Home Explore Help
Sign In
mirror
/
SukkaSurge
mirror of https://github.com/SukkaW/Surge.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Update Reject Hosts & Tighten the Phishing Hosts

SukkaW 1 year ago
parent
22676ed0b2
commit
0f7799b8f1
2 changed files with 30 additions and 10 deletions
Unified View Show Diff Stats
  1. 29 10
      Build/lib/get-phishing-domains.ts
  2. 1 0
      Source/non_ip/reject.conf

+ 29 - 10
Build/lib/get-phishing-domains.ts
View File 

@@ -88,6 +88,11 @@ const sensitiveKeywords = createKeywordFilter([
 
   'allegrolokalnie',
 
   'allegrolokalnie',
 
   'thetollroads'
 
   'thetollroads'
 
 ]);
 
 ]);
 
+const fakeTldKeywords = createKeywordFilter([
 
+  '.pl-',
 
+  '.com-',
 
+  '.net-'
 
+]);
 
 const lowKeywords = createKeywordFilter([
 
 const lowKeywords = createKeywordFilter([
 
   'transactions-',
 
   'transactions-',
 
   'payment',
 
   'payment',
 
@@ -111,7 +116,8 @@ const lowKeywords = createKeywordFilter([
 
   'passwordreset',
 
   'passwordreset',
 
   '.google-',
 
   '.google-',
 
   'recover',
 
   'recover',
 
-  'banking'
 
+  'banking',
 
+  'shop'
 
 ]);
 
 ]);
 
 
 
 const processPhihsingDomains = cache(function processPhihsingDomains(domainArr: string[]): string[] {
 
 const processPhihsingDomains = cache(function processPhihsingDomains(domainArr: string[]): string[] {
 
@@ -195,12 +201,14 @@ const processPhihsingDomains = cache(function processPhihsingDomains(domainArr:
 
     }
 
     }
 
   });
 
   });
 
 
 
-  // console.log({
 
-  //   score: domainScoreMap['awicksin.com'],
 
-  //   count: domainCountMap.get('awicksin.com')
 
-  // });
 
-
 
-  // console.log({ duplicateCount, domainArrLen: domainArr.length });
 
+  if (require.main === module) {
 
+    console.log({
 
+      v: 1,
 
+      score: domainScoreMap['com-paytollbydv.world'],
 
+      count: domainCountMap.get('com-paytollbydv.worldx'),
 
+      domainArrLen: domainArr.length
 
+    });
 
+  }
 
 
 
   return domainArr;
 
   return domainArr;
 
 }, {
 
 }, {
 
@@ -241,14 +249,25 @@ export function calcDomainAbuseScore(subdomain: string, fullDomain: string = sub
 
 
 
   const hitLowKeywords = lowKeywords(fullDomain);
 
   const hitLowKeywords = lowKeywords(fullDomain);
 
   const sensitiveKeywordsHit = sensitiveKeywords(fullDomain);
 
   const sensitiveKeywordsHit = sensitiveKeywords(fullDomain);
 
+  const fakeTldKeywordsHit = fakeTldKeywords(fullDomain);
 
 
 
   if (sensitiveKeywordsHit) {
 
   if (sensitiveKeywordsHit) {
 
-    weight += 10;
 
+    weight += 15;
 
     if (hitLowKeywords) {
 
     if (hitLowKeywords) {
 
-      weight += 6;
 
+      weight += 10;
 
+      if (fakeTldKeywordsHit) {
 
+        weight += 8;
 
+      }
 
+    }
 
+    // besides add for low hit, always add extra here
 
+    if (fakeTldKeywordsHit) {
 
+      weight += 10;
 
     }
 
     }
 
   } else if (hitLowKeywords) {
 
   } else if (hitLowKeywords) {
 
-    weight += 1.7;
 
+    weight += 1.8;
 
+    if (fakeTldKeywordsHit) {
 
+      weight += 5;
 
+    }
 
   }
 
   }
 
 
 
   const subdomainLength = subdomain.length;
 
   const subdomainLength = subdomain.length;

+ 1 - 0
Source/non_ip/reject.conf
View File 

@@ -55,6 +55,7 @@ DOMAIN-KEYWORD,adktrack
 
 DOMAIN-KEYWORD,track.msadcenter
 
 DOMAIN-KEYWORD,track.msadcenter
 
 DOMAIN-KEYWORD,dc.pimentaafricana
 
 DOMAIN-KEYWORD,dc.pimentaafricana
 
 DOMAIN-KEYWORD,-txtagstore
 
 DOMAIN-KEYWORD,-txtagstore
 
+DOMAIN-KEYWORD,thetollroads-
 
 
 
 DOMAIN,stun.smartgslb.com
 
 DOMAIN,stun.smartgslb.com