Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Special Rules, are they working as expected? #354

Open
spirillen opened this issue Feb 6, 2024 · 2 comments
Open

Special Rules, are they working as expected? #354

spirillen opened this issue Feb 6, 2024 · 2 comments
Assignees
@funilrys

Comments

@spirillen
Copy link
Contributor

As I am working on https://github.com/mitchellkrogza/phishing/pull/325/files#diff-365e9f086474958b3c3480c084f5376aa2860b057a5d1fb0cde97e0cf7d495dfR44 I come to look up for mitchellkrogza/Phishing.Database#813 to figure out which files of @mitchellkrogza that would be the source file for VT as I could not find pichinchamasbeneficios.pe in my lookup library.

Now I stumble on http://0-i-fdik.000webhostapp.com/ in https://github.com/mitchellkrogza/Phishing.Database/blob/d3d9bfca3f4f524940c2a56b4af8fdeaf39eb800/active-domains.adblock#L7C12-L7C29 and went for testing it with curl/tor. The site returns HTTP code 410 as we have been adding to the rules ⬇️ Line 80 -> 82

PyFunceble/PyFunceble/checker/availability/extras/rules.py

Lines 80 to 82 in f9f5c03

r"\.000webhostapp\.com": [
(self.switch_to_down_if_status_code, 410),
],

My next thought is then, are the rules.py script prepared for handling multiply HTTPS codes as added for weebly?

PyFunceble/PyFunceble/checker/availability/extras/rules.py

Line 111 in f9f5c03

r"\.weebly\.com$": [(self.switch_to_down_if_status_code, {"404", "406"})],

Alternative though... are the big backend of @PyFunceble test network updated to latest #pyfunceble?
spirillen added a commit to foreign-affairs/PyFunceble that referenced this issue Mar 11, 2024
@spirillen
Updated 000webhostapp.com rules
f36902f 
While working with funilrys#358, funilrys#354 & mitchellkrogza/Phishing.Database#840 

I found that the hosting company also uses the HTTP code 428 for disabled (Website is archived.) 

Example URI

```css
http://httpmwankaiwqkcom.000webhostapp.com/
http://https244577889078564546464534353date.000webhostapp.com/
```
@spirillen spirillen mentioned this issue Mar 11, 2024
Merged
funilrys pushed a commit that referenced this issue Mar 26, 2024
@spirillen @funilrys
Updated 000webhostapp.com rules
f4a689d 
While working with #358, #354 & mitchellkrogza/Phishing.Database#840 

I found that the hosting company also uses the HTTP code 428 for disabled (Website is archived.) 

Example URI

```css
http://httpmwankaiwqkcom.000webhostapp.com/
http://https244577889078564546464534353date.000webhostapp.com/
```
@funilrys
Copy link
Owner

Interesting. I think, this relates to #358 and the fixes I introduced.

@funilrys funilrys self-assigned this Mar 26, 2024
@spirillen
Copy link
Contributor Author

We'll find out when the big phishing list is running the next test.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@funilrys funilrys

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@funilrys @spirillen