ホーム エクスプローラ ヘルプ
サインイン
mirror
/
SukkaSurge
同期ミラー https://github.com/SukkaW/Surge.git
2
0
フォーク 0
ファイル 課題 0 Wiki
ツリー: 6646a1ec98
ブランチ タグ
SukkaSurge
/
Build
/
build-phishing-domainset.js

build-phishing-domainset.js 2.6 KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115 
  1. const tldts = require('tldts');
    2. 

  2. const { processFilterRules } = require('./lib/parse-filter.js');
    3. 

  3. const fs = require('fs');
    4. 

  4. const path = require('path');
    5. 

  5. const { withBanner } = require('./lib/with-banner.js');
    6. 

  6. 

  7. const WHITELIST_DOMAIN = new Set([
    8. 

  8.   'w3s.link',
    9. 

  9.   'dweb.link',
    10. 

  10.   'nftstorage.link',
    11. 

  11.   'square.site'
    12. 

  12. ]);
    13. 

  13. const BLACK_TLD = Array.from(new Set([
    14. 

  14.   '.xyz',
    15. 

  15.   '.top',
    16. 

  16.   '.win',
    17. 

  17.   '.vip',
    18. 

  18.   '.site',
    19. 

  19.   '.space',
    20. 

  20.   '.online',
    21. 

  21.   '.icu',
    22. 

  22.   '.fun',
    23. 

  23.   '.shop',
    24. 

  24.   '.cool',
    25. 

  25.   '.cyou',
    26. 

  26.   '.id',
    27. 

  27.   '.pro',
    28. 

  28.   '.za.com',
    29. 

  29.   '.sa.com',
    30. 

  30.   '.ltd',
    31. 

  31.   '.group',
    32. 

  32.   '.rest',
    33. 

  33.   '.tech',
    34. 

  34.   '.link',
    35. 

  35.   '.ink',
    36. 

  36.   '.bar',
    37. 

  37.   '.tokyo'
    38. 

  38. ]));
    39. 

  39. 

  40. (async () => {
    41. 

  41.   const domainSet = Array.from(
    42. 

  42.     (
    43. 

  43.       await processFilterRules('https://curbengh.github.io/phishing-filter/phishing-filter-agh.txt')
    44. 

  44.     ).black
    45. 

  45.   );
    46. 

  46.   const domainCountMap = {};
    47. 

  47. 

  48.   for (let i = 0, len = domainSet.length; i < len; i++) {
    49. 

  49.     const line = domainSet[i];
    50. 

  50.     // starts with #
    51. 

  51.     if (line.charCodeAt(0) === 35) {
    52. 

  52.       continue;
    53. 

  53.     }
    54. 

  54.     if (line.trim().length === 0) {
    55. 

  55.       continue;
    56. 

  56.     }
    57. 

  57. 

  58.     const domain = line.charCodeAt(0) === 46 ? line.slice(1) : line;
    59. 

  59. 

  60.     if (domain.length > 19) {
    61. 

  61.       const apexDomain = tldts.getDomain(domain, { allowPrivateDomains: true });
    62. 

  62. 

  63.       if (apexDomain) {
    64. 

  64.         if (WHITELIST_DOMAIN.has(apexDomain)) {
    65. 

  65.           continue;
    66. 

  66.         }
    67. 

  67. 

  68.         domainCountMap[apexDomain] ||= 0;
    69. 

  69.         domainCountMap[apexDomain] += 1;
    70. 

  70. 

  71.         // Add more weight if the domain is long enough
    72. 

  72.         if (domain.length > 45) {
    73. 

  73.           domainCountMap[apexDomain] += 1.5;
    74. 

  74.         } else if (domain.length > 35) {
    75. 

  75.           domainCountMap[apexDomain] += 1;
    76. 

  76.         } else if (domain.length > 30) {
    77. 

  77.           domainCountMap[apexDomain] += 0.5;
    78. 

  78.         } else if (domain.length > 25) {
    79. 

  79.           domainCountMap[apexDomain] += 0.25;
    80. 

  80.         }
    81. 

  81. 

  82.         const subdomain = tldts.getSubdomain(domain, { allowPrivateDomains: true });
    83. 

  83.         if (subdomain && subdomain.includes('.')) {
    84. 

  84.           domainCountMap[apexDomain] += 0.5;
    85. 

  85.         }
    86. 

  86.       }
    87. 

  87.     }
    88. 

  88.   }
    89. 

  89. 

  90.   const results = [];
    91. 

  91.   Object.entries(domainCountMap).forEach(([domain, count]) => {
    92. 

  92.     if (
    93. 

  93.       count >= 5
    94. 

  94.       && BLACK_TLD.some(tld => domain.endsWith(tld))
    95. 

  95.     ) {
    96. 

  96.       results.push('.' + domain);
    97. 

  97.     }
    98. 

  98.   });
    99. 

  99. 

  100.   const filePath = path.resolve(__dirname, '../List/domainset/reject_phishing.conf');
    101. 

  101.   await fs.promises.writeFile(
    102. 

  102.     filePath,
    103. 

  103.     withBanner(
    104. 

  104.       'Reject Domain Set for Surge',
    105. 

  105.       [
    106. 

  106.         '(Enhanced Phishing Protection)',
    107. 

  107.         'Build from:',
    108. 

  108.         '- https://gitlab.com/malware-filter/phishing-filter'
    109. 

  109.       ],
    110. 

  110.       new Date(),
    111. 

  111.       results
    112. 

  112.     ),
    113. 

  113.     'utf-8'
    114. 

  114.   );
    115. 

  115. })();
    116.