diff --git a/PEOPLE.md b/PEOPLE.md index 51baad4..12f54f7 100644 --- a/PEOPLE.md +++ b/PEOPLE.md @@ -84,6 +84,10 @@ Disqualify: ###### Forum / Wiki +"[Cloudflare Is Not An Option!](https://www.reddit.com/r/privacy/comments/bhag8s/cloudflare_is_not_an_option/)" by [FVz7Ftt83m](https://www.reddit.com/user/FVz7Ftt83m) + +"[I'm not sure if I can ELI5 this but I'll try my best to explain.](https://www.reddit.com/r/india/comments/bg3lxh/was_casually_checking_my_logs_this_is_what_is/elk77k3/)" by [Waphire](https://www.reddit.com/user/Waphire) + "[Anonym im Internet - Inhaltsverzeichnis](https://wiki.kairaven.de/open/anon/netzwerk/anet)" by [Kairaven](https://hp.kairaven.de) "[Issues with corporate censorship and mass surveillance](https://www.torproject.org/projects/tor/ticket/18361)" by [Jacob Appelbaum](https://twitter.com/ioerror) @@ -108,6 +112,20 @@ Disqualify: ###### Twitter (aka "Birdsite") +"We're about to find out if #Cloudflare keeps your #IPAddress anywhere." by @[shadesmaclean](https://twitter.com/shadesmaclean/status/1125516351966027776) + +"Cloudflare, if you don't know this; we have seriously misplaced our trust in you." by @[ADoug](https://twitter.com/ADoug/status/1125266988966739968) + +"If you truly care about your users & you are so concerned about privacy and having a decentralized Internet, then you will do what’s right" by @[larrybeck_](https://twitter.com/larrybeck_/status/1121412414115917826) + +"A lot of us VPN users don't enjoy helping google train computer vision and fingerprinting bots. Or spending 20 minutes being told we don't know what crosswalks are." by @[digiwombat](https://twitter.com/digiwombat/status/1108480942417436672) + +"We are trusting one secretive, private company with censoring the web. We’re essentially centralising a decentralised system once again." by @[steve228uk](https://twitter.com/steve228uk/status/1061949645113511939) + +"Chiming in here, of course, but Cloudflare ARE censoring people." by @[misslolahunt](https://twitter.com/misslolahunt/status/1106745032722137088) + +" I do not appreciate "Cloud flare" unilaterally censoring conservative sites I choose to visit and comment on" by @[Suchindranath](https://twitter.com/Suchindranath/status/1086253299064438784) + "Cloudflare's CEO and abuse head block me over arguing about their support of abusive websites. Trolls fear transparency." by @[dxgl_org](https://twitter.com/dxgl_org/status/1123622959124549632) "Defenders are screwed. Plus users are screwed as they lose all control of privacy to companies like cloudflare." by @[hrbrmstr](https://twitter.com/hrbrmstr/status/1121180307091271680) @@ -334,6 +352,14 @@ Disqualify: "I'm starting to think that #CloudFlare is post-irony with their non-functional or just broken captchas" by @[ioerror](https://twitter.com/ioerror/status/715168927639343109) +"Why trust Cloudflare so much? I'm very wary of them handling so much Internet traffic." by @[ampajaro](https://twitter.com/ampajaro/status/1113508899397734401) + +"You do not pay them anything. If you are not the customer, you are the product." by @[brettglass](https://twitter.com/brettglass/status/1119661919265116160) + +"I don't trust a CDN provider that much. Simple as that. It's too big of an ask. This is why I will not use cloudflare." by @[Otto42](https://twitter.com/Otto42/status/1099863930640449536) + +"There is no reason why people should trust you more than their ISP of choice." by @[pchapuis](https://twitter.com/pchapuis/status/1065601554131107840) + "It gets even better. SOLVE ALL THE CAPTCHAS" by @[metabubble](https://twitter.com/metabubble/status/715206027793338368) "CloudFlare is gathering the web and centralizes it, I don't see any good aspect in this" by @[fuolpit](https://twitter.com/fuolpit/status/715942023564550144) @@ -398,6 +424,10 @@ Disqualify: "The truth behind Google Captcha, Analytics, CloudFlare is Covert Espionage and Mass Surveillance." by @[Casey_Comendant](https://twitter.com/Casey_Comendant/status/1116417797007921152) +"#Cloudflare is always the most frustrating part of my day. #dontblocktor" by @[jbrooks_](https://twitter.com/jbrooks_/status/715185447886938112) + +"C'mon CloudFlare... I really don't feel like training your AI today" by @[trevorpaglen](https://twitter.com/trevorpaglen/status/728330578781712384) + "Tor CloudFlare Captcha #TellASadStoryin3Words" by @[YrB1rd](https://twitter.com/YrB1rd/status/834539628791209984) "CloudFlare is such trash, is there anything comparable that DOESN'T suck???" by @[radix42](https://twitter.com/radix42/status/834543824047190016) @@ -444,6 +474,12 @@ Disqualify: "So CloudFlare you block my surf because I'm behind a vpn protection?" by @[manuzful](https://twitter.com/manuzful/status/677474770867351553) +"In hindsight, I'm an idiot for not taking the decrypt/recrypt into account" by @[Firesphere](https://twitter.com/Firesphere/status/756693331762184192) + +"any dev: to see how obscene they are, imagine getting captchas going onto github, twitter, Facebook" by @[thomaskerin](https://twitter.com/thomaskerin/status/753911221091434496) + +"You send every HTTPS request from my browser to Cloudflare. They decrypt that HTTPS traffic." by @[jamesconroyfinn](https://twitter.com/jamesconroyfinn/status/811276047085957120) + "Never heard of cloudflare until network connectivity denied me" by @[1nzimande](https://twitter.com/1nzimande/status/690223994038030337) "Access denied. What have you done, the CloudFlare cyberpolice are now out to get me!" by @[nyarth](https://twitter.com/nyarth/status/287603063668228096) @@ -462,6 +498,8 @@ Disqualify: "If you're a daily Tor user like me, you should get used to contacting the services you use and ask them to #DontBlockTor" by @[yawnbox](https://twitter.com/yawnbox/status/847182068853428225) +"Uses Cloudflare as MITM, blocks torproject, uses Google Adsense and Analytics to track you. This service is bullshit lies!" by @[MacLemon](https://twitter.com/MacLemon/status/793935353568694272) + ------ ###### Mastodon diff --git a/README.md b/README.md index 86e9281..d7e6042 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,6 @@ Information * [Problem with CloudFlare](https://github.com/privacytoolsIO/privacytools.io/issues/374#issuecomment-460077544) by libBletchley * [Criticism and controversies](https://en.wikipedia.org/wiki/Cloudflare#Criticism_and_controversies) by Wikipedia * [Cloudflare's Advertisement is just wrong](https://notabug.org/themusicgod1/cloudflare-tor/issues/123) -* [Akamai said 0.2% of Tor exit nodes had malicious requests, yet CloudFlare claims 94%](https://twitter.com/musalbas/status/717316725973389313) ([mirror](https://archive.is/1HkGl)) There are more details of why what they are doing is wrong available [here](cloudflare-philosophy.md). diff --git a/addon_chrome/bcma.crx b/addon_chrome/bcma.crx new file mode 100644 index 0000000..0788498 Binary files /dev/null and b/addon_chrome/bcma.crx differ diff --git a/addon_chrome/bcma/LICENSE.txt b/addon_chrome/bcma/LICENSE.txt new file mode 100644 index 0000000..4843373 --- /dev/null +++ b/addon_chrome/bcma/LICENSE.txt @@ -0,0 +1,25 @@ +The MIT License + +Copyright (c) 2017 Project