mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-05-08 07:21:02 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Sync up and fix issues

Browse source 
Renaming from tcpdump into packets category.
Adding a new packet category.
Update structures
This commit is contained in:
Windham Wong 2017-10-19 14:19:16 +01:00
parent a74d97f2a4
commit a34547dab1
8 changed files with 93 additions and 215 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/core/config/Categories.js
View file

@ -27,7 +27,6 @@ const Categories = [
ops: [
"To Hexdump",
"From Hexdump",
"From nTcpdump",
"From 0x[Hex]",
"From Char(Hex)",
"To Hex",
@ -137,7 +136,6 @@ const Categories = [
ops: [
"HTTP request",
"Strip HTTP headers",
"HTTP gzip decrypt",
"Parse User Agent",
"Parse IP range",
"Parse IPv6 address",
@ -300,6 +298,13 @@ const Categories = [
"To Kebab case",
]
},
{
name: "Packets",
ops: [
"From Tcpdump",
"HTTP gzip Decrypt",
]
},
{
name: "Other",
ops: [

18
src/core/config/OperationConfig.js
View file

@ -36,8 +36,6 @@ import Tidy from "../operations/Tidy.js";
import Unicode from "../operations/Unicode.js";
import URL_ from "../operations/URL.js";
import nTcpdump from "../operations/nTcpdump.js";
/**
* Type definition for an OpConf.
*
@ -501,8 +499,8 @@ const OperationConfig = {
]
},
"From 0x[Hex]": {
module: "Default",
description: "Converts a hexadecimal byte string back into a its raw value.<br><br>e.g. <code>0x217e21</code> becomes the UTF-8 encoded string <code>!~!</code>",
run: ByteRepr.runFrom0xHex,
highlight: ByteRepr.highlightFrom,
highlightReverse: ByteRepr.highlightTo,
inputType: "string",
@ -510,8 +508,8 @@ const OperationConfig = {
args: []
},
"From Char(Hex)": {
module: "Default",
description: "Converts a hexadecimal byte string back into a its raw value.<br><br>e.g. <code>chr(33)</code> becomes the UTF-8 encoded string <code>!</code>",
run: ByteRepr.runFromCharHex,
highlight: ByteRepr.highlightFrom,
highlightReverse: ByteRepr.highlightTo,
inputType: "string",
@ -675,11 +673,9 @@ const OperationConfig = {
}
]
},
"From nTcpdump": {
description: "For Tcpdump conversion only.",
run: nTcpdump.runFrom,
highlight: nTcpdump.highlightFrom,
highlightReverse: nTcpdump.highlightTo,
"From Tcpdump": {
module: "Packets",
description: "[DEPRECATED] Converts Tcpdump hex to string",
inputType: "string",
outputType: "byteArray",
args: []
@ -1767,9 +1763,9 @@ const OperationConfig = {
outputType: "string",
args: []
},
"HTTP gzip decrypt": {
"HTTP gzip Decrypt": {
module: "Compression",
description: "Decrypts Gzip payload from a request or response and returning plaintext of the header and decrypted payload.",
run: Compress.runHttpGzip,
inputType: "byteArray",
outputType: "byteArray",
args: []

1
src/core/config/modules/Compression.js
View file

@ -26,6 +26,7 @@ OpModules.Compression = {
"Bzip2 Decompress": Compress.runBzip2Decompress,
"Tar": Compress.runTar,
"Untar": Compress.runUntar,
"HTTP gzip Decrypt":Compress.runHttpGzip,
};

2
src/core/config/modules/Default.js
View file

@ -51,6 +51,8 @@ OpModules.Default = {
"From Hexdump": Hexdump.runFrom,
"To Hex": ByteRepr.runToHex,
"From Hex": ByteRepr.runFromHex,
"From 0x[Hex]": ByteRepr.runFrom0xHex,
"From Char(Hex)": ByteRepr.runFromCharHex,
"To Octal": ByteRepr.runToOct,
"From Octal": ByteRepr.runFromOct,
"To Charcode": ByteRepr.runToCharcode,

4
src/core/config/modules/OpModules.js
View file

@ -20,6 +20,7 @@ import JSBNModule from "./JSBN.js";
import PublicKeyModule from "./PublicKey.js";
import ShellcodeModule from "./Shellcode.js";
import URLModule from "./URL.js";
import PacketsModule from "./Packets.js";
Object.assign(
OpModules,
@ -35,7 +36,8 @@ Object.assign(
JSBNModule,
PublicKeyModule,
ShellcodeModule,
URLModule
URLModule,
PacketsModule
);
export default OpModules;

19
src/core/config/modules/Packets.js Normal file
View file

@ -0,0 +1,19 @@
import Packets from "../../operations/Packets.js";
/**
* Packets module.
*
* Libraries:
* - Utils.js
*
* @author drkna [whytho@email]
* @copyright Crown Copyright 2017
* @license Apache-2.0
*/
let OpModules = typeof self === "undefined" ? {} : self.OpModules || {};
OpModules.Packets = {
"From Tcpdump": Packets.runFromTcpdump,
};
export default OpModules;

54
src/core/operations/Packets.js Normal file
View file

@ -0,0 +1,54 @@
import Utils from "../Utils.js";
/**
* Packets operations.
*
* @author drkna [whytho@email]
* @copyright Crown Copyright 2016
* @license Apache-2.0
*
* @namespace
*/
const Packets = {
/**
* @constant
* @default
*/
WIDTH: 16,
/**
* @constant
* @default
*/
UPPER_CASE: false,
/**
* @constant
* @default
*/
INCLUDE_FINAL_LENGTH: false,
/**
* From Tcpdump Hexstring operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {byteArray}
*/
runFromTcpdump: function(input, args) {
let output = [];
let regex = /^\s*(?:0x[\dA-F]{4}:?)?\s*((?:[\dA-F]{4}\s?){1,8})/igm;
let block = regex.exec(input);
while (block) {
let line = Utils.fromHex(block[1].replace(/-/g, " "));
for (let i = 0; i < line.length; i++) {
output.push(line[i]);
}
block = regex.exec(input);
}
return output;
},
};
export default Packets;

