blob: c55e463f9a5c52b5e5b8fdc567ad72908063b861 [file] [log] [blame]
pineafan63fc5e22022-08-04 22:04:10 +01001import fetch from "node-fetch";
pineafan3a02ea32022-08-11 21:35:04 +01002import FormData from "form-data";
TheCodedProfb5e9d552023-01-29 15:43:26 -05003import fs, { writeFileSync, createReadStream } from "fs";
pineafan63fc5e22022-08-04 22:04:10 +01004import generateFileName from "../utils/temp/generateFileName.js";
5import Tesseract from "node-tesseract-ocr";
6import type Discord from "discord.js";
pineafan3a02ea32022-08-11 21:35:04 +01007import client from "../utils/client.js";
TheCodedProfb5e9d552023-01-29 15:43:26 -05008import { createHash } from "crypto";
pineafan813bdf42022-07-24 10:39:10 +01009
Skyler Grey75ea9172022-08-06 10:22:23 +010010interface NSFWSchema {
11 nsfw: boolean;
TheCodedProf5b53a8c2023-02-03 15:40:26 -050012 errored?: boolean;
Skyler Grey75ea9172022-08-06 10:22:23 +010013}
14interface MalwareSchema {
15 safe: boolean;
TheCodedProf5b53a8c2023-02-03 15:40:26 -050016 errored?: boolean;
Skyler Grey75ea9172022-08-06 10:22:23 +010017}
pineafan813bdf42022-07-24 10:39:10 +010018
pineafan02ba0232022-07-24 22:16:15 +010019export async function testNSFW(link: string): Promise<NSFWSchema> {
TheCodedProfb5e9d552023-01-29 15:43:26 -050020 const [p, hash] = await saveAttachment(link);
TheCodedProfb5e9d552023-01-29 15:43:26 -050021 let alreadyHaveCheck = await client.database.scanCache.read(hash)
22 if(alreadyHaveCheck) return { nsfw: alreadyHaveCheck.data };
pineafan3a02ea32022-08-11 21:35:04 +010023 const data = new FormData();
pineafan3a02ea32022-08-11 21:35:04 +010024 data.append("file", createReadStream(p));
25 const result = await fetch("https://unscan.p.rapidapi.com/", {
26 method: "POST",
27 headers: {
28 "X-RapidAPI-Key": client.config.rapidApiKey,
29 "X-RapidAPI-Host": "unscan.p.rapidapi.com"
30 },
31 body: data
32 })
TheCodedProf5b53a8c2023-02-03 15:40:26 -050033 .then((response) => response.status === 200 ? response.json() as Promise<NSFWSchema> : { nsfw: false, errored: true })
pineafan3a02ea32022-08-11 21:35:04 +010034 .catch((err) => {
35 console.error(err);
TheCodedProf5b53a8c2023-02-03 15:40:26 -050036 return { nsfw: false, errored: true };
pineafan3a02ea32022-08-11 21:35:04 +010037 });
TheCodedProf5b53a8c2023-02-03 15:40:26 -050038 if(!result.errored) {
39 client.database.scanCache.write(hash, result.nsfw);
40 }
pineafan3a02ea32022-08-11 21:35:04 +010041 return { nsfw: result.nsfw };
pineafan813bdf42022-07-24 10:39:10 +010042}
43
pineafan02ba0232022-07-24 22:16:15 +010044export async function testMalware(link: string): Promise<MalwareSchema> {
TheCodedProfb5e9d552023-01-29 15:43:26 -050045 const [p, hash] = await saveAttachment(link);
46 let alreadyHaveCheck = await client.database.scanCache.read(hash)
47 if(alreadyHaveCheck) return { safe: alreadyHaveCheck.data };
48 const data = new URLSearchParams();
49 let f = createReadStream(p);
50 data.append("file", f.read(fs.statSync(p).size));
pineafan3a02ea32022-08-11 21:35:04 +010051 const result = await fetch("https://unscan.p.rapidapi.com/malware", {
52 method: "POST",
53 headers: {
54 "X-RapidAPI-Key": client.config.rapidApiKey,
55 "X-RapidAPI-Host": "unscan.p.rapidapi.com"
56 },
57 body: data
58 })
TheCodedProf5b53a8c2023-02-03 15:40:26 -050059 .then((response) => response.status === 200 ? response.json() as Promise<MalwareSchema> : { safe: true, errored: true })
pineafan3a02ea32022-08-11 21:35:04 +010060 .catch((err) => {
61 console.error(err);
