mirror of
https://github.com/SukkaW/Surge.git
synced 2025-12-13 01:30:37 +08:00
Chore: improve phishing hosts
This commit is contained in:
SukkaW
parent
6811b23acd
commit
19228a8216
@ -6,7 +6,7 @@ import { isCI } from 'ci-info';
|
||||
import { xxhash64 } from 'hash-wasm';
|
||||
|
||||
import picocolors from 'picocolors';
|
||||
import { identity } from './misc';
|
||||
import { fastStringArrayJoin, identity } from './misc';
|
||||
|
||||
const fsMemoCache = new Cache({ cachePath: path.resolve(__dirname, '../../.cache'), tableName: 'fs_memo_cache' });
|
||||
|
||||
@ -49,29 +49,35 @@ function createCache(onlyUseCachedIfFail: boolean) {
|
||||
fn: (...args: Args) => Promise<T>,
|
||||
opt: FsMemoCacheOptions<T>
|
||||
): (...args: Args) => Promise<T> {
|
||||
const fixedKey = fn.toString();
|
||||
|
||||
if (opt.temporaryBypass) {
|
||||
return fn;
|
||||
}
|
||||
|
||||
const serializer = 'serializer' in opt ? opt.serializer : identity<T, string>;
|
||||
const deserializer = 'deserializer' in opt ? opt.deserializer : identity<string, T>;
|
||||
|
||||
const fixedKey = fn.toString();
|
||||
|
||||
const fixedKeyHashPromise = xxhash64(fixedKey);
|
||||
const devalueModulePromise = import('devalue');
|
||||
|
||||
return async function cachedCb(...args: Args) {
|
||||
const { stringify: devalueStringify } = await import('devalue');
|
||||
const devalueStringify = (await devalueModulePromise).stringify;
|
||||
|
||||
// Construct the complete cache key for this function invocation
|
||||
// typeson.stringify is still limited. For now we uses typescript to guard the args.
|
||||
const cacheKey = (await Promise.all([
|
||||
xxhash64(fixedKey),
|
||||
const cacheKey = fastStringArrayJoin(
|
||||
await Promise.all([
|
||||
fixedKeyHashPromise,
|
||||
xxhash64(devalueStringify(args))
|
||||
])).join('|');
|
||||
]),
|
||||
'|'
|
||||
);
|
||||
|
||||
const cacheName = picocolors.gray(fn.name || fixedKey || cacheKey);
|
||||
|
||||
const cached = fsMemoCache.get(cacheKey);
|
||||
|
||||
const serializer = 'serializer' in opt ? opt.serializer : identity as any;
|
||||
const deserializer = 'deserializer' in opt ? opt.deserializer : identity as any;
|
||||
|
||||
if (onlyUseCachedIfFail) {
|
||||
try {
|
||||
const value = await fn(...args);
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import { processDomainLists, processHosts } from './parse-filter';
|
||||
import * as tldts from 'tldts-experimental';
|
||||
|
||||
import { dummySpan } from '../trace';
|
||||
import { dummySpan, printTraceResult } from '../trace';
|
||||
import type { Span } from '../trace';
|
||||
import { appendArrayInPlaceCurried } from './append-array-in-place';
|
||||
import { PHISHING_DOMAIN_LISTS_EXTRA, PHISHING_HOSTS_EXTRA } from '../constants/reject-data-source';
|
||||
@ -108,26 +108,25 @@ const lowKeywords = createKeywordFilter([
|
||||
'banking'
|
||||
]);
|
||||
|
||||
const cacheKey = createCacheKey(__filename);
|
||||
|
||||
const processPhihsingDomains = cache(function processPhihsingDomains(domainArr: string[]): Promise<string[]> {
|
||||
const domainCountMap: Record<string, number> = {};
|
||||
const domainCountMap = new Map<string, number>();
|
||||
const domainScoreMap: Record<string, number> = {};
|
||||
|
||||
let tld: string | null = '';
|
||||
let apexDomain: string | null = '';
|
||||
let subdomain: string | null = '';
|
||||
|
||||
for (let i = 0, len = domainArr.length; i < len; i++) {
|
||||
const line = domainArr[i];
|
||||
|
||||
const {
|
||||
publicSuffix: tld,
|
||||
domain: apexDomain,
|
||||
subdomain,
|
||||
isPrivate
|
||||
} = tldts.parse(line, loosTldOptWithPrivateDomains);
|
||||
|
||||
if (isPrivate) {
|
||||
const parsed = tldts.parse(line, loosTldOptWithPrivateDomains);
|
||||
if (parsed.isPrivate) {
|
||||
continue;
|
||||
}
|
||||
|
||||
tld = parsed.publicSuffix;
|
||||
apexDomain = parsed.domain;
|
||||
|
||||
if (!tld) {
|
||||
console.log(picocolors.yellow('[phishing domains] E0001'), 'missing tld', { line, tld });
|
||||
continue;
|
||||