BCMA +Copyright (c) 2017 cypherpunks +Copyright (c) 2017 nullius +Copyright (c) 2018 Searxes +Copyright (c) 2018 Jeff Cliff <@jeffcliff@niu.moe> + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/addon_chrome/bcma/README.md b/addon_chrome/bcma/README.md index 945c9b4..69c5350 100644 --- a/addon_chrome/bcma/README.md +++ b/addon_chrome/bcma/README.md @@ -1 +1,5 @@ -. \ No newline at end of file +This is a source code of BCMA's "*Block Cloudflare MITM Attack*". + +PRs are welcome. + +[Download Add-on](https://notabug.org/themusicgod1/cloudflare-tor/src/master/addon_chrome/bcma.crx) \ No newline at end of file diff --git a/addon_chrome/bcma/anticloudflare.js b/addon_chrome/bcma/anticloudflare.js new file mode 100644 index 0000000..3d5f1b0 --- /dev/null +++ b/addon_chrome/bcma/anticloudflare.js @@ -0,0 +1,859 @@ +/* + "Welcome to PRISM 2.0" +*/ +var cf_flag_ok = 'icons/cf_0.png'; +var cf_flag_ng = 'icons/cf_1.png'; +var force_whitelist = ['searxes.cf', 'thunderbird.net', 'mozilla.org', 'archive.org', 'cloudflare.com', 'cloudflareapps.com', 'cloudflare-dns.com', 'cloudflarestatus.com', 'cloudflareapi.com', 'cloudflare-ipfs.com', 'cloudflare-quic.com']; +var cfdomains = []; +var known_cf_domains = []; + +fetch('bcmadata.txt', { + method: 'GET' +}).then(function (b) { + return b.text(); +}).then(function (b) { + cfdomains = b.split("\n").filter(v => v != ''); + known_cf_domains = cfdomains; +}); + +var my_cf_collection = []; +var my_cf_ignore = []; +var my_action = 2; + +function onError(e) { + console.log(`BCMA: Error:${e}`); +} + +function get_realdomain(w) { + var wa = w.split('.'); + wa.reverse(); + var wa_l = wa.length; + if (wa_l <= 2) { + return w; + } + if (wa_l >= 3) { + if (wa[0] == 'by' || wa[0] == 'ki' || wa[0] == 'na' || wa[0] == 'tm' || wa[0] == 'vc') { + if (wa[1] == 'com') { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'af' || wa[0] == 'bz' || wa[0] == 'lb' || wa[0] == 'lc' || wa[0] == 'mm' || wa[0] == 'mt' || wa[0] == 'ng' || wa[0] == 'sb' || wa[0] == 'sc' || wa[0] == 'sl') { + if (wa[1] == 'com' || wa[1] == 'edu' || wa[1] == 'gov' || wa[1] == 'net' || wa[1] == 'org') { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'org') { + if (wa[1] == 'ae') { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'gg' || wa[0] == 'je') { + if (wa[1] == 'co' || wa[1] == 'net' || wa[1] == 'org') { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'name') { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + if (wa[0] == 'ag') { + if (['com', 'net', 'org', 'co', 'nom', 'edu', 'gov'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ai') { + if (['off', 'com', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ao') { + if (['co', 'ed', 'it', 'og', 'pb'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ar') { + if (['com', 'edu', 'gov', 'gob', 'int', 'mil', 'net', 'org', 'tur'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'at') { + if (['gv', 'ac', 'co', 'or'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'au') { + if (['com', 'net', 'org', 'edu', 'gov', 'csiro', 'asn', 'id', 'act', 'nsw', 'nt', 'qld', 'sa', 'tas', 'vic', 'wa'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'az') { + if (['biz', 'com', 'edu', 'gov', 'info', 'int', 'mil', 'name', 'net', 'org', 'pp'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ba') { + if (['com', 'co', 'rs'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'bd') { + if (['com', 'edu', 'ac', 'net', 'gov', 'org', 'mil'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'bh') { + if (['com', 'info', 'cc', 'edu', 'biz', 'net', 'org', 'gov'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'bi') { + if (['ac', 'co', 'com', 'edu', 'gouv', 'gov', 'int', 'mil', 'net', 'or', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'bn') { + if (['com', 'net', 'org', 'edu'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'bo') { + if (['com', 'edu', 'gob', 'gov', 'int', 'mil', 'net', 'org', 'tv'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'br') { + if (['adm', 'adv', 'agr', 'am', 'arq', 'art', 'ato', 'bio', 'blog', 'bmd', 'cim', 'cng', 'cnt', 'com', 'coop', 'ecn', 'edu', 'eng', 'esp', 'etc', 'eti', 'far', 'flog', 'fm', 'fnd', 'fot', 'fst', 'g12', 'ggf', 'gov', 'imb', 'ind', 'inf', 'jor', 'lel', 'mat', 'med', 'mil', 'mus', 'net', 'nom', 'not', 'ntr', 'odo', 'org', 'ppg', 'pro', 'psc', 'psi', 'qsl', 'rec', 'slg', 'srv', 'tmp', 'trd', 'tur', 'tv', 'vet', 'vlog', 'wiki', 'zlg'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'bw') { + if (['org', 'ac', 'co', 'gov'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ci') { + if (['ac', 'co', 'com', 'ed', 'edu', 'go', 'int', 'net', 'or', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ck') { + if (['biz', 'co', 'edu', 'gen', 'gov', 'info', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'cn') { + if (['ac', 'ah', 'bj', 'com', 'cq', 'edu', 'fj', 'gd', 'gov', 'gs', 'gx', 'gz', 'ha', 'hb', 'he', 'hi', 'hk', 'hl', 'hn', 'jl', 'js', 'jx', 'ln', 'mil', 'mo', 'net', 'nm', 'nx', 'org', 'qh', 'sc', 'sd', 'sh', 'sn', 'sx', 'tj', 'tw', 'xj', 'xz', 'yn', 'zj'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'co') { + if (['com', 'edu', 'gov', 'mil', 'net', 'nom', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'com') { + if (['ar', 'br', 'cn', 'de', 'eu', 'gr', 'hu', 'jpn', 'kr', 'no', 'qc', 'ru', 'sa', 'se', 'uk', 'us', 'uy', 'za'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'cr') { + if (['ac', 'co', 'ed', 'fi', 'go', 'or', 'sa'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'cu') { + if (['com', 'edu', 'org', 'net', 'gov', 'inf'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'cy') { + if (['ac', 'biz', 'com', 'ekloges', 'gov', 'ltd', 'name', 'net', 'org', 'parliament', 'press', 'pro', 'tm'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'do') { + if (['art', 'com', 'edu', 'gob', 'gov', 'mil', 'net', 'org', 'sld', 'web'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'dz') { + if (['art', 'asso', 'com', 'edu', 'gov', 'net', 'org', 'pol'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ec') { + if (['com', 'info', 'net', 'fin', 'med', 'pro', 'org', 'edu', 'gob', 'gov', 'mil'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ee') { + if (['com', 'pri', 'fie', 'med', 'edu', 'lib', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'eg') { + if (['com', 'edu', 'eun', 'gov', 'mil', 'name', 'net', 'org', 'sci'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'es') { + if (['com', 'nom', 'org', 'gob', 'edu'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'et') { + if (['com', 'gov', 'org', 'edu', 'net', 'biz', 'name', 'info'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'fj') { + if (['ac', 'biz', 'com', 'info', 'mil', 'name', 'net', 'org', 'pro'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ge') { + if (['com', 'edu', 'gov', 'mil', 'net', 'org', 'pvt'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'gh') { + if (['com', 'edu', 'gov', 'org', 'mil'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'gi') { + if (['com', 'edu', 'gov', 'ltd', 'mod', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'gl') { + if (wa[1] == 'co' || wa[1] == 'com') { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'gr') { + if (['co', 'com', 'edu', 'gov', 'mil', 'mod', 'net', 'org', 'sch'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'gt') { + if (['com', 'edu', 'net', 'gob', 'org', 'mil', 'ind'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'gy') { + if (['co', 'com', 'edu', 'gov', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'hk') { + if (['com', 'edu', 'gov', 'idv', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'hn') { + if (['com', 'edu', 'gob', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'hr') { + if (wa[1] == 'com' || wa[1] == 'from') { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'hu') { + if (['2000', 'agrar', 'bolt', 'casino', 'city', 'co', 'erotica', 'erotika', 'film', 'forum', 'games', 'hotel', 'info', 'ingatlan', 'jogasz', 'konyvelo', 'lakas', 'media', 'news', 'org', 'priv', 'reklam', 'sex', 'shop', 'sport', 'suli', 'szex', 'tm', 'tozsde', 'utazas', 'video'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'id') { + if (['ac', 'co', 'go', 'mil', 'net', 'or', 'sch', 'web'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'il') { + if (['ac', 'co', 'gov', 'idf', 'k12', 'muni', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'im') { + if (['ac', 'co', 'com', 'gov', 'net', 'org', 'ro'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'in') { + if (['ac', 'co', 'edu', 'ernet', 'firm', 'gen', 'gov', 'ind', 'mil', 'net', 'org', 'res'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'it') { + if (['co', 'edu', 'gov'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'jm') { + if (['com', 'net', 'org', 'edu', 'gov', 'mil'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'jo') { + if (['com', 'edu', 'gov', 'mil', 'name', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'jp') { + if (['ac', 'ad', 'co', 'ed', 'go', 'gr', 'lg', 'ne', 'or'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ke') { + if (['ac', 'co', 'go', 'ne', 'or', 'sc'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'kg') { + if (['com', 'edu', 'gov', 'mil', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'kh') { + if (['com', 'edu', 'gov', 'mil', 'net', 'org', 'per'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'kr') { + if (['ac', 'busan', 'chungbuk', 'chungnam', 'co', 'daegu', 'daejeon', 'es', 'gangwon', 'go', 'gwangju', 'gyeongbuk', 'gyeonggi', 'gyeongnam', 'hs', 'incheon', 'jeju', 'jeonbuk', 'jeonnam', 'kg', 'mil', 'ms', 'ne', 'or', 'pe', 're', 'sc', 'seoul', 'ulsan'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'kw') { + if (['edu', 'com', 'net', 'org', 'gov'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'kz') { + if (['com', 'edu', 'gov', 'mil', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'lk') { + if (['assn', 'com', 'edu', 'gov', 'grp', 'hotel', 'int', 'ltd', 'net', 'ngo', 'org', 'sch', 'soc', 'web'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ls') { + if (['ac', 'co', 'gov', 'net', 'nul', 'org', 'parliament', 'quadrant'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'lv') { + if (['asn', 'com', 'conf', 'edu', 'gov', 'id', 'mil', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ly') { + if (['com', 'edu', 'gov', 'id', 'med', 'net', 'org', 'plc', 'sch'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ma') { + if (['ac', 'co', 'gov', 'net', 'org', 'press'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'mk') { + if (['com', 'edu', 'gov', 'inf', 'name', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'mu') { + if (['ac', 'co', 'com', 'gov', 'net', 'or', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'mx') { + if (['com', 'edu', 'gob', 'net', 'ngo', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'my') { + if (['com', 'edu', 'gov', 'mil', 'name', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'mz') { + if (['co', 'net', 'org', 'ac', 'gov', 'edu'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'net') { + if (['gb', 'se', 'uk', 'jp'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'nf') { + if (['com', 'net', 'arts', 'store', 'web', 'firm', 'info', 'other', 'per', 'rec'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ni') { + if (['gob', 'co', 'com', 'ac', 'edu', 'org', 'nom', 'net', 'mil'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'np') { + if (['aero', 'asia', 'biz', 'com', 'coop', 'edu', 'gov', 'info', 'jobs', 'mil', 'mobi', 'museum', 'name', 'net', 'org', 'pro', 'travel'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'nr') { + if (['biz', 'com', 'edu', 'gov', 'info', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'nz') { + if (['ac', 'co', 'cri', 'geek', 'gen', 'govt', 'health', 'iwi', 'maori', 'mil', 'net', 'org', 'parliament', 'school'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'om') { + if (['co', 'com', 'edu', 'gov', 'med', 'museum', 'net', 'org', 'pro'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'pa') { + if (['abo', 'ac', 'com', 'edu', 'gob', 'ing', 'med', 'net', 'nom', 'org', 'sld'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'pe') { + if (['com', 'edu', 'gob', 'mil', 'net', 'nom', 'org', 'sld'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'pg') { + if (['com', 'net', 'ac', 'gov', 'mil', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ph') { + if (['com', 'edu', 'gov', 'mil', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'pk') { + if (['biz', 'com', 'edu', 'fam', 'gob', 'gok', 'gon', 'gop', 'gos', 'gov', 'net', 'org', 'web'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'pl') { + if (['art', 'bialystok', 'biz', 'com', 'edu', 'gda', 'gdansk', 'gov', 'info', 'katowice', 'krakow', 'lodz', 'lublin', 'mil', 'net', 'ngo', 'olsztyn', 'org', 'poznan', 'radom', 'slupsk', 'szczecin', 'torun', 'warszawa', 'waw', 'wroc', 'wroclaw', 'zgora'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'pn') { + if (['in', 'co', 'eu', 'org', 'net', 'me'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'pr') { + if (['ac', 'biz', 'com', 'edu', 'est', 'gov', 'info', 'isla', 'name', 'net', 'org', 'pro', 'prof'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'pt') { + if (['com', 'edu', 'gov', 'int', 'net', 'nome', 'org', 'publ'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'py') { + if (['com', 'coop', 'edu', 'mil', 'gov', 'org', 'net', 'una'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'qa') { + if (['com', 'edu', 'sch', 'gov', 'mil', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ru') { + if (['ac', 'adygeya', 'altai', 'amur', 'amursk', 'arkhangelsk', 'astrakhan', 'baikal', 'bashkiria', 'belgorod', 'bir', 'bryansk', 'buryatia', 'cap', 'cbg', 'chel', 'chelyabinsk', 'chita', 'chukotka', 'cmw', 'com', 'dagestan', 'e-burg', 'edu', 'fareast', 'gov', 'grozny', 'int', 'irkutsk', 'ivanovo', 'izhevsk', 'jamal', 'jar', 'joshkar-ola', 'k-uralsk', 'kalmykia', 'kaluga', 'kamchatka', 'karelia', 'kazan', 'kchr', 'kemerovo', 'khabarovsk', 'khakassia', 'khv', 'kirov', 'kms', 'koenig', 'komi', 'kostroma', 'krasnoyarsk', 'kuban', 'kurgan', 'kursk', 'kustanai', 'kuzbass', 'lipetsk', 'magadan', 'magnitka', 'mari', 'mari-el', 'marine', 'mil', 'mordovia', 'mos', 'mosreg', 'msk', 'murmansk', 'mytis', 'nakhodka', 'nalchik', 'net', 'nkz', 'nnov', 'norilsk', 'nov', 'novosibirsk', 'nsk', 'omsk', 'orenburg', 'org', 'oryol', 'oskol', 'palana', 'penza', 'perm', 'pp', 'pskov', 'ptz', 'pyatigorsk', 'rnd', 'rubtsovsk', 'ryazan', 'sakhalin', 'samara', 'saratov', 'simbirsk', 'smolensk', 'snz', 'spb', 'stavropol', 'stv', 'surgut', 'syzran', 'tambov', 'tatarstan', 'test', 'tlt', 'tom', 'tomsk', 'tsaritsyn', 'tsk', 'tula', 'tuva', 'tver', 'tyumen', 'udm', 'udmurtia', 'ulan-ude', 'vdonsk', 'vladikavkaz', 'vladimir', 'vladivostok', 'volgograd', 'vologda', 'voronezh', 'vrn', 'vyatka', 'yakutia', 'yamal', 'yaroslavl', 'yekaterinburg', 'yuzhno-sakhalinsk', 'zgrad'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'sa') { + if (['com', 'edu', 'gov', 'med', 'net', 'org', 'pub', 'sch'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'se') { + if (['a', 'ac', 'b', 'bd', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'k', 'l', 'm', 'n', 'o', 'org', 'p', 'parti', 'pp', 'press', 'r', 's', 't', 'tm', 'u', 'w', 'x', 'y', 'z'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'sg') { + if (['com', 'edu', 'gov', 'idn', 'net', 'org', 'per'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'sv') { + if (['edu', 'gov', 'com', 'org', 'red'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'th') { + if (['ac', 'co', 'go', 'in', 'mi', 'net', 'or'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'tj') { + if (['ac', 'aero', 'biz', 'co', 'com', 'coop', 'dyn', 'edu', 'go', 'gov', 'info', 'int', 'mil', 'museum', 'my', 'name', 'net', 'nic', 'org', 'per', 'pro', 'test', 'web'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'tn') { + if (['agrinet', 'com', 'defense', 'edunet', 'ens', 'fin', 'gov', 'ind', 'info', 'intl', 'mincom', 'nat', 'net', 'org', 'perso', 'rnrt', 'rns', 'rnu', 'tourism'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'tr') { + if (['av', 'bbs', 'bel', 'biz', 'com', 'dr', 'edu', 'gen', 'gov', 'info', 'k12', 'mil', 'name', 'nc', 'net', 'org', 'pol', 'tel', 'tv', 'web'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'tw') { + if (['club', 'com', 'ebiz', 'edu', 'game', 'gov', 'idv', 'mil', 'net', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'tz') { + if (['co', 'ac', 'go', 'or', 'mil', 'sc', 'ne', 'hotel', 'mobi', 'tv', 'info', 'me'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ua') { + if (['at', 'cherkassy', 'chernigov', 'chernovtsy', 'ck', 'cn', 'co', 'com', 'crimea', 'cv', 'dn', 'dnepropetrovsk', 'donetsk', 'dp', 'edu', 'gov', 'if', 'in', 'ivano-frankivsk', 'kh', 'kharkov', 'kherson', 'khmelnitskiy', 'kiev', 'kirovograd', 'km', 'kr', 'ks', 'lg', 'lt', 'lugansk', 'lutsk', 'lviv', 'mk', 'net', 'nikolaev', 'od', 'odessa', 'org', 'pl', 'poltava', 'pp', 'rovno', 'rv', 'sebastopol', 'sumy', 'te', 'ternopil', 'uz', 'uzhgorod', 'vinnica', 'vn', 'yalta', 'zaporizhzhe', 'zhitomir', 'zp', 'zt'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ug') { + if (['co', 'ac', 'sc', 'go', 'ne', 'or'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'uk') { + if (['ac', 'bl', 'british-library', 'co', 'gov', 'jcpc', 'jet', 'judiciary', 'ltd', 'me', 'mod', 'net', 'nhs', 'nic', 'nls', 'org', 'parliament', 'plc', 'police', 'sch', 'supremecourt'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'uy') { + if (['com', 'edu', 'gub', 'net', 'mil', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'uz') { + if (['co', 'com', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 've') { + if (['arts', 'co', 'com', 'edu', 'gob', 'gov', 'info', 'int', 'mil', 'net', 'org', 'radio', 'tec', 'web'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'vi') { + if (['co', 'org', 'com', 'net', 'k12'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'vn') { + if (['ac', 'biz', 'com', 'edu', 'gov', 'health', 'info', 'int', 'mil', 'name', 'net', 'org', 'pro'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'ws') { + if (['org', 'gov', 'edu', 'com'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'za') { + if (['ac', 'agric', 'alt', 'bourse', 'city', 'co', 'cybernet', 'db', 'edu', 'gov', 'grondar', 'iaccess', 'imt', 'inca', 'landesign', 'law', 'mil', 'ngo', 'nis', 'nom', 'olivetti', 'org', 'pix', 'school', 'tm', 'web'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'zm') { + if (['ac', 'co', 'com', 'edu', 'gov', 'net', 'org', 'sch'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa[0] == 'zw') { + if (['co', 'ac', 'org'].includes(wa[1])) { + return wa[2] + "." + wa[1] + "." + wa[0]; + } + } + if (wa_l == 4) { + if (/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/.test(w)) { + return w; + } + } + } + return wa[1] + "." + wa[0]; +} + +function update_icon(tid, url) { + if (url == undefined) { + return; + } + var _nu = new URL(url); + var cf_hostname = _nu.hostname; + if ((_nu.protocol != 'http:' && _nu.protocol != 'https:') || cf_hostname.length < 1) { + chrome.browserAction.setIcon({ + tabId: tid, + path: cf_flag_ok + }); + return; + } + cf_hostname = get_realdomain(cf_hostname); + if (my_cf_ignore.includes(cf_hostname) || force_whitelist.includes(cf_hostname)) { + chrome.browserAction.setIcon({ + tabId: tid, + path: cf_flag_ok + }); + return; + } + if (known_cf_domains.includes(cf_hostname) || my_cf_collection.includes(cf_hostname)) { + if (my_action == 3) { + chrome.tabs.executeScript(tid, { + matchAboutBlank: true, + runAt: 'document_end', + code: "if (location.hostname=='%%CFHOST%%'||location.hostname.endsWith('.%%CFHOST%%')){if (!document.title.startsWith('[!!MITM!!]') && (typeof _bcma_bdr)=='undefined'){document.title='[!!MITM!!]'+document.title;function _bcma_bdr(){document.body.style = 'border:4px dashed #' + ['e74c3c', '9b59b6', '3498db', '17a589', '196f3d', 'f4d03f', 'f39c12', 'd35400'][Math.floor(Math.random() * 8)] + ' !important';setTimeout(_bcma_bdr,4860);};_bcma_bdr();}}".replace('%%CFHOST%%', cf_hostname).replace('%%CFHOST%%', cf_hostname) + }); + chrome.tabs.executeScript(tid, { + matchAboutBlank: true, + runAt: 'document_idle', + code: "if (location.hostname=='%%CFHOST%%'||location.hostname.endsWith('.%%CFHOST%%')){if (!document.title.startsWith('[!!MITM!!]') && (typeof _bcma_bdr)=='undefined'){document.title='[!!MITM!!]'