co', 'eu', 'org', 'net', 'me'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'pr') {
if (['ac', 'biz', 'com', 'edu', 'est', 'gov', 'info', 'isla', 'name', 'net', 'org', 'pro', 'prof'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'pt') {
if (['com', 'edu', 'gov', 'int', 'net', 'nome', 'org', 'publ'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'py') {
if (['com', 'coop', 'edu', 'mil', 'gov', 'org', 'net', 'una'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'qa') {
if (['com', 'edu', 'sch', 'gov', 'mil', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ru') {
if (['ac', 'adygeya', 'altai', 'amur', 'amursk', 'arkhangelsk', 'astrakhan', 'baikal', 'bashkiria', 'belgorod', 'bir', 'bryansk', 'buryatia', 'cap', 'cbg', 'chel', 'chelyabinsk', 'chita', 'chukotka', 'cmw', 'com', 'dagestan', 'e-burg', 'edu', 'fareast', 'gov', 'grozny', 'int', 'irkutsk', 'ivanovo', 'izhevsk', 'jamal', 'jar', 'joshkar-ola', 'k-uralsk', 'kalmykia', 'kaluga', 'kamchatka', 'karelia', 'kazan', 'kchr', 'kemerovo', 'khabarovsk', 'khakassia', 'khv', 'kirov', 'kms', 'koenig', 'komi', 'kostroma', 'krasnoyarsk', 'kuban', 'kurgan', 'kursk', 'kustanai', 'kuzbass', 'lipetsk', 'magadan', 'magnitka', 'mari', 'mari-el', 'marine', 'mil', 'mordovia', 'mos', 'mosreg', 'msk', 'murmansk', 'mytis', 'nakhodka', 'nalchik', 'net', 'nkz', 'nnov', 'norilsk', 'nov', 'novosibirsk', 'nsk', 'omsk', 'orenburg', 'org', 'oryol', 'oskol', 'palana', 'penza', 'perm', 'pp', 'pskov', 'ptz', 'pyatigorsk', 'rnd', 'rubtsovsk', 'ryazan', 'sakhalin', 'samara', 'saratov', 'simbirsk', 'smolensk', 'snz', 'spb', 'stavropol', 'stv', 'surgut', 'syzran', 'tambov', 'tatarstan', 'test', 'tlt', 'tom', 'tomsk', 'tsaritsyn', 'tsk', 'tula', 'tuva', 'tver', 'tyumen', 'udm', 'udmurtia', 'ulan-ude', 'vdonsk', 'vladikavkaz', 'vladimir', 'vladivostok', 'volgograd', 'vologda', 'voronezh', 'vrn', 'vyatka', 'yakutia', 'yamal', 'yaroslavl', 'yekaterinburg', 'yuzhno-sakhalinsk', 'zgrad'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'sa') {
if (['com', 'edu', 'gov', 'med', 'net', 'org', 'pub', 'sch'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'se') {
if (['a', 'ac', 'b', 'bd', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'k', 'l', 'm', 'n', 'o', 'org', 'p', 'parti', 'pp', 'press', 'r', 's', 't', 'tm', 'u', 'w', 'x', 'y', 'z'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'sg') {
if (['com', 'edu', 'gov', 'idn', 'net', 'org', 'per'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'sv') {
if (['edu', 'gov', 'com', 'org', 'red'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'th') {
if (['ac', 'co', 'go', 'in', 'mi', 'net', 'or'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'tj') {
if (['ac', 'aero', 'biz', 'co', 'com', 'coop', 'dyn', 'edu', 'go', 'gov', 'info', 'int', 'mil', 'museum', 'my', 'name', 'net', 'nic', 'org', 'per', 'pro', 'test', 'web'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'tn') {
if (['agrinet', 'com', 'defense', 'edunet', 'ens', 'fin', 'gov', 'ind', 'info', 'intl', 'mincom', 'nat', 'net', 'org', 'perso', 'rnrt', 'rns', 'rnu', 'tourism'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'tr') {
if (['av', 'bbs', 'bel', 'biz', 'com', 'dr', 'edu', 'gen', 'gov', 'info', 'k12', 'mil', 'name', 'nc', 'net', 'org', 'pol', 'tel', 'tv', 'web'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'tw') {
if (['club', 'com', 'ebiz', 'edu', 'game', 'gov', 'idv', 'mil', 'net', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'tz') {
if (['co', 'ac', 'go', 'or', 'mil', 'sc', 'ne', 'hotel', 'mobi', 'tv', 'info', 'me'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ua') {
if (['at', 'cherkassy', 'chernigov', 'chernovtsy', 'ck', 'cn', 'co', 'com', 'crimea', 'cv', 'dn', 'dnepropetrovsk', 'donetsk', 'dp', 'edu', 'gov', 'if', 'in', 'ivano-frankivsk', 'kh', 'kharkov', 'kherson', 'khmelnitskiy', 'kiev', 'kirovograd', 'km', 'kr', 'ks', 'lg', 'lt', 'lugansk', 'lutsk', 'lviv', 'mk', 'net', 'nikolaev', 'od', 'odessa', 'org', 'pl', 'poltava', 'pp', 'rovno', 'rv', 'sebastopol', 'sumy', 'te', 'ternopil', 'uz', 'uzhgorod', 'vinnica', 'vn', 'yalta', 'zaporizhzhe', 'zhitomir', 'zp', 'zt'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ug') {
