From e2c115d0f2b9780fcf636aba1370654f5250bdb2 Mon Sep 17 00:00:00 2001 From: nullius Date: Mon, 11 Dec 2017 20:45:10 +0000 Subject: [PATCH] Import XPI and code from addons.mozilla.org Initial commit. Version 0.0.0-prealpha. - Glance over code to make sure it looks sane - Create git repository - Add substantive files - Fix icons (PNG CRC errors) - Add archival copy of xpi from addons.mozilla.org, with metadata - Add README.md, LICENSE.md - NOT YET TESTED BY MAINTAINER (@nym-zone) --- LICENSE.md | 11 ++++++ README.md | 12 +++++++ archive/amo.md | 10 ++++++ ...ock_cloudflare_mitm_attack-1.0.0-an+fx.xpi | Bin 0 -> 9767 bytes archive/headers0.http | 17 +++++++++ archive/headers1.http | 15 ++++++++ archive/sha256.txt | 1 + archive/sha512.txt | 1 + src/icons/icon-48.png | Bin 0 -> 1587 bytes src/icons/icon-64.png | Bin 0 -> 2037 bytes src/manifest.json | 15 ++++++++ src/stop_cf_mitm.js | 33 ++++++++++++++++++ 12 files changed, 115 insertions(+) create mode 100644 LICENSE.md create mode 100644 README.md create mode 100644 archive/amo.md create mode 100644 archive/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi create mode 100644 archive/headers0.http create mode 100644 archive/headers1.http create mode 100644 archive/sha256.txt create mode 100644 archive/sha512.txt create mode 100644 src/icons/icon-48.png create mode 100644 src/icons/icon-64.png create mode 100644 src/manifest.json create mode 100644 src/stop_cf_mitm.js diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 000000000..418134fb0 --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,11 @@ +[Original license](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/license/1.0.0): + +# Block Cloudflare MiTM Attack 1.0.0 +# Source Code License +# WTFPL + +WTFPL + +--- + +Any modifications by nullius are released to the public domain. Copyright is irrevocably disclaimed on behalf of self, heirs, assigns, etc., etc. In other words, NO LICENSE! The public domain is not a license. I politely request that derivative works either stay in the public domain, or keep a liberal license. diff --git a/README.md b/README.md new file mode 100644 index 000000000..ab7beafc2 --- /dev/null +++ b/README.md @@ -0,0 +1,12 @@ +# Block Cloudflare MITM Attack + +**Pull requests are welcome!