From 7a5225c961a5e0d192b03152117cd10a761f73d6 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 14 Aug 2024 15:21:57 +0100 Subject: [PATCH 1/9] Fixed JA4 version fallback value --- src/core/lib/JA4.mjs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/lib/JA4.mjs b/src/core/lib/JA4.mjs index 5e606f46..f600f4d8 100644 --- a/src/core/lib/JA4.mjs +++ b/src/core/lib/JA4.mjs @@ -44,7 +44,7 @@ export function toJA4(bytes) { the TLS version is the value of the Protocol Version. Handshake version (located at the top of the packet) should be ignored. */ - let version = tlsr.version.value; + let version = tlsr.handshake.value.helloVersion.value; for (const ext of tlsr.handshake.value.extensions.value) { if (ext.type.value === "supported_versions") { version = parseHighestSupportedVersion(ext.value.data); @@ -189,7 +189,7 @@ export function toJA4S(bytes) { the TLS version is the value of the Protocol Version. Handshake version (located at the top of the packet) should be ignored. */ - let version = tlsr.version.value; + let version = tlsr.handshake.value.helloVersion.value; for (const ext of tlsr.handshake.value.extensions.value) { if (ext.type.value === "supported_versions") { version = parseHighestSupportedVersion(ext.value.data); From 5f88ae44ec77228d9bed8f11e8cc8e7dcfb36914 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 14 Aug 2024 15:22:06 +0100 Subject: [PATCH 2/9] 10.19.1 --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index a006a853..3d098c7c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "cyberchef", - "version": "10.19.0", + "version": "10.19.1", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "cyberchef", - "version": "10.19.0", + "version": "10.19.1", "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { diff --git a/package.json b/package.json index 710a42e0..e458bd9b 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cyberchef", - "version": "10.19.0", + "version": "10.19.1", "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.", "author": "n1474335 ", "homepage": "https://gchq.github.io/CyberChef", From 0e82e4b7c6c77cadb8be61cb145e081d6ecfdc88 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 14 Aug 2024 15:35:12 +0100 Subject: [PATCH 3/9] Updated chromedriver --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3d098c7c..aa018e1c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -115,7 +115,7 @@ "babel-plugin-dynamic-import-node": "^2.3.3", "babel-plugin-transform-builtin-extend": "1.1.2", "base64-loader": "^1.0.0", - "chromedriver": "^125.0.3", + "chromedriver": "^127.0.2", "cli-progress": "^3.12.0", "colors": "^1.4.0", "copy-webpack-plugin": "^12.0.2", @@ -5093,9 +5093,9 @@ } }, "node_modules/chromedriver": { - "version": "125.0.3", - "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-125.0.3.tgz", - "integrity": "sha512-Qzuk5Wian2o3EVGjtbz6V/jv+pT/AV9246HbG6kUljZXXjsKZLZxqJC+kHR3qEh/wdv4EJD0YwAOWV72v9hogw==", + "version": "127.0.2", + "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-127.0.2.tgz", + "integrity": "sha512-mYfJ/8FqzsdFOs2rPiAI4y0suFnv78cRnzZK0MHdSfSIDeRPbqZz0rNX4lrXt14hXc9vqXa+a8cMxlrhWtXKSQ==", "dev": true, "hasInstallScript": true, "dependencies": { diff --git a/package.json b/package.json index e458bd9b..bde3df48 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "babel-plugin-dynamic-import-node": "^2.3.3", "babel-plugin-transform-builtin-extend": "1.1.2", "base64-loader": "^1.0.0", - "chromedriver": "^125.0.3", + "chromedriver": "^127.0.2", "cli-progress": "^3.12.0", "colors": "^1.4.0", "copy-webpack-plugin": "^12.0.2", From d635cca2106aae2a59caf0e5d7e3633ee1ea3155 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 14 Aug 2024 15:35:17 +0100 Subject: [PATCH 4/9] 10.19.2 --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index aa018e1c..3904f840 