if (['co', 'ac', 'sc', 'go', 'ne', 'or'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'uk') {
if (['ac', 'bl', 'british-library', 'co', 'gov', 'jcpc', 'jet', 'judiciary', 'ltd', 'me', 'mod', 'net', 'nhs', 'nic', 'nls', 'org', 'parliament', 'plc', 'police', 'sch', 'supremecourt'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'uy') {
if (['com', 'edu', 'gub', 'net', 'mil', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'uz') {
if (['co', 'com', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 've') {
if (['arts', 'co', 'com', 'edu', 'gob', 'gov', 'info', 'int', 'mil', 'net', 'org', 'radio', 'tec', 'web'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'vi') {
if (['co', 'org', 'com', 'net', 'k12'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'vn') {
if (['ac', 'biz', 'com', 'edu', 'gov', 'health', 'info', 'int', 'mil', 'name', 'net', 'org', 'pro'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'ws') {
if (['org', 'gov', 'edu', 'com'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'za') {
if (['ac', 'agric', 'alt', 'bourse', 'city', 'co', 'cybernet', 'db', 'edu', 'gov', 'grondar', 'iaccess', 'imt', 'inca', 'landesign', 'law', 'mil', 'ngo', 'nis', 'nom', 'olivetti', 'org', 'pix', 'school', 'tm', 'web'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'zm') {
if (['ac', 'co', 'com', 'edu', 'gov', 'net', 'org', 'sch'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa[0] == 'zw') {
if (['co', 'ac', 'org'].includes(wa[1])) {
return wa[2] + "." + wa[1] + "." + wa[0];
}
}
if (wa_l == 4) {
if (/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/.test(w)) {
return w;
}
}
}
return wa[1] + "." + wa[0];
}
function update_icon(tid, url) {
var _nu = new URL(url);
var cf_hostname = _nu.hostname;
if ((_nu.protocol != 'http:' && _nu.protocol != 'https:') || cf_hostname.length < 1) {
browser.browserAction.setIcon({
tabId: tid,
path: cf_flag_ok
});
return;
}
cf_hostname = get_realdomain(cf_hostname);
if (my_cf_ignore.includes(cf_hostname) || force_whitelist.includes(cf_hostname)) {
browser.browserAction.setIcon({
tabId: tid,
path: cf_flag_ok
});
return;
}
if (known_cf_domains.includes(cf_hostname) || my_cf_collection.includes(cf_hostname)) {
if (my_action == 3) {
browser.tabs.executeScript(tid, {
matchAboutBlank: true,
runAt: 'document_end',
code: "if (location.hostname=='%%CFHOST%%'||location.hostname.endsWith('.%%CFHOST%%')){if (!document.title.startsWith('[!!MITM!!]') && (typeof _bcma_bdr)=='undefined'){document.title='[!!MITM!!]'+document.title;function _bcma_bdr(){document.body.style = 'border:4px dashed #' + ['e74c3c', '9b59b6', '3498db', '17a589', '196f3d', 'f4d03f', 'f39c12', 'd35400'][Math.floor(Math.random() * 8)] + ' !important';setTimeout(_bcma_bdr,4860);};_bcma_bdr();}}".replace('%%CFHOST%%', cf_hostname).replace('%%CFHOST%%', cf_hostname)
});
browser.tabs.executeScript(tid, {
matchAboutBlank: true,
runAt: 'document_idle',
code: "if (location.hostname=='%%CFHOST%%'||location.hostname.endsWith('.%%CFHOST%%')){if (!document.title.startsWith('[!!MITM!!]') && (typeof _bcma_bdr)=='undefined'){document.title='[!!MITM!!]'+document.title;function _bcma_bdr(){document.body.style = 'border:4px dashed #' + ['e74c3c', '9b59b6', '3498db', '17a589', '196f3d', 'f4d03f', 'f39c12', 'd35400'][Math.floor(Math.random() * 8)] + ' !important';setTimeout(_bcma_bdr,4860);};_bcma_bdr();}}".replace('%%CFHOST%%', cf_hostname).replace('%%CFHOST%%', cf_hostname)
});
}
browser.browserAction.setIcon({
tabId: tid,
path: cf_flag_ng
});
return;
}
browser.browserAction.setIcon({
tabId: tid,
path: cf_flag_ok
});
return;
}
browser.webRequest.onHeadersReceived.addListener(function (wr) {
if (wr.type != 'main_frame' && my_action == 2) {
return;
}
var _a = document.createElement('a');
_a.setAttribute('href', wr.url);
var wr_protocol = _a.protocol;
var wr_hostname = _a.hostname;
_a = null;
if ((wr_protocol != 'http:' && wr_protocol != 'https:') || wr_hostname.length < 4) {
return;
}
wr_hostname = get_realdomain(wr_hostname);
if (my_action == 1) {
if (wr.type == 'main_frame') {
return;
}
if (wr.documentUrl) {
var _b = document.createElement('a');
_b.setAttribute('href', wr.documentUrl);
if (wr_hostname == get_realdomain(_b.hostname)) {
