poanetwork
/
nifty-wallet
mirror of https://github.com/poanetwork/nifty-wallet.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

phishing detection - move phishing detection into contentscript and metamask controller

This commit is contained in:
kumavis 2017-08-02 14:26:10 -07:00
parent aea5735b29
commit ecaa235b5e
10 changed files with 52 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/manifest.json
View File

@ -52,15 +52,6 @@
], ],
"run_at": "document_start", "run_at": "document_start",
"all_frames": true "all_frames": true
},
{
"run_at": "document_start",
"matches": [
"http://*/*",
"https://*/*"
],
"js": ["scripts/blacklister.js"],
"all_frames": true
} }
], ],
"permissions": [ "permissions": [

34
app/scripts/background.js
View File

@ -11,7 +11,6 @@ const NotificationManager = require('./lib/notification-manager.js')
const MetamaskController = require('./metamask-controller') const MetamaskController = require('./metamask-controller')
const extension = require('extensionizer') const extension = require('extensionizer')
const firstTimeState = require('./first-time-state') const firstTimeState = require('./first-time-state')
const isPhish = require('./lib/is-phish')
const STORAGE_KEY = 'metamask-config' const STORAGE_KEY = 'metamask-config'
const METAMASK_DEBUG = 'GULP_METAMASK_DEBUG' const METAMASK_DEBUG = 'GULP_METAMASK_DEBUG'
@ -91,16 +90,12 @@ function setupController (initState) {
extension.runtime.onConnect.addListener(connectRemote) extension.runtime.onConnect.addListener(connectRemote)
function connectRemote (remotePort) { function connectRemote (remotePort) {
if (remotePort.name === 'blacklister') { const isMetaMaskInternalProcess = remotePort.name === 'popup' || remotePort.name === 'notification'
return checkBlacklist(remotePort) const portStream = new PortStream(remotePort)
}
var isMetaMaskInternalProcess = remotePort.name === 'popup' || remotePort.name === 'notification'
var portStream = new PortStream(remotePort)
if (isMetaMaskInternalProcess) { if (isMetaMaskInternalProcess) {
// communication with popup // communication with popup
popupIsOpen = popupIsOpen || (remotePort.name === 'popup') popupIsOpen = popupIsOpen || (remotePort.name === 'popup')
controller.setupTrustedCommunication(portStream, 'MetaMask', remotePort.name) controller.setupTrustedCommunication(portStream, 'MetaMask')
// record popup as closed // record popup as closed
if (remotePort.name === 'popup') { if (remotePort.name === 'popup') {
endOfStream(portStream, () => { endOfStream(portStream, () => {
@ -109,7 +104,7 @@ function setupController (initState) {
} }
} else { } else {
// communication with page // communication with page
var originDomain = urlUtil.parse(remotePort.sender.url).hostname const originDomain = urlUtil.parse(remotePort.sender.url).hostname
controller.setupUntrustedCommunication(portStream, originDomain) controller.setupUntrustedCommunication(portStream, originDomain)
} }
} }
@ -140,27 +135,6 @@ function setupController (initState) {
return Promise.resolve() return Promise.resolve()
} }
// Listen for new pages and return if blacklisted:
function checkBlacklist (port) {
const handler = handleNewPageLoad.bind(null, port)
port.onMessage.addListener(handler)
setTimeout(() => {
port.onMessage.removeListener(handler)
}, 30000)
}
function handleNewPageLoad (port, message) {
const { pageLoaded } = message
if (!pageLoaded || !global.metamaskController) return
const state = global.metamaskController.getState()
const updatedBlacklist = state.blacklist
if (isPhish({ updatedBlacklist, hostname: pageLoaded })) {
port.postMessage({ 'blacklist': pageLoaded })
}
}
// //
// Etc... // Etc...
// //

14
app/scripts/blacklister.js
View File

@ -1,14 +0,0 @@
const extension = require('extensionizer')
var port = extension.runtime.connect({name: 'blacklister'})
port.postMessage({ 'pageLoaded': window.location.hostname })
port.onMessage.addListener(redirectIfBlacklisted)
function redirectIfBlacklisted (response) {
const { blacklist } = response
const host = window.location.hostname
if (blacklist && blacklist === host) {
window.location.href = 'https://metamask.io/phishing.html'
}
}