+document.title;function _bcma_bdr(){document.body.style = 'border:4px dashed #' + ['e74c3c', '9b59b6', '3498db', '17a589', '196f3d', 'f4d03f', 'f39c12', 'd35400'][Math.floor(Math.random() * 8)] + ' !important';setTimeout(_bcma_bdr,4860);};_bcma_bdr();}}".replace('%%CFHOST%%', cf_hostname).replace('%%CFHOST%%', cf_hostname) + }); + } + chrome.browserAction.setIcon({ + tabId: tid, + path: cf_flag_ng + }); + return; + } + chrome.browserAction.setIcon({ + tabId: tid, + path: cf_flag_ok + }); + return; +} + +chrome.webRequest.onHeadersReceived.addListener(function (wr) { + if (wr.type != 'main_frame' && my_action == 2) { + return; + } + var _a = document.createElement('a'); + _a.setAttribute('href', wr.url); + var wr_protocol = _a.protocol; + var wr_hostname = _a.hostname; + _a = null; + if ((wr_protocol != 'http:' && wr_protocol != 'https:') || wr_hostname.length < 4) { + return; + } + wr_hostname = get_realdomain(wr_hostname); + if (my_action == 1) { + if (wr.type == 'main_frame') { + return; + } + if (wr.documentUrl) { + var _b = document.createElement('a'); + _b.setAttribute('href', wr.documentUrl); + if (wr_hostname == get_realdomain(_b.hostname)) { + return; + } + _b = null; + } + } + if (my_cf_ignore.includes(wr_hostname)) { + return; + } + if (force_whitelist.includes(wr_hostname)) { + return; + } + var cf_is = (known_cf_domains.includes(wr_hostname) || my_cf_collection.includes(wr_hostname)) ? true : false; + if (!cf_is) { + var cf_headers = wr.responseHeaders, + cf_v_name, cf_v_value; + for (var i = 0; i < cf_headers.length; i++) { + cf_v_name = cf_headers[i]['name'].toLowerCase(); + cf_v_value = (cf_headers[i]['value'] != undefined) ? cf_headers[i]['value'].toLowerCase() : ''; + if (cf_v_name == 'server' && cf_v_value.includes('cloudflare')) { + cf_is = true; + break; + } + if (cf_v_name == 'cf-ray' || cf_v_name == 'cf-cache-status' || cf_v_name == 'cf-chl-bypass') { + cf_is = true; + break; + } + if (cf_v_name == 'set-cookie' && cf_v_value.includes('_cfduid')) { + cf_is = true; + break; + } + } + } + if (cf_is) { + if (my_cf_collection.length > 500) { + my_cf_collection.shift(); + } + if (!my_cf_collection.includes(wr_hostname)) { + my_cf_collection.push(wr_hostname); + } + console.log('BCMA: Block Cloudflare RH', wr_hostname); + if (my_action == 0 || my_action == 1) { + if (wr.type == 'image') { + return { + redirectUrl: 'data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQBCgAAACwAAAAAAQABAAACAkQBADs=' + }; + } else { + return { + cancel: true + }; + } + } + if (my_action == 2) { + return { + redirectUrl: 'https://web.archive.org/web/' + wr.url.split('?')[0] + }; + } + } + return; +}, { + urls: ["http://*/*", "https://*/*"] +}, ["blocking", "responseHeaders"]); + +chrome.webRequest.onBeforeRequest.addListener(function (wr) { + if (wr.type != 'main_frame' && my_action == 2) { + return; + } + var _a = document.createElement('a'); + _a.setAttribute('href', wr.url); + var wr_protocol = _a.protocol; + var wr_hostname = _a.hostname; + _a = null; + if ((wr_protocol != 'http:' && wr_protocol != 'https:') || wr_hostname.length < 4) { + return; + } + wr_hostname = get_realdomain(wr_hostname); + if (my_action == 1) { + if (wr.type == 'main_frame') { + return; + } + if (wr.documentUrl) { + var _b = document.createElement('a'); + _b.setAttribute('href', wr.documentUrl); + if (wr_hostname == get_realdomain(_b.hostname)) { + return; + } + _b = null; + } + } + if (my_cf_ignore.includes(wr_hostname)) { + return; + } + if (force_whitelist.includes(wr_hostname)) { + return; + } + var cf_is = (known_cf_domains.includes(wr_hostname) || my_cf_collection.includes(wr_hostname)) ? true : false; + if (cf_is) { + console.log('BCMA: Block Cloudflare BR', wr_hostname); + if (my_action == 0 || my_action == 1) { + if (wr.type == 'image') { + return { + redirectUrl: 'data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQBCgAAACwAAAAAAQABAAACAkQBADs=' + }; + } else { + return { + cancel: true + }; + } + } + if (my_action == 2) { + return { + redirectUrl: 'https://web.archive.org/web/' + wr.url.split('?')[0] + }; + } + } + return; +}, { + urls: ["http://*/*", "https://*/*"] +}, ["blocking"]); + +chrome.runtime.onMessage.addListener(function (a, b, c) { + if (a[0] == 'cf') { + c(['ok', JSON.stringify(my_cf_collection), JSON.stringify(my_cf_ignore), (known_cf_domains.length == 0) ? false : true, my_action]); + } + if (a[0] == 'erosman') { + my_cf_collection = []; + c(['destroy']); + } + if (a[0] == 'bi') { + if (a[1] == 'y') { + known_cf_domains = cfdomains; + } else { + known_cf_domains = []; + } + c(['ok']); + } + if (a[0] == 'ta') { + if (a[1] == '0') { + my_action = 0; + } + if (a[1] == '1') { + my_action = 1; + } + if (a[1] == '2') { + my_action = 2; + } + if (a[1] == '3') { + my_action = 3; + } + c(['ok']); + } + if (a[0] == 'ig') { + my_cf_ignore = a[1].sort().filter(v => v != ''); + c(['ok']); + } + return true; +}); + +chrome.tabs.onActivated.addListener(function (i) { + chrome.tabs.query({ + active: true, + currentWindow: true + }, function (t) { + if (t[0]){update_icon(t[0].id, t[0].url);} + }); +}); +chrome.tabs.onUpdated.addListener(function (a, b, t) { + if (t.active) { + update_icon(t.id, t.url); + } +}); +chrome.webNavigation.onDOMContentLoaded.addListener(function (d1, d2, d3) { + chrome.tabs.query({ + active: true, + currentWindow: true + }, function (t) { + update_icon(t[0].id, t[0].url); + }); +}); +chrome.webNavigation.onCompleted.addListener(function (d1, d2, d3) { + chrome.tabs.query({ + active: true, + currentWindow: true + }, function (t) { + update_icon(t[0].id, t[0].url); + }); +}); + +chrome.browserAction.onClicked.addListener(function (t) { + chrome.runtime.openOptionsPage(); +}); \ No newline at end of file diff --git a/addon_chrome/bcma/icons/cf_0.png b/addon_chrome/bcma/icons/cf_0.png new file mode 100644 index 0000000..541b89a Binary files /dev/null and b/addon_chrome/bcma/icons/cf_0.png differ diff --git a/addon_chrome/bcma/icons/cf_1.png b/addon_chrome/bcma/icons/cf_1.png new file mode 100644 index 0000000..a517670 Binary files /dev/null and b/addon_chrome/bcma/icons/cf_1.png differ diff --git a/addon_chrome/bcma/icons/icon-32.png b/addon_chrome/bcma/icons/icon-32.png new file mode 100644 index 0000000..f525f76 Binary files /dev/null and b/addon_chrome/bcma/icons/icon-32.png differ diff --git a/addon_chrome/bcma/icons/icon-48.png b/addon_chrome/bcma/icons/icon-48.png new file mode 100644 index 0000000..9bee2aa Binary files /dev/null and b/addon_chrome/bcma/icons/icon-48.png differ diff --git a/addon_chrome/bcma/icons/icon-64.png b/addon_chrome/bcma/icons/icon-64.png new file mode 100644 index 0000000..dd2958e Binary files /dev/null and b/addon_chrome/bcma/icons/icon-64.png differ diff --git a/addon_chrome/bcma/manifest.json b/addon_chrome/bcma/manifest.json new file mode 100644 index 0000000..7fafea9 --- /dev/null +++ b/addon_chrome/bcma/manifest.json @@ -0,0 +1,36 @@ +{ + "manifest_version": 2, + "name": "Block Cloudflare MITM Attack", + "description": "Submit to global surveillance or resist. The choice is yours.", + "version": "1.0.1905.1", + "minimum_chrome_version": "60", + "author": "Project BCMA", + "homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor", + "incognito": "split", + "permissions": [ + "", + "activeTab", + "tabs", + "webRequest", + "webRequestBlocking", + "webNavigation" + ], + "icons": { + "32": "icons/icon-32.png", + "48": "icons/icon-48.png", + "64": "icons/icon-64.png" + }, + "background": { + "scripts": [ + "anticloudflare.js" + ] + }, + "options_ui": { + "page": "mydata.html" + }, + "browser_action": { + "default_icon": { + "32": "icons/cf_0.png" + } + } +} \ No newline at end of file diff --git a/addon_chrome/bcma/mydata.html b/addon_chrome/bcma/mydata.html new file mode 100644 index 0000000..1894e2b --- /dev/null +++ b/addon_chrome/bcma/mydata.html @@ -0,0 +1,35 @@ + + + + + + + Temporary configurations +
+ ☞ Built-in Cloudflare list (.com only) (powered by Searxes)
+ (Default)
+
+
+ ♞ Take Action
+
+
+ (Default)
+
+
+ ✍ Your Cloudflare Domain collection (Last 500)
+ (please share with cloudflare-tor@notabug)
+ +
+ +    +
+
+ ✍ Your Cloudflare Ignore list (NOT RECOMMEND!)
