Home > Uncategorized > Detect #Phising links in user submitted urls in C#

Detect #Phising links in user submitted urls in C#

download

If your website displays urls which are user-submitted, then you can use a free API by google called Safe Browsing (key required), to detect if these are phishing / malware urls – here is the code, with the Google API Key removed;

static bool IsMalware(string url)
{
/*
http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/MALWARE/URL/
http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/SOCIAL_ENGINEERING/URL/
http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/UNWANTED_SOFTWARE/URL/
*/
var strRequestJson = File.ReadAllText(“requestjson.json”);
strRequestJson = strRequestJson.Replace(“*PLACEHOLDER*”, url);
WebClient wc = new WebClient();
var strurl = “https://safebrowsing.googleapis.com/v4/threatMatches:find?key=xxxx”;
wc.Headers[HttpRequestHeader.ContentType] = “application/json”;
var strResult = wc.UploadString(strurl, strRequestJson);
if (strResult.Trim() == “{}”) return false;
return true;
}

You will also need the file requestjson.json set to copy always in the build options, with the following content;

{
“client”: {
“clientId”: “yourcompanyname”,
“clientVersion”: “1.5.2”
},
“threatInfo”: {
“threatTypes”: [ “MALWARE”, “SOCIAL_ENGINEERING” , “UNWANTED_SOFTWARE” ],
“platformTypes”: [ “WINDOWS” ],
“threatEntryTypes”: [ “URL” ],
“threatEntries”: [
{ “url”: “*PLACEHOLDER*” }
]
}
}

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: