diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/icons/icon-48.png | bin | 0 -> 1587 bytes | |||
| -rw-r--r-- | src/icons/icon-64.png | bin | 0 -> 2037 bytes | |||
| -rw-r--r-- | src/manifest.json | 15 | ||||
| -rw-r--r-- | src/stop_cf_mitm.js | 33 |
4 files changed, 48 insertions, 0 deletions
diff --git a/src/icons/icon-48.png b/src/icons/icon-48.png Binary files differnew file mode 100644 index 00000000..31dcc7fa --- /dev/null +++ b/src/icons/icon-48.png diff --git a/src/icons/icon-64.png b/src/icons/icon-64.png Binary files differnew file mode 100644 index 00000000..44dc2ae2 --- /dev/null +++ b/src/icons/icon-64.png diff --git a/src/manifest.json b/src/manifest.json new file mode 100644 index 00000000..27b114bc --- /dev/null +++ b/src/manifest.json @@ -0,0 +1,15 @@ +{ +"manifest_version": 2, +"name": "Block Cloudflare MiTM Attack", +"description": "If the destination use Cloudflare, block future request.", +"version": "1.0.0", +"homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351", +"permissions": ["webRequest","webRequestBlocking","<all_urls>"], +"icons": { + "48": "icons/icon-48.png", + "64": "icons/icon-64.png" +}, +"background": { + "scripts": ["stop_cf_mitm.js"] +} +}
\ No newline at end of file diff --git a/src/stop_cf_mitm.js b/src/stop_cf_mitm.js new file mode 100644 index 00000000..f00c9eb2 --- /dev/null +++ b/src/stop_cf_mitm.js @@ -0,0 +1,33 @@ +/* + <<< Detect Cloudflare MiTM Attack >>> + by Sw + why? because... + https://trac.torproject.org/projects/tor/ticket/24351 + http://www.crimeflare.com/ +*/ +//=============================================== +function analyzemydata(res){ +//console.log("mitmdetector: scanning: "+res.url); +var cflink=document.createElement('a');cflink.setAttribute('href',res.url); +var cf_hostname=cflink.hostname; +var cf_protocol=cflink.protocol; +var cf_gothead=res.responseHeaders; +cflink=null; +if ((cf_protocol=='http:'||cf_protocol=='https:') && cf_hostname.length>=4){ +//console.log("mitmdetector: testing...: "+res.url); +var is_cloudflare_infected=0;// 2 to confirm +for(var i=0;i<cf_gothead.length;i++){ +var cfv=cf_gothead[i]; +if (cfv['name']=='cf-ray' && cfv['value']!=undefined){is_cloudflare_infected+=1;} +if (cfv['name']=='server' && cfv['value'].includes("cloudflare")){is_cloudflare_infected+=1;} +if (is_cloudflare_infected==2){break;} +} +if (is_cloudflare_infected>=1){ +console.log('SECURITY_WARN: Cloudflare Detected: '+res.url); +return {redirectUrl: "https://0.0.0.0/"};// just drop the connection +} +} +return; +} +browser.webRequest.onHeadersReceived.addListener(analyzemydata,{urls: ["<all_urls>"]},["blocking","responseHeaders"]); +//
\ No newline at end of file |