@ -137,8 +136,12 @@ const processPhihsingDomains = cache(function processPhihsingDomains(domainArr:
|
||||
continue;
|
||||
}
|
||||
|
||||
domainCountMap[apexDomain] ||= 0;
|
||||
domainCountMap[apexDomain] += 1;
|
||||
domainCountMap.set(
|
||||
apexDomain,
|
||||
domainCountMap.has(apexDomain)
|
||||
? domainCountMap.get(apexDomain)! + 1
|
||||
: 1
|
||||
);
|
||||
|
||||
if (!(apexDomain in domainScoreMap)) {
|
||||
domainScoreMap[apexDomain] = 0;
|
||||
@ -151,6 +154,9 @@ const processPhihsingDomains = cache(function processPhihsingDomains(domainArr:
|
||||
domainScoreMap[apexDomain] += 0.5;
|
||||
}
|
||||
}
|
||||
|
||||
subdomain = parsed.subdomain;
|
||||
|
||||
if (
|
||||
subdomain
|
||||
&& !WHITELIST_MAIN_DOMAINS.has(apexDomain)
|
||||
@ -159,30 +165,33 @@ const processPhihsingDomains = cache(function processPhihsingDomains(domainArr:
|
||||
}
|
||||
}
|
||||
|
||||
for (const apexDomain in domainCountMap) {
|
||||
domainCountMap.forEach((count, apexDomain) => {
|
||||
if (
|
||||
// !WHITELIST_MAIN_DOMAINS.has(apexDomain)
|
||||
(domainScoreMap[apexDomain] >= 24)
|
||||
|| (domainScoreMap[apexDomain] >= 16 && domainCountMap[apexDomain] >= 7)
|
||||
|| (domainScoreMap[apexDomain] >= 13 && domainCountMap[apexDomain] >= 11)
|
||||
|| (domainScoreMap[apexDomain] >= 5 && domainCountMap[apexDomain] >= 14)
|
||||
|| (domainScoreMap[apexDomain] >= 3 && domainCountMap[apexDomain] >= 21)
|
||||
|| (domainScoreMap[apexDomain] >= 16 && count >= 7)
|
||||
|| (domainScoreMap[apexDomain] >= 13 && count >= 11)
|
||||
|| (domainScoreMap[apexDomain] >= 5 && count >= 14)
|
||||
|| (domainScoreMap[apexDomain] >= 3 && count >= 21)
|
||||
) {
|
||||
domainArr.push('.' + apexDomain);
|
||||
}
|
||||
}
|
||||
|
||||
console.log({
|
||||
score: domainScoreMap['flk-ipfs.xyz'],
|
||||
count: domainCountMap['flk-ipfs.xyz']
|
||||
});
|
||||
|
||||
// console.log({
|
||||
// score: domainScoreMap['flk-ipfs.xyz'],
|
||||
// count: domainCountMap.get('flk-ipfs.xyz')
|
||||
// });
|
||||
|
||||
return Promise.resolve(domainArr);
|
||||
}, {
|
||||
serializer: serializeArray,
|
||||
deserializer: deserializeArray
|
||||
deserializer: deserializeArray,
|
||||
temporaryBypass: true
|
||||
});
|
||||
|
||||
const cacheKey = createCacheKey(__filename);
|
||||
|
||||
export function getPhishingDomains(parentSpan: Span) {
|
||||
return parentSpan.traceChild('get phishing domains').traceAsyncFn(async (span) => {
|
||||
const domainArr = await span.traceChildAsync('download/parse/merge phishing domains', async (curSpan) => {
|
||||
@ -219,7 +228,7 @@ export function calcDomainAbuseScore(subdomain: string, fullDomain: string = sub
|
||||
weight += 6;
|
||||
}
|
||||
} else if (hitLowKeywords) {
|
||||
weight += 1.5;
|
||||
weight += 1.7;
|
||||
}
|
||||
|
||||
const subdomainLength = subdomain.length;
|
||||
@ -236,11 +245,8 @@ export function calcDomainAbuseScore(subdomain: string, fullDomain: string = sub
|
||||
}
|
||||
}
|
||||
|
||||
if (subdomain.slice(1).includes('.')) {
|
||||
if (subdomain.indexOf('.', 1) > 1) {
|
||||
weight += 1;
|
||||
if (subdomain.includes('www.')) {
|
||||
weight += 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -249,5 +255,9 @@ export function calcDomainAbuseScore(subdomain: string, fullDomain: string = sub
|
||||
|
||||
if (require.main === module) {
|
||||
getPhishingDomains(dummySpan)
|
||||
.catch(console.error);
|
||||
.catch(console.error)
|
||||
.finally(() => {
|
||||
dummySpan.stop();
|
||||
printTraceResult(dummySpan.traceResult);
|
||||
});
|
||||
}
|
||||
|
||||
@ -66,7 +66,7 @@ export function domainWildCardToRegex(domain: string) {
|
||||
return result;
|
||||
}
|
||||
|
||||
export const identity = <T>(x: T): T => x;
|
||||
export const identity = <T, R = T>(x: T): R => x as any;
|
||||
|
||||
export function appendArrayFromSet<T>(dest: T[], source: Set<T> | Array<Set<T>>, transformer: (item: T) => T = identity) {
|
||||
const casted = Array.isArray(source) ? source : [source];
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user