Skip to content
Permalink
Browse files
Add files via upload
  • Loading branch information
@khani59
khani59 committed Aug 30, 2022
1 parent 4740b8a commit 9601c29729a0d7474438b8b1456c9ce300781e82
Show file tree
Hide file tree
Showing 3 changed files with 384 additions and 0 deletions.
191 __init__.py
View file
@@ -0,0 +1,191 @@
from datetime import datetime, timedelta
from enum import unique
import requests, socket, json, validators, whois, hashlib, random
from flask import Flask, request, session, render_template, redirect
from flask_sqlalchemy import SQLAlchemy

app = Flask(__name__)
app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///tinyl.db"
db = SQLAlchemy(app)

class Links(db.Model):
id = db.Column(db.Integer, primary_key=True)
link = db.Column(db.String(500), nullable=False)
uhash = db.Column(db.String(50), nullable=False)
shortu = db.Column(db.String(20), nullable=False, unique=True)



class Report(db.Model):
id = db.Column(db.Integer, primary_key=True)
link = db.Column(db.String(500), nullable=False)
reason = db.Column(db.String(700), nullable=False)


@app.route("/<path>",methods=["GET"])
def redir(path):
if len(path) == 7 and path.isalnum():
check = db.session.query(Links).filter_by(shortu=path).first()
googleData = {
"client": {
"clientId": "yourcompanyname",
"clientVersion": "1.5.2"
},
"threatInfo": {
"threatTypes": ["MALWARE", "SOCIAL_ENGINEERING"],
"platformTypes": ["WINDOWS"],
"threatEntryTypes": ["URL"],
"threatEntries": [
{"url": str(check.link)}
]
}
}

r = json.loads(requests.post("https://safebrowsing.googleapis.com/v4/threatMatches:find?key=AIzaSyA-PgdUPyqMLxmJ1B7aolYV4i9CkPvujGw", json=googleData).text)
if r == {}:
pass
elif r["matches"][0]["threatType"] == "SOCIAL_ENGINEERING":
return "This link has been blocked for abuse"
return redirect(str(check.link))

@app.route("/", methods=["GET","POST"])
def hello():
if request.method == "GET":
return render_template("index.html")
if request.method == "POST" and "url" in request.form:
url = str(request.form["url"])
if validators.url(url):
uhash = hashlib.md5(str.encode(url)).hexdigest()
try:
check = db.session.query(Report).filter_by(uhash=uhash)
return "found"
except Exception as e:
print("Exception occured: " + str(e))

record = Links(link=url,uhash=uhash,shortu="nullz") ## mentioned twice so i can capture the ID and use it to generate short url before adding to db
db.session.add(record)
db.session.commit()
shortu = hashlib.md5(str.encode(str(record.id))).hexdigest()[0:7]
update = db.session.query(Links).filter_by(shortu="nullz").first()
update.shortu = shortu
db.session.commit()
return "Successfully shortened your URL: https://tinyl.uk/"+shortu
else:
return "Invalid URL"






@app.route("/check", methods=["GET","POST"])
def check():
resp = '<h1 class="resp">'
if request.method == "GET":
return render_template("check.html")

if request.method== "POST" and "url" in request.form:
url = str(request.form["url"])

## INPUT VALIDATION ##
if validators.url(url):
try:
if "https://" in url.lower():
domain = url.lower().replace("https://","").split("/")[0]
if "http://" in url.lower():
domain = url.lower().replace("http://","").split("/")[0]
except Exception as e:
print("Erorr occured: " + str(e))
return redirect("/error1")
pass
else:
return render_template("check.html",second=resp+"Invalid URL</h1>")

## domain active check ##
try:
print(domain)
domainip = socket.gethostbyname(domain)
except Exception as e:
print(str(e))
return render_template("check.html",second=resp+ " The provided domain does not resolve correctly</h1>")
## db check ##
try:
check = db.session.query(Report).filter_by(link=url)
for row in check:
return render_template("check.html",second=resp+ row.reason + " was found in the databases</h1>")
pass
except Exception as e:
print("Exception occured on DB lookup: " + str(e))
pass

## GOOGLE SAFEBRBROWSING CHECK ##
googleData = {
"client": {
"clientId": "yourcompanyname",
"clientVersion": "1.5.2"
},
"threatInfo": {
"threatTypes": ["MALWARE", "SOCIAL_ENGINEERING"],
"platformTypes": ["WINDOWS"],
"threatEntryTypes": ["URL"],
"threatEntries": [
{"url": url}
]
}
}

r = json.loads(requests.post("https://safebrowsing.googleapis.com/v4/threatMatches:find?key=AIzaSyA-PgdUPyqMLxmJ1B7aolYV4i9CkPvujGw", json=googleData).text)
if r == {}:
pass
elif r["matches"][0]["threatType"] == "SOCIAL_ENGINEERING":
print("Adding to database")
try:
record = Report(link=str(url),reason="This url was previously listed in the google safebrowsing database for phishing")
db.session.add(record)
db.session.commit()
app.logger.info(record.id)
return render_template("check.html",second=resp+"This URL was listed in google saferbrowsing database for phishng</h1>")
except Exception as e:
print("error with db" + str(e))
return "Error db"
else:
return "Error 2"

## DNS CHECK AND DOMAIN REP CHECK ##
domainWhois = whois.whois(domain)
domainInfo = whois.whois(domain).creation_date
past = datetime.now() - timedelta(days=7)
if str(type(domainInfo)) == "<class 'NoneType'>":
past = 1
date = 1
print("The domain creation date was not found")
elif str(type(domainInfo)) == "<class 'list'>":
date = domainInfo[0]
else:
date = domainInfo
if past < date:
record = Report(link=str(url),reason="This url was recently purchased and may contain malicious content, be wary when continuing.")
db.session.add(record)
db.session.commit()
app.logger.info(record.id)
return render_template("check.html",second=resp+"This url was recently purchased and may contain malicious content, be wary when continuing.</h1>")
else:
pass

