Skip to content

Commit

Permalink
Merge branch 'en-domain_path_blacklist'
Browse files Browse the repository at this point in the history
* en-domain_path_blacklist:
  Added logic to detect URL change onclick for sites like YouTube
  Version bump
  Added sanity check
  Removed debug
  Changed default rpc provider. Added logic to blacklist/block from a malicious domain with path
  • Loading branch information
409H committed Feb 19, 2020
2 parents 2f4da90 + aab1d26 commit dffe94e
Show file tree
Hide file tree
Showing 5 changed files with 100 additions and 15 deletions.
47 changes: 41 additions & 6 deletions js/DomainBlacklist.js
Original file line number Diff line number Diff line change
@@ -1,14 +1,27 @@
(function() {
let objBrowser = chrome ? chrome : browser;

//Get the blacklist domains option for the user
objBrowser.runtime.sendMessage({func: "blacklist_domains"}, function(objResponse) {
if(objResponse && objResponse.hasOwnProperty("resp")) {
if(objResponse.resp == 1) {
blacklistedDomainCheck();
let strInitHref = window.location.href;

function init(){
//Get the blacklist domains option for the user
objBrowser.runtime.sendMessage({func: "blacklist_domains"}, function(objResponse) {
if(objResponse && objResponse.hasOwnProperty("resp")) {
if(objResponse.resp == 1) {
blacklistedDomainCheck();
}
}
});
}

init();

window.onclick = function(e) {
if(strInitHref !== window.location.href) {
strInitHref = window.location.href;
init();
}
});
}

//Detects if the current tab is in the blacklisted domains file
function blacklistedDomainCheck() {
Expand Down Expand Up @@ -112,6 +125,28 @@

return false;
}

// Now check the full path (ie: YouTube because of fake livestreams and telegra.ph)
objBrowser.runtime.sendMessage({func: "blacklist_uri_list"}, function (objResponse) {
if (objResponse && objResponse.hasOwnProperty("resp")) {
let uris = JSON.parse(objResponse.resp)
let windowLoc = window.location.href.replace(/^https?\:\/\/|www\./g,'');
uris.domains.forEach(f => {
let r = new RegExp(`^(${f.replace(/[.*+?^${}()|[\]\\\/]/g, '\\$&')})`, 'g');

if(f === windowLoc || (r.exec(windowLoc) !== null)) {
console.warn(`${windowLoc} webpage is blacklisted by EAL - Blacklisted`);
window.location.href = chrome.runtime.getURL('/static/phishing/phishing.html#'+ btoa(window.location.href) +'#uri');

objBrowser.runtime.sendMessage({func: "change_ext_icon", "icon": "blacklisted", "type": "blacklisted"}, function(objResponse) {
// Icon should be a different colour now.
});

return false;
}
})
}
});
}

//Now do the 3rd party domain list check if they have that option enabled.
Expand Down
29 changes: 26 additions & 3 deletions js/options.js
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,10 @@ objBrowser.runtime.onMessage.addListener(
console.log("Getting 3p blacklisted domain list");
strResponse = getBlacklistedDomains("3p");
break;
case 'blacklist_uri_list' :
console.log("Getting the blacklist uri list");
strResponse = getBlacklistedDomains("uri");
break;
case 'use_3rd_party_blacklists' :
//This option is enabled by default
if(localStorage.getItem("ext-etheraddresslookup-use_3rd_party_blacklist") === null) {
Expand Down Expand Up @@ -147,13 +151,13 @@ objBrowser.runtime.onMessage.addListener(
break;
case 'rpc_provider' :
if(localStorage.getItem("ext-etheraddresslookup-rpc_node") === null) {
strResponse = "https://freely-central-lark.quiknode.io/9fe4c4a0-2ea2-4ac1-ab64-f92990cd2914/118-xxADc8hKSSB9joCb-g==/";
strResponse = "https://mainnet.infura.io/v3/02b145caa61b49998168f2b97d4ef323";
} else {
strResponse = localStorage.getItem("ext-etheraddresslookup-rpc_node");
}
break;
case 'rpc_default_provider' :
strResponse = "https://freely-central-lark.quiknode.io/9fe4c4a0-2ea2-4ac1-ab64-f92990cd2914/118-xxADc8hKSSB9joCb-g==/";
strResponse = "https://mainnet.infura.io/v3/02b145caa61b49998168f2b97d4ef323";
break;
case 'perform_address_lookups' :
//This option is enabled by default
Expand Down Expand Up @@ -349,6 +353,13 @@ function getBlacklistedDomains(strType)
"repo": "http://api.infura.io/v1/blacklist",
"identifer": "eal"
},
"uri": {
"timestamp": 0,
"domains": [],
"format": "plain",
"repo": "https://raw.githubusercontent.com/409H/EtherAddressLookup/master/blacklists/uri.json",
"identifer": "uri"
},
"third_party": {
"phishfort": {
"timestamp": 0,
Expand Down Expand Up @@ -380,8 +391,13 @@ function getBlacklistedDomains(strType)
}