+ +
+ +
+ "Welcome to PRISM 2.0" + + + diff --git a/addon_chrome/bcma/mydata.js b/addon_chrome/bcma/mydata.js new file mode 100644 index 0000000..0d5a8aa --- /dev/null +++ b/addon_chrome/bcma/mydata.js @@ -0,0 +1,88 @@ +document.addEventListener('DOMContentLoaded', function () { + chrome.runtime.sendMessage(['cf'], function (r) { + if (r[0] == 'ok') { + document.getElementById('t').value = JSON.parse(r[1]).join("\n"); + document.getElementById('g').value = JSON.parse(r[2]).join("\n"); + if (r[3]) { + document.getElementById('bi0').checked = true; + document.getElementById('bi1').checked = false; + } else { + document.getElementById('bi0').checked = false; + document.getElementById('bi1').checked = true; + } + switch (r[4]) { + case 1: + document.getElementById('ta0').checked = false; + document.getElementById('ta1').checked = true; + document.getElementById('ta2').checked = false; + document.getElementById('ta3').checked = false; + break; + case 2: + document.getElementById('ta0').checked = false; + document.getElementById('ta1').checked = false; + document.getElementById('ta2').checked = true; + document.getElementById('ta3').checked = false; + break; + case 3: + document.getElementById('ta0').checked = false; + document.getElementById('ta1').checked = false; + document.getElementById('ta2').checked = false; + document.getElementById('ta3').checked = true; + break; + default: + document.getElementById('ta0').checked = false; + document.getElementById('ta1').checked = false; + document.getElementById('ta2').checked = true; + document.getElementById('ta3').checked = false; + break; + } + document.body.style.display = 'block'; + document.addEventListener('contextmenu', function (z) { + if (z.target.tagName != 'TEXTAREA') { + z.preventDefault(); + } + }); + } + }); +}); + +document.getElementById('exp').style.display = 'none'; + +document.getElementById('clr').addEventListener('click', function () { + chrome.runtime.sendMessage(['erosman'], function (r) { + document.getElementById('t').value = ''; + }); +}); +document.getElementById('bi0').addEventListener('click', function () { + if (this.checked) { + chrome.runtime.sendMessage(['bi', 'y']); + } +}); +document.getElementById('bi1').addEventListener('click', function () { + if (this.checked) { + chrome.runtime.sendMessage(['bi', 'n']); + } +}); +document.getElementById('ta0').addEventListener('click', function () { + if (this.checked) { + chrome.runtime.sendMessage(['ta', '0']); + } +}); +document.getElementById('ta1').addEventListener('click', function () { + if (this.checked) { + chrome.runtime.sendMessage(['ta', '1']); + } +}); +document.getElementById('ta2').addEventListener('click', function () { + if (this.checked) { + chrome.runtime.sendMessage(['ta', '2']); + } +}); +document.getElementById('ta3').addEventListener('click', function () { + if (this.checked) { + chrome.runtime.sendMessage(['ta', '3']); + } +}); +document.getElementById('ign').addEventListener('click', function () { + chrome.runtime.sendMessage(['ig', document.getElementById('g').value.split("\n")]); +}); \ No newline at end of file diff --git a/addon_chrome/bcma/style.css b/addon_chrome/bcma/style.css new file mode 100644 index 0000000..31782bd --- /dev/null +++ b/addon_chrome/bcma/style.css @@ -0,0 +1,52 @@ +*::-moz-focus-inner { + border: 0 +} + +*:focus { + outline: none; + outline-style: none +} + +button { + background-color: transparent; + background-repeat: no-repeat; + border: 0; + overflow: hidden; + outline: none; + outline-style: none +} + +body { + font: 13px Verdana; + overflow-x: hidden; + -webkit-user-select: none; + -moz-user-select: none; + cursor: default +} + +button { + display: inline-block; + height: 27px +} + +div { + -webkit-user-select: none; + -moz-user-select: none +} + +hr { + color: #dcdcdc; + height: 0; + background: #dcdcdc +} + +label { + -webkit-user-select: none; + -moz-user-select: none +} + +textarea { + white-space: pre; + overflow-wrap: normal; + overflow-x: scroll +} diff --git a/addon_chrome/ismitmlink/LICENSE.txt b/addon_chrome/ismitmlink/LICENSE.txt new file mode 100644 index 0000000..8178a56 --- /dev/null +++ b/addon_chrome/ismitmlink/LICENSE.txt @@ -0,0 +1,21 @@ +The MIT License + +Copyright (c) 2019 Maslin Bossé + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/addon_chrome/ismitmlink/README.md b/addon_chrome/ismitmlink/README.md index 945c9b4..72eb9e8 100644 --- a/addon_chrome/ismitmlink/README.md +++ b/addon_chrome/ismitmlink/README.md @@ -1 +1,5 @@ -. \ No newline at end of file +This is a source code of Maslin Bossé's "Are links vulnerable to MITM?". + +PRs are welcome. + +[Download Add-on](https://notabug.org/themusicgod1/cloudflare-tor/src/master/addon_chrome/vulnlink.crx) \ No newline at end of file diff --git a/addon_chrome/ismitmlink/bg.js b/addon_chrome/ismitmlink/bg.js new file mode 100644 index 0000000..6794132 --- /dev/null +++ b/addon_chrome/ismitmlink/bg.js @@ -0,0 +1,83 @@ +let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php'; +let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php'; + +fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ok', { + method: 'GET', + mode: 'cors' +}).then(r => r.text()).then(r => { + if (r == 'ok') { + apiurl = TORapiurl; + } +}).catch(() => {}); + +function is_infected(f) { + console.log(f); + return new Promise((g, b) => { + fetch(apiurl, { + method: 'POST', + mode: 'cors', + headers: { + 'Content-Type': 'application/x-www-form-urlencoded' + }, + body: 'f=' + f + }).then(r => r.json()).then(r => { + if (r[0]) { + g(r[1]); + } else { + b(); + } + }).catch(b); + }); +} + +function i_already_know_you(f) { + if (!/^([a-z0-9_.-]{1,255})\.([a-z]{2,80})$/.test(f)) { + return false; + } + return new Promise((g, b) => { + chrome.storage.local.get(f, (ff) => { + if (ff[f]) { + if (ff[f] == 'y') { + g(1); + } else { + g(-1); + } + } else { + g(0); + } + }); + }); +} + +function i_remember_you(f, t) { + chrome.storage.local.set({ + [f]: ((t) ? 'y' : 'n') + }); +} + +function clear_cache_week() { + chrome.storage.local.clear(); + setTimeout(function () { + clear_cache(); + }, 604800000); +} + +clear_cache_week(); + +chrome.runtime.onMessage.addListener((request, sender, sendResponse) => { + if (request) { + i_already_know_you(request).then((r) => { + if (r == 1 || r == -1) { + chrome.