mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-28 10:46:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'gchq:master' into protobufstreamdecode

Browse source
This commit is contained in:
Oliver Rahner 2022-12-20 09:37:25 +01:00 committed by GitHub
commit a51ead9051
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
77 changed files with 4047 additions and 3407 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/core/Ingredient.mjs
View file

@ -27,6 +27,7 @@ class Ingredient {
this.toggleValues = [];
this.target = null;
this.defaultIndex = 0;
this.maxLength = null;
this.min = null;
this.max = null;
this.step = 1;
@ -53,6 +54,7 @@ class Ingredient {
this.toggleValues = ingredientConfig.toggleValues;
this.target = typeof ingredientConfig.target !== "undefined" ? ingredientConfig.target : null;
this.defaultIndex = typeof ingredientConfig.defaultIndex !== "undefined" ? ingredientConfig.defaultIndex : 0;
this.maxLength = ingredientConfig.maxLength || null;
this.min = ingredientConfig.min;
this.max = ingredientConfig.max;
this.step = ingredientConfig.step;

1
src/core/Operation.mjs
View file

@ -184,6 +184,7 @@ class Operation {
if (ing.disabled) conf.disabled = ing.disabled;
if (ing.target) conf.target = ing.target;
if (ing.defaultIndex) conf.defaultIndex = ing.defaultIndex;
if (ing.maxLength) conf.maxLength = ing.maxLength;
if (typeof ing.min === "number") conf.min = ing.min;
if (typeof ing.max === "number") conf.max = ing.max;
if (ing.step) conf.step = ing.step;

68
src/core/Utils.mjs
View file

@ -206,7 +206,7 @@ class Utils {
* Utils.parseEscapedChars("\\n");
*/
static parseEscapedChars(str) {
return str.replace(/\\([bfnrtv'"]|[0-3][0-7]{2}|[0-7]{1,2}|x[\da-fA-F]{2}|u[\da-fA-F]{4}|u\{[\da-fA-F]{1,6}\}|\\)/g, function(m, a) {
return str.replace(/\\([abfnrtv'"]|[0-3][0-7]{2}|[0-7]{1,2}|x[\da-fA-F]{2}|u[\da-fA-F]{4}|u\{[\da-fA-F]{1,6}\}|\\)/g, function(m, a) {
switch (a[0]) {
case "\\":
return "\\";
@ -219,6 +219,8 @@ class Utils {
case "6":
case "7":
return String.fromCharCode(parseInt(a, 8));
case "a":
return String.fromCharCode(7);
case "b":
return "\b";
case "t":
@ -380,6 +382,70 @@ class Utils {
}
/**
* Converts a byte array to an integer.
*
* @param {byteArray} byteArray
* @param {string} byteorder - "little" or "big"
* @returns {integer}
*
* @example
* // returns 67305985
* Utils.byteArrayToInt([1, 2, 3, 4], "little");
*
* // returns 16909060
* Utils.byteArrayToInt([1, 2, 3, 4], "big");
*/
static byteArrayToInt(byteArray, byteorder) {
let value = 0;
if (byteorder === "big") {
for (let i = 0; i < byteArray.length; i++) {
value = (value * 256) + byteArray[i];
}
} else {
for (let i = byteArray.length - 1; i >= 0; i--) {
value = (value * 256) + byteArray[i];
}
}
return value;
}
/**
* Converts an integer to a byte array of {length} bytes.
*
* @param {integer} value
* @param {integer} length
* @param {string} byteorder - "little" or "big"
* @returns {byteArray}
*
* @example
* // returns [5, 255, 109, 1]
* Utils.intToByteArray(23985925, 4, "little");
*
* // returns [1, 109, 255, 5]
* Utils.intToByteArray(23985925, 4, "big");
*
* // returns [0, 0, 0, 0, 1, 109, 255, 5]
* Utils.intToByteArray(23985925, 8, "big");
*/
static intToByteArray(value, length, byteorder) {
const arr = new Array(length);
if (byteorder === "little") {
for (let i = 0; i < length; i++) {
arr[i] = value & 0xFF;
value = value >>> 8;
}
} else {
for (let i = length - 1; i >= 0; i--) {
arr[i] = value & 0xFF;
value = value >>> 8;
}
}
return arr;
}
/**
* Converts a string to an ArrayBuffer.
* Treats the string as UTF-8 if any values are over 255.

16
src/core/config/Categories.json
View file

@ -46,6 +46,8 @@
"From Quoted Printable",
"To Punycode",
"From Punycode",
"AMF Encode",
"AMF Decode",
"To Hex Content",
"From Hex Content",
"PEM to Hex",
@ -85,6 +87,8 @@
"RC2 Decrypt",
"RC4",
"RC4 Drop",
"ChaCha",
"Rabbit",
"SM4 Encrypt",
"SM4 Decrypt",
"ROT13",
@ -124,6 +128,8 @@
"JWT Decode",
"Citrix CTX1 Encode",
"Citrix CTX1 Decode",
"AES Key Wrap",
"AES Key Unwrap",
"Pseudo-Random Number Generator",
"Enigma",
"Bombe",
@ -250,6 +256,7 @@
"To Table",
"Reverse",
"Sort",
"Shuffle",
"Unique",
"Split",
"Filter",
@ -331,8 +338,12 @@
"Bzip2 Compress",
"Tar",
"Untar",
"LZString Decompress",
"LZString Compress",
"LZString Decompress"
"LZMA Decompress",
"LZMA Compress",
"LZ4 Decompress",
"LZ4 Compress"
]
},
{
@ -364,10 +375,13 @@
"Compare SSDEEP hashes",
"Compare CTPH hashes",
"HMAC",
"CMAC",
"Bcrypt",
"Bcrypt compare",
"Bcrypt parse",
"Scrypt",
"NT Hash",
"LM Hash",
"Fletcher-8 Checksum",
"Fletcher-16 Checksum",
"Fletcher-32 Checksum",

