Jeff Cliff 2019-02-26 12:36:31 -05:00
commit 8c90e229c6
7 changed files with 11 additions and 5 deletions

View File

@ -1,4 +1,3 @@
*2019.02.24* *2019.02.24*
``` ```

View File

@ -38,6 +38,7 @@ Also see [Frequently Asked Questions](faq.md).
* Add WTF-Cloudflare news to [NEWS.md](NEWS.md) * Add WTF-Cloudflare news to [NEWS.md](NEWS.md)
* Search something on [Searxes](https://searxes.danwin1210.me/) (this will help collecting Searxes' "MITM domains") * Search something on [Searxes](https://searxes.danwin1210.me/) (this will help collecting Searxes' "MITM domains")
* Take a look at [add-on code](ismitmlink/) * Take a look at [add-on code](ismitmlink/)
* Subscribe to an ![](image/feed.png) RSS feed: ["The Great Cloudwall News"](https://searxes.danwin1210.me/collab/open/getrss.php?q=tmg1news)
![WTF](image/wtfcf.jpg) ![WTF](image/wtfcf.jpg)

5
bcma/README.md Normal file
View File

@ -0,0 +1,5 @@
This is a source code of BCMA's "*Block Cloudflare MITM Attack*".
PRs are welcome.
AMO: https://addons.mozilla.org/en-US/firefox/addon/bcma/

BIN
image/feed.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 654 B

View File

@ -26,7 +26,7 @@ browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
if (request && sender) { if (request && sender) {
if (mymemory[request] != undefined) { if (mymemory[request] != undefined) {
let rlt = mymemory[request]; let rlt = mymemory[request];
if (Object.keys(mymemory).length > 800) { if (Object.keys(mymemory).length > 20000) {
let cnt = 1; let cnt = 1;
for (let t in mymemory) { for (let t in mymemory) {
if (cnt > 10) { if (cnt > 10) {

View File

@ -1,5 +1,5 @@
if (document.body) { if (document.body) {
if (!['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion'].includes(location.hostname)) { if (!['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
let cs = (function () { let cs = (function () {
let s = document.createElement('style'); let s = document.createElement('style');
document.head.appendChild(s); document.head.appendChild(s);
@ -7,8 +7,9 @@ if (document.body) {
})(); })();
if (cs) { if (cs) {
cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0); cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
cs.insertRule("a[data-mitm]::after{content:'[MITM!]';font-weight:bold}", 1);
} }
let asked = [location.hostname, 'searxes.danwin1210.me']; let asked = [location.hostname, 'searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'];
document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => { document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
let aF = (new URL(a.href)).hostname; let aF = (new URL(a.href)).hostname;
if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3}))$/.test(aF) && !asked.includes(aF)) { if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3}))$/.test(aF) && !asked.includes(aF)) {

View File

@ -2,7 +2,7 @@
"manifest_version": 2, "manifest_version": 2,
"name": "Are links vulnerable to MITM attack?", "name": "Are links vulnerable to MITM attack?",
"description": "Scan FQDN using Searxes' API", "description": "Scan FQDN using Searxes' API",
"version": "1.0.1", "version": "1.0.2",
"author": "Maslin Bossé", "author": "Maslin Bossé",
"permissions": [], "permissions": [],
"icons": { "icons": {