TheCodedProf5b53a8c2023-02-03 15:40:26 -050062 return { safe: true, errored: true };
pineafan3a02ea32022-08-11 21:35:04 +010063 });
TheCodedProf5b53a8c2023-02-03 15:40:26 -050064 if (!result.errored) {
65 client.database.scanCache.write(hash, result.safe);
66 }
pineafan3a02ea32022-08-11 21:35:04 +010067 return { safe: result.safe };
68}
69
70export async function testLink(link: string): Promise<{ safe: boolean; tags: string[] }> {
TheCodedProfb5e9d552023-01-29 15:43:26 -050071 let alreadyHaveCheck = await client.database.scanCache.read(link)
72 if(alreadyHaveCheck) return { safe: alreadyHaveCheck.data, tags: [] };
73 const scanned: { safe?: boolean; tags?: string[] } = await fetch("https://unscan.p.rapidapi.com/link", {
pineafan3a02ea32022-08-11 21:35:04 +010074 method: "POST",
75 headers: {
76 "X-RapidAPI-Key": client.config.rapidApiKey,
77 "X-RapidAPI-Host": "unscan.p.rapidapi.com"
78 },
79 body: `{"link":"${link}"}`
80 })
81 .then((response) => response.json() as Promise<MalwareSchema>)
82 .catch((err) => {
83 console.error(err);
84 return { safe: true, tags: [] };
85 });
TheCodedProfb5e9d552023-01-29 15:43:26 -050086 client.database.scanCache.write(link, scanned.safe ?? true, []);
pineafan3a02ea32022-08-11 21:35:04 +010087 return {
88 safe: scanned.safe ?? true,
89 tags: scanned.tags ?? []
90 };
pineafan813bdf42022-07-24 10:39:10 +010091}
92
TheCodedProfb5e9d552023-01-29 15:43:26 -050093export async function saveAttachment(link: string): Promise<[string, string]> {
TheCodedProf5b53a8c2023-02-03 15:40:26 -050094 const image = await (await fetch(link)).arrayBuffer()
Skyler Grey75ea9172022-08-06 10:22:23 +010095 const fileName = generateFileName(link.split("/").pop()!.split(".").pop()!);
TheCodedProf5b53a8c2023-02-03 15:40:26 -050096 const enc = new TextDecoder("utf-8");
97 writeFileSync(fileName, new DataView(image), "base64");
98 return [fileName, createHash('sha512').update(enc.decode(image), 'base64').digest('base64')];
pineafan813bdf42022-07-24 10:39:10 +010099}
100
pineafan813bdf42022-07-24 10:39:10 +0100101const linkTypes = {
Skyler Grey75ea9172022-08-06 10:22:23 +0100102 PHISHING: "Links designed to trick users into clicking on them.",
103 DATING: "Dating sites.",
104 TRACKERS: "Websites that store or track personal information.",
105 ADVERTISEMENTS: "Websites only for ads.",
Skyler Grey11236ba2022-08-08 21:13:33 +0100106 FACEBOOK: "Facebook pages. (Facebook has a number of dangerous trackers. Read more on /privacy)",
Skyler Grey75ea9172022-08-06 10:22:23 +0100107 AMP: "AMP pages. (AMP is a technology that allows websites to be served by Google. Read more on /privacy)",
pineafan813bdf42022-07-24 10:39:10 +0100108 "FACEBOOK TRACKERS": "Websites that include trackers from Facebook.",
Skyler Grey11236ba2022-08-08 21:13:33 +0100109 "IP GRABBERS": "Websites that store your IP address, which shows your approximate location.",
Skyler Grey75ea9172022-08-06 10:22:23 +0100110 PORN: "Websites that include pornography.",
111 GAMBLING: "Gambling sites, often scams.",
Skyler Grey11236ba2022-08-08 21:13:33 +0100112 MALWARE: "Websites which download files designed to break or slow down your device.",
Skyler Grey75ea9172022-08-06 10:22:23 +0100113 PIRACY: "Sites which include illegally downloaded material.",
Skyler Grey11236ba2022-08-08 21:13:33 +0100114 RANSOMWARE: "Websites which download a program that can steal your data and make you pay to get it back.",
Skyler Grey75ea9172022-08-06 10:22:23 +0100115 REDIRECTS: "Sites like bit.ly which could redirect to a malicious site.",