2
src/core/config/scripts/newMinorVersion.mjs
View file

@ -136,7 +136,7 @@ const getFeature = function() {
fs.writeFileSync(path.join(process.cwd(), "CHANGELOG.md"), changelogData);
console.log("Written CHANGELOG.md");
console.log("Written CHANGELOG.md\nCommit changes and then run `npm version minor`.");
}
});
};

12
src/core/lib/Hex.mjs
View file

@ -105,13 +105,17 @@ export function fromHex(data, delim="Auto", byteLen=2) {
throw new OperationError("Byte length must be a positive integer");
if (delim !== "None") {
const delimRegex = delim === "Auto" ? /[^a-f\d]|(0x)/gi : Utils.regexRep(delim);
data = data.replace(delimRegex, "");
const delimRegex = delim === "Auto" ? /[^a-f\d]|0x/gi : Utils.regexRep(delim);
data = data.split(delimRegex);
} else {
data = [data];
}
const output = [];
for (let i = 0; i < data.length; i += byteLen) {
output.push(parseInt(data.substr(i, byteLen), 16));
for (let i = 0; i < data.length; i++) {
for (let j = 0; j < data[i].length; j += byteLen) {
output.push(parseInt(data[i].substr(j, byteLen), 16));
}
}
return output;
}

12
src/core/lib/Sort.mjs
View file

@ -103,3 +103,15 @@ export function hexadecimalSort(a, b) {
return a.localeCompare(b);
}
/**
* Comparison operation for sorting by length
*
* @param {string} a
* @param {string} b
* @returns {number}
*/
export function lengthSort(a, b) {
return a.length - b.length;
}

128
src/core/operations/AESKeyUnwrap.mjs Normal file
View file

@ -0,0 +1,128 @@
/**
* @author mikecat
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import Utils from "../Utils.mjs";
import { toHexFast } from "../lib/Hex.mjs";
import forge from "node-forge";
import OperationError from "../errors/OperationError.mjs";
/**
* AES Key Unwrap operation
*/
class AESKeyUnwrap extends Operation {
/**
* AESKeyUnwrap constructor
*/
constructor() {
super();
this.name = "AES Key Unwrap";
this.module = "Ciphers";
this.description = "Decryptor for a key wrapping algorithm defined in RFC3394, which is used to protect keys in untrusted storage or communications, using AES.<br><br>This algorithm uses an AES key (KEK: key-encryption key) and a 64-bit IV to decrypt 64-bit blocks.";
this.infoURL = "https://wikipedia.org/wiki/Key_wrap";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
"name": "Key (KEK)",
"type": "toggleString",
"value": "",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "IV",
"type": "toggleString",
"value": "a6a6a6a6a6a6a6a6",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "Input",
"type": "option",
"value": ["Hex", "Raw"]
},
{
"name": "Output",
"type": "option",
"value": ["Hex", "Raw"]
},
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const kek = Utils.convertToByteString(args[0].string, args[0].option),
iv = Utils.convertToByteString(args[1].string, args[1].option),
inputType = args[2],
outputType = args[3];
if (kek.length !== 16 && kek.length !== 24 && kek.length !== 32) {
throw new OperationError("KEK must be either 16, 24, or 32 bytes (currently " + kek.length + " bytes)");
}
if (iv.length !== 8) {
throw new OperationError("IV must be 8 bytes (currently " + iv.length + " bytes)");
}
const inputData = Utils.convertToByteString(input, inputType);
if (inputData.length % 8 !== 0 || inputData.length < 24) {
throw new OperationError("input must be 8n (n>=3) bytes (currently " + inputData.length + " bytes)");
}
const cipher = forge.cipher.createCipher("AES-ECB", kek);
cipher.start();
cipher.update(forge.util.createBuffer(""));
cipher.finish();
const paddingBlock = cipher.output.getBytes();
const decipher = forge.cipher.createDecipher("AES-ECB", kek);
let A = inputData.substring(0, 8);
const R = [];
for (let i = 8; i < inputData.length; i += 8) {
R.push(inputData.substring(i, i + 8));
}
let cntLower = R.length >>> 0;
let cntUpper = (R.length / ((1 << 30) * 4)) >>> 0;
cntUpper = cntUpper * 6 + ((cntLower * 6 / ((1 << 30) * 4)) >>> 0);
cntLower = cntLower * 6 >>> 0;
for (let j = 5; j >= 0; j--) {
for (let i = R.length - 1; i >= 0; i--) {
const aBuffer = Utils.strToArrayBuffer(A);
const aView = new DataView(aBuffer);
aView.setUint32(0, aView.getUint32(0) ^ cntUpper);
aView.setUint32(4, aView.getUint32(4) ^ cntLower);
A = Utils.arrayBufferToStr(aBuffer, false);
decipher.start();
decipher.update(forge.util.createBuffer(A + R[i] + paddingBlock));
decipher.finish();
const B = decipher.output.getBytes();
A = B.substring(0, 8);
R[i] = B.substring(8, 16);
cntLower--;
if (cntLower < 0) {
cntUpper--;
cntLower = 0xffffffff;
}
}
}
if (A !== iv) {
throw new OperationError("IV mismatch");
}
const P = R.join("");
if (outputType === "Hex") {
return toHexFast(Utils.strToArrayBuffer(P));
}
return P;
}
}
export default AESKeyUnwrap;

