Merge pull request #1837 from MetaMask/i1833-levencheck

Levenshtein Checking Logic Added To Blacklist
2024-12-23 09:52:26 +01:00 · 2017-07-26 16:25:30 -07:00 · 2017-07-26 16:25:30 -07:00 · e3b5bb2052
commit e3b5bb2052
parent 520cda0058 aa282b4e3a
4 changed files with 62 additions and 8 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,6 +6,7 @@

 - Fix bugs that could sometimes result in failed transactions after switching networks.
 - Include stack traces in txMeta's to better understand the life cycle of transactions
+- Enhance blacklister functionality to include levenshtein logic. (credit to @sogoiii and @409H for their help!)

 ## 3.9.1 2017-7-19

--- a/app/scripts/blacklister.js
+++ b/app/scripts/blacklister.js
@ -1,13 +1,41 @@
-const blacklistedDomains = require('etheraddresslookup/blacklists/domains.json')
+const levenshtein = require('fast-levenshtein')
+const blacklistedMetaMaskDomains = ['metamask.com']
+const blacklistedDomains = require('etheraddresslookup/blacklists/domains.json').concat(blacklistedMetaMaskDomains)
+const whitelistedMetaMaskDomains = ['metamask.io', 'www.metamask.io']
+const whitelistedDomains = require('etheraddresslookup/whitelists/domains.json').concat(whitelistedMetaMaskDomains)
+const LEVENSHTEIN_TOLERANCE = 4
+const LEVENSHTEIN_CHECKS = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'metamask']

-function detectBlacklistedDomain() {
-  var strCurrentTab = window.location.hostname
-  if (blacklistedDomains && blacklistedDomains.includes(strCurrentTab)) {
-    window.location.href = 'https://metamask.io/phishing.html'
+
+// credit to @sogoiii and @409H for their help!
+// Return a boolean on whether or not a phish is detected.
+function isPhish(hostname) {
+  var strCurrentTab = hostname
+
+  // check if the domain is part of the whitelist.
+  if (whitelistedDomains && whitelistedDomains.includes(strCurrentTab)) { return false }
+
+  // check if the domain is part of the blacklist.
+  var isBlacklisted = blacklistedDomains && blacklistedDomains.includes(strCurrentTab)
+
+  // check for similar values.
+  var levenshteinMatched = false
+  var levenshteinForm = strCurrentTab.replace(/\./g, '')
+  LEVENSHTEIN_CHECKS.forEach((element) => {
+    if (levenshtein.get(element, levenshteinForm) < LEVENSHTEIN_TOLERANCE) {
+      levenshteinMatched = true
    }
+  })
+
+  return isBlacklisted || levenshteinMatched
 }

-window.addEventListener('load', function() {
-  detectBlacklistedDomain()
+window.addEventListener('load', function () {
+  var hostnameToCheck = window.location.hostname
+  if (isPhish(hostnameToCheck)) {
+    // redirect to our phishing warning page.
+    window.location.href = 'https://metamask.io/phishing.html'
+  }
 })

+module.exports = isPhish
--- a/package.json
+++ b/package.json
@ -80,6 +80,7 @@
    "express": "^4.14.0",
    "extension-link-enabler": "^1.0.0",
    "extensionizer": "^1.0.0",
+    "fast-levenshtein": "^2.0.6",
    "gulp-eslint": "^2.0.0",
    "hat": "0.0.3",
    "idb-global": "^1.0.0",
--- a/test/unit/blacklister-test.js
+++ b/test/unit/blacklister-test.js
@ -0,0 +1,24 @@
+const assert = require('assert')
+const Blacklister = require('../../app/scripts/blacklister')
+
+
+describe('blacklister', function () {
+  describe('#isPhish', function () {
+    it('should not flag whitelisted values', function () {
+      var result = Blacklister('www.metamask.io')
+      assert(!result)
+    })
+    it('should flag explicit values', function () {
+      var result = Blacklister('metamask.com')
+      assert(result)
+    })
+    it('should flag levenshtein values', function () {
+      var result = Blacklister('metmask.io')
+      assert(result)
+    })
+    it('should not flag not-even-close values', function () {
+      var result = Blacklister('example.com')
+      assert(!result)
+    })
+  })
+})