From ecaa235b5e3331defab75dad72593951fdf37790 Mon Sep 17 00:00:00 2001 From: kumavis Date: Wed, 2 Aug 2017 14:26:10 -0700 Subject: phishing detection - move phishing detection into contentscript and metamask controller --- app/scripts/lib/is-phish.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'app/scripts/lib/is-phish.js') diff --git a/app/scripts/lib/is-phish.js b/app/scripts/lib/is-phish.js index 68c09e4ac..21c68b0d6 100644 --- a/app/scripts/lib/is-phish.js +++ b/app/scripts/lib/is-phish.js @@ -9,15 +9,15 @@ const LEVENSHTEIN_CHECKS = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'meta // credit to @sogoiii and @409H for their help! // Return a boolean on whether or not a phish is detected. -function isPhish({ hostname, updatedBlacklist = null }) { +function isPhish({ hostname, blacklist }) { var strCurrentTab = hostname // check if the domain is part of the whitelist. if (whitelistedDomains && whitelistedDomains.includes(strCurrentTab)) { return false } // Allow updating of blacklist: - if (updatedBlacklist) { - blacklistedDomains = blacklistedDomains.concat(updatedBlacklist) + if (blacklist) { + blacklistedDomains = blacklistedDomains.concat(blacklist) } // check if the domain is part of the blacklist. -- cgit v1.2.3 From 8c6f01b91094564df59d6d95b6f43b811e711824 Mon Sep 17 00:00:00 2001 From: kumavis Date: Wed, 2 Aug 2017 15:54:59 -0700 Subject: blacklist controller - breakout from metamask and infura controllers --- app/scripts/lib/is-phish.js | 29 +++++++---------------------- 1 file changed, 7 insertions(+), 22 deletions(-) (limited to 'app/scripts/lib/is-phish.js') diff --git a/app/scripts/lib/is-phish.js b/app/scripts/lib/is-phish.js index 21c68b0d6..ce51c353d 100644 --- a/app/scripts/lib/is-phish.js +++ b/app/scripts/lib/is-phish.js @@ -1,38 +1,23 @@ const levenshtein = require('fast-levenshtein') -const blacklistedMetaMaskDomains = ['metamask.com'] -let blacklistedDomains = require('etheraddresslookup/blacklists/domains.json').concat(blacklistedMetaMaskDomains) -const whitelistedMetaMaskDomains = ['metamask.io', 'www.metamask.io'] -const whitelistedDomains = require('etheraddresslookup/whitelists/domains.json').concat(whitelistedMetaMaskDomains) const LEVENSHTEIN_TOLERANCE = 4 -const LEVENSHTEIN_CHECKS = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'metamask'] - // credit to @sogoiii and @409H for their help! // Return a boolean on whether or not a phish is detected. -function isPhish({ hostname, blacklist }) { - var strCurrentTab = hostname +function isPhish({ hostname, blacklist, whitelist, fuzzylist }) { // check if the domain is part of the whitelist. - if (whitelistedDomains && whitelistedDomains.includes(strCurrentTab)) { return false } - - // Allow updating of blacklist: - if (blacklist) { - blacklistedDomains = blacklistedDomains.concat(blacklist) - } + if (whitelist && whitelist.includes(hostname)) return false // check if the domain is part of the blacklist. - const isBlacklisted = blacklistedDomains && blacklistedDomains.includes(strCurrentTab) + if (blacklist && blacklist.includes(hostname)) return true // check for similar values. - let levenshteinMatched = false - var levenshteinForm = strCurrentTab.replace(/\./g, '') - LEVENSHTEIN_CHECKS.forEach((element) => { - if (levenshtein.get(element, levenshteinForm) <= LEVENSHTEIN_TOLERANCE) { - levenshteinMatched = true - } + const levenshteinForm = hostname.replace(/\./g, '') + const levenshteinMatched = fuzzylist.some((element) => { + return levenshtein.get(element, levenshteinForm) <= LEVENSHTEIN_TOLERANCE }) - return isBlacklisted || levenshteinMatched + return levenshteinMatched } module.exports = isPhish -- cgit v1.2.3 From d4877cb4e2580db565686e7c736cd3716dc6e02d Mon Sep 17 00:00:00 2001 From: kumavis Date: Thu, 3 Aug 2017 14:25:02 -0700 Subject: blacklist - use module eth-phishing-detect --- app/scripts/lib/is-phish.js | 23 ----------------------- 1 file changed, 23 deletions(-) delete mode 100644 app/scripts/lib/is-phish.js (limited to 'app/scripts/lib/is-phish.js') diff --git a/app/scripts/lib/is-phish.js b/app/scripts/lib/is-phish.js deleted file mode 100644 index ce51c353d..000000000 --- a/app/scripts/lib/is-phish.js +++ /dev/null @@ -1,23 +0,0 @@ -const levenshtein = require('fast-levenshtein') -const LEVENSHTEIN_TOLERANCE = 4 - -// credit to @sogoiii and @409H for their help! -// Return a boolean on whether or not a phish is detected. -function isPhish({ hostname, blacklist, whitelist, fuzzylist }) { - - // check if the domain is part of the whitelist. - if (whitelist && whitelist.includes(hostname)) return false - - // check if the domain is part of the blacklist. - if (blacklist && blacklist.includes(hostname)) return true - - // check for similar values. - const levenshteinForm = hostname.replace(/\./g, '') - const levenshteinMatched = fuzzylist.some((element) => { - return levenshtein.get(element, levenshteinForm) <= LEVENSHTEIN_TOLERANCE - }) - - return levenshteinMatched -} - -module.exports = isPhish -- cgit v1.2.3