return;
}
_b = null;
}
}
if (my_cf_ignore.includes(wr_hostname)) {
return;
}
if (force_whitelist.includes(wr_hostname)) {
return;
}
var cf_is = (known_cf_domains.includes(wr_hostname) || my_cf_collection.includes(wr_hostname)) ? true : false;
if (!cf_is) {
var cf_headers = wr.responseHeaders,
cf_v_name, cf_v_value;
for (var i = 0; i < cf_headers.length; i++) {
cf_v_name = cf_headers[i]['name'].toLowerCase();
cf_v_value = (cf_headers[i]['value'] != undefined) ? cf_headers[i]['value'].toLowerCase() : '';
if (cf_v_name == 'server' && cf_v_value.includes('cloudflare')) {
cf_is = true;
break;
}
if (cf_v_name == 'cf-ray' || cf_v_name == 'cf-cache-status' || cf_v_name == 'cf-chl-bypass') {
cf_is = true;
break;
}
if (cf_v_name == 'set-cookie' && cf_v_value.includes('_cfduid')) {
cf_is = true;
break;
}
}
}
if (cf_is) {
if (my_cf_collection.length > 500) {
my_cf_collection.shift();
}
if (!my_cf_collection.includes(wr_hostname)) {
my_cf_collection.push(wr_hostname);
}
console.log('BCMA: Block Cloudflare RH', wr_hostname);
if (my_action == 0 || my_action == 1) {
if (wr.type == 'image') {
return {
redirectUrl: 'data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQBCgAAACwAAAAAAQABAAACAkQBADs='
};
} else {
return {
cancel: true
};
}
}
if (my_action == 2) {
return {
redirectUrl: 'https://web.archive.org/web/' + wr.url.split('?')[0]
};
}
}
return;
}, {
urls: ["http://*/*", "https://*/*"]
}, ["blocking", "responseHeaders"]);
browser.webRequest.onBeforeRequest.addListener(function (wr) {
if (wr.type != 'main_frame' && my_action == 2) {
return;
}
var _a = document.createElement('a');
_a.setAttribute('href', wr.url);
var wr_protocol = _a.protocol;
var wr_hostname = _a.hostname;
_a = null;
if ((wr_protocol != 'http:' && wr_protocol != 'https:') || wr_hostname.length < 4) {
return;
}
wr_hostname = get_realdomain(wr_hostname);
if (my_action == 1) {
if (wr.type == 'main_frame') {
return;
}
if (wr.documentUrl) {
var _b = document.createElement('a');
_b.setAttribute('href', wr.documentUrl);
if (wr_hostname == get_realdomain(_b.hostname)) {
return;
}
_b = null;
}
}
if (my_cf_ignore.includes(wr_hostname)) {
return;
}
if (force_whitelist.includes(wr_hostname)) {
return;
}
var cf_is = (known_cf_domains.includes(wr_hostname) || my_cf_collection.includes(wr_hostname)) ? true : false;
if (cf_is) {
console.log('BCMA: Block Cloudflare BR', wr_hostname);
if (my_action == 0 || my_action == 1) {
if (wr.type == 'image') {
return {
redirectUrl: 'data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQBCgAAACwAAAAAAQABAAACAkQBADs='
};
} else {
return {
cancel: true
};
}
}
if (my_action == 2) {
return {
redirectUrl: 'https://web.archive.org/web/' + wr.url.split('?')[0]
};
}
}
return;
}, {
urls: ["http://*/*", "https://*/*"]
}, ["blocking"]);
browser.runtime.onMessage.addListener(function (a, b, c) {
if (a[0] == 'cf') {
c(['ok', JSON.stringify(my_cf_collection), JSON.stringify(my_cf_ignore), (known_cf_domains.length == 0) ? false : true, my_action]);
}
if (a[0] == 'erosman') {
my_cf_collection = [];
c(['destroy']);
}
if (a[0] == 'bi') {
if (a[1] == 'y') {
known_cf_domains = cfdomains;
} else {
known_cf_domains = [];
}
c(['ok']);
}
if (a[0] == 'ta') {
if (a[1] == '0') {
my_action = 0;
}
if (a[1] == '1') {
my_action = 1;
}
if (a[1] == '2') {
my_action = 2;
}
if (a[1] == '3') {
my_action = 3;
}
c(['ok']);
}
if (a[0] == 'ig') {
my_cf_ignore = a[1].sort().filter(v => v != '');
c(['ok']);
}
return true;
});
browser.tabs.onActivated.addListener(function (i) {
browser.tabs.query({
active: true,
currentWindow: true
}).then(function (t) {
update_icon(t[0].id, t[0].url);
}, onError);
});
browser.tabs.onUpdated.addListener(function (a, b, t) {
if (t.active) {
update_icon(t.id, t.url);
}
});
browser.webNavigation.onDOMContentLoaded.addListener(function (d) {
browser.tabs.query({
active: true,
currentWindow: true
}).then(function (t) {
update_icon(t[0].id, t[0].url);
}, onError);
});
browser.webNavigation.onCompleted.addListener(function (d) {
browser.tabs.query({
active: true,
currentWindow: true
}).then(function (t) {
update_icon(t[0].id, t[0].url);
}, onError);
});
browser.browserAction.onClicked.addListener(function (t) {
browser.runtime.openOptionsPage();
});