201
src/core/operations/nTcpdump.js
View file

@ -1,201 +0,0 @@
/* globals app */
import Utils from "../Utils.js";
/**
* Hexdump operations.
*
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2016
* @license Apache-2.0
*
* @namespace
*/
const nTcpdump = {
/**
* @constant
* @default
*/
WIDTH: 16,
/**
* @constant
* @default
*/
UPPER_CASE: false,
/**
* @constant
* @default
*/
INCLUDE_FINAL_LENGTH: false,
/**
* To Hexdump operation.
*
* @param {byteArray} input
* @param {Object[]} args
* @returns {string}
*/
runTo: function(input, args) {
let length = args[0] || nTcpdump.WIDTH;
let upperCase = args[1];
let includeFinalLength = args[2];
let output = "", padding = 2;
for (let i = 0; i < input.length; i += length) {
let buff = input.slice(i, i+length);
let hexa = "";
for (let j = 0; j < buff.length; j++) {
hexa += Utils.hex(buff[j], padding) + " ";
}
let lineNo = Utils.hex(i, 8);
if (upperCase) {
hexa = hexa.toUpperCase();
lineNo = lineNo.toUpperCase();
}
output += lineNo + " " +
Utils.padRight(hexa, (length*(padding+1))) +
" |" + Utils.padRight(Utils.printable(Utils.byteArrayToChars(buff)), buff.length) + "|\n";
if (includeFinalLength && i+buff.length === input.length) {
output += Utils.hex(i+buff.length, 8) + "\n";
}
}
return output.slice(0, -1);
},
/**
* From Hexdump operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {byteArray}
*/
runFrom: function(input, args) {
let output = [];
let regex = /^\s*(?:0x[\dA-F]{4}:?)?\s*((?:[\dA-F]{4}\s?){1,8})/igm;
let block = regex.exec(input);
while (block) {
let line = Utils.fromHex(block[1].replace(/-/g, " "));
for (let i = 0; i < line.length; i++) {
output.push(line[i]);
}
}
// Is this a CyberChef hexdump or is it from a different tool?
let width = input.indexOf("\n");
let w = (width - 13) / 4;
// w should be the specified width of the hexdump and therefore a round number
if (Math.floor(w) !== w || input.indexOf("\r") !== -1 || output.indexOf(13) !== -1) {
app.options.attemptHighlight = false;
}
return output;
},
/**
* Highlight to hexdump
*
* @param {Object[]} pos
* @param {number} pos[].start
* @param {number} pos[].end
* @param {Object[]} args
* @returns {Object[]} pos
*/
highlightTo: function(pos, args) {
// Calculate overall selection
let w = args[0] || 16,
width = 14 + (w*4),
line = Math.floor(pos[0].start / w),
offset = pos[0].start % w,
start = 0,
end = 0;
pos[0].start = line*width + 10 + offset*3;
line = Math.floor(pos[0].end / w);
offset = pos[0].end % w;
if (offset === 0) {
line--;
offset = w;
}
pos[0].end = line*width + 10 + offset*3 - 1;
// Set up multiple selections for bytes
let startLineNum = Math.floor(pos[0].start / width);
let endLineNum = Math.floor(pos[0].end / width);
if (startLineNum === endLineNum) {
pos.push(pos[0]);
} else {
start = pos[0].start;
end = (startLineNum+1) * width - w - 5;
pos.push({ start: start, end: end });
while (end < pos[0].end) {
startLineNum++;
start = startLineNum * width + 10;
end = (startLineNum+1) * width - w - 5;
if (end > pos[0].end) end = pos[0].end;
pos.push({ start: start, end: end });
}
}
// Set up multiple selections for ASCII
let len = pos.length, lineNum = 0;
start = 0;
end = 0;
for (let i = 1; i < len; i++) {
lineNum = Math.floor(pos[i].start / width);
start = (((pos[i].start - (lineNum * width)) - 10) / 3) + (width - w -2) + (lineNum * width);
end = (((pos[i].end + 1 - (lineNum * width)) - 10) / 3) + (width - w -2) + (lineNum * width);
pos.push({ start: start, end: end });
}
return pos;
},
/**
* Highlight from hexdump
*
* @param {Object[]} pos
* @param {number} pos[].start
* @param {number} pos[].end
* @param {Object[]} args
* @returns {Object[]} pos
*/
highlightFrom: function(pos, args) {
let w = args[0] || 16;
let width = 14 + (w*4);
let line = Math.floor(pos[0].start / width);
let offset = pos[0].start % width;
if (offset < 10) { // In line number section
pos[0].start = line*w;
} else if (offset > 10+(w*3)) { // In ASCII section
pos[0].start = (line+1)*w;
} else { // In byte section
pos[0].start = line*w + Math.floor((offset-10)/3);
}
line = Math.floor(pos[0].end / width);
offset = pos[0].end % width;
if (offset < 10) { // In line number section
pos[0].end = line*w;
} else if (offset > 10+(w*3)) { // In ASCII section
pos[0].end = (line+1)*w;
} else { // In byte section
pos[0].end = line*w + Math.ceil((offset-10)/3);
}
return pos;
},
};
export default nTcpdump;