From a34547dab14558fadff369b1cdabb274ecc89c90 Mon Sep 17 00:00:00 2001 From: Windham Wong Date: Thu, 19 Oct 2017 14:19:16 +0100 Subject: [PATCH] Sync up and fix issues Renaming from tcpdump into packets category. Adding a new packet category. Update structures --- src/core/config/Categories.js | 9 +- src/core/config/OperationConfig.js | 18 +-- src/core/config/modules/Compression.js | 1 + src/core/config/modules/Default.js | 2 + src/core/config/modules/OpModules.js | 4 +- src/core/config/modules/Packets.js | 19 +++ src/core/operations/Packets.js | 54 +++++++ src/core/operations/nTcpdump.js | 201 ------------------------- 8 files changed, 93 insertions(+), 215 deletions(-) create mode 100644 src/core/config/modules/Packets.js create mode 100644 src/core/operations/Packets.js delete mode 100644 src/core/operations/nTcpdump.js diff --git a/src/core/config/Categories.js b/src/core/config/Categories.js index b5912771..3d48bda3 100755 --- a/src/core/config/Categories.js +++ b/src/core/config/Categories.js @@ -27,7 +27,6 @@ const Categories = [ ops: [ "To Hexdump", "From Hexdump", - "From nTcpdump", "From 0x[Hex]", "From Char(Hex)", "To Hex", @@ -137,7 +136,6 @@ const Categories = [ ops: [ "HTTP request", "Strip HTTP headers", - "HTTP gzip decrypt", "Parse User Agent", "Parse IP range", "Parse IPv6 address", @@ -300,6 +298,13 @@ const Categories = [ "To Kebab case", ] }, + { + name: "Packets", + ops: [ + "From Tcpdump", + "HTTP gzip Decrypt", + ] + }, { name: "Other", ops: [ diff --git a/src/core/config/OperationConfig.js b/src/core/config/OperationConfig.js index 7c9da98b..6e477617 100755 --- a/src/core/config/OperationConfig.js +++ b/src/core/config/OperationConfig.js @@ -36,8 +36,6 @@ import Tidy from "../operations/Tidy.js"; import Unicode from "../operations/Unicode.js"; import URL_ from "../operations/URL.js"; -import nTcpdump from "../operations/nTcpdump.js"; - /** * Type definition for an OpConf. * @@ -501,8 +499,8 @@ const OperationConfig = { ] }, "From 0x[Hex]": { + module: "Default", description: "Converts a hexadecimal byte string back into a its raw value.

e.g. 0x217e21 becomes the UTF-8 encoded string !~!", - run: ByteRepr.runFrom0xHex, highlight: ByteRepr.highlightFrom, highlightReverse: ByteRepr.highlightTo, inputType: "string", @@ -510,8 +508,8 @@ const OperationConfig = { args: [] }, "From Char(Hex)": { + module: "Default", description: "Converts a hexadecimal byte string back into a its raw value.

e.g. chr(33) becomes the UTF-8 encoded string !", - run: ByteRepr.runFromCharHex, highlight: ByteRepr.highlightFrom, highlightReverse: ByteRepr.highlightTo, inputType: "string", @@ -675,11 +673,9 @@ const OperationConfig = { } ] }, - "From nTcpdump": { - description: "For Tcpdump conversion only.", - run: nTcpdump.runFrom, - highlight: nTcpdump.highlightFrom, - highlightReverse: nTcpdump.highlightTo, + "From Tcpdump": { + module: "Packets", + description: "[DEPRECATED] Converts Tcpdump hex to string", inputType: "string", outputType: "byteArray", args: [] @@ -1767,9 +1763,9 @@ const OperationConfig = { outputType: "string", args: [] }, - "HTTP gzip decrypt": { + "HTTP gzip Decrypt": { + module: "Compression", description: "Decrypts Gzip payload from a request or response and returning plaintext of the header and decrypted payload.", - run: Compress.runHttpGzip, inputType: "byteArray", outputType: "byteArray", args: [] diff --git a/src/core/config/modules/Compression.js b/src/core/config/modules/Compression.js index aa8d074f..bbe05bfa 100644 --- a/src/core/config/modules/Compression.js +++ b/src/core/config/modules/Compression.js @@ -26,6 +26,7 @@ OpModules.Compression = { "Bzip2 Decompress": Compress.runBzip2Decompress, "Tar": Compress.runTar, "Untar": Compress.runUntar, + "HTTP gzip Decrypt":Compress.runHttpGzip, }; diff --git a/src/core/config/modules/Default.js