Skip to content

Commit f7e0f3d

Browse files
authored
Merge pull request #4 from WMS-DEV/fake-mobywatel
fake-mobywatel into main
2 parents b473fd7 + fb21c97 commit f7e0f3d

67 files changed

Lines changed: 6993 additions & 37 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.env-sample

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# SERVICE
2-
SERVICE_PORT=8080
32
SERVICE_DB_URL=jdbc:postgresql://postgresdb:5432/hacknation
43
SERVICE_DB_LOGIN=postgres
54
SERVICE_DB_PASSWORD=postgres
65
SERVICE_DB_NAME=hacknation
6+
VITE_API_URL=http://localhost:8080

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,3 @@
11
# HackNation2025-PrawdaWSieci
22

3-
Swagger on /swagger-ui/index.html
3+
Swagger on /swagger-ui/index.html

docker-compose.dev.yml

Lines changed: 16 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,16 @@
11
services:
2-
# client:
3-
# container_name: client
4-
# restart: always
5-
# build:
6-
# context: ./frontend
7-
# dockerfile: Dockerfile
8-
# ports:
9-
# - "${FRONTEND_PORT}:3000"
10-
# develop:
11-
# watch:
12-
# - action: rebuild
13-
# path: ./frontend
2+
# client:
3+
# container_name: client
4+
# restart: always
5+
# build:
6+
# context: ./frontend
7+
# dockerfile: Dockerfile
8+
# ports:
9+
# - "3000:3000"
10+
# develop:
11+
# watch:
12+
# - action: rebuild
13+
# path: ./frontend
1414

1515
service:
1616
container_name: backend
@@ -19,9 +19,9 @@ services:
1919
context: ./backend/hacknation
2020
dockerfile: Dockerfile
2121
environment:
22-
- SERVICE_DB_URL=${SERVICE_DB_URL}
23-
- SERVICE_DB_LOGIN=${SERVICE_DB_LOGIN}
24-
- SERVICE_DB_PASSWORD=${SERVICE_DB_PASSWORD}
22+
- SERVICE_DB_URL=${SERVICE_DB_URL}
23+
- SERVICE_DB_LOGIN=${SERVICE_DB_LOGIN}
24+
- SERVICE_DB_PASSWORD=${SERVICE_DB_PASSWORD}
2525
ports:
2626
- "${SERVICE_PORT}:8080"
2727
depends_on:
@@ -43,13 +43,12 @@ services:
4343
- "5432:5432"
4444
volumes:
4545
- postgres-data:/var/lib/postgresql/data
46-
healthcheck:
46+
healthcheck:
4747
test: pg_isready -U postgres --dbname=${SERVICE_DB_NAME}
4848
interval: 5s
4949
timeout: 5s
5050
retries: 5
5151

52-
5352
volumes:
5453
postgres-data:
5554

docker-compose.yml

Lines changed: 18 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,18 @@
11
services:
2-
# client:
3-
# container_name: client
4-
# restart: always
5-
# build:
6-
# context: ./frontend
7-
# dockerfile: Dockerfile
8-
# ports:
9-
# - "${FRONTEND_PORT}:3000"
10-
# develop:
11-
# watch:
12-
# - action: rebuild
13-
# path: ./frontend
14-
2+
client:
3+
container_name: client
4+
restart: always
5+
build:
6+
context: ./frontend
7+
dockerfile: Dockerfile
8+
environment:
9+
- VITE_API_URL=http://localhost:8080
10+
ports:
11+
- "3000:3000"
12+
develop:
13+
watch:
14+
- action: rebuild
15+
path: ./frontend
1516
service:
1617
image: ghcr.io/wms-dev/hacknation/prawda-w-sieci
1718
container_name: backend
@@ -20,9 +21,9 @@ services:
2021
context: ./backend/hacknation
2122
dockerfile: Dockerfile
2223
environment:
23-
- SERVICE_DB_URL=jdbc:postgresql://postgresdb:5432/hacknation
24-
- SERVICE_DB_LOGIN=postgres
25-
- SERVICE_DB_PASSWORD=postgres
24+
- SERVICE_DB_URL=jdbc:postgresql://postgresdb:5432/hacknation
25+
- SERVICE_DB_LOGIN=postgres
26+
- SERVICE_DB_PASSWORD=postgres
2627
ports:
2728
- "8080:8080"
2829
depends_on:
@@ -44,13 +45,12 @@ services:
4445
- "5432:5432"
4546
volumes:
4647
- postgres-data:/var/lib/postgresql/data
47-
healthcheck:
48+
healthcheck:
4849
test: pg_isready -U postgres --dbname=${SERVICE_DB_NAME}
4950
interval: 5s
5051
timeout: 5s
5152
retries: 5
5253