** + +The purpose of this browser add-on is to block Cloudflare sites. + +The TLS protocol promises end-to-end encryption between the client and an authenticated, identified endpoint server. The browser’s lock icon is a UI widget which makes this promise to the user. Cloudflare is a mass-decryption chokepoint, which intercepts and decrypts the Web requests made by billions of people to millions of websites. + +- Prior discussion: [Tor Browser Bug #24351: Block Global Active Adversary Cloudflare](https://trac.torproject.org/projects/tor/ticket/24351) +- Imported from [block_cloudflare_mitm_attack-1.0.0-an+fx.xpi](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/), by an anonymous cypherpunk. “Cyperpunks write code.” Cheers! +- [Original announcement](https://trac.torproject.org/projects/tor/ticket/24351#comment:25) +- Thanks to [Debian Bug #831835](https://bugs.debian.org/831835) for some inspiration. diff --git a/archive/amo.md b/archive/amo.md new file mode 100644 index 000000000..d8bde2873 --- /dev/null +++ b/archive/amo.md @@ -0,0 +1,10 @@ +[https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/](https://addons.mozilla.org/en-US/firefox/addon/block-cloudflare-mitm-attack/) + +# Block Cloudflare MiTM Attack +## by [cypherpunks](https://addons.mozilla.org/en-US/firefox/user/JustATorUser/) + +If the destination use Cloudflare, block future request. + +Please read: +[https://trac.torproject.org/projects/tor/ticket/24351](https://trac.torproject.org/projects/tor/ticket/24351) +[http://www.crimeflare.com/](http://www.crimeflare.com/) diff --git a/archive/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi b/archive/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi new file mode 100644 index 0000000000000000000000000000000000000000..225bd41985e035d5ab7ce95d66b63e5e8d3c6bb5 GIT binary patch literal 9767 zcmbVy1yG&alJ3UcU4pv>cMT4~HMsl6-61%H;JyhGg1fuBySoN=mq+f*oiq2$dsTN{ zSM|SYty=YUS65f}>i%0%76K9z006)OdYmF<>0J-a;E@0T6I1}; castBXByu?SK zou{RZjUkhxli_Nz2Y+ zMNBsY^kHBb;+xE1G=$IwsIbG}%$*0j3nT_$p1l6M`4}{j;Aapt*Q)?1<#;HtuN?-s z1FzTk;m{SYzoCp4Q6el}G9it?f=N5D%`{1cH-wqVQK5GXxKL2Q4>1?}BacPToyg-W zZ~;CBrXo^rh608LL9Dl=e2*9?goqYnW&IFH5eoUR(@!kfM3Wwyh`mxQh7ZLy_~i6{#{( ztKeq9E)G)Z+Vm5t+OmH_zt4vxGpc~~zv|yh^|QU#7s|xh5JW|URfnh&8vMQ?@##ww zk8W4h*^i|=(E!kW+bgkB6zq8+h94n(kT!3R64qJP&z*xXSI54s37Ii&HTF(0Sus8| zOb7RtxG6M$VMHhzgNyc8XjFj@LEvWj%YNgCzx+j<*=u_t6NWEG=+mVUA*6aZH>->l z65}Pt;z!G_uRaThv6A^pZVMMk#%!?qM>bY~H)S9`Y0nptvzx8y3KJC5nQA5!`5QcmDc>OYcAkLnCJ z+)1p1fUP+=^;8|Zjd$4EW<#wGq%WA8p3UBF z+%JPh54+!S2hSTlciFga8NRP^!g*7(w|+2U-HbX;}*M^LukG?qp(?j?