GithubFollow/Surge_by_SukkaW
1
0
Fork 0
mirror of https://github.com/SukkaW/Surge.git synced 2025-12-12 01:00:34 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

New phishing blocking domainset

Browse Source
This commit is contained in:
SukkaW 2022-11-01 02:24:56 +08:00
parent d26e4a4b07
commit c880ebc9f5
9 changed files with 1419 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/main.yml vendored
View File

@ -52,4 +52,4 @@ jobs:
user_email: ${{ secrets.GIT_EMAIL }} user_email: ${{ secrets.GIT_EMAIL }}
publish_branch: gh-pages publish_branch: gh-pages
publish_dir: ./ publish_dir: ./
# cname: ruleset.skk.moe cname: ruleset.skk.moe

72
Build/build-phishing-domainset.js Normal file
View File

@ -0,0 +1,72 @@
const psl = require('psl');
const { processFilterRules } = require('./lib/parse-filter.js');
const fs = require('fs');
const path = require('path');
const WHITELIST_DOMAIN = new Set([]);
const BLACK_TLD = [
'.xyz',
'.top',
'.win',
'.vip',
'.site',
'.space',
'.online',
'.icu',
'.fun',
'.shop',
'.cool',
'.cyou',
'.id'
];
(async () => {
const domainSet = Array.from(
(
await processFilterRules('https://curbengh.github.io/phishing-filter/phishing-filter-agh.txt')
).black
);
const domainCountMap = {};
for (let i = 0, len = domainSet.length; i < len; i++) {
const line = domainSet[i];
// starts with #
if (line.charCodeAt(0) === 35) {
continue;
}
if (line.trim().length === 0) {
continue;
}
const domain = line.charCodeAt(0) === 46 ? line.slice(1) : line;
if (line.length > 25) {
const parsed = psl.parse(domain);
if (parsed.input === parsed.tld) {
continue;
}
const apexDomain = parsed.domain
if (WHITELIST_DOMAIN.has(apexDomain)) {
continue;
}
domainCountMap[apexDomain] ||= 0;
domainCountMap[apexDomain] += 1;
}
}
const results = [];
Object.entries(domainCountMap).forEach(([domain, count]) => {
if (
count >= 8
&& BLACK_TLD.some(tld => domain.endsWith(tld))
) {
results.push('.' + domain);
}
});
const filePath = path.resolve(__dirname, '../List/domainset/reject_phishing.conf');
await fs.promises.writeFile(filePath, results.join('\n'), 'utf-8');
})();

21
Build/build-reject-domainset.js
View File

@ -202,6 +202,27 @@ const threads = isCI ? cpuCount : cpuCount / 2;
}); });
}); });
// Read Special Phishing Suffix list
await fsPromises.readFile(pathResolve(__dirname, '../List/domainset/reject_phishing.conf'), { encoding: 'utf-8' }).then(data => {
data.split('\n').forEach(line => {
const trimmed = line.trim();
if (
line.startsWith('#')
|| line.startsWith(' ')
|| line.startsWith('\r')
|| line.startsWith('\n')
|| trimmed === ''
) {
return;
}
/* if (domainSets.has(line) || domainSets.has(`.${line}`)) {
console.warn(`|${line}| is already in the list!`);
} */
domainSuffixSet.add(trimmed);
});
});
console.log(`Import ${domainKeywordsSet.size} black keywords and ${domainSuffixSet.size} black suffixes!`); console.log(`Import ${domainKeywordsSet.size} black keywords and ${domainSuffixSet.size} black suffixes!`);
previousSize = domainSets.size; previousSize = domainSets.size;

20
Build/lib/parse-filter.js
View File

@ -107,14 +107,20 @@ async function processFilterRules (filterRulesUrl, fallbackUrls) {
/** @type Set<string> */ /** @type Set<string> */
const blacklistDomainSets = new Set(); const blacklistDomainSets = new Set();
/** @type string[] */ let filterRules;
const filterRules = ( try {
await Promise.any( /** @type string[] */
[filterRulesUrl, ...(fallbackUrls || [])].map( filterRules = (
async url => (await fetchWithRetry(url)).text() await Promise.any(
[filterRulesUrl, ...(fallbackUrls || [])].map(
async url => (await fetchWithRetry(url)).text()
)
) )
) ).split('\n').map(line => line.trim());
).split('\n').map(line => line.trim()); } catch (e) {
console.log('Download Rule for [' + filterRulesUrl + '] failed');
throw e;
}
filterRules.forEach(line => { filterRules.forEach(line => {
const lineStartsWithDoubleVerticalBar = line.startsWith('||'); const lineStartsWithDoubleVerticalBar = line.startsWith('||');

1299
List/domainset/reject_phishing.conf Normal file
View File

File diff suppressed because it is too large Load Diff

5
List/domainset/reject_sukka.conf
View File

@ -14,6 +14,7 @@ optimus-ads.amap.com
.weddingeeos.com .weddingeeos.com
.rjno1.com .rjno1.com
.taio.app .taio.app
.headcaptcha.live
# >> Qihoo 360 # >> Qihoo 360
hot.m.shouji.360tpcdn.com hot.m.shouji.360tpcdn.com
@ -1690,7 +1691,3 @@ adserve2.tom.com
.luminati.io .luminati.io
.lum-cn.io .lum-cn.io
.luminati-china.biz .luminati-china.biz
# >> Misc
.headcaptcha.live