## URL PHISHING SIMILARITY ##


return render_template("check.html",second=resp+"This URL has been checked and is clean so far, you should still take caution if you are unsure submit a manual request.</h1>")






if __name__ == "__main__":
app.run()





97 check.html
View file
@@ -0,0 +1,97 @@

<html><head><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0">
<link href="https://fonts.googleapis.com/css2?family=Fjalla+One&amp;display=swap" rel="stylesheet">
<link href="/static/css/front.css?h" rel="stylesheet">
</head><body><nav>
<ul>

<div class="navlinks">
<a href="/"><img id="leftnav" src="/static/img/logo.png"></a>
<div class="insideN"><a href="/check">URL Check</a>
<a href="/">URL Shortener</a><a href="https://tinyl.uk/abuse">Report Abuse</a>
</div>
</div>
</ul>
</nav>

<div class="userform">
<h1 class="title-url">Enter the URL you wish to check</h1>
{{second | safe}}
<form action="/check" method="POST">
<input id="url" type="url" name="url" required="">
<br>
<input type="submit" id="submit" value="Check URL" name="click">
</form>
</div>
<div style="margin-top:10%">
<img src="/static/img/scroll.PNG">
</div>
<div class="promo-content">
<div class="container1">
<h1 class="title-promo">About this service</h1>
<div>
<p>Welcome to tinyl.uk, our free to use service which allows users to shorten up to 3 links each day and check unlimited URLs with our safety checker tool.<br>The service offered works as such: <br> Provide a valid url to shorten.<br> You will then be redirected to a page with your new shortened link which you can distribute<br><br> We offer custom solutions such as custom paths/extensions however this is only included in the <span style="font-size:24px;"><a href="/web/20210424232427/https://tinyl.uk/premium">premium</a></span> package.<br><br>Link tracking is also a feature which we offer as part of our free plan allowing anyone to track the traffic flow through their tinyl link.
</p>
</div>
</div>
<div class="container2">
<h1 class="title-promo">Want to go a step further with your business/marketing?</h1>

<p>Our premium package includes the following features</p>
<table>
<tbody>
<tr>
<th>
Free
</th>
<th>
Premium
</th>
</tr>
<tr>
<td>
Shorten 3 Links Per Day
</td>
<td>
Shorten Up To 50 Links Per Day
</td>
</tr>
<tr>
<td>
X
</td>
<td>
Real Time Analytics Provided For Each Shortened Link In Your Dashboard
</td>
</tr>
<tr>
<td>
X
</td>
<td>
Re-Route Destination URL
</td>
</tr>
<tr>
<td>
X
</td>
<td>
Social Media Integration
</td>
</tr>
<tr>
<td>
X
</td>
<td>
API Access
</td>
</tr>
</tbody>
</table>
<p>For enquiries contact us on enquiries@tinyl.uk</p>

</div>
</div>
</body></html>
96 index.html
View file
@@ -0,0 +1,96 @@

<html><head><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0">
<link href="https://fonts.googleapis.com/css2?family=Fjalla+One&amp;display=swap" rel="stylesheet">
<link href="/static/css/front.css?sk" rel="stylesheet">
</head><body><nav>
<ul>

<div class="navlinks">
<a href="/"><img id="leftnav" src="/static/img/logo.png"></a>
<div class="insideN"><a href="/check">URL Check</a>
<a href=/">URL Shortener</a><a href="https://tinyl.uk/abuse">Report Abuse</a>
</div>
</div>
</ul>
</nav>

<div class="userform">
<h1 class="title-url">Paste your long URL here</h1>
<form action="/" method="POST">
<input id="url" type="url" name="url" required="">
<br>
<input type="submit" id="submit" value="Get SHORTurl" name="click">
</form>
</div>
<div style="margin-top:10%">
<img src="/static/img/scroll.PNG">
</div>
<div class="promo-content">
<div class="container1">
<h1 class="title-promo">About this service</h1>
<div>
<p>Welcome to tinyl.uk, our free to use service which allows users to shorten up to 3 links each day and check unlimited URLs with our safety checker tool.<br>The service offered works as such: <br> Provide a valid url to shorten.<br> You will then be redirected to a page with your new shortened link which you can distribute<br><br> We offer custom solutions such as custom paths/extensions however this is only included in the <span style="font-size:24px;"><a href="/web/20210424232427/https://tinyl.uk/premium">premium</a></span> package.<br><br>Link tracking is also a feature which we offer as part of our free plan allowing anyone to track the traffic flow through their tinyl link.
</p>
</div>
</div>
<div class="container2">
<h1 class="title-promo">Want to go a step further with your business/marketing?</h1>

<p>Our premium package includes the following features</p>
<table>
<tbody>
<tr>
<th>
Free
</th>
<th>
Premium
</th>
</tr>
<tr>
<td>
Shorten 3 Links Per Day
</td>
<td>
Shorten Up To 50 Links Per Day
</td>
</tr>
<tr>
<td>
X
</td>
<td>
Real Time Analytics Provided For Each Shortened Link In Your Dashboard
</td>
</tr>
<tr>
<td>
X
</td>
<td>
Re-Route Destination URL
</td>
</tr>
<tr>
<td>
X
</td>
<td>
Social Media Integration
</td>
</tr>
<tr>
<td>
X
</td>
<td>
API Access
</td>
</tr>
</tbody>
</table>
<p>For enquiries contact us on enquiries@tinyl.uk</p>

</div>
</div>
</body></html>

0 comments on commit 9601c29

Please sign in to comment.