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "cyberchef", - "version": "10.19.1", + "version": "10.19.2", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "cyberchef", - "version": "10.19.1", + "version": "10.19.2", "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { diff --git a/package.json b/package.json index bde3df48..cc3517d3 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cyberchef", - "version": "10.19.1", + "version": "10.19.2", "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.", "author": "n1474335 ", "homepage": "https://gchq.github.io/CyberChef", From 895a9299255525cb57886deb9d9fd4ba17ae9548 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 23 Oct 2024 14:03:09 +0100 Subject: [PATCH 5/9] Fixed RSA Sign and Verify character encodings --- src/core/operations/RSASign.mjs | 2 +- src/core/operations/RSAVerify.mjs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/operations/RSASign.mjs b/src/core/operations/RSASign.mjs index 25160f53..5091549f 100644 --- a/src/core/operations/RSASign.mjs +++ b/src/core/operations/RSASign.mjs @@ -60,7 +60,7 @@ class RSASign extends Operation { const privateKey = forge.pki.decryptRsaPrivateKey(key, password); // Generate message hash const md = MD_ALGORITHMS[mdAlgo].create(); - md.update(input, "utf8"); + md.update(input, "raw"); // Sign message hash const sig = privateKey.sign(md); return sig; diff --git a/src/core/operations/RSAVerify.mjs b/src/core/operations/RSAVerify.mjs index 89b7d81f..11dc0fb4 100644 --- a/src/core/operations/RSAVerify.mjs +++ b/src/core/operations/RSAVerify.mjs @@ -60,7 +60,7 @@ class RSAVerify extends Operation { const pubKey = forge.pki.publicKeyFromPem(pemKey); // Generate message digest const md = MD_ALGORITHMS[mdAlgo].create(); - md.update(message, "utf8"); + md.update(message, "raw"); // Compare signed message digest and generated message digest const result = pubKey.verify(md.digest().bytes(), input); return result ? "Verified OK" : "Verification Failure"; From 270a33317944612d27ea1cc15275ad6b0ed097e5 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 23 Oct 2024 14:03:18 +0100 Subject: [PATCH 6/9] 10.19.3 --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3904f840..5a0f7635 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "cyberchef", - "version": "10.19.2", + "version": "10.19.3", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "cyberchef", - "version": "10.19.2", + "version": "10.19.3", "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { diff --git a/package.json b/package.json index cc3517d3..f18f30f3 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cyberchef", - "version": "10.19.2", + "version": "10.19.3", "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.", "author": "n1474335 ", "homepage": "https://gchq.github.io/CyberChef", From d3adfc7c3e5719279524356bce5261bd8350c0f8 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 23 Oct 2024 15:53:07 +0100 Subject: [PATCH 7/9] Updated chromedriver --- package-lock.json | 18 +++++++++--------- package.json | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5a0f7635..ed51b00a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -115,7 +115,7 @@ "babel-plugin-dynamic-import-node": "^2.3.3", "babel-plugin-transform-builtin-extend": "1.1.2", "base64-loader": "^1.0.0", - "chromedriver": "^127.0.2", + "chromedriver": "^130.0.0", "cli-progress": "^3.12.0", "colors": "^1.4.0", "copy-webpack-plugin": "^12.0.2", @@ -3982,12 +3982,12 @@ } }, "node_modules/axios": { - "version": "1.6.7", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.7.tgz", - "integrity": "sha512-/hDJGff6/c7u0hDkvkGxR/oy6CbCs8ziCsC7SqmhjfozqiJGc8Z11wrv9z9lYfY4K8l+H9TpjcMDX0xOZmx+RA==", + "version": "1.7.7", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.7.tgz", + "integrity": "sha512-S4kL7XrjgBmvdGut0sN3yJxqYzrDOnivkBiN0OFs6hLiUam3UPvswUo0kqGyhqUZGEOytHyumEdXsAkgCOUf3Q==", "dev": true, "dependencies": { - "follow-redirects": "^1.15.4", + "follow-redirects": "^1.15.6", "form-data": "^4.0.0", "proxy-from-env": "^1.1.0" } @@ -5093,14 +5093,14 @@ } }, "node_modules/chromedriver": { - "version": "127.0.2", - "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-127.0.2.tgz", - "integrity": "sha512-mYfJ/8FqzsdFOs2rPiAI4y0suFnv78cRnzZK0MHdSfSIDeRPbqZz0rNX4lrXt14hXc9vqXa+a8cMxlrhWtXKSQ==", + "version": "130.0.0", + "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-130.0.0.tgz", + "integrity": "sha512-1g1eMoKF22Uh6l8DTFOPvWLovINPrkAMw7yDHlF6Rx+4W4JI9aGdCZ2Cx7c181hUgALU1oSKGH3uKNryYM5DaQ==", "dev": true, "hasInstallScript": true, "dependencies": { "@testim/chrome-version": "^1.1.4", - "axios": "^1.6.7", + "axios": "^1.7.4", "compare-versions": "^6.1.0", "extract-zip": "^2.0.1", "proxy-agent": "^6.4.0", diff --git a/package.json b/package.json index f18f30f3..005725da 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "babel-plugin-dynamic-import-node": "^2.3.3", "babel-plugin-transform-builtin-extend": "1.1.2", "base64-loader": "^1.0.0", - "chromedriver": "^127.0.2", + "chromedriver": "^130.0.0", "cli-progress": "^3.12.0", "colors": "^1.4.0", "copy-webpack-plugin": "^12.0.2", From 47c85a105ddbdd4cabfa44ddddbc56e3907a8c33 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 23 Oct 2024 16:02:08 +0100 Subject: [PATCH 8/9] Added message format arg to RSA Verify operation --- src/core/operations/RSAVerify.mjs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/core/operations/RSAVerify.mjs b/src/core/operations/RSAVerify.mjs index 11dc0fb4..8160438c 100644 --- a/src/core/operations/RSAVerify.mjs +++ b/src/core/operations/RSAVerify.mjs @@ -8,6 +8,7 @@ import Operation from "../Operation.mjs"; import OperationError from "../errors/OperationError.mjs"; import forge from "node-forge"; import { MD_ALGORITHMS } from "../lib/RSA.mjs"; +import Utils from "../Utils.mjs"; /** * RSA Verify operation @@ -37,6 +38,11 @@ class RSAVerify extends Operation { type: "text", value: "" }, + { + name: "Message format", + type: "option", + value: ["Raw", "Hex", "Base64"] + }, { name: "Message Digest Algorithm", type: "option", @@ -51,7 +57,7 @@ class RSAVerify extends Operation { * @returns {string} */ run(input, args) { - const [pemKey, message, mdAlgo] = args; + const [pemKey, message, format, mdAlgo] = args; if (pemKey.replace("-----BEGIN RSA PUBLIC KEY-----", "").length === 0) { throw new OperationError("Please enter a public key."); } @@ -60,7 +66,8 @@ class RSAVerify extends Operation { const pubKey = forge.pki.publicKeyFromPem(pemKey); // Generate message digest const md = MD_ALGORITHMS[mdAlgo].create(); - md.update(message, "raw"); + const messageStr = Utils.convertToByteString(message, format); + md.update(messageStr, "raw"); // Compare signed message digest and generated message digest const result = pubKey.verify(md.digest().bytes(), input); return result ? "Verified OK" : "Verification Failure"; From 3822c6c520a0b4200abc675c33f46082f5b9efc6 Mon Sep 17 00:00:00 2001 From: n1474335 Date: Wed, 23 Oct 2024 16:10:44 +0100 Subject: [PATCH 9/9] 10.19.4 --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index ed51b00a..af5fd6dd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "cyberchef", - "version": "10.19.3", + "version": "10.19.4", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "cyberchef", - "version": "10.19.3", + "version": "10.19.4", "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { diff --git a/package.json b/package.json index 005725da..54664eb1 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cyberchef", - "version": "10.19.3", + "version": "10.19.4", "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.", "author": "n1474335 ", "homepage": "https://gchq.github.io/CyberChef",