115
src/core/operations/AESKeyWrap.mjs Normal file
View file

@ -0,0 +1,115 @@
/**
* @author mikecat
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import Utils from "../Utils.mjs";
import { toHexFast } from "../lib/Hex.mjs";
import forge from "node-forge";
import OperationError from "../errors/OperationError.mjs";
/**
* AES Key Wrap operation
*/
class AESKeyWrap extends Operation {
/**
* AESKeyWrap constructor
*/
constructor() {
super();
this.name = "AES Key Wrap";
this.module = "Ciphers";
this.description = "A key wrapping algorithm defined in RFC3394, which is used to protect keys in untrusted storage or communications, using AES.<br><br>This algorithm uses an AES key (KEK: key-encryption key) and a 64-bit IV to encrypt 64-bit blocks.";
this.infoURL = "https://wikipedia.org/wiki/Key_wrap";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
"name": "Key (KEK)",
"type": "toggleString",
"value": "",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "IV",
"type": "toggleString",
"value": "a6a6a6a6a6a6a6a6",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "Input",
"type": "option",
"value": ["Hex", "Raw"]
},
{
"name": "Output",
"type": "option",
"value": ["Hex", "Raw"]
},
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const kek = Utils.convertToByteString(args[0].string, args[0].option),
iv = Utils.convertToByteString(args[1].string, args[1].option),
inputType = args[2],
outputType = args[3];
if (kek.length !== 16 && kek.length !== 24 && kek.length !== 32) {
throw new OperationError("KEK must be either 16, 24, or 32 bytes (currently " + kek.length + " bytes)");
}
if (iv.length !== 8) {
throw new OperationError("IV must be 8 bytes (currently " + iv.length + " bytes)");
}
const inputData = Utils.convertToByteString(input, inputType);
if (inputData.length % 8 !== 0 || inputData.length < 16) {
throw new OperationError("input must be 8n (n>=2) bytes (currently " + inputData.length + " bytes)");
}
const cipher = forge.cipher.createCipher("AES-ECB", kek);
let A = iv;
const R = [];
for (let i = 0; i < inputData.length; i += 8) {
R.push(inputData.substring(i, i + 8));
}
let cntLower = 1, cntUpper = 0;
for (let j = 0; j < 6; j++) {
for (let i = 0; i < R.length; i++) {
cipher.start();
cipher.update(forge.util.createBuffer(A + R[i]));
cipher.finish();
const B = cipher.output.getBytes();
const msbBuffer = Utils.strToArrayBuffer(B.substring(0, 8));
const msbView = new DataView(msbBuffer);
msbView.setUint32(0, msbView.getUint32(0) ^ cntUpper);
msbView.setUint32(4, msbView.getUint32(4) ^ cntLower);
A = Utils.arrayBufferToStr(msbBuffer, false);
R[i] = B.substring(8, 16);
cntLower++;
if (cntLower > 0xffffffff) {
cntUpper++;
cntLower = 0;
}
}
}
const C = A + R.join("");
if (outputType === "Hex") {
return toHexFast(Utils.strToArrayBuffer(C));
}
return C;
}
}
export default AESKeyWrap;

52
src/core/operations/AMFDecode.mjs Normal file
View file

@ -0,0 +1,52 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import "reflect-metadata"; // Required as a shim for the amf library
import { AMF0, AMF3 } from "@astronautlabs/amf";
/**
* AMF Decode operation
*/
class AMFDecode extends Operation {
/**
* AMFDecode constructor
*/
constructor() {
super();
this.name = "AMF Decode";
this.module = "Encodings";
this.description = "Action Message Format (AMF) is a binary format used to serialize object graphs such as ActionScript objects and XML, or send messages between an Adobe Flash client and a remote service, usually a Flash Media Server or third party alternatives.";
this.infoURL = "https://wikipedia.org/wiki/Action_Message_Format";
this.inputType = "ArrayBuffer";
this.outputType = "JSON";
this.args = [
{
name: "Format",
type: "option",
value: ["AMF0", "AMF3"],
defaultIndex: 1
}
];
}
/**
* @param {ArrayBuffer} input
* @param {Object[]} args
* @returns {JSON}
*/
run(input, args) {
const [format] = args;
const handler = format === "AMF0" ? AMF0 : AMF3;
const encoded = new Uint8Array(input);
return handler.Value.deserialize(encoded);
}
}
export default AMFDecode;

