From 6a9d40c558564763ee06deb4861238b1b06e1f00 Mon Sep 17 00:00:00 2001 From: Kevin Serrano Date: Wed, 26 Jul 2017 15:24:57 -0700 Subject: [PATCH 1/4] Add test for blacklister. --- test/unit/blacklister-test.js | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 test/unit/blacklister-test.js diff --git a/test/unit/blacklister-test.js b/test/unit/blacklister-test.js new file mode 100644 index 000000000..d9290795c --- /dev/null +++ b/test/unit/blacklister-test.js @@ -0,0 +1,24 @@ +const assert = require('assert') +const Blacklister = require('../../app/scripts/blacklister') + + +describe('blacklister', function () { + describe('#isPhish', function () { + it('should not flag whitelisted values', function () { + var result = Blacklister('www.metamask.io') + assert(!result) + }) + it('should flag explicit values', function () { + var result = Blacklister('metamask.com') + assert(result) + }) + it('should flag levenshtein values', function () { + var result = Blacklister('metmask.io') + assert(result) + }) + it('should not flag not-even-close values', function () { + var result = Blacklister('example.com') + assert(!result) + }) + }) +}) From 66f6d5a4e06c6938ae22bd2cb4696f6ade900df2 Mon Sep 17 00:00:00 2001 From: Kevin Serrano Date: Wed, 26 Jul 2017 15:25:30 -0700 Subject: [PATCH 2/4] Add levenshtein logic to blacklister. --- app/scripts/blacklister.js | 40 ++++++++++++++++++++++++++++++-------- package.json | 1 + 2 files changed, 33 insertions(+), 8 deletions(-) diff --git a/app/scripts/blacklister.js b/app/scripts/blacklister.js index a45265a75..f4b95a31f 100644 --- a/app/scripts/blacklister.js +++ b/app/scripts/blacklister.js @@ -1,13 +1,37 @@ -const blacklistedDomains = require('etheraddresslookup/blacklists/domains.json') +const levenshtein = require('fast-levenshtein') +const blacklistedMetaMaskDomains = ['metamask.com'] +const blacklistedDomains = require('etheraddresslookup/blacklists/domains.json').concat(blacklistedMetaMaskDomains) +const whitelistedMetaMaskDomains = ['metamask.io', 'www.metamask.io'] +const whitelistedDomains = require('etheraddresslookup/whitelists/domains.json').concat(whitelistedMetaMaskDomains) +const LEVENSHTEIN_TOLERANCE = 4 +const LEVENSHTEIN_CHECKS = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'metamask'] -function detectBlacklistedDomain() { - var strCurrentTab = window.location.hostname - if (blacklistedDomains && blacklistedDomains.includes(strCurrentTab)) { - window.location.href = 'https://metamask.io/phishing.html' - } +function isPhish(hostname) { + var strCurrentTab = hostname + + // check if the domain is part of the whitelist. + if (whitelistedDomains && whitelistedDomains.includes(strCurrentTab)) { return false } + + // check if the domain is part of the blacklist. + var isBlacklisted = blacklistedDomains && blacklistedDomains.includes(strCurrentTab) + + // check for similar values. + var levenshteinMatched = false + var levenshteinForm = strCurrentTab.replace(/\./g, '') + LEVENSHTEIN_CHECKS.forEach((element) => { + if (levenshtein.get(element, levenshteinForm) < LEVENSHTEIN_TOLERANCE) { + levenshteinMatched = true + } + }) + + return isBlacklisted || levenshteinMatched } -window.addEventListener('load', function() { - detectBlacklistedDomain() +window.addEventListener('load', function () { + var hostnameToCheck = window.location.hostname + if (isPhish(hostnameToCheck)) { + window.location.href = 'https://metamask.io/phishing.html' + } }) +module.exports = isPhish diff --git a/package.json b/package.json index dcd25cda6..10afc8228 100644 --- a/package.json +++ b/package.json @@ -80,6 +80,7 @@ "express": "^4.14.0", "extension-link-enabler": "^1.0.0", "extensionizer": "^1.0.0", + "fast-levenshtein": "^2.0.6", "gulp-eslint": "^2.0.0", "hat": "0.0.3", "idb-global": "^1.0.0", From a6395436653f274b39bbf642a4d502879bd6eb92 Mon Sep 17 00:00:00 2001 From: Kevin Serrano Date: Wed, 26 Jul 2017 15:29:13 -0700 Subject: [PATCH 3/4] Changelog bump --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index eeeda9d68..46de6fd97 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## Current Master - Include stack traces in txMeta's to better understand the life cycle of transactions +- Enhance blacklister functionality to include levenshtein logic. ## 3.9.1 2017-7-19 From aa282b4e3a55d090f27e37cacf850aa5298cfe27 Mon Sep 17 00:00:00 2001 From: Kevin Serrano Date: Wed, 26 Jul 2017 15:31:16 -0700 Subject: [PATCH 4/4] Give credit where it is due --- CHANGELOG.md | 2 +- app/scripts/blacklister.js | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 46de6fd97..bb57870fb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,7 @@ ## Current Master - Include stack traces in txMeta's to better understand the life cycle of transactions -- Enhance blacklister functionality to include levenshtein logic. +- Enhance blacklister functionality to include levenshtein logic. (credit to @sogoiii and @409H for their help!) ## 3.9.1 2017-7-19 diff --git a/app/scripts/blacklister.js b/app/scripts/blacklister.js index f4b95a31f..9337599cc 100644 --- a/app/scripts/blacklister.js +++ b/app/scripts/blacklister.js @@ -6,6 +6,9 @@ const whitelistedDomains = require('etheraddresslookup/whitelists/domains.json') const LEVENSHTEIN_TOLERANCE = 4 const LEVENSHTEIN_CHECKS = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'metamask'] + +// credit to @sogoiii and @409H for their help! +// Return a boolean on whether or not a phish is detected. function isPhish(hostname) { var strCurrentTab = hostname @@ -30,6 +33,7 @@ function isPhish(hostname) { window.addEventListener('load', function () { var hostnameToCheck = window.location.hostname if (isPhish(hostnameToCheck)) { + // redirect to our phishing warning page. window.location.href = 'https://metamask.io/phishing.html' } })