View File

@ -0,0 +1,42 @@
{
"manifest_version": 2,
"name": "Block Cloudflare MITM Attack",
"description": "Submit to global surveillance or resist. The choice is yours.",
"version": "1.0.1811.1",
"author": "Project BCMA",
"homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351",
"permissions": [
"<all_urls>",
"activeTab",
"tabs",
"webRequest",
"webRequestBlocking",
"webNavigation"
],
"icons": {
"32": "icons/icon-32.png",
"48": "icons/icon-48.png",
"64": "icons/icon-64.png"
},
"background": {
"scripts": [
"anticloudflare.js"
]
},
"options_ui": {
"page": "mydata.html",
"browser_style": false
},
"browser_action": {
"browser_style": false,
"default_icon": {
"32": "icons/cf_0.png"
}
},
"applications": {
"gecko": {
"id": "24351@trac.torproject.org",
"strict_min_version": "52.0"
}
}
}

View File

@ -0,0 +1,35 @@
<html>
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="style.css">
</head>
<body style="display:none">
Temporary configurations
<hr>
<b>&#9758; Built-in Cloudflare list (.com only)</b> <small>(powered by <a href="https://searxes.danwin1210.me/" target="_blank">Searxes</a>)</small><br>
<label><input type="radio" id="bi0" name="bi" value="0"> Use built-in list</label> <small>(Default)</small><br>
<label><input type="radio" id="bi1" name="bi" value="1"> Don't use built-in list</label><br>
<br>
<b>&#9822; Take Action</b><br>
<label><input type="radio" id="ta0" name="ta" value="0"> Block request immediately <small>(first-party + third-party)</small></label><br>
<label><input type="radio" id="ta1" name="ta" value="1"> Block request immediately <small>(third-party only / ignore first-party)</small></label><br>
<label><input type="radio" id="ta2" name="ta" value="2"> Redirect to Internet Archive(first-party) + Ignore third-party</label> <small>(Default)</small><br>
<label><input type="radio" id="ta3" name="ta" value="3"> Notify only</label><br>
<br>
<b>&#9997; Your Cloudflare Domain collection</b> <small>(Last 500)</small><br>
<small>(please share with <a href="https://notabug.org/themusicgod1/cloudflare-tor/" target="_blank">cloudflare-tor@notabug</a>)</small><br>
<textarea cols="50" rows="12" id="t" wrap="off" spellcheck="false" placeholder="Cloudflare domains"></textarea>
<br>
<button type="button" id="exp">[ &#8659; Export ]</button>
&nbsp;&nbsp;
<button type="button" id="clr">[ &#8634; Clear ]</button><br>
<br>
<b>&#9997; Your Cloudflare Ignore list (NOT RECOMMEND!)</b><br>
<textarea cols="50" rows="10" id="g" wrap="off" spellcheck="false" placeholder="hypothes.is"></textarea>
<br>
<button type="button" id="ign">[ &#8657; Apply ]</button>
<hr>
"<i>Welcome to PRISM 2.0</i>"
<script src="mydata.js"></script>
</body>
</html>