^yD zYt;yy67$8{DUM2xFOJiIj}2RdSLm!>j$V=XR#!D@%N66X(4v*x;XE)eWL9yKzb}#} zu@M)cXle0~=JjN#z7y=-x`ex8M{%vZo$z0eb{Fh^G@Z===39@|tA3;_>EG_@5@*OQ z6vHRVTV`Y;p79wmP6qF*`nhUjZAwC|xApS%2X~(Ocy>Ro{wFT}6-U zR#lT&)S$iVtOzXI&bOVJ^OpNodDx&)T;eg?9YWp0H-|e2WZ+=9-ZDi}lZ*`Qox>`r z({5;bCBd(@1zHOXQSmO&3mRnLpFbS#wH;cw+-ceozaf2C_s+AjfEfFQlyBPnS*cnR+py1T{4DQt z$Ub-s=OMfk&Fq6FG{mxWvtYC83vXuPz{0YG07$nFffoy^I+VSjh)!0?wq5ya&gB4w zlxYxst-o|@0!z&;ngVw1MfSBMt)+-{Wbq2k4aTzJv;vrP<7D?7Zm6YlSZ0z!*^n==bU>P$+Yd!RkdWTXo3>t#G?b?FYW z8z0h-qls@;zT;w^9+eIC)ngKr+Eim0d^2tCFUfihSx-iK)%fvcYiX74S2xKq0eTP3 zq4K^>786f2IW{&l&BW%~VNPw$%C~5aZ7Cs4waW0dgwt0@+=K8szpV zQLU|wQ_Y+M#`U+>$vwhKE&Ki(%ghfhzvL}I)!lPXB~dQPCG6CkqUGWZMG8ICl@i7w z+&`4R$9La}0`WL$y9D&2i_y_cXV&o>QTHrYD6TZ{%2px7GrDRE*l^@6@_J@dK18fs z>@thR$oF&HCfGJ+v=8GOD0qKBQ~g!JA}WDQ6TN&6j=6v>93cNj!W;Az`FUO&e7)b} zz%Owx$NwB9?dmaR(D&(C;w|_PQsL4Ko*p7X6DuRB#+xMZmG;f9Y1EI*T_t}@ z>Kp1jMK$CJkr0d98iP#7-R)-L&i7F!yryMC(75}uB^Rij77HHbn~;Z&<7C#rT8yhD z(`Z(UbeXjxKlUq?;mOWRBd|;0TeAUnQACZN3MHry+XqnB^}AxlwiBVM2m6}Q2zM>T zxQ&i#tHU;(&HcB8w|d2Cggrrfn|R21WX*o?>CPn-lB$8%^BK!HvHwul&hY-|SQABT zSW=@m6g)sn7F3zLiNwvX1+#`A5pEdtxu zWf$iTOSbK&1=1-k8c%Voy7?K0jOM@uiX98EW=e|5-7E6&jeZjAkm62033V`|)=f6F zl*zWHXw_n-{IGo6+-^QHjkF->hp1dM>>LfQOe^I3(N%qKv;3;4w%!k2H2H+yDVvcf zpUCPl-`p9O%kk*nm&U~I>%QW~thY^;z!TWgin2W2QQ}TS)~J@+cygQ#Yw>uxV{rizdJ1%&&;$XIa zGypS(6|ml(&;?5)000ZP1=K)ZU{^$!{8$`cjN9Fka&7R!|r$$!c~iS zWUu%ppENk-J7VM)^BY3V2VH1MOHo9rWAt@ zyL7XzCMP4(dmttc00#$)V5agaVhU^WMTZQQxsqvmeDEkVWPa28hD!z}dVQgI?s)l3 zu+UcDK9wCZvB~wLLMFiQ1a5qUI&S@NShLj{ts2&^XV};2jLe}`V@6lJ%h?Jw$0sW0 z7wt6*x8bdOC%QYzqQ~)JVUe#++eT4L)l#Z(nEIDgtIFTPy{Jttf&1KFlx0V*7Is!J zL+O@TUZdj^2lm7tU=-W-x0Eu{$v@yb7D|ZB*5*wR?1H%b@@>6zehtD$+N9udLctcb z?fJ(*a5tM0~8!=%+eOC3Z^~iA*Fs=v>HHm7w7R+UUNg|hI&*8V(Cdh*n zXFYPq1u8)iQ`svc@(#!%tw!M44Gfc~PL0;n_d8zYZPnLr5DpzuJK(CpkG+dWf!ElV}Zi=@cVs` zo);pWpp_>zrBmgoVky;D#ltjHy;D(-&X_esVUy3zCdZntUsmKo)pEmeJp1{yCS6eA z#W7M#iV0?U`-jihQ>r9I3-eh?uO#Q{f93pco`on|Nw&BY8uB zqg)8tY@tiT5Nj$c>obYuo}KQ51oE<|j9!{q1o*idpOJ5o)(GGa$-u~h^Ms}A6=|i9 zco7E>s+Uze{*ltwof04|3$J!+oHc36y@}CGsjCp2#Ln_DPyu^e;>XiQkZPL^py)Yq z(rB*cCRezLs5Jc}M@+pe+ro^uWmB063k+}13Fps2_tZ z#4>^c(u~?mJiLvWak)BgRkgJ?AWC9+l!bZ!&^PvHNoOee1FPuMUjO^S@_O|B#4kTC( zwC+Q=qP!#$JU;w8ERwX8nDYC|{D)!RkpUXu525c1n3J;PCqUU4;qUhiq`8Qk2mny| z9pTv!>U|GqFZIO<06^~k!(jb(1t#x@c+TRQ&MJ0h&TfW|rU2%@(ac=c`z2^}X)zI1 z3(=Eg>(B8Txcx4v+I8F@`)XJdLq-+8x9Q% zSMkqa+G1YA2}ffQ`k&yw`}`J=$s*IJaNI)Jm|M4Gsy+B7Px$!yessx^$&rrduEA*! z-NsNq;F~(JnWI*qx*;go4|^Dy*VMrd({eezGxYP~Bl_%5eop16&;r#X(XlQPb7_)` zcl*&0EfYHp++m>B4JL~Zl^jXTKZH(dH!