mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-23 00:06:17 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of github.com:gchq/CyberChef into node-lib

Browse source
This commit is contained in:
d98762625 2018-12-21 09:47:28 +00:00
commit 456b85ed03
20 changed files with 990 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

63
src/core/operations/A1Z26CipherDecode.mjs Normal file
View file

@ -0,0 +1,63 @@
/**
* @author Jarmo van Lenthe [github.com/jarmovanlenthe]
* @copyright Crown Copyright 2018
* @license Apache-2.0
*/
import Operation from "../Operation";
import Utils from "../Utils";
import {DELIM_OPTIONS} from "../lib/Delim";
import OperationError from "../errors/OperationError";
/**
* A1Z26 Cipher Decode operation
*/
class A1Z26CipherDecode extends Operation {
/**
* A1Z26CipherDecode constructor
*/
constructor() {
super();
this.name = "A1Z26 Cipher Decode";
this.module = "Ciphers";
this.description = "Converts alphabet order numbers into their corresponding alphabet character.<br><br>e.g. <code>1</code> becomes <code>a</code> and <code>2</code> becomes <code>b</code>.";
this.infoURL = "";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
name: "Delimiter",
type: "option",
value: DELIM_OPTIONS
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const delim = Utils.charRep(args[0] || "Space");
if (input.length === 0) {
return [];
}
const bites = input.split(delim);
let latin1 = "";
for (let i = 0; i < bites.length; i++) {
if (bites[i] < 1 || bites[i] > 26) {
throw new OperationError("Error: all numbers must be between 1 and 26.");
}
latin1 += Utils.chr(parseInt(bites[i], 10) + 96);
}
return latin1;
}
}
export default A1Z26CipherDecode;

61
src/core/operations/A1Z26CipherEncode.mjs Normal file
View file

@ -0,0 +1,61 @@
/**
* @author Jarmo van Lenthe [github.com/jarmovanlenthe]
* @copyright Crown Copyright 2018
* @license Apache-2.0
*/
import Operation from "../Operation";
import Utils from "../Utils";
import {DELIM_OPTIONS} from "../lib/Delim";
/**
* A1Z26 Cipher Encode operation
*/
class A1Z26CipherEncode extends Operation {
/**
* A1Z26CipherEncode constructor
*/
constructor() {
super();
this.name = "A1Z26 Cipher Encode";
this.module = "Ciphers";
this.description = "Converts alphabet characters into their corresponding alphabet order number.<br><br>e.g. <code>a</code> becomes <code>1</code> and <code>b</code> becomes <code>2</code>.<br><br>Non-alphabet characters are dropped.";
this.infoURL = "";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
name: "Delimiter",
type: "option",
value: DELIM_OPTIONS
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const delim = Utils.charRep(args[0] || "Space");
let output = "";
const sanitizedinput = input.toLowerCase(),
charcode = Utils.strToCharcode(sanitizedinput);
for (let i = 0; i < charcode.length; i++) {
const ordinal = charcode[i] - 96;
if (ordinal > 0 && ordinal <= 26) {
output += ordinal.toString(10) + delim;
}
}
return output.slice(0, -delim.length);
}
}
export default A1Z26CipherEncode;

58
src/core/operations/FromBase62.mjs Normal file
View file

@ -0,0 +1,58 @@
/**
* @author tcode2k16 [tcode2k16@gmail.com]
* @copyright Crown Copyright 2018
* @license Apache-2.0
*/
import Operation from "../Operation";
import BigNumber from "bignumber.js";
import Utils from "../Utils";
/**
* From Base62 operation
*/
class FromBase62 extends Operation {
/**
* FromBase62 constructor
*/
constructor() {
super();
this.name = "From Base62";
this.module = "Default";
this.description = "Base62 is a notation for encoding arbitrary byte data using a restricted set of symbols that can be conveniently used by humans and processed by computers. The high number base results in shorter strings than with the decimal or hexadecimal system.";
this.infoURL = "https://wikipedia.org/wiki/List_of_numeral_systems";
this.inputType = "string";
this.outputType = "byteArray";
this.args = [
{
name: "Alphabet",
type: "string",
value: "0-9A-Za-z"
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {byteArray}
*/
run(input, args) {
if (input.length < 1) return [];
const ALPHABET = Utils.expandAlphRange(args[0]).join("");
const BN = BigNumber.clone({ ALPHABET });
const re = new RegExp("[^" + ALPHABET.replace(/[[\]\\\-^$]/g, "\\$&") + "]", "g");
input = input.replace(re, "");
const number = new BN(input, 62);
return Utils.convertToByteArray(number.toString(16), "Hex");
}
}
export default FromBase62;