View File

@ -0,0 +1,102 @@
function onError(e) {
console.log(`BCMA: Error:${e}`);
}
document.addEventListener('DOMContentLoaded', function () {
browser.runtime.sendMessage(['cf']).then(function (r) {
if (r[0] == 'ok') {
document.getElementById('t').value = JSON.parse(r[1]).join("\n");
document.getElementById('g').value = JSON.parse(r[2]).join("\n");
if (r[3]) {
document.getElementById('bi0').checked = true;
document.getElementById('bi1').checked = false;
} else {
document.getElementById('bi0').checked = false;
document.getElementById('bi1').checked = true;
}
switch (r[4]) {
case 1:
document.getElementById('ta0').checked = false;
document.getElementById('ta1').checked = true;
document.getElementById('ta2').checked = false;
document.getElementById('ta3').checked = false;
break;
case 2:
document.getElementById('ta0').checked = false;
document.getElementById('ta1').checked = false;
document.getElementById('ta2').checked = true;
document.getElementById('ta3').checked = false;
break;
case 3:
document.getElementById('ta0').checked = false;
document.getElementById('ta1').checked = false;
document.getElementById('ta2').checked = false;
document.getElementById('ta3').checked = true;
break;
default:
document.getElementById('ta0').checked = false;
document.getElementById('ta1').checked = false;
document.getElementById('ta2').checked = true;
document.getElementById('ta3').checked = false;
break;
}
document.body.style.display = 'block';
document.addEventListener('contextmenu', function (z) {
if (z.target.tagName != 'TEXTAREA') {
z.preventDefault();
}
});
}
}, onError);
});
document.getElementById('exp').addEventListener('click', function () {
browser.tabs.create({
active: true,
url: 'about:blank'
}).then(function (t) {
browser.tabs.executeScript(t.id, {
matchAboutBlank: true,
code: "document.documentElement.innerHTML='<html><head><title>Data</title></head><body><pre>'+atob('" + btoa(document.getElementById('t').value) + "')+'</pre></body></html>';window.stop();"
}).then(function (e) {}, onError);
}, onError);
});
document.getElementById('clr').addEventListener('click', function () {
browser.runtime.sendMessage(['erosman']).then(function (r) {
document.getElementById('t').value = '';
}, onError);
});
document.getElementById('bi0').addEventListener('click', function () {
if (this.checked) {
browser.runtime.sendMessage(['bi', 'y']).then(function (r) {}, onError);
}
});
document.getElementById('bi1').addEventListener('click', function () {
if (this.checked) {
browser.runtime.sendMessage(['bi', 'n']).then(function (r) {}, onError);
}
});
document.getElementById('ta0').addEventListener('click', function () {
if (this.checked) {
browser.runtime.sendMessage(['ta', '0']).then(function (r) {}, onError);
}
});
document.getElementById('ta1').addEventListener('click', function () {
if (this.checked) {
browser.runtime.sendMessage(['ta', '1']).then(function (r) {}, onError);
}
});
document.getElementById('ta2').addEventListener('click', function () {
if (this.checked) {
browser.runtime.sendMessage(['ta', '2']).then(function (r) {}, onError);
}
});
document.getElementById('ta3').addEventListener('click', function () {
if (this.checked) {
browser.runtime.sendMessage(['ta', '3']).then(function (r) {}, onError);
}
});
document.getElementById('ign').addEventListener('click', function () {
browser.runtime.sendMessage(['ig', document.getElementById('g').value.split("\n")]).then(function (r) {}, onError);
});

View File

@ -0,0 +1,52 @@
*::-moz-focus-inner {
border: 0
}
*:focus {
outline: none;
outline-style: none
}
button {
background-color: transparent;
background-repeat: no-repeat;
border: 0;
overflow: hidden;
outline: none;
outline-style: none
}
body {
font: 13px Verdana;
overflow-x: hidden;
-webkit-user-select: none;
-moz-user-select: none;
cursor: default
}
button {
display: inline-block;
height: 27px
}
div {
-webkit-user-select: none;
-moz-user-select: none
}
hr {
color: #dcdcdc;
height: 0;
background: #dcdcdc
}
label {
-webkit-user-select: none;
-moz-user-select: none
}
textarea {
white-space: pre;
overflow-wrap: normal;
overflow-x: scroll
}

View File

@ -0,0 +1,21 @@
The MIT License
Copyright (c) 2019 Maslin Bossé
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

View File

@ -0,0 +1,5 @@
This is a source code of Maslin Bossé's "*Are links vulnerable to MITM?*".
PRs are welcome.
AMO: https://addons.mozilla.org/en-US/firefox/addon/are-links-vulnerable-to-mitm/

