New phishing blocking domainset

.github/workflows/main.yml

@@ -52,4 +52,4 @@ jobs:
           user_email: ${{ secrets.GIT_EMAIL }}
           publish_branch: gh-pages
           publish_dir: ./
-          # cname: ruleset.skk.moe
+          cname: ruleset.skk.moe

Build/build-phishing-domainset.js

@@ -0,0 +1,72 @@
+const psl = require('psl');
+const { processFilterRules } = require('./lib/parse-filter.js');
+const fs = require('fs');
+const path = require('path');
+
+const WHITELIST_DOMAIN = new Set([]);
+const BLACK_TLD = [
+  '.xyz',
+  '.top',
+  '.win',
+  '.vip',
+  '.site',
+  '.space',
+  '.online',
+  '.icu',
+  '.fun',
+  '.shop',
+  '.cool',
+  '.cyou',
+  '.id'
+];
+
+(async () => {
+  const domainSet = Array.from(
+    (
+      await processFilterRules('https://curbengh.github.io/phishing-filter/phishing-filter-agh.txt')
+    ).black
+  );
+  const domainCountMap = {};
+
+  for (let i = 0, len = domainSet.length; i < len; i++) {
+    const line = domainSet[i];
+    // starts with #
+    if (line.charCodeAt(0) === 35) {
+      continue;
+    }
+    if (line.trim().length === 0) {
+      continue;
+    }
+
+    const domain = line.charCodeAt(0) === 46 ? line.slice(1) : line;
+
+    if (line.length > 25) {
+      const parsed = psl.parse(domain);
+
+      if (parsed.input === parsed.tld) {
+        continue;
+      }
+      const apexDomain = parsed.domain
+
+      if (WHITELIST_DOMAIN.has(apexDomain)) {
+        continue;
+      }
+
+      domainCountMap[apexDomain] ||= 0;
+      domainCountMap[apexDomain] += 1;
+    }
+  }
+
+  const results = [];
+  Object.entries(domainCountMap).forEach(([domain, count]) => {
+    if (
+      count >= 8
+      && BLACK_TLD.some(tld => domain.endsWith(tld))
+    ) {
+      results.push('.' + domain);
+    }
+  });
+
+  const filePath = path.resolve(__dirname, '../List/domainset/reject_phishing.conf');
+  await fs.promises.writeFile(filePath, results.join('\n'), 'utf-8');
+})();

Build/build-reject-domainset.js

@@ -202,6 +202,27 @@ const threads = isCI ? cpuCount : cpuCount / 2;
     });
   });
 
+  // Read Special Phishing Suffix list
+  await fsPromises.readFile(pathResolve(__dirname, '../List/domainset/reject_phishing.conf'), { encoding: 'utf-8' }).then(data => {
+    data.split('\n').forEach(line => {
+      const trimmed = line.trim();
+      if (
+        line.startsWith('#')
+        || line.startsWith(' ')
+        || line.startsWith('\r')
+        || line.startsWith('\n')
+        || trimmed === ''
+      ) {
+        return;
+      }
+
+      /* if (domainSets.has(line) || domainSets.has(`.${line}`)) {
+        console.warn(`|${line}| is already in the list!`);
+      } */
+      domainSuffixSet.add(trimmed);
+    });
+  });
+
   console.log(`Import ${domainKeywordsSet.size} black keywords and ${domainSuffixSet.size} black suffixes!`);
 
   previousSize = domainSets.size;

Build/lib/parse-filter.js

@@ -107,14 +107,20 @@ async function processFilterRules (filterRulesUrl, fallbackUrls) {
   /** @type Set<string> */
   const blacklistDomainSets = new Set();
 
-  /** @type string[] */
-  const filterRules = (
-    await Promise.any(
-      [filterRulesUrl, ...(fallbackUrls || [])].map(
-        async url => (await fetchWithRetry(url)).text()
+  let filterRules;
+  try {
+    /** @type string[] */
+    filterRules = (
+      await Promise.any(
+        [filterRulesUrl, ...(fallbackUrls || [])].map(
+          async url => (await fetchWithRetry(url)).text()
+        )
       )
-    )
-  ).split('\n').map(line => line.trim());
+    ).split('\n').map(line => line.trim());
+  } catch (e) {
+    console.log('Download Rule for [' + filterRulesUrl + '] failed');
+    throw e;
+  }
 
   filterRules.forEach(line => {
     const lineStartsWithDoubleVerticalBar = line.startsWith('||');

List/domainset/reject_sukka.conf

@@ -14,6 +14,7 @@ optimus-ads.amap.com
 .weddingeeos.com
 .rjno1.com
 .taio.app
+.headcaptcha.live
 
 # >> Qihoo 360
 hot.m.shouji.360tpcdn.com
@@ -1690,7 +1691,3 @@ adserve2.tom.com
 .luminati.io
 .lum-cn.io
 .luminati-china.biz
-
-# >> Misc
-
-.headcaptcha.live

List/non_ip/reject.conf

@@ -15,52 +15,6 @@ DOMAIN-KEYWORD,.nimiq.
 DOMAIN-KEYWORD,anybest.
 DOMAIN-KEYWORD,dubester.
 
-# Phishing
-
-DOMAIN-KEYWORD,ercmsvi.
-DOMAIN-KEYWORD,vianocenure
-DOMAIN-KEYWORD,scvoiei.
-DOMAIN-KEYWORD,mcvoiei.
-DOMAIN-KEYWORD,ismsivi.
-DOMAIN-KEYWORD,cvoievi.
-DOMAIN-KEYWORD,cvoiei.
-DOMAIN-KEYWORD,reeinsi.
-DOMAIN-KEYWORD,eainsi.
-DOMAIN-KEYWORD,avesi.
-DOMAIN-KEYWORD,aaevesi.
-DOMAIN-KEYWORD,aveesi.
-DOMAIN-KEYWORD,ooaesc.
-DOMAIN-KEYWORD,crvnvsa.
-DOMAIN-KEYWORD,49329d48d6c.
-DOMAIN-KEYWORD,vsvevvcca
-DOMAIN-KEYWORD,envci.
-DOMAIN-KEYWORD,aarsenvs.
-DOMAIN-KEYWORD,.myjaas
-DOMAIN-KEYWORD,eb.myja
-DOMAIN-KEYWORD,eb.myje
-DOMAIN-KEYWORD,eb.myjo
-DOMAIN-KEYWORD,sb.myja
-DOMAIN-KEYWORD,cn.asec
-DOMAIN-KEYWORD,on.ascc
-DOMAIN-KEYWORD,on.acsc
-DOMAIN-KEYWORD,on.acse
-DOMAIN-KEYWORD,on.ascec
-DOMAIN-KEYWORD,on.ascse
-DOMAIN-KEYWORD,an.ascec
-DOMAIN-KEYWORD,.viiessva
-DOMAIN-KEYWORD,.avisievs
-DOMAIN-KEYWORD,orvaisvieas
-DOMAIN-KEYWORD,.vieissa
-DOMAIN-KEYWORD,.viessvac
-DOMAIN-KEYWORD,ei.vivca
-DOMAIN-KEYWORD,ei.visva
-DOMAIN-KEYWORD,.vivcsv
-DOMAIN-KEYWORD,asceea
-DOMAIN-KEYWORD,asceee
-DOMAIN-KEYWORD,on.acca
-DOMAIN-KEYWORD,n.accseo
-
-
 # --- End of Blacklist Section
 
 # --- AD Block ---

README.md

@@ -16,11 +16,13 @@
 
 > Surge 和 Clash 会按照规则在配置中的顺序、从上到下逐一匹配，当且仅当进行 IP 规则的匹配、FINAL、或 direct 策略时，才会进行 DNS 解析。按照一定的顺序添加规则组，可以避免不必要的 DNS 解析。
 
-#### 广告拦截 / 隐私保护
+#### 广告拦截 / 隐私保护 / Malware 拦截 / Phiishing 拦截
 
 ```ini
-RULE-SET,https://ruleset.skk.moe/List/non_ip/reject.conf,reject-drop
+RULE-SET,https://ruleset.skk.moe/List/non_ip/reject.conf,reject
 DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject.conf,reject-tinygif
+DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject_sukka.conf,reject-tinygif
+DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject_phishing.conf,reject
 RULE-SET,https://ruleset.skk.moe/List/ip/reject.conf,reject-drop
 ```
 

package.json

@@ -10,6 +10,7 @@
     "build:cdn-conf": "wireit",
     "build:index-html": "wireit",
     "build:reject-domainset": "wireit",
+    "build:phishing-domainset": "wireit",
     "build:telegram-cidr": "wireit",
     "build:chn-cidr": "wireit",
     "validate:cdn-conf": "wireit"
@@ -24,8 +25,14 @@
     "build:cdn-conf": {
       "command": "node ./Build/build-cdn-conf.js"
     },
+    "build:phishing-domainset": {
+      "command": "node ./Build/build-phishing-domainset.js"
+    },
     "build:reject-domainset": {
-      "command": "node ./Build/build-reject-domainset.js"
+      "command": "node ./Build/build-reject-domainset.js",
+      "dependencies": [
+        "build:phishing-domainset"
+      ]
     },
     "build:telegram-cidr": {
       "command": "node ./Build/build-telegram-cidr.js"