-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathbackground.js
75 lines (65 loc) · 1.6 KB
/
background.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
var match = false
// Content-Disposition
var cd_guloader = /attachment;(\s+)?filename=\"\w+_encrypted_([0-9]|[a-f]|[0-9a-f])+\.bin\".*/gi;
// Set-Cookie
var sc_emotet = /(^|\n)5[a-z][a-f0-9].*/gi;
// URI
var uri_guloader = /\w+_encrypted_([0-9]|[a-f]|[0-9a-f])+\.bin$/gi;
var uri_mozi = /\/Mozi\.m$/gi;
function blockRequest(r) {
if (
r.url.match(uri_guloader) ||
r.url.match(uri_mozi)
) {
return {
redirectUrl: "http://127.0.0.1/"
}
}
};
function blockResponse(rr) {
if (rr.statusCode == 200) {
if (rr.method == "GET" || rr.method == "POST") {
var resp_headers = rr.responseHeaders;
for (var i = 0, l = resp_headers.length; i < l; ++i) {
if (
(resp_headers[i].name.toLowerCase() == "set-cookie" &&
resp_headers[i].value.match(sc_emotet))
||
(resp_headers[i].name.toLowerCase() == "content-disposition" &&
resp_headers[i].value.match(cd_guloader))
) {
return {
redirectUrl: "http://127.0.0.1/"
}
}
}
}
}
};
var api = "webRequest";
var _this = this;
try {
if (chrome[api]) {
_this[api] = chrome[api];
params = ['blocking', 'responseHeaders', 'extraHeaders']
} else if (browser[api]) {
_this[api] = browser[api];
params = ['blocking', 'responseHeaders']
}
} catch (e) {};
try {
_this[api].onBeforeRequest.addListener(
blockRequest, {
urls: ["<all_urls>"]
},
['blocking']
);
} catch (e) {};
try {
_this[api].onHeadersReceived.addListener(
blockResponse, {
urls: ["<all_urls>"]
},
params
);
} catch (e) {};