{1@6JRpp#KeiLc@8#mdeWoxX*y&zpCa`g zd37wr!qFKDZd4I5e@1lP*81%=uuorxIt&9iHOq|KNwaEW>RMcfW$zkE*RqY8RIP%m zxmEy8O$$Lkr}4!Rq{#A%NWSf?yBKfAyFk2krs9)STCyt z2~2dGC51r%7JIa33devmeVyY@vE)}3ipY;MxVvF8!>V((iT$S0*un$pz&#`O@$_aP zl}q~5f<(^18h%tN{P+#DZP)>8Kd>WmrKz}8iGzr1#akyxvq$w9-3x$2APi!rqu(#0 z3>TO|4|b~Thu@7))f|{-$Pw&ZJM$PsdW+B@TXF`Q{dGCu>dngTEU`D{*d}fk*AYT61iwyTQ@Lz9LX}*IJ)m)h85b%cQz$boQjqc3HXN*s zD{}Vyk@gTh9edXp)2D?sX;o%AIPBuggM(vFLTqgKS1>U9%N=PcX=#?#X18%gRUL0H z3yXn8qVDc)uggn#c5-s^pjCOB;=l-sOGwPB@1+!LKuC8^x<3h0L=;NPMo!JkZdCz%{A#gtC1@7;S#yGOf zUOt?z-aZF@8W_pR3WC^l_9h!JsVdvpFu1x{HzHg=>91HDijJ0#t*@_-={4d($eOe$ z9O!%9p3G(DDQxg$pjbe~!-7K2%gYn>{sex!+)iv!Lx>tKb}>frL(y1Q0)3d1@i$h>Q_w$+gO>rD2HI9Q2N!ztjzB;^z{9oL`5sZ2Ba9u zvo>thu_@yRO^keU1mzuN9GgE=^~c4H89ICNghXQzq{kS#xGqKnC*h6TiRe=jU-`TQj0fO-u~%zcGb$1NU?r?9mogSYiu= zl9yK^Sa1_@6O$rGYb1f;-=y-MG6n?^FfG1{7SwZPaXPj<%=7LQfaY>)Zxrru$U^n| zOSdeB7riWiHzO{gt0ONS*KhZC5}*EyF5@&Sw}|PAG|y&{kon(J2tZm~UaahsLEyh; zz6i{f!;tqRnDx$o%Y2;d|8C~{rf$wn0FM*Bph~OMY=K&9ZEcZP)B_6?wN~pXDq1oc zpP>v>vYH7iRxh=VRGJ||D!LUv8Ld^hIxIi)Xxo3f0PVNz`>b8Hy^V*ni&?O+*t5MW zOx19ko3BywO5n_{aaH~GXaq~CL1@+!mWJ}8Oc##MD@70yK=a*{zdEOF>Y8bZ>J-p% zQ@5UV;K)?bsO9Kk(RS{>XR{wr=~xXl@T~EITiO6WS=mAS{xbepuZ)WnYpkQIt%fJC zt%G{R)O)$fm-QgSK<(US5ax1!v16VPBZzqe8MaJ77=hV&`+ePk4msStMF0N2ImqHT z&SX)!5i*P%@@ahZ!mUm)U3se#Y+AQt__Gi~H-tBnSAXYPJzF#Aia}`VBYH^CA{8ef z5W&`;w*pcLjc&9#Fo)Z70YiY7@G+Y-jPZILGwIDR+dQe=P5-K1GIu`_8@ognyQI}0 zpN4JA(qyOXavCABEMu5NT)a1JM_V+MiogcaQm0^sE4s(k^E@TzvEOF^q57=!*Ji1e zR>$gAhIHPd?F=O%XT;X%QJ2-(kGx1d4y(Nkd-mY?|g zEj5|CdkpvVB8)lbn%-GqO}L_Pe}_4(K_` z-LD;5>&I`HkjI~UoP5sIsvU?M#-zMNMiDs)h$q)sr(y5Gk2>$;OHA0KIlFz4*7B% zHchb>a@*i%be@S?2yRNiQ^)5|yNtoZJtbn+TE2vqgbb@YSb>U}=9VWVZkz9M)8)>R z;24*GO!|%PNIrw{sh*<|JG+$^axzX*8WkPpMU&>{MrXsKkA^A?vMx!M7=anUd5#!L z^)ep@o++lV7MgeGww1cVTt{t~;xhc}^F=)=u>8ZO$mu1u0(2?ndyX zJ4L?QA#nGKkX;AgCgekBim-Q;KF@RZ!%jf2wZgOox$d8E>~e&7ngX<`d&JkGuX1as zCd9`?4abLh6ic4C{hJOEN#YjANDR)*zo5WaU87#%;a{RF5dTtu*h*^q`S8>@&cu6J zsi!p(jr-xIJ=QWYwv545i(AqoUam^x9?jVCq;`zX@5xJ3Va3IM`nL`xeoPfyP(#5~ zk6%fxYbQT)bb?P6Pghsn>Qs23fxW6P7J7SYs~rEChSV&d4Qxv9Tpw$El~JOFg=K!( z6^k<>a#hMGvg=1jf0M#Oj+;7^7h(muTD&1Qe@|!bRTCh(B<3}Ha!ObEpqTFzlK+?0 z_Y|H8XBQkUrB60~wEV&xV@s@{X;oX4_tKSV>%)nWy1GYM>o;$e*8F=4%%aKCSLK~= zu!X&4%8F`OxIz6ww--vWtmO#N2pD2Ok6E9G@bpv<>9uS-!?DZmbYfybNir2~3c1S2 za1te!O2;!