2
src/core/operations/HMAC.mjs
View file

@ -72,7 +72,7 @@ class HMAC extends Operation {
msg = Utils.arrayBufferToStr(input, false),
hasher = CryptoApi.getHasher(hashFunc);
const mac = CryptoApi.getHmac(CryptoApi.encoder.fromUtf(key), hasher);
const mac = CryptoApi.getHmac(key, hasher);
mac.update(msg);
return CryptoApi.encoder.toHex(mac.finalize());
}

17
src/core/operations/Magic.mjs
View file

@ -23,7 +23,7 @@ class Magic extends Operation {
this.name = "Magic";
this.flowControl = true;
this.module = "Default";
this.description = "The Magic operation attempts to detect various properties of the input data and suggests which operations could help to make more sense of it.<br><br><b>Options</b><br><u>Depth:</u> If an operation appears to match the data, it will be run and the result will be analysed further. This argument controls the maximum number of levels of recursion.<br><br><u>Intensive mode:</u> When this is turned on, various operations like XOR, bit rotates, and character encodings are brute-forced to attempt to detect valid data underneath. To improve performance, only the first 100 bytes of the data is brute-forced.<br><br><u>Extensive language support:</u> At each stage, the relative byte frequencies of the data will be compared to average frequencies for a number of languages. The default set consists of ~40 of the most commonly used languages on the Internet. The extensive list consists of 284 languages and can result in many languages matching the data if their byte frequencies are similar.";
this.description = "The Magic operation attempts to detect various properties of the input data and suggests which operations could help to make more sense of it.<br><br><b>Options</b><br><u>Depth:</u> If an operation appears to match the data, it will be run and the result will be analysed further. This argument controls the maximum number of levels of recursion.<br><br><u>Intensive mode:</u> When this is turned on, various operations like XOR, bit rotates, and character encodings are brute-forced to attempt to detect valid data underneath. To improve performance, only the first 100 bytes of the data is brute-forced.<br><br><u>Extensive language support:</u> At each stage, the relative byte frequencies of the data will be compared to average frequencies for a number of languages. The default set consists of ~40 of the most commonly used languages on the Internet. The extensive list consists of 284 languages and can result in many languages matching the data if their byte frequencies are similar.<br><br>Optionally enter a regular expression to match a string you expect to find to filter results (crib).";
this.infoURL = "https://github.com/gchq/CyberChef/wiki/Automatic-detection-of-encoded-data-using-CyberChef-Magic";
this.inputType = "ArrayBuffer";
this.outputType = "JSON";
@ -43,6 +43,11 @@ class Magic extends Operation {
"name": "Extensive language support",
"type": "boolean",
"value": false
},
{
"name": "Crib (known plaintext string or regex)",
"type": "string",
"value": ""
}
];
}
@ -56,10 +61,16 @@ class Magic extends Operation {
*/
async run(state) {
const ings = state.opList[state.progress].ingValues,
[depth, intensive, extLang] = ings,
[depth, intensive, extLang, crib] = ings,
dish = state.dish,
magic = new MagicLib(await dish.get(Dish.ARRAY_BUFFER)),
options = await magic.speculativeExecution(depth, extLang, intensive);
cribRegex = (crib && crib.length) ? new RegExp(crib, "i") : null;
let options = await magic.speculativeExecution(depth, extLang, intensive, [], false, cribRegex);
// Filter down to results which matched the crib
if (cribRegex) {
options = options.filter(option => option.matchesCrib);
}
// Record the current state for use when presenting
this.state = state;