strType = strType || "eal";
if(strType === "eal") {
strType = "";
} else {
strType = `${strType}_`;
}

return localStorage.getItem(`ext-etheraddresslookup-${strType === 'eal' ? '' : '3p_'}blacklist_domains_list`);
return localStorage.getItem(`ext-etheraddresslookup-${strType}blacklist_domains_list`);
}

function updateAllBlacklists(objEalBlacklistedDomains)
Expand All @@ -393,6 +409,13 @@ function updateAllBlacklists(objEalBlacklistedDomains)
localStorage.setItem("ext-etheraddresslookup-blacklist_domains_list", JSON.stringify(objEalBlacklistedDomains.eal));
});

getBlacklistedDomainsFromSource(objEalBlacklistedDomains.uri).then(function (arrDomains) {
objEalBlacklistedDomains.uri.timestamp = Math.floor(Date.now() / 1000);
objEalBlacklistedDomains.uri.domains = arrDomains.filter((v,i,a)=>a.indexOf(v)==i);

localStorage.setItem("ext-etheraddresslookup-uri_blacklist_domains_list", JSON.stringify(objEalBlacklistedDomains.uri));
});

if( [null, 1].indexOf(localStorage.getItem("ext-etheraddresslookup-use_3rd_party_blacklist")) >= 0) {
getBlacklistedDomainsFromSource(objEalBlacklistedDomains.third_party.phishfort).then(function (arrDomains) {

Expand Down
2 changes: 1 addition & 1 deletion manifest.json
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
"name": "EtherAddressLookup",
"short_name": "EtherAddressLookup",
"description": "Adds links to strings that look like Ethereum addresses to your favorite blockchain explorer + antiphishing measures.",
"version": "1.22",
"version": "1.23",

"browser_action": {
"default_icon": "images/ether-128x128.png",
Expand Down
15 changes: 12 additions & 3 deletions static/phishing/phishing-notices.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
//Show the user why it's blocked
var b = window.location.href.split("#");

console.log("Domain is blacklisted because: "+(b[b.length-1].toLowerCase()));
switch(b[b.length-1].toLowerCase()) {
case 'punycode':
Expand All @@ -22,12 +23,20 @@ switch(b[b.length-1].toLowerCase()) {
case 'blacklisted':
document.getElementById("blacklisted").style.display = 'block'
break;
case 'uri':
document.getElementById("uri").style.display = 'block'
break;
default:
// No default action.
break;
}

//Populate the link to EtherScamDB
let cleandomain = encodeURI(b[1].replace(/https?\:?\/?\/?w{0,3}\.?/,"").replace(/\/$/,""));
document.getElementById("link-etherscamdb").href = "https://etherscamdb.info/domain/"+cleandomain;
document.getElementById("link-etherscamdb").textContent = "https://etherscamdb.info/domain/"+cleandomain;
if(b[b.length-1].toLowerCase() !== "uri") {
if(document.getElementById("esdb-link")) {
document.getElementById("esdb-link").style.display = "block";
}
let cleandomain = encodeURI(b[1].replace(/https?\:?\/?\/?w{0,3}\.?/,"").replace(/\/$/,""));
document.getElementById("link-etherscamdb").href = "https://etherscamdb.info/domain/"+cleandomain;
document.getElementById("link-etherscamdb").textContent = "https://etherscamdb.info/domain/"+cleandomain;
}
22 changes: 20 additions & 2 deletions static/phishing/phishing.html
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,10 @@
#blacklisted {
border-left: 4px solid #D49990;
}