46
List/non_ip/reject.conf
View File

@ -15,52 +15,6 @@ DOMAIN-KEYWORD,.nimiq.
DOMAIN-KEYWORD,anybest. DOMAIN-KEYWORD,anybest.
DOMAIN-KEYWORD,dubester. DOMAIN-KEYWORD,dubester.
# Phishing
DOMAIN-KEYWORD,ercmsvi.
DOMAIN-KEYWORD,vianocenure
DOMAIN-KEYWORD,scvoiei.
DOMAIN-KEYWORD,mcvoiei.
DOMAIN-KEYWORD,ismsivi.
DOMAIN-KEYWORD,cvoievi.
DOMAIN-KEYWORD,cvoiei.
DOMAIN-KEYWORD,reeinsi.
DOMAIN-KEYWORD,eainsi.
DOMAIN-KEYWORD,avesi.
DOMAIN-KEYWORD,aaevesi.
DOMAIN-KEYWORD,aveesi.
DOMAIN-KEYWORD,ooaesc.
DOMAIN-KEYWORD,crvnvsa.
DOMAIN-KEYWORD,49329d48d6c.
DOMAIN-KEYWORD,vsvevvcca
DOMAIN-KEYWORD,envci.
DOMAIN-KEYWORD,aarsenvs.
DOMAIN-KEYWORD,.myjaas
DOMAIN-KEYWORD,eb.myja
DOMAIN-KEYWORD,eb.myje
DOMAIN-KEYWORD,eb.myjo
DOMAIN-KEYWORD,sb.myja
DOMAIN-KEYWORD,cn.asec
DOMAIN-KEYWORD,on.ascc
DOMAIN-KEYWORD,on.acsc
DOMAIN-KEYWORD,on.acse
DOMAIN-KEYWORD,on.ascec
DOMAIN-KEYWORD,on.ascse
DOMAIN-KEYWORD,an.ascec
DOMAIN-KEYWORD,.viiessva
DOMAIN-KEYWORD,.avisievs
DOMAIN-KEYWORD,orvaisvieas
DOMAIN-KEYWORD,.vieissa
DOMAIN-KEYWORD,.viessvac
DOMAIN-KEYWORD,ei.vivca
DOMAIN-KEYWORD,ei.visva
DOMAIN-KEYWORD,.vivcsv
DOMAIN-KEYWORD,asceea
DOMAIN-KEYWORD,asceee
DOMAIN-KEYWORD,on.acca
DOMAIN-KEYWORD,n.accseo
# --- End of Blacklist Section # --- End of Blacklist Section
# --- AD Block --- # --- AD Block ---

6
README.md
View File

@ -16,11 +16,13 @@
> Surge 和 Clash 会按照规则在配置中的顺序、从上到下逐一匹配,当且仅当进行 IP 规则的匹配、FINAL、或 direct 策略时,才会进行 DNS 解析。按照一定的顺序添加规则组,可以避免不必要的 DNS 解析。 > Surge 和 Clash 会按照规则在配置中的顺序、从上到下逐一匹配,当且仅当进行 IP 规则的匹配、FINAL、或 direct 策略时,才会进行 DNS 解析。按照一定的顺序添加规则组,可以避免不必要的 DNS 解析。
#### 广告拦截 / 隐私保护 #### 广告拦截 / 隐私保护 / Malware 拦截 / Phiishing 拦截
```ini ```ini
RULE-SET,https://ruleset.skk.moe/List/non_ip/reject.conf,reject-drop RULE-SET,https://ruleset.skk.moe/List/non_ip/reject.conf,reject
DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject.conf,reject-tinygif DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject.conf,reject-tinygif
DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject_sukka.conf,reject-tinygif
DOMAIN-SET,https://ruleset.skk.moe/List/domainset/reject_phishing.conf,reject
RULE-SET,https://ruleset.skk.moe/List/ip/reject.conf,reject-drop RULE-SET,https://ruleset.skk.moe/List/ip/reject.conf,reject-drop
``` ```

9
package.json
View File

@ -10,6 +10,7 @@
"build:cdn-conf": "wireit", "build:cdn-conf": "wireit",
"build:index-html": "wireit", "build:index-html": "wireit",
"build:reject-domainset": "wireit", "build:reject-domainset": "wireit",
"build:phishing-domainset": "wireit",
"build:telegram-cidr": "wireit", "build:telegram-cidr": "wireit",
"build:chn-cidr": "wireit", "build:chn-cidr": "wireit",
"validate:cdn-conf": "wireit" "validate:cdn-conf": "wireit"
@ -24,8 +25,14 @@
"build:cdn-conf": { "build:cdn-conf": {
"command": "node ./Build/build-cdn-conf.js" "command": "node ./Build/build-cdn-conf.js"
}, },
"build:phishing-domainset": {
"command": "node ./Build/build-phishing-domainset.js"
},
"build:reject-domainset": { "build:reject-domainset": {
"command": "node ./Build/build-reject-domainset.js" "command": "node ./Build/build-reject-domainset.js",
"dependencies": [
"build:phishing-domainset"
]
}, },
"build:telegram-cidr": { "build:telegram-cidr": {
"command": "node ./Build/build-telegram-cidr.js" "command": "node ./Build/build-telegram-cidr.js"