116 SCAMS: "Sites which are designed to trick you into doing something.",
117 TORRENT: "Websites that download torrent files.",
118 HATE: "Websites that spread hate towards groups or individuals.",
119 JUNK: "Websites that are designed to make you waste time."
pineafan63fc5e22022-08-04 22:04:10 +0100120};
pineafan813bdf42022-07-24 10:39:10 +0100121export { linkTypes };
122
pineafan63fc5e22022-08-04 22:04:10 +0100123export async function LinkCheck(message: Discord.Message): Promise<string[]> {
Skyler Grey75ea9172022-08-06 10:22:23 +0100124 const links =
125 message.content.match(
126 /https?:\/\/(www\.)?[-a-zA-Z0-9@:%._+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_+.~#?&//=]*)/gi
127 ) ?? [];
128 const detections: { tags: string[]; safe: boolean }[] = [];
129 const promises: Promise<void>[] = links.map(async (element) => {
pineafan63fc5e22022-08-04 22:04:10 +0100130 let returned;
pineafan813bdf42022-07-24 10:39:10 +0100131 try {
Skyler Grey11236ba2022-08-08 21:13:33 +0100132 if (element.match(/https?:\/\/[a-zA-Z]+\.?discord(app)?\.(com|net)\/?/)) return; // Also matches discord.net, not enough of a bug
pineafan63fc5e22022-08-04 22:04:10 +0100133 returned = await testLink(element);
134 } catch {
Skyler Grey75ea9172022-08-06 10:22:23 +0100135 detections.push({ tags: [], safe: true });
pineafan63fc5e22022-08-04 22:04:10 +0100136 return;
137 }
Skyler Grey75ea9172022-08-06 10:22:23 +0100138 detections.push({ tags: returned.tags, safe: returned.safe });
pineafan813bdf42022-07-24 10:39:10 +0100139 });
140 await Promise.all(promises);
Skyler Grey75ea9172022-08-06 10:22:23 +0100141 const detectionsTypes = detections
142 .map((element) => {
Skyler Grey11236ba2022-08-08 21:13:33 +0100143 const type = Object.keys(linkTypes).find((type) => element.tags.includes(type));
Skyler Grey75ea9172022-08-06 10:22:23 +0100144 if (type) return type;
145 // if (!element.safe) return "UNSAFE"
146 return undefined;
147 })
148 .filter((element) => element !== undefined);
pineafan63fc5e22022-08-04 22:04:10 +0100149 return detectionsTypes as string[];
pineafan813bdf42022-07-24 10:39:10 +0100150}
151
pineafan63fc5e22022-08-04 22:04:10 +0100152export async function NSFWCheck(element: string): Promise<boolean> {
pineafan813bdf42022-07-24 10:39:10 +0100153 try {
TheCodedProfb5e9d552023-01-29 15:43:26 -0500154 return (await testNSFW(element)).nsfw;
pineafan813bdf42022-07-24 10:39:10 +0100155 } catch {
pineafan63fc5e22022-08-04 22:04:10 +0100156 return false;
pineafan813bdf42022-07-24 10:39:10 +0100157 }
158}
159
Skyler Grey11236ba2022-08-08 21:13:33 +0100160export async function SizeCheck(element: { height: number | null; width: number | null }): Promise<boolean> {
pineafan63fc5e22022-08-04 22:04:10 +0100161 if (element.height === null || element.width === null) return true;
162 if (element.height < 20 || element.width < 20) return false;
163 return true;
pineafan813bdf42022-07-24 10:39:10 +0100164}
165
pineafan63fc5e22022-08-04 22:04:10 +0100166export async function MalwareCheck(element: string): Promise<boolean> {
pineafan813bdf42022-07-24 10:39:10 +0100167 try {
pineafan63fc5e22022-08-04 22:04:10 +0100168 return (await testMalware(element)).safe;
pineafan813bdf42022-07-24 10:39:10 +0100169 } catch {
pineafan63fc5e22022-08-04 22:04:10 +0100170 return true;
pineafan813bdf42022-07-24 10:39:10 +0100171 }
172}
173
Skyler Grey11236ba2022-08-08 21:13:33 +0100174export function TestString(string: string, soft: string[], strict: string[]): object | null {
Skyler Grey75ea9172022-08-06 10:22:23 +0100175 for (const word of strict) {
pineafan813bdf42022-07-24 10:39:10 +0100176 if (string.toLowerCase().includes(word)) {
Skyler Grey75ea9172022-08-06 10:22:23 +0100177 return { word: word, type: "strict" };
pineafan813bdf42022-07-24 10:39:10 +0100178 }
179 }
Skyler Grey75ea9172022-08-06 10:22:23 +0100180 for (const word of soft) {
181 for (const word2 of string.match(/[a-z]+/gi) ?? []) {
pineafane23c4ec2022-07-27 21:56:27 +0100182 if (word2 === word) {
Skyler Grey75ea9172022-08-06 10:22:23 +0100183 return { word: word, type: "strict" };
pineafan813bdf42022-07-24 10:39:10 +0100184 }
185 }
186 }
pineafan63fc5e22022-08-04 22:04:10 +0100187 return null;
pineafan813bdf42022-07-24 10:39:10 +0100188}
189
pineafan63fc5e22022-08-04 22:04:10 +0100190export async function TestImage(url: string): Promise<string | null> {
Skyler Grey75ea9172022-08-06 10:22:23 +0100191 const text = await Tesseract.recognize(url, {
192 lang: "eng",
193 oem: 1,
194 psm: 3
195 });
pineafan813bdf42022-07-24 10:39:10 +0100196 return text;
197}