@XD%i>LBYhdd+Ld@xVD-a)pYN@Xm-xENVb%&i|e-NFSJ9LiE%?FfRqt$ zvE0%pymagB2#icU2CLYP$09kqcgZyCQ^Jm?uBCEi&#ceF09uGI@ zjKsdg{@S-NPJ_P5ds;2sVY(P>OAEgjmtQ>uO%b$@Xp^!RFj7!kR8R>6!xh{BtKrxj zCvNT9N6zyre|uVt6<4bY<~RNWKY&DA*YF{vi5KjQgf~>Mlz{8|dA4dk=c7FKQ(qNk zKl@?uKu5bysQ6Md6K(G|jIKEAOO;C*22_e3Ap?h}VbmmEGM1+v`O8}ynPe76oe?4!4sP91^a%i`H#?B6M z+bwyfb~ubfZgys{vYRG#Fgr=RnlfZn}XL~lGJAqmOq^fdP4VHJw$(1-i`kP|Xo z?Nb)ENGe*a)U>pvvg9_96ng&mj!oN0f*?ZMsDS-uyPi(%vtCbZ?=m|9Q<#g}%&IlV z-a|_J6}BqWb3*(Zx~^8~7?&o*Q{qF5$lv<9GE(mN1E2dl&TnKRn>@%DJ9)7y9ohSA z02s24!wcL(ROzGR!nr+tg6Di=FBH3> zYl~}txZ0QOGPum@+n(XvEYsnU>FLY5FtRoqNvGA(-59C%h#qeh({k$(tNKD`;M{B* z4Ao}mS(0-&P-NLcDDac zIjKkQVoj9ygqNvfk~0;)2b&JiTLMfLjCCnS5wtzVu_sZw+Q?)2sK zSXQK#xhUBGhU-47B-^Ws7QregM0F~8awwoBnv?T{hCk-(BX^9s7%5EJBR=dDeW+|) zTP>s)iL|(>n7TBgef-BkOR73F;~bCsh{ELeKMvr|qv|$^wQE-PIbV4nSqKDj5WL1F z5e6qb_fPOBSdaL8OCc0^B`INq+X_#K=kRtqtg%>yD8{H?0;Zo>)04Q89~y_8rM)q? zQ~E=wJwF2|lMnJpYL<3&&4Tx@%9dD?MF*GF-&%kiUcCt<`PbH<`bl<;sY{Px8L-k~ zQ*GUrpnF-R(EZfj<(X62*_R z(_y#u)ynPy^&@BA9X3eRfDCKxAsr`}9hp^~*lN^rgG3%Pq7YrY)lMK|2bnpD8 zWVS-)0MTvv+qw0_Xd^k<{Lp7MOYtxMa8j7={s>5kiB$ZB^<1PgqQadS_=#XsCR-#5 zY2%e47)M_>p-h&4f?ja_9iiw;)}W4$`~54CFg93=vo6vNmF&ZDHoWTWe#^X41SQ$8uS@Xjmodbee_2uAR6nE1xqB3=x@ZQi#J9dI4&5) zRJD16w8{Bwg<1j+I!8NOg?|pg>dKs3K0{*9uS>i|vMx&daCFh8 z8!fbhH!rdrR<0-RJZ?SL-RvB_7xM$_<;xX0j_x7y7E5Um4I0 z6wEnF?nO~6Kb0X4b9R+byeYDTo*TwiW8e}7@_)5*biNy+Hrvy?;h7 z_$~_8nBL<8>AMI2>&V4Fg9OklactB!P#6*^MJzmcVr&%)<^!Ig zSqB(eW?NbvlNFAulT*A?+!Y>}h(k{iQB*Xd64_PONBa!C4XM2gw*?_)8E!1f`J6cF z>#!nBwp1?FaKCBH4&BT(4W=ui3Kv=fDwz{D2GJaMTMg=IS~uXDR_*!*VhZJ0utYkK zS+Uo?MhmvfS2@4iFXEB9xM$2o=e_3@2AsG!PtMs%Frw2KFePk#oNj?WIcar8QBfg3583*9_)#Uq_a9Ha}P>i0qmm z)J7jYPqG-o6S1@?EPYBgq<9?`URL@2$?yABpG#Dph4XoLg&zT7%I{r?EOMVVNMMQ7 zwujdK)!<<5#}I{owQmUN8Kl*F1?Tb381MW)Mp~TA5XL@_%QDb1%FH6kGSZEWj8`i& z&#-M=y0FZ;41QK%WSYE@8yWr#!CHdpy~3z0=g2thqtZ1TB{wQpJKg1jI1L0g1_}@& zu_Qi0B?gD!B`2jq!a(lfCt%{?5>W9;KBlB4c`i9RfW3E&!N4&g{@?R9@B00N{NEko z|Dx*q^vxdxp?^5apBw+P>-^^w06--H0QleMc>Xs%=zrq=-@DNNfCZ4e;|Bc~?*FnU z{g>+hA>!}l{$C<|-!1eXs{cd8zhC_SUBurL?_VM`J^=prY54E(f6qLB!PgQ2{(th& z9|8Z}KmHyZ{zCu&;1A|R`rrNIuTb%KgulE0UkKA={~h5!=ewND6lJ0Q{2q882!jRW MzQ-h6@;|%(1NWJwb^rhX literal 0 HcmV?d00001 diff --git a/archive/headers0.http b/archive/headers0.http new file mode 100644 index 000000000..598564aa6 --- /dev/null +++ b/archive/headers0.http @@ -0,0 +1,17 @@ +HTTP/1.1 302 FOUND +Content-Security-Policy: script-src https://ssl.google-analytics.com/ga.