b/src/core/config/modules/Default.js index 682db223..9a588936 100644 --- a/src/core/config/modules/Default.js +++ b/src/core/config/modules/Default.js @@ -51,6 +51,8 @@ OpModules.Default = { "From Hexdump": Hexdump.runFrom, "To Hex": ByteRepr.runToHex, "From Hex": ByteRepr.runFromHex, + "From 0x[Hex]": ByteRepr.runFrom0xHex, + "From Char(Hex)": ByteRepr.runFromCharHex, "To Octal": ByteRepr.runToOct, "From Octal": ByteRepr.runFromOct, "To Charcode": ByteRepr.runToCharcode, diff --git a/src/core/config/modules/OpModules.js b/src/core/config/modules/OpModules.js index 3f3963c3..b7a9ca2b 100644 --- a/src/core/config/modules/OpModules.js +++ b/src/core/config/modules/OpModules.js @@ -20,6 +20,7 @@ import JSBNModule from "./JSBN.js"; import PublicKeyModule from "./PublicKey.js"; import ShellcodeModule from "./Shellcode.js"; import URLModule from "./URL.js"; +import PacketsModule from "./Packets.js"; Object.assign( OpModules, @@ -35,7 +36,8 @@ Object.assign( JSBNModule, PublicKeyModule, ShellcodeModule, - URLModule + URLModule, + PacketsModule ); export default OpModules; diff --git a/src/core/config/modules/Packets.js b/src/core/config/modules/Packets.js new file mode 100644 index 00000000..88f3d7a8 --- /dev/null +++ b/src/core/config/modules/Packets.js @@ -0,0 +1,19 @@ +import Packets from "../../operations/Packets.js"; + +/** + * Packets module. + * + * Libraries: + * - Utils.js + * + * @author drkna [whytho@email] + * @copyright Crown Copyright 2017 + * @license Apache-2.0 + */ +let OpModules = typeof self === "undefined" ? {} : self.OpModules || {}; + +OpModules.Packets = { + "From Tcpdump": Packets.runFromTcpdump, +}; + +export default OpModules; diff --git a/src/core/operations/Packets.js b/src/core/operations/Packets.js new file mode 100644 index 00000000..4ecdf190 --- /dev/null +++ b/src/core/operations/Packets.js @@ -0,0 +1,54 @@ +import Utils from "../Utils.js"; + + +/** + * Packets operations. + * + * @author drkna [whytho@email] + * @copyright Crown Copyright 2016 + * @license Apache-2.0 + * + * @namespace + */ +const Packets = { + + /** + * @constant + * @default + */ + WIDTH: 16, + /** + * @constant + * @default + */ + UPPER_CASE: false, + /** + * @constant + * @default + */ + INCLUDE_FINAL_LENGTH: false, + + /** + * From Tcpdump Hexstring operation. + * + * @param {string} input + * @param {Object[]} args + * @returns {byteArray} + */ + runFromTcpdump: function(input, args) { + let output = []; + let regex = /^\s*(?:0x[\dA-F]{4}:?)?\s*((?:[\dA-F]{4}\s?){1,8})/igm; + let block = regex.exec(input); + while (block) { + let line = Utils.fromHex(block[1].replace(/-/g, " ")); + for (let i = 0; i < line.length; i++) { + output.push(line[i]); + } + block = regex.exec(input); + } + return output; + }, + +}; + +export default Packets; diff --git a/src/core/operations/nTcpdump.js b/src/core/operations/nTcpdump.js deleted file mode 100644 index 0e6f1f63..00000000 --- a/src/core/operations/nTcpdump.js +++ /dev/null @@ -1,201 +0,0 @@ -/* globals app */ -import Utils from "../Utils.js"; - - -/** - * Hexdump operations. - * - * @author n1474335 [n1474335@gmail.com] - * @copyright Crown Copyright 2016 - * @license Apache-2.0 - * - * @namespace - */ -const nTcpdump = { - - /** - * @constant - * @default - */ - WIDTH: 16, - /** - * @constant - * @default - */ - UPPER_CASE: false, - /** - * @constant - * @default - */ - INCLUDE_FINAL_LENGTH: false, - - /** - * To Hexdump operation. - * - * @param {byteArray} input - * @param {Object[]} args - * @returns {string} - */ - runTo: function(input, args) { - let length = args[0] || nTcpdump.WIDTH; - let upperCase = args[1]; - let includeFinalLength = args[2]; - - let output = "", padding = 2; - for (let i = 0; i < input.length; i += length) { - let buff = input.slice(i, i+length); - let hexa = ""; - for (let j = 0; j < buff.length; j++) { - hexa += Utils.hex(buff[j], padding) + " "; - } - - let lineNo = Utils.hex(i, 8); - - if (upperCase) { - hexa = hexa.toUpperCase(); - lineNo = lineNo.toUpperCase(); - } - - output += lineNo + " " + - Utils.padRight(hexa, (length*(padding+1))) + - " |" + Utils.padRight(Utils.printable(Utils.byteArrayToChars(buff)), buff.length) + "|\n"; - - if (includeFinalLength && i+buff.length === input.length) { - output += Utils.hex(i+buff.length, 8) + "\n"; - } - } - - return output.slice(0, -1); - }, - - - /** - * From Hexdump operation. - * - * @param {string} input - * @param {Object[]} args - * @returns {byteArray} - */ - runFrom: function(input, args) { - let output = []; - let regex = /^\s*(?:0x[\dA-F]{4}:?)?\s*((?:[\dA-F]{4}\s?){1,8})/igm; - let block = regex.exec(input); - while (block) { - let line = Utils.fromHex(block[1].replace(/-/g, " ")); - for (let i = 0; i < line.length; i++) { - output.push(line[i]); - } - } - // Is this a CyberChef hexdump or is it from a different tool? - let width = input.indexOf("\n"); - let w = (width - 13) / 4; - // w should be the specified width of the hexdump and therefore a round number - if (Math.floor(w) !== w || input.indexOf("\r") !== -1 || output.indexOf(13) !== -1) { - app.options.attemptHighlight = false; - } - return output; - }, - - - /** - * Highlight to hexdump - * - * @param {Object[]} pos - * @param {number} pos[].start - * @param {number} pos[].end - * @param {Object[]} args - * @returns {Object[]} pos - */ - highlightTo: function(pos, args) { - // Calculate overall selection - let w = args[0] || 16, - width = 14 + (w*4), - line = Math.floor(pos[0].start / w), - offset = pos[0].start % w, - start = 0, - end = 0; - - pos[0].start = line*width + 10 + offset*3; - - line = Math.floor(pos[0].end / w); - offset = pos[0].end % w; - if (offset === 0) { - line--; - offset = w; - } - pos[0].end = line*width + 10 + offset*3 - 1; - - // Set up multiple selections for bytes - let startLineNum = Math.floor(pos[0].start / width); - let endLineNum = Math.floor(pos[0].end / width); - - if (startLineNum === endLineNum) { - pos.push(pos[0]); - } else { - start = pos[0].start; - end = (startLineNum+1) * width - w - 5; - pos.push({ start: start, end: end }); - while (end < pos[0].end) { - startLineNum++; - start = startLineNum * width + 10; - end = (startLineNum+1) * width - w - 5; - if (end > pos[0].end) end = pos[0].end; - pos.push({ start: start, end: end }); - } - } - - // Set up multiple selections for ASCII - let len = pos.length, lineNum = 0; - start = 0; - end = 0; - for (let i = 1; i < len; i++) { - lineNum = Math.floor(pos[i].start / width); - start = (((pos[i].start - (lineNum * width)) - 10) / 3) + (width - w -2) + (lineNum * width); - end = (((pos[i].end + 1 - (lineNum * width)) - 10) / 3) + (width - w -2) + (lineNum * width); - pos.push({ start: start, end: end }); - } - return pos; - }, - - - /** - * Highlight from hexdump - * - * @param {Object[]} pos - * @param {number} pos[].start - * @param {number} pos[].end - * @param {Object[]} args - * @returns {Object[]} pos - */ - highlightFrom: function(pos, args) { - let w = args[0] || 16; - let width = 14 + (w*4); - - let line = Math.floor(pos[0].start / width); - let offset = pos[0].start % width; - - if (offset < 10) { // In line number section - pos[0].start = line*w; - } else if (offset > 10+(w*3)) { // In ASCII section - pos[0].start = (line+1)*w; - } else { // In byte section - pos[0].start = line*w + Math.floor((offset-10)/3); - } - - line = Math.floor(pos[0].end / width); - offset = pos[0].end % width; - - if (offset < 10) { // In line number section - pos[0].end = line*w; - } else if (offset > 10+(w*3)) { // In ASCII section - pos[0].end = (line+1)*w; - } else { // In byte section - pos[0].end = line*w + Math.ceil((offset-10)/3); - } - - return pos; - }, - -}; - -export default nTcpdump;