22
app/scripts/contentscript.js
View File

@ -37,28 +37,33 @@ function setupInjection () {
function setupStreams () { function setupStreams () {
// setup communication to page and plugin // setup communication to page and plugin
var pageStream = new LocalMessageDuplexStream({ const pageStream = new LocalMessageDuplexStream({
name: 'contentscript', name: 'contentscript',
target: 'inpage', target: 'inpage',
}) })
pageStream.on('error', console.error) pageStream.on('error', console.error)
var pluginPort = extension.runtime.connect({name: 'contentscript'}) const pluginPort = extension.runtime.connect({ name: 'contentscript' })
var pluginStream = new PortStream(pluginPort) const pluginStream = new PortStream(pluginPort)
pluginStream.on('error', console.error) pluginStream.on('error', console.error)
// forward communication plugin->inpage // forward communication plugin->inpage
pageStream.pipe(pluginStream).pipe(pageStream) pageStream.pipe(pluginStream).pipe(pageStream)
// setup local multistream channels // setup local multistream channels
var mx = ObjectMultiplex() const mx = ObjectMultiplex()
mx.on('error', console.error) mx.on('error', console.error)
mx.pipe(pageStream).pipe(mx) mx.pipe(pageStream).pipe(mx)
mx.pipe(pluginStream).pipe(mx)
// connect ping stream // connect ping stream
var pongStream = new PongStream({ objectMode: true }) const pongStream = new PongStream({ objectMode: true })
pongStream.pipe(mx.createStream('pingpong')).pipe(pongStream) pongStream.pipe(mx.createStream('pingpong')).pipe(pongStream)
// ignore unused channels (handled by background) // connect phishing warning stream
const phishingStream = mx.createStream('phishing')
phishingStream.once('data', redirectToPhishingWarning)
// ignore unused channels (handled by background, inpage)
mx.ignoreStream('provider') mx.ignoreStream('provider')
mx.ignoreStream('publicConfig') mx.ignoreStream('publicConfig')
} }
@ -88,3 +93,8 @@ function suffixCheck () {
} }
return true return true
} }
function redirectToPhishingWarning () {
console.log('MetaMask - redirecting to phishing warning')
window.location.href = 'https://metamask.io/phishing.html'
}

3
app/scripts/lib/inpage-provider.js
View File

@ -26,6 +26,9 @@ function MetamaskInpageProvider (connectionStream) {
(err) => logStreamDisconnectWarning('MetaMask PublicConfigStore', err) (err) => logStreamDisconnectWarning('MetaMask PublicConfigStore', err)
) )
// ignore phishing warning message (handled elsewhere)
multiStream.ignoreStream('phishing')
// connect to async provider // connect to async provider
const asyncProvider = self.asyncProvider = new StreamProvider() const asyncProvider = self.asyncProvider = new StreamProvider()
pipe( pipe(

6
app/scripts/lib/is-phish.js
View File

@ -9,15 +9,15 @@ const LEVENSHTEIN_CHECKS = ['myetherwallet', 'myetheroll', 'ledgerwallet', 'meta
// credit to @sogoiii and @409H for their help! // credit to @sogoiii and @409H for their help!
// Return a boolean on whether or not a phish is detected. // Return a boolean on whether or not a phish is detected.
function isPhish({ hostname, updatedBlacklist = null }) { function isPhish({ hostname, blacklist }) {
var strCurrentTab = hostname var strCurrentTab = hostname
// check if the domain is part of the whitelist. // check if the domain is part of the whitelist.
if (whitelistedDomains && whitelistedDomains.includes(strCurrentTab)) { return false } if (whitelistedDomains && whitelistedDomains.includes(strCurrentTab)) { return false }
// Allow updating of blacklist: // Allow updating of blacklist:
if (updatedBlacklist) { if (blacklist) {
blacklistedDomains = blacklistedDomains.concat(updatedBlacklist) blacklistedDomains = blacklistedDomains.concat(blacklist)
} }
// check if the domain is part of the blacklist. // check if the domain is part of the blacklist.