52
src/core/operations/AMFEncode.mjs Normal file
View file

@ -0,0 +1,52 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import "reflect-metadata"; // Required as a shim for the amf library
import { AMF0, AMF3 } from "@astronautlabs/amf";
/**
* AMF Encode operation
*/
class AMFEncode extends Operation {
/**
* AMFEncode constructor
*/
constructor() {
super();
this.name = "AMF Encode";
this.module = "Encodings";
this.description = "Action Message Format (AMF) is a binary format used to serialize object graphs such as ActionScript objects and XML, or send messages between an Adobe Flash client and a remote service, usually a Flash Media Server or third party alternatives.";
this.infoURL = "https://wikipedia.org/wiki/Action_Message_Format";
this.inputType = "JSON";
this.outputType = "ArrayBuffer";
this.args = [
{
name: "Format",
type: "option",
value: ["AMF0", "AMF3"],
defaultIndex: 1
}
];
}
/**
* @param {JSON} input
* @param {Object[]} args
* @returns {ArrayBuffer}
*/
run(input, args) {
const [format] = args;
const handler = format === "AMF0" ? AMF0 : AMF3;
const output = handler.Value.any(input).serialize();
return output.buffer;
}
}
export default AMFEncode;

149
src/core/operations/CMAC.mjs Normal file
View file

@ -0,0 +1,149 @@
/**
* @author mikecat
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import Utils from "../Utils.mjs";
import forge from "node-forge";
import { toHexFast } from "../lib/Hex.mjs";
import OperationError from "../errors/OperationError.mjs";
/**
* CMAC operation
*/
class CMAC extends Operation {
/**
* CMAC constructor
*/
constructor() {
super();
this.name = "CMAC";
this.module = "Crypto";
this.description = "CMAC is a block-cipher based message authentication code algorithm.<br><br>RFC4493 defines AES-CMAC that uses AES encryption with a 128-bit key.<br>NIST SP 800-38B suggests usages of AES with other key lengths and Triple DES.";
this.infoURL = "https://wikipedia.org/wiki/CMAC";
this.inputType = "ArrayBuffer";
this.outputType = "string";
this.args = [
{
"name": "Key",
"type": "toggleString",
"value": "",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "Encryption algorithm",
"type": "option",
"value": ["AES", "Triple DES"]
}
];
}
/**
* @param {ArrayBuffer} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const key = Utils.convertToByteString(args[0].string, args[0].option);
const algo = args[1];
const info = (function() {
switch (algo) {
case "AES":
if (key.length !== 16 && key.length !== 24 && key.length !== 32) {
throw new OperationError("The key for AES must be either 16, 24, or 32 bytes (currently " + key.length + " bytes)");
}
return {
"algorithm": "AES-ECB",
"key": key,
"blockSize": 16,
"Rb": new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x87]),
};
case "Triple DES":
if (key.length !== 16 && key.length !== 24) {
throw new OperationError("The key for Triple DES must be 16 or 24 bytes (currently " + key.length + " bytes)");
}
return {
"algorithm": "3DES-ECB",
"key": key.length === 16 ? key + key.substring(0, 8) : key,
"blockSize": 8,
"Rb": new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0x1b]),
};
default:
throw new OperationError("Undefined encryption algorithm");
}
})();
const xor = function(a, b, out) {
if (!out) out = new Uint8Array(a.length);
for (let i = 0; i < a.length; i++) {
out[i] = a[i] ^ b[i];
}
return out;
};
const leftShift1 = function(a) {
const out = new Uint8Array(a.length);
let carry = 0;
for (let i = a.length - 1; i >= 0; i--) {
out[i] = (a[i] << 1) | carry;
carry = a[i] >> 7;
}
return out;
};
const cipher = forge.cipher.createCipher(info.algorithm, info.key);
const encrypt = function(a, out) {
if (!out) out = new Uint8Array(a.length);
cipher.start();
cipher.update(forge.util.createBuffer(a));
cipher.finish();
const cipherText = cipher.output.getBytes();
for (let i = 0; i < a.length; i++) {
out[i] = cipherText.charCodeAt(i);
}
return out;
};
const L = encrypt(new Uint8Array(info.blockSize));
const K1 = leftShift1(L);
if (L[0] & 0x80) xor(K1, info.Rb, K1);
const K2 = leftShift1(K1);
if (K1[0] & 0x80) xor(K2, info.Rb, K2);
const n = Math.ceil(input.byteLength / info.blockSize);
const lastBlock = (function() {
if (n === 0) {
const data = new Uint8Array(K2);
data[0] ^= 0x80;
return data;
}
const inputLast = new Uint8Array(input, info.blockSize * (n - 1));
if (inputLast.length === info.blockSize) {
return xor(inputLast, K1, inputLast);
} else {
const data = new Uint8Array(info.blockSize);
data.set(inputLast, 0);
data[inputLast.length] = 0x80;
return xor(data, K2, data);
}
})();
const X = new Uint8Array(info.blockSize);
const Y = new Uint8Array(info.blockSize);
for (let i = 0; i < n - 1; i++) {
xor(X, new Uint8Array(input, info.blockSize * i, info.blockSize), Y);
encrypt(Y, X);
}
xor(lastBlock, X, Y);
const T = encrypt(Y);
return toHexFast(T);
}
}
export default CMAC;

