Upload files to 'addon_firefox/ismitmlink'
This commit is contained in:
parent
1f728b1dc9
commit
d75c775735
|
@ -0,0 +1,77 @@
|
|||
let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
|
||||
let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php';
|
||||
|
||||
fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/hi.php', {
|
||||
method: 'GET',
|
||||
mode: 'cors'
|
||||
}).then(r => r.text()).then(r => {
|
||||
if (r == 'hi') {
|
||||
apiurl = TORapiurl;
|
||||
}
|
||||
}).catch(() => {});
|
||||
|
||||
function is_infected(f) {
|
||||
return new Promise((g, b) => {
|
||||
fetch(apiurl, {
|
||||
method: 'POST',
|
||||
mode: 'cors',
|
||||
headers: {
|
||||
'Content-Type': 'application/x-www-form-urlencoded'
|
||||
},
|
||||
body: 'f=' + f
|
||||
}).then(r => r.json()).then(r => {
|
||||
if (r[0]) {
|
||||
g(r[1]);
|
||||
} else {
|
||||
b();
|
||||
}
|
||||
}).catch(b);
|
||||
});
|
||||
}
|
||||
|
||||
function i_already_know_you(f) {
|
||||
if (!/^([a-z0-9_.-]{1,255})\.([a-z]{2,80})$/.test(f)) {
|
||||
return false;
|
||||
}
|
||||
return new Promise((g, b) => {
|
||||
browser.storage.local.get(f).then((ff) => {
|
||||
if (ff[f]) {
|
||||
if (ff[f] == 'y') {
|
||||
g(1);
|
||||
} else {
|
||||
g(-1);
|
||||
}
|
||||
} else {
|
||||
g(0);
|
||||
}
|
||||
}, () => {
|
||||
g(0);
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
function i_remember_you(f, t) {
|
||||
browser.storage.local.set({
|
||||
[f]: ((t) ? 'y' : 'n')
|
||||
});
|
||||
}
|
||||
|
||||
browser.storage.local.clear().then(() => {
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request && sender) {
|
||||
i_already_know_you(request).then((r) => {
|
||||
if (r == 1 || r == -1) {
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]);
|
||||
}
|
||||
if (r == 0) {
|
||||
is_infected(request).then((a) => {
|
||||
i_remember_you(request, a);
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, a]);
|
||||
}, () => {
|
||||
browser.tabs.sendMessage(sender.tab.id, [request, false]);
|
||||
});
|
||||
}
|
||||
}, () => {});
|
||||
}
|
||||
});
|
||||
}, () => {});
|
|
@ -0,0 +1,32 @@
|
|||
if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
|
||||
let cs = (function () {
|
||||
let s = document.createElement('style');
|
||||
document.head.appendChild(s);
|
||||
return s.sheet;
|
||||
})();
|
||||
if (cs) {
|
||||
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
|
||||
cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1);
|
||||
cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2);
|
||||
cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
|
||||
}
|
||||
let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'];
|
||||
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
|
||||
let aF = (new URL(a.href)).hostname;
|
||||
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
|
||||
asked.push(aF);
|
||||
browser.runtime.sendMessage(aF);
|
||||
}
|
||||
});
|
||||
browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
|
||||
if (request.length == 2) {
|
||||
if (request[1]) {
|
||||
document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
|
||||
a.dataset.mitm = 1;
|
||||
a.title = 'DANGER! DANGER! MITM!';
|
||||
});
|
||||
}
|
||||
}
|
||||
sendResponse(null);
|
||||
});
|
||||
}
|
|
@ -0,0 +1,38 @@
|
|||
{
|
||||
"manifest_version": 2,
|
||||
"name": "Are links vulnerable to MITM attack?",
|
||||
"description": "Scan FQDN using Searxes' API",
|
||||
"version": "1.0.4",
|
||||
"homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink",
|
||||
"author": "Maslin Bossé",
|
||||
"permissions": [
|
||||
"storage",
|
||||
"unlimitedStorage"
|
||||
],
|
||||
"icons": {
|
||||
"32": "icons/32.png"
|
||||
},
|
||||
"background": {
|
||||
"scripts": [
|
||||
"bg.js"
|
||||
]
|
||||
},
|
||||
"content_scripts": [
|
||||
{
|
||||
"matches": [
|
||||
"http://*/*",
|
||||
"https://*/*"
|
||||
],
|
||||
"js": [
|
||||
"cs.js"
|
||||
],
|
||||
"run_at": "document_end"
|
||||
}
|
||||
],
|
||||
"applications": {
|
||||
"gecko": {
|
||||
"id": "ismitm@searxes.danwin1210.me",
|
||||
"strict_min_version": "56.0"
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue