Merge branch 'master' of mia26/cloudflare-tor into master
This commit is contained in:
commit
42f58b31ff
|
@ -27,7 +27,7 @@ Disqualify:
|
|||
|
||||
"[I don’t trust Cloudflare with IPFS](https://blog.kareldonk.com/i-dont-trust-cloudflare-with-ipfs/)" by [Karel Donk](https://blog.kareldonk.com/)
|
||||
|
||||
"[Cloudflare IPFS experiment](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/cloudflare-IPFS-experiment.html)" by [Joe](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/index.html)
|
||||
"[Cloudflare IPFS experiment](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/cloudflare-IPFS-experiment.html)" by [Joe](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/index.html) - ([archive](http://archive.fo/139z1))
|
||||
|
||||
"[Don't Trust CloudFlare](https://write.lain.haus/thufie/dont-trust-cloudflare)" by [@lunaterra@cyberia.social](https://cyberia.social/@lunaterra)
|
||||
|
||||
|
|
|
@ -1,68 +1,101 @@
|
|||
abby.ns.cloudflare.com
|
||||
adrian.ns.cloudflare.com
|
||||
aida.ns.cloudflare.com
|
||||
alan.ns.cloudflare.com
|
||||
albert.ns.cloudflare.com
|
||||
alex.ns.cloudflare.com
|
||||
alina.ns.cloudflare.com
|
||||
alla.ns.cloudflare.com
|
||||
amanda.ns.cloudflare.com
|
||||
amber.ns.cloudflare.com
|
||||
amy.ns.cloudflare.com
|
||||
andy.ns.cloudflare.com
|
||||
anna.ns.cloudflare.com
|
||||
apollo.ns.cloudflare.com
|
||||
arch.ns.cloudflare.com
|
||||
aria.ns.cloudflare.com
|
||||
art.ns.cloudflare.com
|
||||
asa.ns.cloudflare.com
|
||||
athena.ns.cloudflare.com
|
||||
austin.ns.cloudflare.com
|
||||
ben.ns.cloudflare.com
|
||||
bella.ns.cloudflare.com
|
||||
ben.ns.cloudflare.com
|
||||
beth.ns.cloudflare.com
|
||||
bob.ns.cloudflare.com
|
||||
norman.ns.cloudflare.com
|
||||
brit.ns.cloudflare.com
|
||||
chan.ns.cloudflare.com
|
||||
coby.ns.cloudflare.com
|
||||
coco.ns.cloudflare.com
|
||||
cody.ns.cloudflare.com
|
||||
cory.ns.cloudflare.com
|
||||
darwin.ns.cloudflare.com
|
||||
dee.ns.cloudflare.com
|
||||
dom.ns.cloudflare.com
|
||||
demi.ns.cloudflare.com
|
||||
dina.ns.cloudflare.com
|
||||
dom.ns.cloudflare.com
|
||||
dora.ns.cloudflare.com
|
||||
dorthy.ns.cloudflare.com
|
||||
drew.ns.cloudflare.com
|
||||
duke.ns.cloudflare.com
|
||||
ed.ns.cloudflare.com
|
||||
edna.ns.cloudflare.com
|
||||
elinore.ns.cloudflare.com
|
||||
elmo.ns.cloudflare.com
|
||||
emma.ns.cloudflare.com
|
||||
etta.ns.cloudflare.com
|
||||
fay.ns.cloudflare.com
|
||||
foo.ns.cloudflare.com
|
||||
fred.ns.cloudflare.com
|
||||
gabe.ns.cloudflare.com
|
||||
gail.ns.cloudflare.com
|
||||
glen.ns.cloudflare.com
|
||||
guy.ns.cloudflare.com
|
||||
hank.ns.cloudflare.com
|
||||
heather.ns.cloudflare.com
|
||||
hugh.ns.cloudflare.com
|
||||
ian.ns.cloudflare.com
|
||||
igor.ns.cloudflare.com
|
||||
iris.ns.cloudflare.com
|
||||
jasmine.ns.cloudflare.com
|
||||
jeff.ns.cloudflare.com
|
||||
jerry.ns.cloudflare.com
|
||||
jill.ns.cloudflare.com
|
||||
jim.ns.cloudflare.com
|
||||
john.ns.cloudflare.com
|
||||
jonah.ns.cloudflare.com
|
||||
josh.ns.cloudflare.com
|
||||
kate.ns.cloudflare.com
|
||||
kevin.ns.cloudflare.com
|
||||
kim.ns.cloudflare.com
|
||||
kip.ns.cloudflare.com
|
||||
leah.ns.cloudflare.com
|
||||
lee.ns.cloudflare.com
|
||||
leia.ns.cloudflare.com
|
||||
lex.ns.cloudflare.com
|
||||
lily.ns.cloudflare.com
|
||||
lucy.ns.cloudflare.com
|
||||
matt.ns.cloudflare.com
|
||||
max.ns.cloudflare.com
|
||||
megan.ns.cloudflare.com
|
||||
melinda.ns.cloudflare.com
|
||||
miki.ns.cloudflare.com
|
||||
nelly.ns.cloudflare.com
|
||||
newt.ns.cloudflare.com
|
||||
nina.ns.cloudflare.com
|
||||
norm.ns.cloudflare.com
|
||||
norman.ns.cloudflare.com
|
||||
olga.ns.cloudflare.com
|
||||
pam.ns.cloudflare.com
|
||||
paul.ns.cloudflare.com
|
||||
pete.ns.cloudflare.com
|
||||
peyton.ns.cloudflare.com
|
||||
rachel.ns.cloudflare.com
|
||||
rick.ns.cloudflare.com
|
||||
rob.ns.cloudflare.com
|
||||
rose.ns.cloudflare.com
|
||||
seth.ns.cloudflare.com
|
||||
sofia.ns.cloudflare.com
|
||||
tegan.ns.cloudflare.com
|
||||
terin.ns.cloudflare.com
|
||||
theo.ns.cloudflare.com
|
||||
zoe.ns.cloudflare.com
|
||||
kevin.ns.cloudflare.com
|
||||
megan.ns.cloudflare.com
|
||||
peyton.ns.cloudflare.com
|
||||
tegan.ns.cloudflare.com
|
||||
aida.ns.cloudflare.com
|
|
@ -1,4 +1,14 @@
|
|||
const apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
|
||||
let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
|
||||
let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php';
|
||||
|
||||
fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/hi.php', {