102
src/core/operations/PlayMedia.mjs Normal file
View file

@ -0,0 +1,102 @@
/**
* @author anthony-arnold [anthony.arnold@uqconnect.edu.au]
* @copyright Crown Copyright 2018
* @license Apache-2.0
*/
import { fromBase64, toBase64 } from "../lib/Base64";
import { fromHex } from "../lib/Hex";
import Operation from "../Operation";
import OperationError from "../errors/OperationError";
import Utils from "../Utils";
import Magic from "../lib/Magic";
/**
* PlayMedia operation
*/
class PlayMedia extends Operation {
/**
* PlayMedia constructor
*/
constructor() {
super();
this.name = "Play Media";
this.module = "Default";
this.description = "Plays the input as audio or video depending on the type.<br><br>Tags: sound, movie, mp3, mp4, mov, webm, wav, ogg";
this.infoURL = "";
this.inputType = "string";
this.outputType = "byteArray";
this.presentType = "html";
this.args = [
{
"name": "Input format",
"type": "option",
"value": ["Raw", "Base64", "Hex"]
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {byteArray} The multimedia data as bytes.
*/
run(input, args) {
const [inputFormat] = args;
if (!input.length) return [];
// Convert input to raw bytes
switch (inputFormat) {
case "Hex":
input = fromHex(input);
break;
case "Base64":
// Don't trust the Base64 entered by the user.
// Unwrap it first, then re-encode later.
input = fromBase64(input, undefined, "byteArray");
break;
case "Raw":
default:
input = Utils.strToByteArray(input);
break;
}
// Determine file type
const type = Magic.magicFileType(input);
if (!(type && /^audio|video/.test(type.mime))) {
throw new OperationError("Invalid or unrecognised file type");
}
return input;
}
/**
* Displays an audio or video element that may be able to play the media
* file.
*
* @param data {byteArray} Data containing an audio or video file.
* @returns {string} Markup to display a media player.
*/
async present(data) {
if (!data.length) return "";
const type = Magic.magicFileType(data);
const matches = /^audio|video/.exec(type.mime);
if (!matches) {
throw new OperationError("Invalid file type");
}
const dataURI = `data:${type.mime};base64,${toBase64(data)}`;
const element = matches[0];
let html = `<${element} src='${dataURI}' type='${type.mime}' controls>`;
html += "<p>Unsupported media type.</p>";
html += `</${element}>`;
return html;
}
}
export default PlayMedia;

92
src/core/operations/TextEncodingBruteForce.mjs Normal file
View file

@ -0,0 +1,92 @@
/**
* @author Cynser
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2018
* @license Apache-2.0
*/
import Operation from "../Operation";
import Utils from "../Utils";
import cptable from "../vendor/js-codepage/cptable.js";
import {IO_FORMAT} from "../lib/ChrEnc";
/**
* Text Encoding Brute Force operation
*/
class TextEncodingBruteForce extends Operation {
/**
* TextEncodingBruteForce constructor
*/
constructor() {
super();
this.name = "Text Encoding Brute Force";
this.module = "CharEnc";
this.description = [
"Enumerates all supported text encodings for the input, allowing you to quickly spot the correct one.",
"<br><br>",
"Supported charsets are:",
"<ul>",
Object.keys(IO_FORMAT).map(e => `<li>${e}</li>`).join("\n"),
"</ul>"
].join("\n");
this.infoURL = "https://wikipedia.org/wiki/Character_encoding";
this.inputType = "string";
this.outputType = "json";
this.presentType = "html";
this.args = [
{
name: "Mode",
type: "option",
value: ["Encode", "Decode"]
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {json}
*/
run(input, args) {
const output = {},
charsets = Object.keys(IO_FORMAT),
mode = args[0];
charsets.forEach(charset => {
try {
if (mode === "Decode") {
output[charset] = cptable.utils.decode(IO_FORMAT[charset], input);
} else {
output[charset] = Utils.arrayBufferToStr(cptable.utils.encode(IO_FORMAT[charset], input));
}
} catch (err) {
output[charset] = "Could not decode.";
}
});
return output;
}
/**
* Displays the encodings in an HTML table for web apps.
*
* @param {Object[]} encodings
* @returns {html}
*/
present(encodings) {
let table = "<table class='table table-hover table-sm table-bordered table-nonfluid'><tr><th>Encoding</th><th>Value</th></tr>";
for (const enc in encodings) {
const value = Utils.printable(encodings[enc], true);
table += `<tr><td>${enc}</td><td>${value}</td></tr>`;
}
table += "<table>";
return table;
}
}
export default TextEncodingBruteForce;

58
src/core/operations/ToBase62.mjs Normal file
View file

@ -0,0 +1,58 @@
/**
* @author tcode2k16 [tcode2k16@gmail.com]
* @copyright Crown Copyright 2018
* @license Apache-2.0
*/
import Operation from "../Operation";
import BigNumber from "bignumber.js";
import Utils from "../Utils";
import {toHexFast} from "../lib/Hex";
/**
* To Base62 operation
*/
class ToBase62 extends Operation {
/**
* ToBase62 constructor
*/
constructor() {
super();
this.name = "To Base62";
this.module = "Default";
this.description = "Base62 is a notation for encoding arbitrary byte data using a restricted set of symbols that can be conveniently used by humans and processed by computers. The high number base results in shorter strings than with the decimal or hexadecimal system.";
this.infoURL = "https://wikipedia.org/wiki/List_of_numeral_systems";
this.inputType = "byteArray";
this.outputType = "string";
this.args = [
{
name: "Alphabet",
type: "string",
value: "0-9A-Za-z"
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
if (input.length < 1) return "";
const ALPHABET = Utils.expandAlphRange(args[0]).join("");
const BN = BigNumber.clone({ ALPHABET });
input = toHexFast(input).toUpperCase();
const number = new BN(input, 16);
return number.toString(62);
}
}
export default ToBase62;