53-
5454
volumes:
5555
postgres-data:
5656

extension/README.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
# regex domeny
2+
#
3+
4+
5+
6+

extension/background.js

Lines changed: 117 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,117 @@
1+
const SERVICE_URL = "govguard-internal.wmsdev.pl";
2+
const TARGET_DOMAIN = "gov.pl"
3+
4+
let serverIpCache = {};
5+
const confusablesMap = {
6+
'0': 'o', '1': 'l', '3': 'e', '4': 'a', '5': 's', '7': 't', '@': 'a',
7+
'!': 'i', '$': 's', 'α': 'a', 'ρ': 'p', 'rn': 'm', 'vv': 'w',
8+
// cyrillic lookalikes common in phishing
9+
'а': 'a', 'с': 'c', 'е': 'e', 'о': 'o', 'р': 'p', 'х': 'x', 'у': 'y',
10+
'і': 'i', 'к': 'k', 'м': 'm', 'т': 't', 'в': 'b'
11+
};
12+
13+
const normalizeDomain = (str) => {
14+
let normalized = str.toLowerCase();
15+
16+
normalized = normalized.replace(/rn/g, "m").replace(/vv/g, "w");
17+
18+
return normalized.split('').map(char => confusablesMap[char] || char).join('');
19+
};
20+
21+
const checkDomain = (domain, tabId) => {
22+
const TARGET_DOMAIN = "gov.pl";
23+
24+
// ignore valid *.gov.pl domain
25+
if (domain.endsWith(".gov.pl") || domain === "gov.pl") return 0;
26+
27+
const segments = domain.split(".").filter(Boolean);
28+
const trimmedDomain = segments.slice(-2).join(".") || domain;
29+
30+
// NORMALIZE - turn g0v.pl -> gov.pl etc
31+
const skeletonDomain = normalizeDomain(trimmedDomain);
32+
const skeletonTarget = normalizeDomain(TARGET_DOMAIN);
33+
34+
// calculate Distance
35+
const distance = levenshteinFullMatrix(skeletonDomain, skeletonTarget);
36+
37+
const THRESHOLD = 3;
38+
39+
if (distance <= THRESHOLD && distance !== 0) {
40+
console.warn(`Suspicious Domain Detected! Input: ${domain} (Skeleton: ${skeletonDomain})`);
41+
42+
setTimeout(() => {
43+
chrome.tabs.sendMessage(tabId, {
44+
action: "showSuspiciousNotification",
45+
domain: domain,
46+
reason: "Visual similarity to gov.pl"
47+
})
48+
}, 2000)
49+
}
50+
51+
return distance;
52+
};
53+
54+
function levenshteinFullMatrix(str1, str2) {
55+
const m = str1.length;
56+
const n = str2.length;
57+
58+
const dp = new Array(m + 1).fill(null).map(() => new Array(n + 1).fill(0));
59+
60+
for (let i = 0; i <= m; i++) {
61+
dp[i][0] = i;
62+
}
63+
for (let j = 0; j <= n; j++) {
64+
dp[0][j] = j;
65+
}
66+
67+
for (let i = 1; i <= m; i++) {
68+
for (let j = 1; j <= n; j++) {
69+
if (str1[i - 1] === str2[j - 1]) {
70+
dp[i][j] = dp[i - 1][j - 1];
71+
} else {
72+
dp[i][j] = 1 + Math.min(
73+
// insert
74+
dp[i][j - 1],
75+
Math.min(
76+
// remove
77+
dp[i - 1][j],
78+
// replace
79+
dp[i - 1][j - 1]
80+
)
81+
);
82+
}
83+
}
84+
}
85+
return dp[m][n];
86+
}
87+
88+
chrome.webRequest.onCompleted.addListener(
89+
async (details) => {
90+
console.log(details);
91+
92+
if (details.ip && details.tabId >= 0) {
93+
serverIpCache[details.tabId] = details.ip;
94+
}
95+
try {
96+
const hostname = new URL(details.url).hostname;
97+
checkDomain(hostname, details.tabId);
98+
} catch (_) { }
99+
},
100+
{ urls: ["<all_urls>"], types: ["main_frame"] }
101+
);
102+
103+
chrome.runtime.onMessage.addListener((request, sender, sendResponse) => {
104+
if (request.action === "getServerIp") {
105+
const tabId = sender.tab?.id;
106+
if (tabId !== undefined) {
107+
const ip = serverIpCache[tabId] || "unknown";
108+
sendResponse(ip);
109+
} else {
110+
sendResponse("unknown");
111+
}
112+
}
113+
});
114+
115+
chrome.tabs.onRemoved.addListener((tabId) => {
116+
delete serverIpCache[tabId];
117+
});

0 commit comments

Comments
 (0)