234
src/core/operations/ChaCha.mjs Normal file
View file

@ -0,0 +1,234 @@
/**
* @author joostrijneveld [joost@joostrijneveld.nl]
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
import Utils from "../Utils.mjs";
import { toHex } from "../lib/Hex.mjs";
/**
* Computes the ChaCha block function
*
* @param {byteArray} key
* @param {byteArray} nonce
* @param {byteArray} counter
* @param {integer} rounds
* @returns {byteArray}
*/
function chacha(key, nonce, counter, rounds) {
const tau = "expand 16-byte k";
const sigma = "expand 32-byte k";
let state, c;
if (key.length === 16) {
c = Utils.strToByteArray(tau);
state = c.concat(key).concat(key);
} else {
c = Utils.strToByteArray(sigma);
state = c.concat(key);
}
state = state.concat(counter).concat(nonce);
const x = Array();
for (let i = 0; i < 64; i += 4) {
x.push(Utils.byteArrayToInt(state.slice(i, i + 4), "little"));
}
const a = [...x];
/**
* Macro to compute a 32-bit rotate-left operation
*
* @param {integer} x
* @param {integer} n
* @returns {integer}
*/
function ROL32(x, n) {
return ((x << n) & 0xFFFFFFFF) | (x >>> (32 - n));
}
/**
* Macro to compute a single ChaCha quarterround operation
*
* @param {integer} x
* @param {integer} a
* @param {integer} b
* @param {integer} c
* @param {integer} d
* @returns {integer}
*/
function quarterround(x, a, b, c, d) {
x[a] = ((x[a] + x[b]) & 0xFFFFFFFF); x[d] = ROL32(x[d] ^ x[a], 16);
x[c] = ((x[c] + x[d]) & 0xFFFFFFFF); x[b] = ROL32(x[b] ^ x[c], 12);
x[a] = ((x[a] + x[b]) & 0xFFFFFFFF); x[d] = ROL32(x[d] ^ x[a], 8);
x[c] = ((x[c] + x[d]) & 0xFFFFFFFF); x[b] = ROL32(x[b] ^ x[c], 7);
}
for (let i = 0; i < rounds / 2; i++) {
quarterround(x, 0, 4, 8, 12);
quarterround(x, 1, 5, 9, 13);
quarterround(x, 2, 6, 10, 14);
quarterround(x, 3, 7, 11, 15);
quarterround(x, 0, 5, 10, 15);
quarterround(x, 1, 6, 11, 12);
quarterround(x, 2, 7, 8, 13);
quarterround(x, 3, 4, 9, 14);
}
for (let i = 0; i < 16; i++) {
x[i] = (x[i] + a[i]) & 0xFFFFFFFF;
}
let output = Array();
for (let i = 0; i < 16; i++) {
output = output.concat(Utils.intToByteArray(x[i], 4, "little"));
}
return output;
}
/**
* ChaCha operation
*/
class ChaCha extends Operation {
/**
* ChaCha constructor
*/
constructor() {
super();
this.name = "ChaCha";
this.module = "Default";
this.description = "ChaCha is a stream cipher designed by Daniel J. Bernstein. It is a variant of the Salsa stream cipher. Several parameterizations exist; 'ChaCha' may refer to the original construction, or to the variant as described in RFC-8439. ChaCha is often used with Poly1305, in the ChaCha20-Poly1305 AEAD construction.<br><br><b>Key:</b> ChaCha uses a key of 16 or 32 bytes (128 or 256 bits).<br><br><b>Nonce:</b> ChaCha uses a nonce of 8 or 12 bytes (64 or 96 bits).<br><br><b>Counter:</b> ChaCha uses a counter of 4 or 8 bytes (32 or 64 bits); together, the nonce and counter must add up to 16 bytes. The counter starts at zero at the start of the keystream, and is incremented at every 64 bytes.";
this.infoURL = "https://wikipedia.org/wiki/Salsa20#ChaCha_variant";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
"name": "Key",
"type": "toggleString",
"value": "",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "Nonce",
"type": "toggleString",
"value": "",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64", "Integer"]
},
{
"name": "Counter",
"type": "number",
"value": 0,
"min": 0
},
{
"name": "Rounds",
"type": "option",
"value": ["20", "12", "8"]
},
{
"name": "Input",
"type": "option",
"value": ["Hex", "Raw"]
},
{
"name": "Output",
"type": "option",
"value": ["Raw", "Hex"]
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const key = Utils.convertToByteArray(args[0].string, args[0].option),
nonceType = args[1].option,
rounds = parseInt(args[3], 10),
inputType = args[4],
outputType = args[5];
if (key.length !== 16 && key.length !== 32) {
throw new OperationError(`Invalid key length: ${key.length} bytes.
ChaCha uses a key of 16 or 32 bytes (128 or 256 bits).`);
}
let counter, nonce, counterLength;
if (nonceType === "Integer") {
nonce = Utils.intToByteArray(parseInt(args[1].string, 10), 12, "little");
counterLength = 4;
} else {
nonce = Utils.convertToByteArray(args[1].string, args[1].option);
if (!(nonce.length === 12 || nonce.length === 8)) {
throw new OperationError(`Invalid nonce length: ${nonce.length} bytes.
ChaCha uses a nonce of 8 or 12 bytes (64 or 96 bits).`);
}
counterLength = 16 - nonce.length;
}
counter = Utils.intToByteArray(args[2], counterLength, "little");
const output = [];
input = Utils.convertToByteArray(input, inputType);
let counterAsInt = Utils.byteArrayToInt(counter, "little");
for (let i = 0; i < input.length; i += 64) {
counter = Utils.intToByteArray(counterAsInt, counterLength, "little");
const stream = chacha(key, nonce, counter, rounds);
for (let j = 0; j < 64 && i + j < input.length; j++) {
output.push(input[i + j] ^ stream[j]);
}
counterAsInt++;
}
if (outputType === "Hex") {
return toHex(output);
} else {
return Utils.arrayBufferToStr(output);
}
}
/**
* Highlight ChaCha
*
* @param {Object[]} pos
* @param {number} pos[].start
* @param {number} pos[].end
* @param {Object[]} args
* @returns {Object[]} pos
*/
highlight(pos, args) {
const inputType = args[4],
outputType = args[5];
if (inputType === "Raw" && outputType === "Raw") {
return pos;
}
}
/**
* Highlight ChaCha in reverse
*
* @param {Object[]} pos
* @param {number} pos[].start
* @param {number} pos[].end
* @param {Object[]} args
* @returns {Object[]} pos
*/
highlightReverse(pos, args) {
const inputType = args[4],
outputType = args[5];
if (inputType === "Raw" && outputType === "Raw") {
return pos;
}
}
}
export default ChaCha;

23
src/core/operations/DNSOverHTTPS.mjs
View file

@ -51,10 +51,27 @@ class DNSOverHTTPS extends Operation {
value: [
"A",
"AAAA",
"TXT",
"MX",
"ANAME",
"CERT",
"CNAME",
"DNSKEY",
"NS"
"HTTPS",
"IPSECKEY",
"LOC",
"MX",
"NS",
"OPENPGPKEY",
"PTR",
"RRSIG",
"SIG",
"SOA",
"SPF",
"SRV",
"SSHFP",
"TA",
"TXT",
"URI",
"ANY"
]
},
{

14
src/core/operations/Fletcher32Checksum.mjs
View file

@ -35,10 +35,18 @@ class Fletcher32Checksum extends Operation {
run(input, args) {
let a = 0,
b = 0;
input = new Uint8Array(input);
if (ArrayBuffer.isView(input)) {
input = new DataView(input.buffer, input.byteOffset, input.byteLength);
} else {
input = new DataView(input);
}
for (let i = 0; i < input.length; i++) {
a = (a + input[i]) % 0xffff;
for (let i = 0; i < input.byteLength - 1; i += 2) {
a = (a + input.getUint16(i, true)) % 0xffff;
b = (b + a) % 0xffff;
}
if (input.byteLength % 2 !== 0) {
a = (a + input.getUint8(input.byteLength - 1)) % 0xffff;
b = (b + a) % 0xffff;
}

18
src/core/operations/Fletcher64Checksum.mjs
View file

@ -35,10 +35,22 @@ class Fletcher64Checksum extends Operation {
run(input, args) {
let a = 0,
b = 0;
input = new Uint8Array(input);
if (ArrayBuffer.isView(input)) {
input = new DataView(input.buffer, input.byteOffset, input.byteLength);
} else {
input = new DataView(input);
}
for (let i = 0; i < input.length; i++) {
a = (a + input[i]) % 0xffffffff;
for (let i = 0; i < input.byteLength - 3; i += 4) {
a = (a + input.getUint32(i, true)) % 0xffffffff;
b = (b + a) % 0xffffffff;
}
if (input.byteLength % 4 !== 0) {
let lastValue = 0;
for (let i = 0; i < input.byteLength % 4; i++) {
lastValue = (lastValue << 8) | input.getUint8(input.byteLength - 1 - i);
}
a = (a + lastValue) % 0xffffffff;
b = (b + a) % 0xffffffff;
}

23
src/core/operations/FromBase85.mjs
View file

@ -7,7 +7,7 @@
import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
import Utils from "../Utils.mjs";
import {alphabetName, ALPHABET_OPTIONS} from "../lib/Base85.mjs";
import {ALPHABET_OPTIONS} from "../lib/Base85.mjs";
/**
* From Base85 operation
@ -37,6 +37,12 @@ class FromBase85 extends Operation {
type: "boolean",
value: true
},
{
name: "All-zero group char",
type: "binaryShortString",
value: "z",
maxLength: 1
}
];
this.checks = [
{
@ -76,8 +82,8 @@ class FromBase85 extends Operation {
*/
run(input, args) {
const alphabet = Utils.expandAlphRange(args[0]).join(""),
encoding = alphabetName(alphabet),
removeNonAlphChars = args[1],
allZeroGroupChar = typeof args[2] === "string" ? args[2].slice(0, 1) : "",
result = [];
if (alphabet.length !== 85 ||
@ -85,14 +91,21 @@ class FromBase85 extends Operation {
throw new OperationError("Alphabet must be of length 85");
}
if (allZeroGroupChar && alphabet.includes(allZeroGroupChar)) {
throw new OperationError("The all-zero group char cannot appear in the alphabet");
}
// Remove delimiters if present
const matches = input.match(/^<~(.+?)~>$/);
if (matches !== null) input = matches[1];
// Remove non-alphabet characters
if (removeNonAlphChars) {
const re = new RegExp("[^" + alphabet.replace(/[[\]\\\-^$]/g, "\\$&") + "]", "g");
const re = new RegExp("[^~" + allZeroGroupChar +alphabet.replace(/[[\]\\\-^$]/g, "\\$&") + "]", "g");
input = input.replace(re, "");
// Remove delimiters again if present (incase of non-alphabet characters in front/behind delimiters)
const matches = input.match(/^<~(.+?)~>$/);
if (matches !== null) input = matches[1];
}
if (input.length === 0) return [];
@ -100,7 +113,7 @@ class FromBase85 extends Operation {
let i = 0;
let block, blockBytes;
while (i < input.length) {
if (encoding === "Standard" && input[i] === "z") {
if (input[i] === allZeroGroupChar) {
result.push(0, 0, 0, 0);
i++;
} else {
@ -110,7 +123,7 @@ class FromBase85 extends Operation {
.split("")
.map((chr, idx) => {
const digit = alphabet.indexOf(chr);
if (digit < 0 || digit > 84) {
if ((digit < 0 || digit > 84) && chr !== allZeroGroupChar) {
throw `Invalid character '${chr}' at index ${i + idx}`;
}
return digit;

