radar/cli.js at master · CryptoScamDB/radar · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#!/usr/bin/env node

const request = require('request');
const tldextract = require('tldextract');
const progress = require('cli-progress');
const colors = require('colors');
const Bottleneck = require('Bottleneck');
const config = require('./config');
const stringSimilarity = require('string-similarity');

const flatten = list => list.reduce((a, b) => a.concat(Array.isArray(b) ? flatten(b) : b), []);

const shuffle = (a) => {
    for (let i = a.length - 1; i > 0; i--) {
        const j = Math.floor(Math.random() * (i + 1));
        [a[i], a[j]] = [a[j], a[i]];
    }
    return a;
}

const limiter = new Bottleneck({
	minTime: config.minTime,
	maxConcurrent: config.maxConcurrent
});

const extractHostname = (url) => {
	return new Promise((resolve,reject) => {
		tldextract(url, function (err, obj) {
			if(err) {
				reject(err);
			} else {
				resolve(obj.domain);
			}
		});
	});
}

const getBlacklist = () => {
	console.log("Getting blacklist...");
	return new Promise((resolve,reject) => {
		request('https://cryptoscamdb.org/api/blacklist',{json:true},(err,response,body) => {
			if(err) {
				reject(err);
			} else {
				resolve(body.filter(entry => !entry.startsWith('www.')));
			}
		});
	});
}

const getWhitelist = () => {
	console.log("Getting whitelist...");
	return new Promise((resolve,reject) => {
		request('https://cryptoscamdb.org/api/whitelist',{json:true},(err,response,body) => {
			if(err) {
				reject(err);
			} else {
				resolve(body);
			}
		});
	});
}

const getTLDs = () => {
	console.log("Getting list of TLDs...");
	return new Promise((resolve,reject) => {
		request('http://data.iana.org/TLD/tlds-alpha-by-domain.txt',(err,response,body) => {
			if(err) {
				reject(err);
			} else if(!body) {
				console.error('No body for TLDS?');
				process.exit();
			} else {
				resolve(body.split('\n').filter(tld => !tld.startsWith('#')).map(tld => tld.toLowerCase()));
			}
		});
	});
}

const rawFetch = (async url => {
	return new Promise(resolve => {
		request('http://' + url,{},(err,response,body) => {
			if(err || !body) {
				resolve(false);
			} else {
				resolve(body);
			}
		});
	});
})

const fetch = limiter.wrap(rawFetch);


(async () => {
	const bar = new progress.Bar({
		format: 'Requests completed |' + colors.cyan('{bar}') + '| {percentage}% || {value}/{total} ',
        barCompleteChar: '\u2588',
        barIncompleteChar: '\u2591',
		hideCursor: true
	});
	const tlds = await getTLDs();
	const blacklist = await getBlacklist();
	const whitelist = await getWhitelist();

	console.log("Parsing whitelist...");

	const whitelistContent = await Promise.all(whitelist.map(async entry => {
		const content = await rawFetch(entry);
		const hostname = await extractHostname(entry);
		return ({
			url: hostname,
			content: content
		});
	}));

	console.log("Extracting whitelist entries...");

	const domains = await Promise.all(whitelist.map(async entry => {
		const hostname = await extractHostname(entry);
		return tlds.map(tld => ({ url: hostname + '.' + tld, parent: hostname }));
	}));

	console.log("Success!");

	bar.start(flatten(domains).length, 0);

	await Promise.all(shuffle(flatten(domains)).map(async domain => {
		const valid = await fetch(domain.url);
		if(valid && !(blacklist.includes(domain.url)) && !(whitelist.includes(domain.url))) {
			const similarity = stringSimilarity.compareTwoStrings(whitelistContent.find(entry => entry.url == domain.parent).content, valid);
			if(similarity > config.similarityThreshold) {
				console.error('\nPossible phishing URL found! ' + domain.url + ' (' + Math.round(similarity*1000)/10 + '%)');
			}
		}
		bar.increment();
	}));
})();