|
||||
method: 'GET',
|
||||
mode: 'cors'
|
||||
}).then(r => r.text()).then(r => {
|
||||
if (r == 'hi') {
|
||||
apiurl = TORapiurl;
|
||||
}
|
||||
}).catch(() => {});
|
||||
|
||||
function is_infected(f) {
|
||||
return new Promise((g, b) => {
|
||||
|
@ -9,9 +19,7 @@ function is_infected(f) {
|
|||
'Content-Type': 'application/x-www-form-urlencoded'
|
||||
},
|
||||
body: 'f=' + f
|
||||
}).then(function (r) {
|
||||
return r.json();
|
||||
}).then(function (r) {
|
||||
}).then(r => r.json()).then(r => {
|
||||
if (r[0]) {
|
||||
g(r[1]);
|
||||
} else {
|
||||
|
@ -66,6 +74,4 @@ browser.storage.local.clear().then(() => {
|
|||
}, () => {});
|
||||
}
|
||||
});
|
||||
}, (e) => {
|
||||
console.log(e);
|
||||
});
|
||||
}, () => {});
|
|
@ -1,34 +1,32 @@
|
|||
if (document.body) {
|
||||
if (!['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'].includes(location.hostname)) {
|
||||
let cs = (function () {
|
||||
let s = document.createElement('style');
|
||||
document.head.appendChild(s);
|
||||
return s.sheet;
|
||||
})();
|
||||
if (cs) {
|
||||
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
|
||||
cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1);
|
||||
cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2);
|
||||
cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
|
||||
}
|
||||
let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'];
|
||||
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
|
||||
let aF = (new URL(a.href)).hostname;
|
||||
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
|
||||
asked.push(aF);
|
||||
browser.runtime.sendMessage(aF);
|
||||
}
|
||||
});
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request.length == 2) {
|
||||
if (request[1]) {
|
||||
document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
|
||||
a.dataset.mitm = 1;
|
||||
a.title = 'DANGER! DANGER! MITM!';
|
||||
});
|
||||
}
|
||||
}
|
||||
sendResponse(null);
|
||||
});
|
||||
if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
|
||||
let cs = (function () {
|
||||
let s = document.createElement('style');
|
||||
document.head.appendChild(s);
|
||||
return s.sheet;
|
||||
})();
|
||||
if (cs) {
|
||||
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
|
||||
cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1);
|
||||
cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2);
|
||||
cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
|
||||
}
|
||||
let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'];
|
||||
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
|
||||
let aF = (new URL(a.href)).hostname;
|
||||
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
|
||||
asked.push(aF);
|
||||
browser.runtime.sendMessage(aF);
|
||||
}
|
||||
});
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request.length == 2) {
|
||||
if (request[1]) {
|
||||
document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
|
||||
a.dataset.mitm = 1;
|
||||
a.title = 'DANGER! DANGER! MITM!';
|
||||
});
|
||||
}
|
||||
}
|
||||
sendResponse(null);
|
||||
});
|
||||
}
|
|
@ -2,7 +2,7 @@
|
|||
"manifest_version": 2,
|
||||
"name": "Are links vulnerable to MITM attack?",
|
||||
"description": "Scan FQDN using Searxes' API",
|
||||
"version": "1.0.3",
|
||||
"version": "1.0.4",
|
||||
"homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink",
|
||||
"author": "Maslin Bossé",
|
||||
"permissions": [
|
||||
|
|
|
@ -144,10 +144,16 @@ Let's talk about _other software's privacy_...
|
|||
|
||||
- Chrome is a [spyware](https://www.gnu.org/proprietary/malware-google.en.html).
|
||||
|
||||
- Brave Browser [whitelist Facebook/Twitter trackers](https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/).
|
||||
- SRWare Iron make too many [phones home connection](https://spyware.neocities.org/articles/iron.html). It also connect to google domains.
|
||||
|
||||
- Brave Browser [whitelist Facebook/Twitter trackers](https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/). Here's [more issues](https://spyware.neocities.org/articles/brave.html).
|
||||
|
||||
- Microsoft Edge lets Facebook [run Flash code behind users' backs](https://www.zdnet.com/article/microsoft-edge-lets-facebook-run-flash-code-behind-users-backs/).
|
||||
|
||||
- Vivaldi [does not respect your privacy](https://spyware.neocities.org/articles/vivaldi.html).
|
||||
|
||||
Therefore we recommend "Tor Browser" only. Nothing else.
|
||||
|
||||
------------
|
||||
|
||||
###### "Mozilla Firefox" user
|
||||
|
|
Loading…
Reference in New Issue