191
src/core/operations/GenerateAllHashes.mjs
View file

@ -1,5 +1,6 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @author john19696 [john19696@protonmail.com]
* @copyright Crown Copyright 2016
* @license Apache-2.0
*/
@ -33,6 +34,9 @@ import BLAKE2b from "./BLAKE2b.mjs";
import BLAKE2s from "./BLAKE2s.mjs";
import Streebog from "./Streebog.mjs";
import GOSTHash from "./GOSTHash.mjs";
import LMHash from "./LMHash.mjs";
import NTHash from "./NTHash.mjs";
import OperationError from "../errors/OperationError.mjs";
/**
* Generate all hashes operation
@ -51,7 +55,75 @@ class GenerateAllHashes extends Operation {
this.infoURL = "https://wikipedia.org/wiki/Comparison_of_cryptographic_hash_functions";
this.inputType = "ArrayBuffer";
this.outputType = "string";
this.args = [];
this.args = [
{
name: "Length (bits)",
type: "option",
value: [
"All", "128", "160", "224", "256", "320", "384", "512"
]
},
{
name: "Include names",
type: "boolean",
value: true
},
];
this.hashes = [
{name: "MD2", algo: (new MD2()), inputType: "arrayBuffer", params: []},
{name: "MD4", algo: (new MD4()), inputType: "arrayBuffer", params: []},
{name: "MD5", algo: (new MD5()), inputType: "arrayBuffer", params: []},
{name: "MD6", algo: (new MD6()), inputType: "str", params: []},
{name: "SHA0", algo: (new SHA0()), inputType: "arrayBuffer", params: []},
{name: "SHA1", algo: (new SHA1()), inputType: "arrayBuffer", params: []},
{name: "SHA2 224", algo: (new SHA2()), inputType: "arrayBuffer", params: ["224"]},
{name: "SHA2 256", algo: (new SHA2()), inputType: "arrayBuffer", params: ["256"]},
{name: "SHA2 384", algo: (new SHA2()), inputType: "arrayBuffer", params: ["384"]},
{name: "SHA2 512", algo: (new SHA2()), inputType: "arrayBuffer", params: ["512"]},
{name: "SHA3 224", algo: (new SHA3()), inputType: "arrayBuffer", params: ["224"]},
{name: "SHA3 256", algo: (new SHA3()), inputType: "arrayBuffer", params: ["256"]},
{name: "SHA3 384", algo: (new SHA3()), inputType: "arrayBuffer", params: ["384"]},
{name: "SHA3 512", algo: (new SHA3()), inputType: "arrayBuffer", params: ["512"]},
{name: "Keccak 224", algo: (new Keccak()), inputType: "arrayBuffer", params: ["224"]},
{name: "Keccak 256", algo: (new Keccak()), inputType: "arrayBuffer", params: ["256"]},
{name: "Keccak 384", algo: (new Keccak()), inputType: "arrayBuffer", params: ["384"]},
{name: "Keccak 512", algo: (new Keccak()), inputType: "arrayBuffer", params: ["512"]},
{name: "Shake 128", algo: (new Shake()), inputType: "arrayBuffer", params: ["128", 256]},
{name: "Shake 256", algo: (new Shake()), inputType: "arrayBuffer", params: ["256", 512]},
{name: "RIPEMD-128", algo: (new RIPEMD()), inputType: "arrayBuffer", params: ["128"]},
{name: "RIPEMD-160", algo: (new RIPEMD()), inputType: "arrayBuffer", params: ["160"]},
{name: "RIPEMD-256", algo: (new RIPEMD()), inputType: "arrayBuffer", params: ["256"]},
{name: "RIPEMD-320", algo: (new RIPEMD()), inputType: "arrayBuffer", params: ["320"]},
{name: "HAS-160", algo: (new HAS160()), inputType: "arrayBuffer", params: []},
{name: "Whirlpool-0", algo: (new Whirlpool()), inputType: "arrayBuffer", params: ["Whirlpool-0"]},
{name: "Whirlpool-T", algo: (new Whirlpool()), inputType: "arrayBuffer", params: ["Whirlpool-T"]},
{name: "Whirlpool", algo: (new Whirlpool()), inputType: "arrayBuffer", params: ["Whirlpool"]},
{name: "BLAKE2b-128", algo: (new BLAKE2b), inputType: "arrayBuffer", params: ["128", "Hex", {string: "", option: "UTF8"}]},
{name: "BLAKE2b-160", algo: (new BLAKE2b), inputType: "arrayBuffer", params: ["160", "Hex", {string: "", option: "UTF8"}]},
{name: "BLAKE2b-256", algo: (new BLAKE2b), inputType: "arrayBuffer", params: ["256", "Hex", {string: "", option: "UTF8"}]},
{name: "BLAKE2b-384", algo: (new BLAKE2b), inputType: "arrayBuffer", params: ["384", "Hex", {string: "", option: "UTF8"}]},
