mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-05-07 15:07:11 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

HTTP Gzip decrypt operation

Browse source
This commit is contained in:
windhamwong@nva-hk.com 2017-07-04 15:40:02 +01:00
parent 85d41085de
commit 3b3e0fcd76
4 changed files with 30 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
package.json
View file

@ -80,6 +80,7 @@
"lodash": "^4.17.4", "lodash": "^4.17.4",
"moment": "^2.17.1", "moment": "^2.17.1",
"moment-timezone": "^0.5.11", "moment-timezone": "^0.5.11",
"pako": "^1.0.5",
"sladex-blowfish": "^0.8.1", "sladex-blowfish": "^0.8.1",
"sortablejs": "^1.5.1", "sortablejs": "^1.5.1",
"split.js": "^1.2.0", "split.js": "^1.2.0",

1
src/core/config/Categories.js
View file

@ -130,6 +130,7 @@ const Categories = [
ops: [ ops: [
"HTTP request", "HTTP request",
"Strip HTTP headers", "Strip HTTP headers",
"HTTP gzip decrypt",
"Parse User Agent", "Parse User Agent",
"Parse IP range", "Parse IP range",
"Parse IPv6 address", "Parse IPv6 address",

7
src/core/config/OperationConfig.js
View file

@ -1678,6 +1678,13 @@ const OperationConfig = {
outputType: "string", outputType: "string",
args: [] args: []
}, },
"HTTP gzip decrypt": {
description: "Decrypts Gzip payload from a request or response and returning plaintext of the header and decrypted payload.",
run: Compress.runHttpGzip,
inputType: "byteArray",
outputType: "byteArray",
args: []
},
"Parse User Agent": { "Parse User Agent": {
description: "Attempts to identify and categorise information contained in a user-agent string.", description: "Attempts to identify and categorise information contained in a user-agent string.",
run: HTTP.runParseUserAgent, run: HTTP.runParseUserAgent,

21
src/core/operations/Compress.js
View file

@ -5,6 +5,7 @@ import zlibAndGzip from "zlibjs/bin/zlib_and_gzip.min";
import zip from "zlibjs/bin/zip.min"; import zip from "zlibjs/bin/zip.min";
import unzip from "zlibjs/bin/unzip.min"; import unzip from "zlibjs/bin/unzip.min";
import bzip2 from "exports-loader?bzip2!../lib/bzip2.js"; import bzip2 from "exports-loader?bzip2!../lib/bzip2.js";
import pako from "pako/index.js";
const Zlib = { const Zlib = {
RawDeflate: rawdeflate.Zlib.RawDeflate, RawDeflate: rawdeflate.Zlib.RawDeflate,
@ -254,6 +255,26 @@ const Compress = {
}, },
/**
* HTTP Gzip operation.
*
* @param {byteArray} input
* @param {Object[]} args
* @returns {byteArray}
*/
runHttpGzip: function(input, args) {
input = Utils.byteArrayToHex(input, "");
let regexStr = /1f8b080[0-8][0-9a-f]{12}/;
let gzipPos = input.search(regexStr);
let plainData = input.substr(0, gzipPos);
let gzipData = input.substr(gzipPos);
gzipData = Utils.hexToByteArray(gzipData);
return Utils.hexToByteArray(plainData).concat(Array.prototype.slice.call(pako.ungzip(gzipData)));
},
/** /**
* @constant * @constant
* @default * @default