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]); + } + if (r == 0) { + is_infected(request).then((a) => { + i_remember_you(request, a); + chrome.tabs.sendMessage(sender.tab.id, [request, a]); + }, () => { + chrome.tabs.sendMessage(sender.tab.id, [request, false]); + }); + } + }, () => {}); + } +}); \ No newline at end of file diff --git a/addon_chrome/ismitmlink/cs.js b/addon_chrome/ismitmlink/cs.js new file mode 100644 index 0000000..6cf36f3 --- /dev/null +++ b/addon_chrome/ismitmlink/cs.js @@ -0,0 +1,32 @@ +if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) { + let cs = (function () { + let s = document.createElement('style'); + document.head.appendChild(s); + return s.sheet; + })(); + if (cs) { + cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0); + cs.insertRule("a[data-mitm]::before{content:'[\\26A0]';font-weight:bold !important;color:red !important;display:inline-block !important}", 1); + cs.insertRule("a[data-mitm]:hover::before{content:'[\\26A1]'}", 2); + cs.insertRule("a[data-mitm]:hover{color:red !important}", 3); + } + let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org']; + document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => { + let aF = (new URL(a.href)).hostname; + if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) { + asked.push(aF); + chrome.runtime.sendMessage(aF); + } + }); + chrome.runtime.onMessage.addListener((request, sender, sendResponse) => { + if (request.length == 2) { + if (request[1]) { + document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => { + a.dataset.mitm = 1; + a.title = 'DANGER! DANGER! MITM!'; + }); + } + } + sendResponse(null); + }); +} \ No newline at end of file diff --git a/addon_chrome/ismitmlink/icons/32.png b/addon_chrome/ismitmlink/icons/32.png new file mode 100644 index 0000000..c39e88b Binary files /dev/null and b/addon_chrome/ismitmlink/icons/32.png differ diff --git a/addon_chrome/ismitmlink/manifest.json b/addon_chrome/ismitmlink/manifest.json new file mode 100644 index 0000000..2fccb1a --- /dev/null +++ b/addon_chrome/ismitmlink/manifest.json @@ -0,0 +1,33 @@ +{ + "manifest_version": 2, + "name": "Are links vulnerable to MITM attack?", + "version": "1.0.5", + "minimum_chrome_version": "60", + "homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor", + "author": "Maslin Bossé", + "incognito": "split", + "permissions": [ + "storage", + "unlimitedStorage" + ], + "icons": { + "32": "icons/32.png" + }, + "background": { + "scripts": [ + "bg.js" + ] + }, + "content_scripts": [ + { + "matches": [ + "http://*/*", + "https://*/*" + ], + "js": [ + "cs.js" + ], + "run_at": "document_end" + } + ] +} \ No newline at end of file diff --git a/addon_chrome/vulnlink.crx b/addon_chrome/vulnlink.crx new file mode 100644 index 0000000..4f1bf01 Binary files /dev/null and b/addon_chrome/vulnlink.crx differ diff --git a/addon_firefox/ismitmlink/bg.js b/addon_firefox/ismitmlink/bg.js index 6a2a939..61ad238 100644 --- a/addon_firefox/ismitmlink/bg.js +++ b/addon_firefox/ismitmlink/bg.js @@ -1,11 +1,11 @@ let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php'; let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php'; -fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/hi.php', { +fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ok', { method: 'GET', mode: 'cors' }).then(r => r.text()).then(r => { - if (r == 'hi') { + if (r == 'ok') { apiurl = TORapiurl; } }).catch(() => {}); @@ -56,22 +56,29 @@ function i_remember_you(f, t) { }); } -browser.storage.local.clear().then(() => { - browser.runtime.onMessage.addListener((request, sender, sendResponse) => { - if (request && sender) { - i_already_know_you(request).then((r) => { - if (r == 1 || r == -1) { - browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]); - } - if (r == 0) { - is_infected(request).then((a) => { - i_remember_you(request, a); - browser.tabs.sendMessage(sender.tab.id, [request, a]); - }, () => { - browser.tabs.sendMessage(sender.tab.id, [request, false]); - }); - } - }, () => {}); - } - }); -}, () => {}); \ No newline at end of file +function clear_cache_week() { + browser.storage.local.clear(); + setTimeout(function () { + clear_cache_week(); + }, 604800000); +} + +clear_cache_week(); + +browser.runtime.onMessage.addListener((request, sender, sendResponse) => { + if (request && sender) { + i_already_know_you(request).then((r) => { + if (r == 1 || r == -1) { + browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]); + } + if (r == 0) { + is_infected(request).then((a) => { + i_remember_you(request, a); + browser.tabs.sendMessage(sender.tab.id, [request, a]); + }, () => { + browser.tabs.sendMessage(sender.tab.id, [request, false]); + }); + } + }, () => {}); + } +}); diff --git a/addon_firefox/ismitmlink/cs.js b/addon_firefox/ismitmlink/cs.js index 1361a66..fdc2fe0 100644 --- a/addon_firefox/ismitmlink/cs.js +++ b/addon_firefox/ismitmlink/cs.js @@ -6,8 +6,8 @@ if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5c })(); if (cs) { cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0); - cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1); - cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2); + cs.insertRule("a[data-mitm]::before{content:'[\\26A0]';font-weight:bold !important;color:red !important;display:inline-block !important}", 1); + cs.insertRule("a[data-mitm]:hover::before{content:'[\\26A1]'}", 2); cs.insertRule("a[data-mitm]:hover{color:red !important}", 3); } let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org']; diff --git a/addon_firefox/ismitmlink/manifest.json b/addon_firefox/ismitmlink/manifest.json index f064778..5b4b791 100644 --- a/addon_firefox/ismitmlink/manifest.json +++ b/addon_firefox/ismitmlink/manifest.json @@ -2,8 +2,8 @@ "manifest_version": 2, "name": "Are links vulnerable to MITM attack?", "description": "Scan FQDN using Searxes' API", - "version": "1.0.4", - "homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink", + "version": "1.0.5", + "homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor", "author": "Maslin Bossé", "permissions": [ "storage", diff --git a/instructions.md b/instructions.md index 690ffad..b85b310 100644 --- a/instructions.md +++ b/instructions.md @@ -3,10 +3,19 @@ ## Website is using Cloudflare +Cloudflare users: + | List name | Description | | -------- | -------- | | /split/cloudflare(X).txt | Split files (base domain) | | ex_cloudflare_users.txt | Domains which used Cloudflare in the past, not anymore | +| cloudflare_addedbyfqdn.txt | Historical data (e.g. example.com was added because xyz.example.com is cloudflared | + + +Cloudflare Corporation: + +| List name | Description | +| -------- | -------- | | cloudflare_CIDR_v4.txt | IPv4 CIDR owned by Cloudflare | | cloudflare_CIDR_v6.txt | IPv6 CIDR owned by Cloudflare | | cloudflare_range_v4.txt | IPv4 range owned by Cloudflare | @@ -67,7 +76,7 @@ IMPORTANT: Please add only "Base Domain" Type B: Just search about it on Searxes -Search the domain on Searxes, and it'll appear as "[MITM!] link name". +Use "[Is MITM?](https://searxes.danwin1210.me/collab/sxes/tool_ismitm.php)" webpage. 