Merge pull request #25 from ctnkaan/more-links

ctnkaan · web-flow · commit 9076f045e899 · 2022-03-24T14:42:44.000+03:00
implemented more scam link types
diff --git a/src/commands/scamLinkDetector.ts b/src/commands/scamLinkDetector.ts
@@ -7,7 +7,11 @@ export = {
     name: "scamLinkDetector",
     description: "Detects scam links",
     callback: (message: MessageType) => {
-        const banned_words: string[] = ["nitro", "i leave from cs:go"];
+        const banned_words: string[] = [
+            "nitro",
+            "i leave from cs:go",
+            "mediafire"
+        ];
         let isScamLink: boolean = false;
 
         //search spam word in message.content
@@ -31,6 +35,8 @@ export = {
                     const suspiciousLinks: string[] = [];
                     links.forEach((l) => {
                         const isSus = isSuspiciousLink(l);
+                        console.log(l, isSus);
+
                         if (isSus) {
                             suspiciousLinks.push(l);
                         }
diff --git a/src/util/isSuspiciousLink.ts b/src/util/isSuspiciousLink.ts
@@ -2,9 +2,10 @@ import { distance } from "fastest-levenshtein";
 import config from "../config";
 
 /** Most spam links try to typosquat 'discord' to trick users into thinking the link is safe (ex: "discorde")*/
-const TYPOSQUAT_TARGET = "discord";
+const TYPOSQUAT_TARGET = ["discord", "github", "steam"];
+let susometer = false;
 
-function isSuspiciousLink(link, threshold = 4) {
+function isSuspiciousLink(link: string, threshold = 4) {
     // get base domain
     const matches = link.match(/^https?:\/\/(\S+?)\./);
     if (!matches) return;
@@ -13,13 +14,17 @@ function isSuspiciousLink(link, threshold = 4) {
     // expempt whitelist
     if (config.whitelist.includes(base)) return false;
 
-    // check levenshtein distance of domain to "discord"
-    const d = distance(TYPOSQUAT_TARGET, base);
-    // if distance is > 0 and < threshold, base is typosquating. Call foul
-    if (d > 0 && d <= threshold) {
-        return true;
-    }
-    return false;
+    // check levenshtein distance of domain to all typosquat targets
+
+    TYPOSQUAT_TARGET.forEach((element) => {
+        const d = distance(element, base);
+        // if distance is > 0 and < threshold, base is typosquating. Call foul
+        if (d > 0 && d <= threshold) {
+            susometer = true;
+        }
+    });
+
+    return susometer;
 }
 
 export { isSuspiciousLink };
