danwin1210/onion-link-list
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Drop v2 hidden service support

Browse Source
This commit is contained in:
Daniel Winzen
2021-06-14 19:25:05 +02:00
parent 2d4b2beb9b
commit 7e89f90d08
8 changed files with 13 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cron/phishing_tests.php
View File

@ -25,8 +25,8 @@ function check(string $link, string $phishing_link){
$select=$db->prepare('SELECT id FROM ' . PREFIX . 'onions WHERE md5sum=?;');
$insert=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, md5sum, timeadded, timechanged) VALUES (?, ?, ?, ?);');
$update=$db->prepare('UPDATE ' . PREFIX . 'onions SET locked=1, timechanged=? WHERE md5sum=?;');
preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $links, $addr);
preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $phishing_links, $phishing_addr);
preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{55}d).onion(/[^\s><"]*)?~i', $links, $addr);
preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{55}d).onion(/[^\s><"]*)?~i', $phishing_links, $phishing_addr);
$count=count($addr[3]);
if($count===count($phishing_addr[3])){ //only run with same data set
$time = time();

2
cron/tests.php
View File

@ -68,7 +68,7 @@ foreach($curl_handles as $handle){
}
$stmt->execute([$onion['id']]);
if(!$stmt->fetch(PDO::FETCH_NUM)){
if(preg_match('~^HTTP/1\.[10] 504 Connect to ([a-z2-7]{16}|[a-z2-7]{56})\.onion(:80)? failed: SOCKS error: host unreachable~', $content, $match)){
if(preg_match('~^HTTP/1\.[10] 504 Connect to ([a-z2-7]{55}d)\.onion(:80)? failed: SOCKS error: host unreachable~', $content, $match)){
$phishing_stmt->execute([$onion['id'], $match[2]]);
$update_phishing_stmt->execute([$time, $onion['md5sum']]);
}elseif(strpos($content, "<body>HttpReadDisconnect('Server disconnected',)</body>")!==false){

5
cron/update.php
View File

@ -15,7 +15,6 @@ $scanned_onions=[];
//sources to get links from
check_links($onions, $ch, 'https://tt3j2x4k5ycaa5zt.onion.link/antanistaticmap/stats/yesterday');
check_links($onions, $ch, 'https://tt3j2x4k5ycaa5zt.tor2web.io/antanistaticmap/stats/yesterday');
check_links($onions, $ch, 'http://visitorfi5kl7q7i.onion/address/');
check_links($onions, $ch, 'http://3bbad7fauom4d6sgppalyqddsqbf5u5p56b5k5uk2zxsy3d6ey2jobad.onion/discover');
check_links($onions, $ch, 'http://tor66sewebgixwhcqfnp5inzp5x5uohhdy3kvtnyfxc2e5mxiuh34iid.onion/fresh');
check_links($onions, $ch, 'https://crt.sh/?q=.onion&exclude=expired&deduplicate=Y');
@ -34,7 +33,7 @@ $db->exec('DELETE FROM ' . PREFIX . "onions WHERE address!='' AND timediff>24192
function check_links(array &$onions, $ch, string $link_to_check, bool $scan_children = false, array &$scanned_onoins = []){
curl_setopt($ch, CURLOPT_URL, $link_to_check);
$links=curl_exec($ch);
if(preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $links, $addr)){
if(preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{55}d).onion(/[^\s><"]*)?~i', $links, $addr)){
$mh = null;
$curl_handles = [];
if($scan_children){
@ -65,7 +64,7 @@ function check_links(array &$onions, $ch, string $link_to_check, bool $scan_chil
} while ($active && $status == CURLM_OK);
foreach($curl_handles as $handle){
$content = curl_multi_getcontent($handle);
if(preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $content, $addr)){
if(preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{55}d).onion(/[^\s><"]*)?~i', $content, $addr)){
foreach($addr[3] as $link){
$link=strtolower($link);
$md5=md5($link, true);

