search

mozilla / security-advisor-shield-study

Mozilla Public License 2.0
2 stars 7 forks source link

forum.btcsec.com redirects to a different domain and doesn't display notice #57

Open pdehaan opened 7 years ago

pdehaan commented 7 years ago

Not really a bug, but an interesting data point...

I vaguely recalled at least one site in the list of breaches that was listed twice, and was curious how the security-advisor add-on would handle having TWO breach reports for a single URL.

So I used my breaches scraper, reduced domains by count to find the one result with multiple disclosures (forum.btcsec.com) and tried to verify the results.

const fetch = require('node-fetch');

const API_BASE_URL = 'https://haveibeenpwned.com/api/v2';

function getBreaches() {
  return fetch(`${API_BASE_URL}/breaches`)
    .then(res => res.json());
}

getBreaches()
  .then((breaches) => breaches.reduce((prev, {Domain}) => {
    if (!prev.hasOwnProperty(Domain)) {
      prev[Domain] = 0;
    }
    prev[Domain] += 1;
    return prev;
  }, {}))
  .then((data) => Object.keys(data).filter((domain) => (data[domain] > 1)))
  .then((data) => console.log(data))
  .catch((err) => console.error(err));

/* OUTPUT:

  [ 'forum.btcsec.com' ]

*/

When trying to go to https://forum.btcsec.com/ I immediately get redirected to https://forum.bits.media/ which doesn't have any disclosures listed, and therefore nothing gets displayed in my address bar indecating that the site has had some breaches in the past.

Probably nothing we can do, but may be interesting to run the list of vulnerabilities against some HTTP redirect script and see how many other domains this affects.

pdehaan commented 7 years ago

I had a few "free" minutes today, so curiosity got the better of me.

Here's my garbage code:

const fetch = require('node-fetch');

const API_BASE_URL = 'https://haveibeenpwned.com/api/v2';

function getBreaches() {
  return fetch(`${API_BASE_URL}/breaches`)
    .then(res => res.json());
}

getBreaches()
  .then((breaches) => breaches.reduce((prev, {Domain}) => {
    if (!prev.hasOwnProperty(Domain)) {
      prev[Domain] = 0;
    }
    prev[Domain] += 1;
    return prev;
  }, {}))
  .then((data) => {
    return Object.keys(data).map((domain) => {
      return checkUrl(domain)
        .then((success) => ({
          domain,
          success
        }))
        .catch((err) => ({
          domain,
          success: false,
          err: err.message
        }));
    });
  })
  .then((data) => Promise.all(data))
  .then((data) => data.filter((domain) => !domain.success))
  .then((data) => console.log(data))
  .catch((err) => console.error(err));

function checkUrl(domain) {
  return fetch(`http://${domain}`)
    .then((res) => res.status === 200);
}

And here's the results:

[ { domain: 'astropid.com',
    success: false,
    err: 'request to http://astropid.com failed, reason: getaddrinfo ENOTFOUND astropid.com astropid.com:80' },
  { domain: 'battlefieldheroes.com',
    success: false,
    err: 'request to http://battlefieldheroes.com failed, reason: connect ETIMEDOUT 92.52.98.254:80' },
  { domain: 'forums.boxee.com',
    success: false,
    err: 'request to http://forums.boxee.com failed, reason: getaddrinfo ENOTFOUND forums.boxee.com forums.boxee.com:80' },
  { domain: 'eservices.durban.gov.za', success: false },
  { domain: 'game-tuts.com', success: false },
  { domain: 'mangatraders.com',
    success: false,
    err: 'request to http://mangatraders.com failed, reason: connect ETIMEDOUT 69.174.246.36:80' },
  { domain: 'neteller.com',
    success: false,
    err: 'maximum redirect reached at: https://www.neteller.com/' },
  { domain: 'nulled.cr', success: false },
  { domain: 'spirol.com',
    success: false,
    err: 'maximum redirect reached at: http://spirol.com/' },
  { domain: 'vtechda.com', success: false },
  { domain: 'wptapl.com',
    success: false,
    err: 'request to http://wptapl.com failed, reason: getaddrinfo ENOTFOUND wptapl.com wptapl.com:80' } ]