#uri {
border-left: 4px solid #f0ef0e;
}
</style>
</head>
<body>
Expand All @@ -92,15 +96,19 @@ <h1>
<p>This domain is blocked because it is too similar to a domain in our fuzzy list.<br />
If you want to access this domain and you're sure it's safe, please <a href="https://github.com/409H/EtherAddressLookup/wiki/Blacklisted-Domains#levenshtien-domains" target="_blank">disable the behaviour</a> in the EtherAddressLookup settings.</p>
</div>
<div id="uri" class="notice hide-me">
<p>This webpage is blocked because it is on our blacklist.<br />
If you want to access this domain and you're sure it's safe, please <a href="https://github.com/409H/EtherAddressLookup/wiki/Blacklisted-Domains#blacklisted-domains" target="_blank">disable the behaviour</a> in the EtherAddressLookup settings.</p>
</div>
<div id="blacklisted" class="notice hide-me">
<p>This domain is blocked because it is on our blacklist.<br />
If you want to access this domain and you're sure it's safe, please <a href="https://github.com/409H/EtherAddressLookup/wiki/Blacklisted-Domains#blacklisted-domains" target="_blank">disable the behaviour</a> in the EtherAddressLookup settings.</p>
</div>
</div>
<p>This is because you have enabled <span>Warn of blacklisted domains</span> setting on <img src="../../images/ether-16x16.png" alt="EtherAddressLookup Icon" />EtherAddressLookup Browser Extension.</p>
<p>You can turn this setting off, but it's advised not to as we blacklisted the domain for a reason.</p>
<br />
<p>If you feel this domain is wrongly blacklisted, please <a href="https://github.com/409H/EtherAddressLookup/issues/new">open a new issue on GitHub</a></p>
<p><strong>To read more about this, visit <a id="link-etherscamdb" href="">https://etherscamdb.info/domain/</a></strong></p>
<p id="esdb-link" class="hide-me"><strong>To read more about this, visit <a id="link-etherscamdb" href="">https://etherscamdb.info/domain/</a></strong></p>
</div>
<div id="gif-container" class="hide-me">
<div id="punycode_turnoff" class="hide-me">
Expand All @@ -119,6 +127,16 @@ <h3>Helpful Tips:</h3>
<li><strong>Try seeking out a trustworthy, secure link on your own.</strong> Top Google results (not
Google Ads!), Verified Twitter accounts, or asking someone you know & trust. Once you find the
correct URL, bookmark it!</li>
<li><strong>Nobody is giving away free money.</strong> Scammers are trying to impersonate official looking channels
to convince you to perform a trust trading scam (by sending them money in return for more money sent back). This
is a common scam that we have written about it numerous times:
<ul>
<li><a href="https://medium.com/mycrypto/crypto-trust-trading-scams-are-running-rampant-on-youtube-9f575210879b" target="_blank">Crypto Trust-Trading Scams Are Running Rampant On YouTube</a></li>
<li><a href="https://medium.com/mycrypto/country-click-through-rates-for-bitly-scams-dbafdfd48b04" target="_blank">Nigeria, Indonesia, the US, and Vietnam are among the highest victim rates for crypto scams</a></li>
<li><a href="https://medium.com/mycrypto/research-into-trust-trading-scams-on-twitter-ba6309d87a18" target="_blank">Research into Trust-Trading Scams on Twitter</a></li>
<li><a href="https://medium.com/mycrypto/the-trust-trading-scam-kit-98aaf18270a7" target="_blank">The Trust-Trading Scam Kit</a></li>
</ul>
</li>
</ul>
</p>
</div>
Expand Down

0 comments on commit dffe94e

Please sign in to comment.