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://addons.cdn.mozilla.net; style-src 'self' 'unsafe-inline' https://addons.cdn.mozilla.net; default-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; img-src 'self' data: blob: https://ssl.google-analytics.com https://addons.cdn.mozilla.net https://static.addons.mozilla.net https://sentry.prod.mozaws.net; media-src https://videos.cdn.mozilla.net; object-src 'none'; connect-src 'self' https://sentry.prod.mozaws.net; font-src 'self' https://addons.cdn.mozilla.net; form-action 'self' https://developer.mozilla.org; base-uri 'self' https://addons.mozilla.org; report-uri /__cspreport__ +Content-Type: text/html; charset=utf-8 +Date: Mon, 11 Dec 2017 18:27:56 GMT +ETag: "d41d8cd98f00b204e9800998ecf8427e" +Location: https://addons.cdn.mozilla.net/user-media/addons/902908/block_cloudflare_mitm_attack-1.0.0-an+fx.xpi?filehash=sha256%3A335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45 +Public-Key-Pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=" +Server: nginx +strict-transport-security: max-age=31536000 +Vary: User-Agent +x-content-type-options: nosniff +X-Frame-Options: DENY +X-Target-Digest: sha256:335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45 +x-xss-protection: 1; mode=block +Content-Length: 0 +Connection: keep-alive + diff --git a/archive/headers1.http b/archive/headers1.http new file mode 100644 index 000000000..8c0a71cb9 --- /dev/null +++ b/archive/headers1.http @@ -0,0 +1,15 @@ +HTTP/1.1 200 OK +Content-Type: application/x-xpinstall +Content-Length: 9767 +Connection: keep-alive +Accept-Ranges: bytes +Cache-Control: max-age=86400 +Content-Security-Policy: default-src 'none'; report-uri https://addons.mozilla.org/__cspreport__ +Date: Mon, 11 Dec 2017 18:29:33 GMT +Expires: Tue, 12 Dec 2017 18:29:33 GMT +Last-Modified: Mon, 11 Dec 2017 14:30:08 GMT +Server: nginx +X-Cache: Miss from cloudfront +Via: 1.1 3905f6b396c96f958286f8e228e61547.cloudfront.net (CloudFront) +X-Amz-Cf-Id: U05sJSn5Gc55Pittka0jqN1NF1a1_b5HNUDS4DLf3-I4U-dXOzJApw== + diff --git a/archive/sha256.txt b/archive/sha256.txt new file mode 100644 index 000000000..07440040c --- /dev/null +++ b/archive/sha256.txt @@ -0,0 +1 @@ +335868a2ef8966ecd11db6532bca642cbd1d9eb31d5f9f1d79d9bd0d77f15c45 block_cloudflare_mitm_attack-1.0.0-an+fx.xpi diff --git a/archive/sha512.txt b/archive/sha512.txt new file mode 100644 index 000000000..e9c3d46ea --- /dev/null +++ b/archive/sha512.txt @@ -0,0 +1 @@ +55e0a9c04e891e9bf3abe5b72d38d4e3213e120adbbbb1422cf5bd21bac4008e546988b987d684cdf8838d773cc8bcd9d61767a53a0b7f5674abc361b1fb3a4c block_cloudflare_mitm_attack-1.0.0-an+fx.xpi diff --git a/src/icons/icon-48.png b/src/icons/icon-48.png new file mode 100644 index 0000000000000000000000000000000000000000..31dcc7fa7c8fa5e8e0a588d412addec88685d677 GIT binary patch literal 1587 zcmV-32F&@1P)f4sXw1Bo1DbP!y0tL~QM_Zxv-QM;V``amkF>Vtj z;QZr$$(Pe}&hMQ2`|kbnJEu#QkRU;V1PKx(NRU`?0KjU(sM+e!NHcL&my#IfEA6AV zly>bC z%lYZC;T!od!bt$*RbQ}N-3gYCY|x4e09Q%DJl5BR8ScjNkyKu`m17` z`?W|f&c1Ho$62hU>%qYIWSS<%M}S}PMDze#sW%uIA3qwm6g?a_Gd=`sxeuu8euD`K z!-`KTTAfa3?xG8rQgZz*bwAoH{KyCTYX`u}*yO@Xy{40z53Qve;6DE(82TDrc8iI= z=mLygWw^TP7Z|Ne1RMRmc_nQwc%omq7fi!l;3Vv(#q#{Ch_Cl|RIR}~Qo%~!_{bvj zp`lEEvWbQs6%8AgF782FHC_%7RrRR3g15dU+xnV-u(@dVxI23;K_H z{wMFA@&v^h)TW^R3D2j-x;c>O37QNKw68bZySN$5CF{X1jBh~#-dGR;1VL=E)qZ1C zq;7=kK|atNu<*PdJo7uy2L_Y90dM+A?9ysiE|37*R-6}PlqC3qAZGufQy9A+>}@B- z?(4>UEwjRXr$JmdQ+?Jr`k4nNTCxv554EDaV1xA9?*?gA!Ys9d{E%l^>l_yCb)WL{ z5};6yRMK*D$2lCX4pp8LNYHBlOO`$_9S%pZRN6gW*U+eEv#a#=^^N-8-rg9p3kxTCE_Ma3?0d%KfWah2e5>j@s8N0=>U!rd1LLJ=WIwcPxBElgsCH2Ly&dQt~N?iH!xL(FlGA{NUXAbnxD=0n*N;+dtc}!&OjN z1lgA6&~BO?V{LUQ~gTXRU zsZR1_f) z3Sr;Az}0NF@J%E@h`z9{tE-!R_uf6$rAyg3oz8$=yLQ243WbP|KkBNgs)m@DSZHl+ zgFn!|;Smwg+b0LPT;8lyDp{i%&DN)#woy!G85SNMjzvXBWBG-Jr!HTnWV6|9tVhX%} literal 0 HcmV?d00001 diff --git a/src/icons/icon-64.png b/src/icons/icon-64.png new file mode 100644 index 0000000000000000000000000000000000000000..44dc2ae2546d7d69fe19850c91245c91e5819ead GIT binary patch literal 2037 zcmV(9tLU0jCHoOIPVObu#%gSRP_qDtH zd+s6xwVgu3!^C@L{&Vl%d(S=R`+ev8&N+8>5r9RHvK9#d1ONg60e}EN03ZMm00;mC z00IC3fB@i81R#_JEW`sp8XFt?o!xG0wcD&jED_hr{~jB&$CLYyeQ%Ao*=+lm5pADE zkqBLJG_>h{phZp?xxNva+`qumk^#;<4E{L+;>qum*MDfUaYanSRVd?L!f?h;-1#C6 zbbFygmexG)!{%ST2vM8^M}}KpA?#Q6|_p79@lY5iR{r7*AqbqL;?N zl<0z<&qYwzWILphrxB%2N?nsRd9PC{g7Mlqn2JMS&hiG`lnh!aMQ?33SP~-iz-^2f z``sQoV;P27Nj&pohM|u0M-t1&^(}HOALqI>A80Z{CS^{3&Jq6;8W8{af&2Q8#_#FV zcHvImKA3O3220Hu7}RahwpE`YZR~h>JZ|qV7GFV-EQw&aN~(5+}Qe9ohfw#EYjmJIw!G zInaLW0gWUUR)$WT$GM)0rf>K-I%K@I7Mc%Nqvy2qv~*7l$2m>A-h_1LzOH9T_eH{C!H~P!D;-Qyh9b^ z0_rnoFy$d++04xS%8+GQKPKlDXwR*L^bJpx`Y*gXPPu|93B;J8e?9^Pe^B{g&O{72_eSXji<6%#!(i^+5&$FZZO zrR69nk{~lP+o7^DDZ0D67j~O#G#V9q{9c2PuP-iKNHBzigiwbMhhb=Fh*LB)vIT`j zY++$Bn|Gst)%5nTG()q+l2Vqe3|V!uNoq&J;-{aYs;bH%vbC+eDX&p`z3hdOk`lKmp|?3UF4na8iN$1;l;Q4r zr0IpVYw>SU5_0qMuyyNJq>Iz>)`=7Nm6sPJl49}>30hiPXSPxliISRk|6w=GX7k>O zYgVh(i*&Aw2jKnNors7$j^FR_!O6Ez@|~Up5V$W0uEeX6M~-2~&Ruxk!vksQ;zX zvhdRMlrW5?