26
app/scripts/metamask-controller.js
View File

@ -23,6 +23,7 @@ const ConfigManager = require('./lib/config-manager')
const nodeify = require('./lib/nodeify') const nodeify = require('./lib/nodeify')
const accountImporter = require('./account-import-strategies') const accountImporter = require('./account-import-strategies')
const getBuyEthUrl = require('./lib/buy-eth-url') const getBuyEthUrl = require('./lib/buy-eth-url')
const checkForPhishing = require('./lib/is-phish')
const debounce = require('debounce') const debounce = require('debounce')
const version = require('../manifest.json').version const version = require('../manifest.json').version
@ -326,8 +327,15 @@ module.exports = class MetamaskController extends EventEmitter {
} }
setupUntrustedCommunication (connectionStream, originDomain) { setupUntrustedCommunication (connectionStream, originDomain) {
// Check if new connection is blacklisted
if (this.isHostBlacklisted(originDomain)) {
console.log('MetaMask - sending phishing warning for', originDomain)
this.sendPhishingWarning(connectionStream, originDomain)
return
}
// setup multiplexing // setup multiplexing
var mx = setupMultiplex(connectionStream) const mx = setupMultiplex(connectionStream)
// connect features // connect features
this.setupProviderConnection(mx.createStream('provider'), originDomain) this.setupProviderConnection(mx.createStream('provider'), originDomain)
this.setupPublicConfig(mx.createStream('publicConfig')) this.setupPublicConfig(mx.createStream('publicConfig'))
@ -335,12 +343,26 @@ module.exports = class MetamaskController extends EventEmitter {
setupTrustedCommunication (connectionStream, originDomain) { setupTrustedCommunication (connectionStream, originDomain) {
// setup multiplexing // setup multiplexing
var mx = setupMultiplex(connectionStream) const mx = setupMultiplex(connectionStream)
// connect features // connect features
this.setupControllerConnection(mx.createStream('controller')) this.setupControllerConnection(mx.createStream('controller'))
this.setupProviderConnection(mx.createStream('provider'), originDomain) this.setupProviderConnection(mx.createStream('provider'), originDomain)
} }
// Check if a domain is on our blacklist
isHostBlacklisted (hostname) {
if (!hostname) return false
const { blacklist } = this.getState().blacklist
return checkForPhishing({ blacklist, hostname })
}
sendPhishingWarning (connectionStream, hostname) {
const mx = setupMultiplex(connectionStream)
const phishingStream = mx.createStream('phishing')
// phishingStream.write(true)
phishingStream.write({ hostname })
}
setupControllerConnection (outStream) { setupControllerConnection (outStream) {
const api = this.getApi() const api = this.getApi()
const dnode = Dnode(api) const dnode = Dnode(api)

1
gulpfile.js
View File

@ -172,7 +172,6 @@ gulp.task('default', ['lint'], function () {
const jsFiles = [ const jsFiles = [
'inpage', 'inpage',
'contentscript', 'contentscript',
'blacklister',
'background', 'background',
'popup', 'popup',
] ]

2
package.json
View File

@ -126,7 +126,7 @@
"sw-stream": "^2.0.0", "sw-stream": "^2.0.0",
"textarea-caret": "^3.0.1", "textarea-caret": "^3.0.1",
"three.js": "^0.73.2", "three.js": "^0.73.2",
"through2": "^2.0.1", "through2": "^2.0.3",
"valid-url": "^1.0.9", "valid-url": "^1.0.9",
"vreme": "^3.0.2", "vreme": "^3.0.2",
"web3": "0.19.1", "web3": "0.19.1",

2
test/unit/blacklister-test.js → test/unit/phishing-detection-test.js
View File

@ -1,7 +1,7 @@
const assert = require('assert') const assert = require('assert')
const isPhish = require('../../app/scripts/lib/is-phish') const isPhish = require('../../app/scripts/lib/is-phish')
describe('blacklister', function () { describe('phishing detection test', function () {
describe('#isPhish', function () { describe('#isPhish', function () {
it('should not flag whitelisted values', function () { it('should not flag whitelisted values', function () {
var result = isPhish({ hostname: 'www.metamask.io' }) var result = isPhish({ hostname: 'www.metamask.io' })