View File

@ -0,0 +1,77 @@
let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php';
fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/hi.php', {
method: 'GET',
mode: 'cors'
}).then(r => r.text()).then(r => {
if (r == 'hi') {
apiurl = TORapiurl;
}
}).catch(() => {});
function is_infected(f) {
return new Promise((g, b) => {
fetch(apiurl, {
method: 'POST',
mode: 'cors',
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
},
body: 'f=' + f
}).then(r => r.json()).then(r => {
if (r[0]) {
g(r[1]);
} else {
b();
}
}).catch(b);
});
}
function i_already_know_you(f) {
if (!/^([a-z0-9_.-]{1,255})\.([a-z]{2,80})$/.test(f)) {
return false;
}
return new Promise((g, b) => {
browser.storage.local.get(f).then((ff) => {
if (ff[f]) {
if (ff[f] == 'y') {
g(1);
} else {
g(-1);
}
} else {
g(0);
}
}, () => {
g(0);
});
});
}
function i_remember_you(f, t) {
browser.storage.local.set({
[f]: ((t) ? 'y' : 'n')
});
}
browser.storage.local.clear().then(() => {
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
if (request && sender) {
i_already_know_you(request).then((r) => {
if (r == 1 || r == -1) {
browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]);
}
if (r == 0) {
is_infected(request).then((a) => {
i_remember_you(request, a);
browser.tabs.sendMessage(sender.tab.id, [request, a]);
}, () => {
browser.tabs.sendMessage(sender.tab.id, [request, false]);
});
}
}, () => {});
}
});
}, () => {});

View File

@ -0,0 +1,32 @@
if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
let cs = (function () {
let s = document.createElement('style');
document.head.appendChild(s);
return s.sheet;
})();
if (cs) {
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1);
cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2);
cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
}
let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'];
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
let aF = (new URL(a.href)).hostname;
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
asked.push(aF);
browser.runtime.sendMessage(aF);
}
});
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
if (request.length == 2) {
if (request[1]) {
document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
a.dataset.mitm = 1;
a.title = 'DANGER! DANGER! MITM!';
});
}
}
sendResponse(null);
});
}

View File

@ -0,0 +1,38 @@
{
"manifest_version": 2,
"name": "Are links vulnerable to MITM attack?",
"description": "Scan FQDN using Searxes' API",
"version": "1.0.4",
"homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink",
"author": "Maslin Bossé",
"permissions": [
"storage",
"unlimitedStorage"
],
"icons": {
"32": "icons/32.png"
},
"background": {
"scripts": [
"bg.js"
]
},
"content_scripts": [
{
"matches": [
"http://*/*",
"https://*/*"
],
"js": [
"cs.js"
],
"run_at": "document_end"
}
],
"applications": {
"gecko": {
"id": "ismitm@searxes.danwin1210.me",
"strict_min_version": "56.0"
}
}
}

View File

@ -1,5 +1,5 @@
This is a source code of Maslin Bossé's "*Which website rejected me?*".
This is a source code of "*Which website rejected me?*" add-on.
PRs are welcome.
AMO: https://addons.mozilla.org/en-US/firefox/addon/which-website-rejected-me/
[Download add-on](https://searxes.danwin1210.me/collab/addon/?for=ureject)

View File

@ -24,7 +24,8 @@
"applications": {
"gecko": {
"id": "urejectme@searxes.danwin1210.me",
"strict_min_version": "56.0"
"strict_min_version": "56.0",
"update_url":"https://searxes.danwin1210.me/collab/addon/au.php?for=ureject"
}
}
}