3) If the website *no longer using Cloudflare*, *remove* it from /split/ list and *add* to "[ex_cloudflare_users.txt](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ex_cloudflare_users.txt)". @@ -80,6 +89,7 @@ Search the domain on Searxes, and it'll appear as "[MITM!] link name". | List name | Description | | -------- | -------- | | list_error403.txt | Returns HTTP Error 403 (Forbidden) | +| list_error462.txt | Returns HTTP Error 462 | | list_customerror.txt | Returns custom error message (not HTTP 403) | | list_other.txt | any other form of tor-hostility or mistreatment | | list_siteground.txt | siteground.com is a Tor-hostile hosting service that indiscriminately DoSes all Tor users with the collective judgement: "our system thinks you might be a robot!" Sometimes the site functions, and sometimes it times out, but the robot accusation is very common. | @@ -106,4 +116,4 @@ Add them to [/not_cloudflare/](not_cloudflare/) (formerly "*TorBlocker Hall of S This is a collection of websites that ban Tor exits, other than through Cloudflare(e.g. showing access denied pages, systematic timing out connections, ...). -[This add-on](https://addons.mozilla.org/en-US/firefox/addon/which-website-rejected-me/) will help your list_error403 collection. +[This add-on](https://notabug.org/themusicgod1/cloudflare-tor/src/master/not_cloudflare/whyrejectme) will help your list_error403 collection. diff --git a/tool/irssi_cf_alturl.pl b/tool/irssi_cf_alturl.pl index b321888..a28dad2 100644 --- a/tool/irssi_cf_alturl.pl +++ b/tool/irssi_cf_alturl.pl @@ -8,8 +8,10 @@ # /set cflarealt_debug -- (off) if you have a problem try turning this on to debug # /set cflarealt_send2channel -- (off) send the converted URL publicly to everyone in your channels # /set cflarealt_channels <"#channel1, #channel2, etc"> -- Channels to automatically convert. Empty Defaults to all +# # /set cflarealt_shorturl_activate -- (off) set it 'on' to use shortner # /set cflarealt_shorturl_min <40> -- (40) How long a url has to be to trigger automatic url shortening +# /set cflarealt_shorturl_useonion -- (off) set it 'on' to use .onion # # /set cflarealt_localdbpath <"string to path"> -- () '/path/database/split/' # /set cflarealt_uselocaldb -- (off) if 'on', please set path to local database (or the script will die) @@ -40,8 +42,8 @@ use LWP::Simple; use LWP::UserAgent; my ( - $cfg_minurllen, $cfg_send2chan, $cfg_useshort, $cfg_isdebug, - $cfg_uselocaldb, $cfg_localdbpath, $cfg_chanlist + $cfg_minurllen, $cfg_send2chan, $cfg_useshort, $cfg_shortonion, + $cfg_isdebug, $cfg_uselocaldb, $cfg_localdbpath, $cfg_chanlist ); my ( $cfg_printurl, $cfg_donotsendurl ); my @cached = (); @@ -59,6 +61,12 @@ sub setuphandler { $cfg_useshort = 1; } + Irssi::settings_add_bool( "cflarealt", "cflarealt_shorturl_useonion", 0 ); + if ( Irssi::settings_get_bool("cflarealt_shorturl_useonion") ) { + print "cflarealt: URL onion enabled"; + $cfg_shortonion = 1; + } + Irssi::settings_add_str( "cflarealt", "cflarealt_channels", "" ); $cfg_chanlist = Irssi::settings_get_str("cflarealt_channels"); if ($cfg_chanlist) { @@ -218,9 +226,13 @@ sub GotUrl { else { deb("$target Asking API about $fqdn"); $answer = ''; - $url = 'https://searxes.danwin1210.me/collab/open/ismitm.php?f='.$fqdn; + $url = + 'https://searxes.danwin1210.me/collab/open/ismitm.php?f=' + . $fqdn; $browser = LWP::UserAgent->new; - $browser->agent("Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"); + $browser->agent( +"Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" + ); $response = $browser->get($url); $answer = $response->content; if ( $answer eq '[true,true]' ) { @@ -234,20 +246,45 @@ sub GotUrl { ## ACT2: Short URL __if__ enabled and long if ( $cfg_useshort == 1 ) { if ( length($myurl) > $cfg_minurllen ) { - deb("$target Creating Short URL for $myurl"); - $url = 'https://ux.nu/api/short?format=plain&url='.$myurl; - $browser = LWP::UserAgent->new; - $browser->agent("cloudflare-tor (Thank you for your service)"); - $response = $browser->get($url); - $answer = $response->content; - if ( index( $answer, 'https://ux.nu/' ) == 0 ) { - if ( $mytype eq '' ) { - $mytype = '^B^C7[Short]^O '; + if ( $cfg_shortonion == 1 ) { + deb("$target Creating Short Onion for $myurl"); + $url = 'https://url.danwin1210.me/?i=new&url=' . $myurl; + $browser = LWP::UserAgent->new; + $browser->agent("cloudflare-tor"); + $response = $browser->get($url); + $answer = $response->content; + if ( + index( $answer, + 'http://dt2tq5y2ccowebjo.onion/?' ) == 0 + ) + { + if ( $mytype eq '' ) { + $mytype = '^B^C7[Onion]^O '; + } + else { + $mytype = '^B^C2[Onion,Archive]^O '; + } + $myurl = $answer; } - else { - $mytype = '^B^C2[Short,Archive]^O '; + } + else { + deb("$target Creating Short URL for $myurl"); + $url = + 'https://ux.nu/api/short?format=plain&url=' . $myurl; + $browser = LWP::UserAgent->new; + $browser->agent( + "cloudflare-tor (Thank you for your service)"); + $response = $browser->get($url); + $answer = $response->content; + if ( index( $answer, 'https://ux.nu/' ) == 0 ) { + if ( $mytype eq '' ) { + $mytype = '^B^C7[Short]^O '; + } + else { + $mytype = '^B^C2[Short,Archive]^O '; + } + $myurl = $answer; } - $myurl = $answer; } } } diff --git a/what-to-do.md b/what-to-do.md index ef11504..64c01d2 100644 --- a/what-to-do.md +++ b/what-to-do.md @@ -68,9 +68,9 @@ If Cloudflare leak your information, it's not our fault. [*] | Name | Developer | Support | Can Block | Can Notify | | -------- | -------- | -------- | -------- | -------- | -| [Block Cloudflare MITM Attack](https://addons.mozilla.org/en-US/firefox/addon/bcma/) | Project BCMA | [Link](https://notabug.org/themusicgod1/cloudflare-tor/src/master/bcma) |**Yes** | **Yes** | +| [Block Cloudflare MITM Attack](https://addons.mozilla.org/en-US/firefox/addon/bcma/) | Project BCMA | [Link](https://notabug.org/themusicgod1/cloudflare-tor) |**Yes** | **Yes** | | [Block Cloudflare MITM Attack](https://trac.torproject.org/projects/tor/attachment/ticket/24351/block_cloudflare_mitm_attack-1.0.14.1-an%2Bfx.xpi) | nullius | [Link](https://github.com/nym-zone/block_cloudflare_mitm_fx) | **Yes** | **Yes** | -| [Are links vulnerable to MITM?](https://addons.mozilla.org/en-US/firefox/addon/are-links-vulnerable-to-mitm/) | Maslin Bossé | [Link](https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink) | No | **Yes** | +| [Are links vulnerable to MITM?](https://addons.mozilla.org/en-US/firefox/addon/are-links-vulnerable-to-mitm/) | Maslin Bossé | [Link](https://notabug.org/themusicgod1/cloudflare-tor) | No | **Yes** | | [Third-party Request Blocker (AMO)](https://addons.mozilla.org/en-US/firefox/addon/tprb/) | Searxes #Addon | [Link](https://searxes.danwin1210.me/) | **Yes** | **Yes** | | [TPRB](https://searxes.danwin1210.me/collab/tprb0/get_tprb0.php) | Sw | [Link](https://sw.skusklxqaqnrmszytky4vfyrg625erw4hqhiokyc2ufnokd2aitb47yd.onion/) | **Yes** | **Yes** | | [Detect Cloudflare](https://addons.mozilla.org/en-US/firefox/addon/detect-cloudflare/) | Frank Otto | [Link](https://github.com/traktofon/cf-detect) | No | **Yes** |