Upload files to 'addon_firefox/bcma'

3 files changed, 138 insertions, 26 deletions

diff --git a/addon_firefox/bcma/bg.js b/addon_firefox/bcma/bg.js
new file mode 100644
index 00000000..61ad2383
--- /dev/null
+++ b/addon_firefox/bcma/bg.js
@@ -0,0 +1,84 @@
+let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php';
+let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php';
+
+fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ok', {
+	method: 'GET',
+	mode: 'cors'
+}).then(r => r.text()).then(r => {
+	if (r == 'ok') {
+		apiurl = TORapiurl;
+	}
+}).catch(() => {});
+
+function is_infected(f) {
+	return new Promise((g, b) => {
+		fetch(apiurl, {
+			method: 'POST',
+			mode: 'cors',
+			headers: {
+				'Content-Type': 'application/x-www-form-urlencoded'
+			},
+			body: 'f=' + f
+		}).then(r => r.json()).then(r => {
+			if (r[0]) {
+				g(r[1]);
+			} else {
+				b();
+			}
+		}).catch(b);
+	});
+}
+
+function i_already_know_you(f) {
+	if (!/^([a-z0-9_.-]{1,255})\.([a-z]{2,80})$/.test(f)) {
+		return false;
+	}
+	return new Promise((g, b) => {
+		browser.storage.local.get(f).then((ff) => {
+			if (ff[f]) {
+				if (ff[f] == 'y') {
+					g(1);
+				} else {
+					g(-1);
+				}
+			} else {
+				g(0);
+			}
+		}, () => {
+			g(0);
+		});
+	});
+}
+
+function i_remember_you(f, t) {
+	browser.storage.local.set({
+		[f]: ((t) ? 'y' : 'n')
+	});
+}
+
+function clear_cache_week() {
+	browser.storage.local.clear();
+	setTimeout(function () {
+		clear_cache_week();
+	}, 604800000);
+}
+
+clear_cache_week();
+
+browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
+	if (request && sender) {
+		i_already_know_you(request).then((r) => {
+			if (r == 1 || r == -1) {
+				browser.tabs.sendMessage(sender.tab.id, [request, ((r == 1) ? true : false)]);
+			}
+			if (r == 0) {
+				is_infected(request).then((a) => {
+					i_remember_you(request, a);
+					browser.tabs.sendMessage(sender.tab.id, [request, a]);
+				}, () => {
+					browser.tabs.sendMessage(sender.tab.id, [request, false]);
+				});
+			}
+		}, () => {});
+	}
+});
diff --git a/addon_firefox/bcma/cs.js b/addon_firefox/bcma/cs.js
new file mode 100644
index 00000000..fdc2fe02
--- /dev/null
+++ b/addon_firefox/bcma/cs.js
@@ -0,0 +1,32 @@
+if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) {
+	let cs = (function () {
+		let s = document.createElement('style');
+		document.head.appendChild(s);
+		return s.sheet;
+	})();
+	if (cs) {
+		cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0);
+		cs.insertRule("a[data-mitm]::before{content:'[\\26A0]';font-weight:bold !important;color:red !important;display:inline-block !important}", 1);
+		cs.insertRule("a[data-mitm]:hover::before{content:'[\\26A1]'}", 2);
+		cs.insertRule("a[data-mitm]:hover{color:red !important}", 3);
+	}
+	let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'];
+	document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => {
+		let aF = (new URL(a.href)).hostname;
+		if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) {
+			asked.push(aF);
+			browser.runtime.sendMessage(aF);
+		}
+	});
+	browser.runtime.onMessage.addListener((request, sender, sendResponse) => {
+		if (request.length == 2) {
+			if (request[1]) {
+				document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => {
+					a.dataset.mitm = 1;
+					a.title = 'DANGER! DANGER! MITM!';
+				});
+			}
+		}
+		sendResponse(null);
+	});
+}
\ No newline at end of file
diff --git a/addon_firefox/bcma/manifest.json b/addon_firefox/bcma/manifest.json
index 35d88391..5b4b7913 100644
--- a/addon_firefox/bcma/manifest.json
+++ b/addon_firefox/bcma/manifest.json
@@ -1,42 +1,38 @@
 {
    "manifest_version": 2,
-   "name": "Block Cloudflare MITM Attack",
-   "description": "Submit to global surveillance or resist. The choice is yours.",
-   "version": "1.0.1811.1",
-   "author": "Project BCMA",
-   "homepage_url": "https://trac.torproject.org/projects/tor/ticket/24351",
+   "name": "Are links vulnerable to MITM attack?",
+   "description": "Scan FQDN using Searxes' API",
+   "version": "1.0.5",
+   "homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor",
+   "author": "Maslin Bossé",
    "permissions": [
-      "<all_urls>",
-      "activeTab",
-      "tabs",
-      "webRequest",
-      "webRequestBlocking",
-      "webNavigation"
+      "storage",
+      "unlimitedStorage"
    ],
    "icons": {
-      "32": "icons/icon-32.png",
-      "48": "icons/icon-48.png",
-      "64": "icons/icon-64.png"
+      "32": "icons/32.png"
    },
    "background": {
       "scripts": [
-         "anticloudflare.js"
+         "bg.js"
       ]
    },
-   "options_ui": {
-      "page": "mydata.html",
-      "browser_style": false
-   },
-   "browser_action": {
-      "browser_style": false,
-      "default_icon": {
-         "32": "icons/cf_0.png"
+   "content_scripts": [
+      {
+         "matches": [
+            "http://*/*",
+            "https://*/*"
+         ],
+         "js": [
+            "cs.js"
+         ],
+         "run_at": "document_end"
       }
-   },
+   ],
    "applications": {
       "gecko": {
-         "id": "24351@trac.torproject.org",
-         "strict_min_version": "52.0"
+         "id": "ismitm@searxes.danwin1210.me",
+         "strict_min_version": "56.0"
       }
    }
 }
\ No newline at end of file