%gNaZ{$%7FI2a0dcX!m>szcPfQCPWZ6~e-g;GYSX324*vGXl`k($>7} zC(9rbi7=qkOWNAoC9!emq19?}?AS4UCc1{?Y$!y?lO{1aRnZI0}nPNcil= z+4ysgAw2RV4I4Hf^5{_zr(nJ3dQ?~6bo47YB+Sv5h{&VFN#5vGc7fDITifkwk|ZUX z{sGA}zv0=hl$Mq`azJo!F!l!p;nJm#8+)``_rJe?8e*}SZ(J9!H^3Yp9}k0J2(Q2X zCjv-^ccV|CsksG8((vf$DB?bhM|Msw8X6k0%f|=){{9FI48+0EP*QIYLFC=H+rI`t z4A@gvF2k$aU&VIs?L^-A$CuS<@{SHA_`FqL z{{>>>;vMz9NnP)|^?3($s=6?fEWKqyMvCH(%lOaHQ?9S(IPRBIpZhkN((bbV^Xvon z@9WpJ+7XISgd!B7Jkmw@i;Mt303ZMm00;mC00IC3fB--MAOH{m2mk~CkDUGk8+=#l TO%2YZ00000NkvXXu0mjfnLFfJ literal 0 HcmV?d00001 diff --git a/src/manifest.json b/src/manifest.json new file mode 100644 index 000000000..27b114bcc --- /dev/null +++ b/src/manifest.json @@ -0,0 +1,15 @@ +{ +"manifest_version": 2, +"name": "Block Cloudflare MiTM Attack", +"description": "If the destination use Cloudflare, block future request.", +"version": "1.0.0", +"homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351", +"permissions": ["webRequest","webRequestBlocking",""], +"icons": { + "48": "icons/icon-48.png", + "64": "icons/icon-64.png" +}, +"background": { + "scripts": ["stop_cf_mitm.js"] +} +} \ No newline at end of file diff --git a/src/stop_cf_mitm.js b/src/stop_cf_mitm.js new file mode 100644 index 000000000..f00c9eb20 --- /dev/null +++ b/src/stop_cf_mitm.js @@ -0,0 +1,33 @@ +/* + <<< Detect Cloudflare MiTM Attack >>> + by Sw + why? because... + https://trac.torproject.org/projects/tor/ticket/24351 + http://www.crimeflare.com/ +*/ +//=============================================== +function analyzemydata(res){ +//console.log("mitmdetector: scanning: "+res.url); +var cflink=document.createElement('a');cflink.setAttribute('href',res.url); +var cf_hostname=cflink.hostname; +var cf_protocol=cflink.protocol; +var cf_gothead=res.responseHeaders; +cflink=null; +if ((cf_protocol=='http:'||cf_protocol=='https:') && cf_hostname.length>=4){ +//console.log("mitmdetector: testing...: "+res.url); +var is_cloudflare_infected=0;// 2 to confirm +for(var i=0;i=1){ +console.log('SECURITY_WARN: Cloudflare Detected: '+res.url); +return {redirectUrl: "https://0.0.0.0/"};// just drop the connection +} +} +return; +} +browser.webRequest.onHeadersReceived.addListener(analyzemydata,{urls: [""]},["blocking","responseHeaders"]); +// \ No newline at end of file