4
tool/README.md Normal file
View File

@ -0,0 +1,4 @@
# Tool / Script
file.name -- desc.rip.tion

299
tool/irssi_cf_alturl.pl Normal file
View File

@ -0,0 +1,299 @@
#!/usr/bin/perl -w
# This Irssi script automatically check incoming http/https links
# and replace it to archive one if it is MITMed.
#
# Irssi /set Options
# you can view your current settigns by running "/set cflarealt" in Irssi
#
# /set cflarealt_debug <on|off> -- (off) if you have a problem try turning this on to debug
# /set cflarealt_send2channel <on|off> -- (off) send the converted URL publicly to everyone in your channels
# /set cflarealt_channels <"#channel1, #channel2, etc"> -- Channels to automatically convert. Empty Defaults to all
# /set cflarealt_shorturl_activate <on|off> -- (off) set it 'on' to use shortner
# /set cflarealt_shorturl_min <40> -- (40) How long a url has to be to trigger automatic url shortening
#
# /set cflarealt_localdbpath <"string to path"> -- () '/path/database/split/'
# /set cflarealt_uselocaldb <on|off> -- (off) if 'on', please set path to local database (or the script will die)
#
# /set cflarealt_printurl <on|off> -- (off) if 'on' print converted URL
# /set cflarealt_donotsend <on|off> -- (off) if 'on' do not send converted URL
#---------------------------------------------------------------------
##use strict;
use vars qw($VERSION %IRSSI);
$VERSION = "20190506";
%IRSSI = (
# Special thanks to: "eo, tsaavik"
authors => "Anonymous",
contact => 'anonymous@cloudflare-tor.nab',
name => "irssi_cf_alturl.pl",
description => "Cloudflare URL replacer",
license => "WTFPL",
changed => "$VERSION"
);
use Irssi;
use Irssi::Irc;
use LWP::Simple;
use LWP::UserAgent;
my (
$cfg_minurllen, $cfg_send2chan, $cfg_useshort, $cfg_isdebug,
$cfg_uselocaldb, $cfg_localdbpath, $cfg_chanlist
);
my ( $cfg_printurl, $cfg_donotsendurl );
my @cached = ();
sub setuphandler {
Irssi::settings_add_bool( "cflarealt", "cflarealt_send2channel", 0 );
if ( Irssi::settings_get_bool("cflarealt_send2channel") ) {
print "cflarealt: sending of shorturl's to public channels enabled";
$cfg_send2chan = 1;
}
Irssi::settings_add_bool( "cflarealt", "cflarealt_shorturl_activate", 0 );
if ( Irssi::settings_get_bool("cflarealt_shorturl_activate") ) {
print "cflarealt: URL shortner enabled";
$cfg_useshort = 1;
}
Irssi::settings_add_str( "cflarealt", "cflarealt_channels", "" );
$cfg_chanlist = Irssi::settings_get_str("cflarealt_channels");
if ($cfg_chanlist) {
print "cflarealt: Following channels are now parsed $cfg_chanlist";
}
Irssi::settings_add_int( "cflarealt", "cflarealt_shorturl_min", 40 );
my $old_min_url_length = $cfg_minurllen;
$cfg_minurllen = Irssi::settings_get_int("cflarealt_shorturl_min");
if ( $cfg_minurllen != $old_min_url_length ) {
print "cflarealt: min_url_length sucessfully set to $cfg_minurllen";
}
Irssi::settings_add_bool( "cflarealt", "cflarealt_debug", 0 );
my $old_debug = $cfg_isdebug;
$cfg_isdebug = Irssi::settings_get_bool("cflarealt_debug");
if ( $cfg_isdebug != $old_debug ) {
if ($cfg_isdebug) {
print "cflarealt: Debug Mode Enabled";
$cfg_isdebug = 1;
}
else {
print "cflarealt: Debug Mode Disabled";
$cfg_isdebug = 0;
}
}
Irssi::settings_add_bool( "cflarealt", "cflarealt_uselocaldb", 0 );
if ( Irssi::settings_get_bool("cflarealt_uselocaldb") ) {
print "cflarealt: Lookup Local DB enabled";
$cfg_uselocaldb = 1;
}
Irssi::settings_add_str( "cflarealt", "cflarealt_localdbpath", "" );
$cfg_localdbpath = Irssi::settings_get_str("cflarealt_localdbpath");
if ($cfg_localdbpath) {
print "cflarealt: DB path set to $cfg_localdbpath";
}
Irssi::settings_add_bool( "cflarealt", "cflarealt_printurl", 0 );
if ( Irssi::settings_get_bool("cflarealt_printurl") ) {
print "cflarealt: print URL enabled";
$cfg_printurl = 1;
}
Irssi::settings_add_bool( "cflarealt", "cflarealt_donotsend", 0 );
if ( Irssi::settings_get_bool("cflarealt_donotsend") ) {
print "cflarealt: dont-send enabled";
$cfg_donotsendurl = 1;
}
}
sub GotUrl {
my ( $server, $data, $nick, $addr, $target ) = @_;
if ( !$server || !$server->{connected} ) {
