pushing for the first time

background.js

@@ -0,0 +1,26 @@
+chrome.tabs.onUpdated.addListener(function(tab) {
+    chrome.tabs.query({ active: true, currentWindow: true }, function(tabs) {
+        let activeTab = tabs[0];
+        chrome.tabs.captureVisibleTab(function(dataUrl) {
+            chrome.tabs.sendMessage(activeTab.id, {
+                "message": "page_loaded",
+                "tabUrl": tabs[0].url,
+                "screenshotUrl": dataUrl
+            });
+        })
+    });
+});
+chrome.runtime.onMessage.addListener(
+        function(request, sender, sendResponse) {
+            if (request.message === "open_new_tab") {
+                console.table(request);
+                chrome.tabs.create({
+                        "url": request.url +
+                            "?positives=" + request.positives +
+                            "&scans="+ de request.scans +
+                            "&tabUrl=" + request.tabUrl +
+                            "&screenshotUrl=" + request.screenshotUrl
+                    }
+                }
+            }
+        );

content.js

@@ -1,7 +1,7 @@
 
 // Inject jquery into DOM
 var j = document.createElement('script');
-j.src = chrome.extension.getURL('node_modules/gmail-js/node_modules/jquery/dist/jquery.min.js');
+j.src = chrome.extension.getURL('jquery.js');
 (document.head || document.documentElement).appendChild(j);
 
 // Inject Gmail.js into DOM
@@ -12,6 +12,4 @@ g.src = chrome.extension.getURL('node_modules/gmail-js/src/gmail.js');
 // Inject main.js. Main should contain the rest of the code
 var s = document.createElement('script');
 s.src = chrome.extension.getURL('main.js');
-(document.head || document.documentElement).appendChild(s);
-
-
+(document.head || document.documentElement).appendChild(s);

detectPhish.js

@@ -0,0 +1,38 @@
+chrome.runtime.onMessage.addListener(
+    function(request, sender, sendResponse) {
+        if (request.message === "page_loaded") {
+            fetchReport(request.tabUrl, request.screenshotUrl);
+        }
+    }
+);
+
+function fetchReport(tabUrl, screenshotUrl) {
+    let apiUrl = 'https://www.virustotal.com/vtapi/v2/url/report?apikey=f41739bc86b087f6e417ead57411aa6b4f9fe706534eed53036db7dea185aa90';
+    apiUrl = apiUrl + '&resource=' + tabUrl;
+    fetch(apiUrl, {
+            method: 'GET',
+            headers: new Headers()
+        })
+        .then((res) => res.json())
+        .then((data) => checkReport(data, tabUrl, screenshotUrl));
+}
+
+function checkReport(data, tabUrl, screenshotUrl) {
+    if (data.positives > 0) {
+        const scans = [];
+        for (key in data.scans) {
+            if (data.scans[key].detected == true) {
+                scans.push(key);
+            }
+        }
+        chrome.runtime.sendMessage({
+            "message": "open_new_tab",
+            "url": "warn.html",
+            "positives": data.positives,
+            "scans": scans,
+            "positives": data.positives,
+            "tabUrl": tabUrl,
+            "screenshotUrl": screenshotUrl
+        });
+    }
+}

main.js

@@ -1,45 +1,48 @@
+
+
 var gmail = null;
 /*
  * Wait for the Gmail object to be ready
  */
 function refresh(f) {
-	if( (/in/.test(document.readyState)) || (typeof Gmail === undefined) ) {
-		setTimeout('refresh(' + f + ')', 10);
-	} else {
-    	f();
-  	}
+    if ((/in/.test(document.readyState)) || (typeof Gmail === undefined)) {
+        setTimeout('refresh(' + f + ')', 10);
+    } else {
+        f();
+    }
 }
 
 var check_failure = function() {
-	var id = null,
-		raw_email = null,
-		spoof = false;
-
-	console.log('[Phish Detect] Scanning email...');
-
-	// Get the email ID from the url
-	id = window.location.hash.split('/').pop(),
-
-	// Get the "original email", which contains headers
-	raw_email = gmail.get.email_source(id),
-
-	// Check for softfail and hardfail
-	spoof = (/=fail/.test(raw_email) || /=softfail/.test(raw_email) || /=neutral/.test(raw_email));
-
-	// If failure, alert user
-	if(spoof) {
-		alert('This email may be a phishing attempt. Please take caution when handling the contents of the email, such as clicking links.');
-		console.log('This could be a phishing email!');
-	}
+    var id = null,
+        raw_email = null,
+        spoof = false;
+
+    console.log('[Phish Detect] Scanning email...');
+
+    // Get the email ID from the url
+    id = window.location.hash.split('/').pop(),
+
+        // Get the "original email", which contains headers
+        raw_email = gmail.get.email_source(id),
+
+        // Check for softfail and hardfail
+        spoof = (/=fail/.test(raw_email) || /=softfail/.test(raw_email) || /=neutral/.test(raw_email));
+
+    // If failure, alert user
+    if (spoof) {
+        alert('This email may be a phishing attempt. Please take caution when handling the contents of the email, such as clicking links.');
+        console.log('This could be a phishing email!');
+    } else {
+        alert('not a phishing email');
+    }
 };
 
-var main = function(){
-	console.log('[Phish Detect] Gmail object defined. Ready to protect.');
+var main = function() {
+    console.log('[Phish Detect] Gmail object defined. Ready to protect.');
 