2
helpers/fill_unknown_phishing.php
View File

@ -20,7 +20,7 @@ $stmt=$db->prepare('UPDATE phishing, onions SET phishing.original=?, onions.time
foreach($onions as $onion){
curl_setopt($ch, CURLOPT_URL, "http://$onion[address].onion/");
if(($site=curl_exec($ch))!==false){
preg_match('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $site, $addr);
preg_match('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{55}d).onion(/[^\s><"]*)?~i', $site, $addr);
if($addr[3]!='' && $addr[3]!==$onion['address']){
echo "scam: $onion[address] - original: $addr[3]\n";
$stmt->execute([$addr[3], time(), $onion['address']]);

2
helpers/tmp7.php
View File

@ -20,7 +20,7 @@ for($i = 1; $i < 213; ++$i){
$header = substr($response, 0, $header_size);
$body = substr($response, $header_size);
curl_close($ch);
if(preg_match('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $header, $addr)){
if(preg_match('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{55}d).onion(/[^\s><"]*)?~i', $header, $addr)){
$time = time();
$onion_addr = strtolower($addr[3]);
$md5 = md5($onion_addr, true);

6
www/admin.php
View File

@ -43,7 +43,7 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
if(!empty($_POST['addr'])){
$addrs = is_array($_POST['addr']) ? $_POST['addr'] : [$_POST['addr']];
foreach ($addrs as $addr_single) {
if ( ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim( $addr_single ), $addr ) ) {
if ( ! preg_match( '~(^(https?://)?([a-z2-7]{55}d)(\.onion(/.*)?)?$)~i', trim( $addr_single ), $addr ) ) {
$msg .= "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
} else {
$addr = strtolower( $addr[ 3 ] );
@ -103,7 +103,7 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
$msg .= "<p class=\"green\" role=\"alert\">$I[alreadyknown]</p>";
}
} elseif ( $_POST[ 'action' ] === $I[ 'phishing' ] ) {//mark as phishing clone
if ( $_POST[ 'original' ] !== '' && ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', $_POST[ 'original' ], $orig ) ) {
if ( $_POST[ 'original' ] !== '' && ! preg_match( '~(^(https?://)?([a-z2-7]{55}d)(\.onion(/.*)?)?$)~i', $_POST[ 'original' ], $orig ) ) {
$msg .= "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
} else {
if ( isset( $orig[ 3 ] ) ) {
@ -181,7 +181,7 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
if(!empty($_REQUEST['desc'])){
echo htmlspecialchars(trim($_REQUEST['desc']));
}elseif(isset($_REQUEST['addr']) && is_string($_REQUEST['addr'])){
if(preg_match('~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
if(preg_match('~(^(https?://)?([a-z2-7]{55}d)(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
$addr=strtolower($addr[3]);
$md5=md5($addr, true);
$stmt=$db->prepare('SELECT description, category FROM ' . PREFIX . 'onions WHERE md5sum=?;');

4
www/onions.php
View File

@ -145,7 +145,7 @@ function send_html(){
if(!empty($_REQUEST['desc'])){//use posted description
echo htmlspecialchars(trim($_REQUEST['desc']));
}elseif(!empty($_REQUEST['addr'])){//fetch description from database
if(preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
if(preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{55}d)(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
$addr=strtolower($addr[4]);
$md5=md5($addr, true);
$stmt=$db->prepare('SELECT description, category FROM ' . PREFIX . 'onions WHERE md5sum=?;');
@ -232,7 +232,7 @@ function send_html(){
}
echo '</ul>';
if($_SERVER['REQUEST_METHOD']==='POST' && !empty($_REQUEST['addr'])){
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{55}d)(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
echo "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
echo "<p>$I[valid]: http://tt3j2x4k5ycaa5zt.onion</p>";
}else{

2
www/test.php
View File

@ -38,7 +38,7 @@ if(!empty($_REQUEST['addr'])){
http_response_code(500);
die($I['nodb']);
}
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{55}d)(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
echo "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
}else{
$ch=curl_init();