Irssi::print("Not connected to server");
return;
}
return unless ( goodchan($target) );
$data =~ s/^\s+//;
$data =~ s/\s+$//;
my @urls = ();
my @knownShortFQDN = ( 'tinyurl.com', 'bit.ly' );
my ( $url, $a, $return, $char, $ch ) = "";
my $same = 0;
return unless ( ( $data =~ /\bhttp\:/ ) || ( $data =~ /\bhttps\:/ ) );
deb("$target triggered GotUrl() with url: $data");
# split on whitespace and get the url(s) out
# done this way in case there are more than
# one url per line.
foreach ( split( /\s/, $data ) ) {
if ( ( $_ =~ /^http\:/ ) || ( $_ =~ /^https\:/ ) ) {
foreach $a (@urls) {
if ( $_ eq $a ) {
# incase they use the same url on the line.
$same = 1;
next;
}
}
if ( $same == 0 ) {
$same = 0;
push( @urls, $_ );
}
}
}
my ( $myurl, $fqdn, $junk, $mytype );
my ( $url, $browser, $response, $answer );
my ( $line, $ifoundit );
foreach (@urls) {
$myurl = $_;
( $junk, $fqdn ) = split( /\/\//, $myurl, 2 );
( $fqdn, $junk ) = split( /\//, $fqdn, 2 );
$mytype = '';
if ( length($fqdn) >= 4 ) {
## Start of Act
## ACT0. If ShortURL, expand it. (knownShortFQDN)
if ( grep( /^$fqdn$/, @knownShortFQDN ) ) {
deb("$target Expand $fqdn");
$browser = LWP::UserAgent->new;
$answer = HTTP::Request->new( GET => $myurl );
$response = $browser->request($answer);
if ( $response->is_success and $response->previous ) {
if ( $myurl ne $response->request->uri ) {
$junk = $response->request->uri;
if ( index( $junk, 'http' ) == 0 ) {
deb("$target Expanded $fqdn");
$myurl = $junk;
( $junk, $fqdn ) = split( /\/\//, $myurl, 2 );
( $fqdn, $junk ) = split( /\//, $fqdn, 2 );
}
}
}
}
## ACT1: Update URL if Cloudflared
if ( grep( /^$fqdn$/, @cached ) ) {
deb("$target Found in Cache $fqdn");
$mytype = '^B^C3[Archive]^O ';
$myurl = 'https://web.archive.org/web/' . $myurl;
}
else {
if ( $cfg_uselocaldb == 1 ) {
deb("$target Lookup local DB about $fqdn");
open( CFSFILE,
$cfg_localdbpath
. "cloudflare_"
. substr( $fqdn, 0, 1 )
. ".txt" )
or die "file not found for $fqdn";
$ifoundit = 0;
while (<CFSFILE>) {
$line = $_;
$line =~ s/\R//g;
if ( $line eq $fqdn ) {
$ifoundit = 1;
last;
}
}
close CFSFILE;
if ( $ifoundit == 1 ) {
push( @cached, $fqdn );
$mytype = '^B^C3[Archive]^O ';
$myurl = 'https://web.archive.org/web/' . $myurl;
}
}
else {
deb("$target Asking API about $fqdn");
$answer = '';
$url = 'https://searxes.danwin1210.me/collab/open/ismitm.php?f='.$fqdn;
$browser = LWP::UserAgent->new;
$browser->agent("Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0");
$response = $browser->get($url);
$answer = $response->content;
if ( $answer eq '[true,true]' ) {
push( @cached, $fqdn );
$mytype = '^B^C3[Archive]^O ';
$myurl = 'https://web.archive.org/web/' . $myurl;
}
}
}
## ACT2: Short URL __if__ enabled and long
if ( $cfg_useshort == 1 ) {
if ( length($myurl) > $cfg_minurllen ) {
deb("$target Creating Short URL for $myurl");
$url = 'https://ux.nu/api/short?format=plain&url='.$myurl;
$browser = LWP::UserAgent->new;
$browser->agent("cloudflare-tor (Thank you for your service)");
$response = $browser->get($url);
$answer = $response->content;
if ( index( $answer, 'https://ux.nu/' ) == 0 ) {
if ( $mytype eq '' ) {
$mytype = '^B^C7[Short]^O ';
}
else {
$mytype = '^B^C2[Short,Archive]^O ';
}
$myurl = $answer;
}
}
}
##ACT3: Result
if ( $cfg_printurl == 1 ) {
Irssi::print("URL: $mytype$myurl");
}
if ( $cfg_donotsendurl != 1 ) {
if ( $cfg_send2chan == 1 ) {
$server->command("msg $target $myurl");
}
else {
$server->print( "$target", "$mytype$myurl",
MSGLEVEL_CLIENTCRAP );
}
}
## End of Act
}
deb("$target process done for input $myurl");
}
## Cleanup cache
if ( $#cached > 500 ) {
@cached = ();
}
return;
}
sub deb($) {
Irssi::print(shift) if ( $cfg_isdebug == 1 );
}
sub goodchan {
my $chan = shift;
return ("OK") if ( !$cfg_chanlist );
foreach ( split( /\,/, $cfg_chanlist ) ) {
return ("$_") if ( $_ =~ /$chan/i );
}
return undef;
}
setuphandler();
Irssi::signal_add( "setup changed", "setuphandler" );
Irssi::signal_add_last( "message public", "GotUrl" );
Irssi::signal_add_last( "ctcp action", "GotUrl" );