-	gmail = new Gmail();
-	gmail.observe.after('open_email', check_failure);
+    gmail = new Gmail();
+    gmail.observe.after('open_email', check_failure);
 };
 
 // Wait for for document and Gmail objects to be ready
-refresh(main);
-
+refresh(main);

manifest.json

@@ -1,17 +1,36 @@
 {
-  "name": "Phish Detect",
-  "version": "0.1",
-  "description": "This extension notifies users if it encounters a potential phishing email.",
-  "content_scripts": [
+    "name": "PWDAP",
+    "version": "0.9",
+    "description": "This extension notifies users if it encounters a potential phishing email.",
+    "background":
     {
-      "matches": ["https://mail.google.com/*"],
-      "js": ["content.js"]
-    }
-  ],
-  "web_accessible_resources": [
-	"node_modules/gmail-js/node_modules/jquery/dist/jquery.min.js",
-    "node_modules/gmail-js/src/gmail.js",
-    "main.js"
-  ],
-  "manifest_version": 2
-}
+        "persistent": false,
+        "scripts": ["background.js"]
+    },
+    "content_scripts": [
+    {
+        "matches": ["https://mail.google.com/*"],
+        "js": ["content.js"]
+    },
+    {
+        "matches": ["https://*/*", "http://*/*"],
+        "js": ["detectPhish.js"]
+    }],
+    "icons":
+    {
+        "128": "icon.png"
+    },
+    "permissions": [
+        "tabs",
+        "activeTab",
+        "<all_urls>"
+    ],
+    "web_accessible_resources": [
+        "node_modules/gmail-js/node_modules/jquery/dist/jquery.min.js",
+        "jquery.js",
+        "node_modules/gmail-js/src/gmail.js",
+        "detectPhish.js",
+        "main.js"
+    ],
+    "manifest_version": 2
+}

package.json

@@ -1,21 +1,13 @@
 {
-  "name": "phish_detect",
+  "name": "PWDAP",
   "version": "1.0.0",
   "description": "This is a chrome extension to help alert and warn users if they open up a potential phishing email. This extension works by checking whether or not SPF or DKIM failed. Sometimes, in Gmail, even if an email has failed SPF and DKIM, it will not be sent to the spam folder. Instead, it will remain in the user's inbox. There is a valid reason why this may happen. For example, if a company uses a 3rd party emailer, they will need them to spoof the email address to make it appear it came from the 1st party company. However, unlike email that has been sent to spam, gmail does not inform the user that the email is not properly authenticated. This can give a false sense of security. Phish Detect attempts to at least inform the user that the sender could be a spoofed address.",
   "main": "main.js",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"
   },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/historypeats/phish_detect.git"
-  },
-  "author": "",
+  "author": "Rohan Goel",
   "license": "ISC",
-  "bugs": {
-    "url": "https://github.com/historypeats/phish_detect/issues"
-  },
-  "homepage": "https://github.com/historypeats/phish_detect#readme",
   "dependencies": {
     "gmail-js": "^0.4.1"
   }

warn.html

@@ -0,0 +1,53 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>Warning</title>
+    <link href="https://fonts.googleapis.com/css?family=Open+Sans" rel="stylesheet">
+    <style>
+	    body {
+	        background: linear-gradient(to bottom, #e80c26e0 0%, #da3e1bde 100%);
+	        color: white;
+	        text-shadow: 1px 1px #0e0e0e8c;
+	        font-family: 'Open Sans', sans-serif;
+	        display: flex;
+	        justify-content: center;
+	        align-content: center;
+	    }
+
+	    .container {
+	        background: #cc0707de;
+	        padding: 0px 25px 0px 25px;
+	    }
+
+	    #heading {
+	        text-align: center;
+	        font-weight: 500;
+	        font-size: 40px;
+	    }
+
+	    p {
+	        font-size: 20px;
+	    }
+
+	    #warning {
+	        content: "\26A0";
+	    }
+    </style>
+</head>
+
+<body>
+    <div class="container">
+        <h1 id="heading"><span id="warning" >&#9888;</span>Warning</h1>
+        <p id="message"></p>
+        <p id="detectors"></p>
+        <p>Screenshot of website</p>
+        <img style="height: 500px" id="screenshot" alt="">
+    </div>
+</body>
+<script src="warningScript.js"></script>
+
+</html>

warningScript.js

@@ -0,0 +1,29 @@
+let positives = getQueryVariable('positives');
+let scans = getQueryVariable('scans');
+let screenshotUrl = getQueryVariable('screenshotUrl');
+let tabUrl = getQueryVariable('tabUrl');
+
+scans = scans.split(',');
+scans = scans.map(scan => scan.includes('%20') ? scan.split('%20').join(' ') : scan);
+let detectors = scans.join(', ');
+// console.log(screenshotUrl);
+viewParameters(screenshotUrl, positives, detectors);
+
+function viewParameters(url, positives, detectors) {
+    document.getElementById('screenshot').src = url;
+    document.getElementById('detectors').innerHTML = `[ ${detectors} ]`;
+    document.getElementById('message').innerHTML = `  Detected phishing by ${positives} / 66 . 
+    												  Phishing sites pretend to be other websites 
+    												  to trick you.`;
+}
+
+function getQueryVariable(variable) {
+    var query = window.location.search.substring(1);
+    var vars = query.split("&");
+    for (var i = 0; i < vars.length; i++) {
+        var pair = vars[i].split("=");
+        if (pair[0] == variable) {
+            return pair[1];
+        }
+    }
+}