首頁 探索 說明
登入
mirror
/
SukkaSurge
镜像来自 https://github.com/SukkaW/Surge.git
2
0
複刻 0
檔案 問題管理 0 Wiki
目錄樹: 2730e612e9
分支列表 標籤列表
SukkaSurge
/
Build
/
build-phishing-domainset.js

build-phishing-domainset.js 2.3 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107 
  1. const tldts = require('tldts');
    2. 

  2. const { processFilterRules } = require('./lib/parse-filter.js');
    3. 

  3. const fs = require('fs');
    4. 

  4. const path = require('path');
    5. 

  5. const { withBanner } = require('./lib/with-banner.js');
    6. 

  6. 

  7. const WHITELIST_DOMAIN = new Set([
    8. 

  8.   'w3s.link',
    9. 

  9.   'dweb.link',
    10. 

  10.   'nftstorage.link'
    11. 

  11. ]);
    12. 

  12. const BLACK_TLD = Array.from(new Set([
    13. 

  13.   '.xyz',
    14. 

  14.   '.top',
    15. 

  15.   '.win',
    16. 

  16.   '.vip',
    17. 

  17.   '.site',
    18. 

  18.   '.space',
    19. 

  19.   '.online',
    20. 

  20.   '.icu',
    21. 

  21.   '.fun',
    22. 

  22.   '.shop',
    23. 

  23.   '.cool',
    24. 

  24.   '.cyou',
    25. 

  25.   '.id',
    26. 

  26.   '.pro',
    27. 

  27.   '.za.com',
    28. 

  28.   '.sa.com',
    29. 

  29.   '.ltd',
    30. 

  30.   '.group',
    31. 

  31.   '.rest',
    32. 

  32.   '.tech',
    33. 

  33.   '.link',
    34. 

  34.   '.ink',
    35. 

  35.   '.bar',
    36. 

  36.   '.tokyo'
    37. 

  37. ]));
    38. 

  38. 

  39. (async () => {
    40. 

  40.   const domainSet = Array.from(
    41. 

  41.     (
    42. 

  42.       await processFilterRules('https://curbengh.github.io/phishing-filter/phishing-filter-agh.txt')
    43. 

  43.     ).black
    44. 

  44.   );
    45. 

  45.   const domainCountMap = {};
    46. 

  46. 

  47.   for (let i = 0, len = domainSet.length; i < len; i++) {
    48. 

  48.     const line = domainSet[i];
    49. 

  49.     // starts with #
    50. 

  50.     if (line.charCodeAt(0) === 35) {
    51. 

  51.       continue;
    52. 

  52.     }
    53. 

  53.     if (line.trim().length === 0) {
    54. 

  54.       continue;
    55. 

  55.     }
    56. 

  56. 

  57.     const domain = line.charCodeAt(0) === 46 ? line.slice(1) : line;
    58. 

  58. 

  59.     if (domain.length > 19) {
    60. 

  60.       const apexDomain = tldts.getDomain(domain, { allowPrivateDomains: true });
    61. 

  61. 

  62.       if (apexDomain) {
    63. 

  63.         if (WHITELIST_DOMAIN.has(apexDomain)) {
    64. 

  64.           continue;
    65. 

  65.         }
    66. 

  66. 

  67.         domainCountMap[apexDomain] ||= 0;
    68. 

  68.         domainCountMap[apexDomain] += 1;
    69. 

  69. 

  70.         // Add more weight if the domain is long enough
    71. 

  71.         if (domain.length > 45) {
    72. 

  72.           domainCountMap[apexDomain] += 1.5;
    73. 

  73.         } else if (domain.length > 35) {
    74. 

  74.           domainCountMap[apexDomain] += 1;
    75. 

  75.         } else if (domain.length > 30) {
    76. 

  76.           domainCountMap[apexDomain] += 0.5;
    77. 

  77.         }
    78. 

  78.       }
    79. 

  79.     }
    80. 

  80.   }
    81. 

  81. 

  82.   const results = [];
    83. 

  83.   Object.entries(domainCountMap).forEach(([domain, count]) => {
    84. 

  84.     if (
    85. 

  85.       count >= 5
    86. 

  86.       && BLACK_TLD.some(tld => domain.endsWith(tld))
    87. 

  87.     ) {
    88. 

  88.       results.push('.' + domain);
    89. 

  89.     }
    90. 

  90.   });
    91. 

  91. 

  92.   const filePath = path.resolve(__dirname, '../List/domainset/reject_phishing.conf');
    93. 

  93.   await fs.promises.writeFile(
    94. 

  94.     filePath,
    95. 

  95.     withBanner(
    96. 

  96.       'Reject Domain Set for Surge',
    97. 

  97.       [
    98. 

  98.         '(Enhanced Phishing Protection)',
    99. 

  99.         'Build from:',
    100. 

  100.         '- https://gitlab.com/malware-filter/phishing-filter'
    101. 

  101.       ],
    102. 

  102.       new Date(),
    103. 

  103.       results
    104. 

  104.     ),
    105. 

  105.     'utf-8'
    106. 

  106.   );
    107. 

  107. })();
    108.