{name: "BLAKE2b-512", algo: (new BLAKE2b), inputType: "arrayBuffer", params: ["512", "Hex", {string: "", option: "UTF8"}]},
{name: "BLAKE2s-128", algo: (new BLAKE2s), inputType: "arrayBuffer", params: ["128", "Hex", {string: "", option: "UTF8"}]},
{name: "BLAKE2s-160", algo: (new BLAKE2s), inputType: "arrayBuffer", params: ["160", "Hex", {string: "", option: "UTF8"}]},
{name: "BLAKE2s-256", algo: (new BLAKE2s), inputType: "arrayBuffer", params: ["256", "Hex", {string: "", option: "UTF8"}]},
{name: "Streebog-256", algo: (new Streebog), inputType: "arrayBuffer", params: ["256"]},
{name: "Streebog-512", algo: (new Streebog), inputType: "arrayBuffer", params: ["512"]},
{name: "GOST", algo: (new GOSTHash), inputType: "arrayBuffer", params: ["D-A"]},
{name: "LM Hash", algo: (new LMHash), inputType: "str", params: []},
{name: "NT Hash", algo: (new NTHash), inputType: "str", params: []},
{name: "SSDEEP", algo: (new SSDEEP()), inputType: "str"},
{name: "CTPH", algo: (new CTPH()), inputType: "str"}
];
this.checksums = [
{name: "Fletcher-8", algo: (new Fletcher8Checksum), inputType: "byteArray", params: []},
{name: "Fletcher-16", algo: (new Fletcher16Checksum), inputType: "byteArray", params: []},
{name: "Fletcher-32", algo: (new Fletcher32Checksum), inputType: "byteArray", params: []},
{name: "Fletcher-64", algo: (new Fletcher64Checksum), inputType: "byteArray", params: []},
{name: "Adler-32", algo: (new Adler32Checksum), inputType: "byteArray", params: []},
{name: "CRC-8", algo: (new CRC8Checksum), inputType: "arrayBuffer", params: ["CRC-8"]},
{name: "CRC-16", algo: (new CRC16Checksum), inputType: "arrayBuffer", params: []},
{name: "CRC-32", algo: (new CRC32Checksum), inputType: "arrayBuffer", params: []}
];
}
/**
@ -60,63 +132,74 @@ class GenerateAllHashes extends Operation {
* @returns {string}
*/
run(input, args) {
const arrayBuffer = input,
str = Utils.arrayBufferToStr(arrayBuffer, false),
byteArray = new Uint8Array(arrayBuffer),
output = "MD2: " + (new MD2()).run(arrayBuffer, []) +
"\nMD4: " + (new MD4()).run(arrayBuffer, []) +
"\nMD5: " + (new MD5()).run(arrayBuffer, []) +
"\nMD6: " + (new MD6()).run(str, []) +
"\nSHA0: " + (new SHA0()).run(arrayBuffer, []) +
"\nSHA1: " + (new SHA1()).run(arrayBuffer, []) +
"\nSHA2 224: " + (new SHA2()).run(arrayBuffer, ["224"]) +
"\nSHA2 256: " + (new SHA2()).run(arrayBuffer, ["256"]) +
"\nSHA2 384: " + (new SHA2()).run(arrayBuffer, ["384"]) +
"\nSHA2 512: " + (new SHA2()).run(arrayBuffer, ["512"]) +
"\nSHA3 224: " + (new SHA3()).run(arrayBuffer, ["224"]) +
"\nSHA3 256: " + (new SHA3()).run(arrayBuffer, ["256"]) +
"\nSHA3 384: " + (new SHA3()).run(arrayBuffer, ["384"]) +
"\nSHA3 512: " + (new SHA3()).run(arrayBuffer, ["512"]) +
"\nKeccak 224: " + (new Keccak()).run(arrayBuffer, ["224"]) +
"\nKeccak 256: " + (new Keccak()).run(arrayBuffer, ["256"]) +
"\nKeccak 384: " + (new Keccak()).run(arrayBuffer, ["384"]) +
"\nKeccak 512: " + (new Keccak()).run(arrayBuffer, ["512"]) +
"\nShake 128: " + (new Shake()).run(arrayBuffer, ["128", 256]) +
"\nShake 256: " + (new Shake()).run(arrayBuffer, ["256", 512]) +
"\nRIPEMD-128: " + (new RIPEMD()).run(arrayBuffer, ["128"]) +
"\nRIPEMD-160: " + (new RIPEMD()).run(arrayBuffer, ["160"]) +
"\nRIPEMD-256: " + (new RIPEMD()).run(arrayBuffer, ["256"]) +
"\nRIPEMD-320: " + (new RIPEMD()).run(arrayBuffer, ["320"]) +
"\nHAS-160: " + (new HAS160()).run(arrayBuffer, []) +
"\nWhirlpool-0: " + (new Whirlpool()).run(arrayBuffer, ["Whirlpool-0"]) +
"\nWhirlpool-T: " + (new Whirlpool()).run(arrayBuffer, ["Whirlpool-T"]) +
"\nWhirlpool: " + (new Whirlpool()).run(arrayBuffer, ["Whirlpool"]) +
"\nBLAKE2b-128: " + (new BLAKE2b).run(arrayBuffer, ["128", "Hex", {string: "", option: "UTF8"}]) +
"\nBLAKE2b-160: " + (new BLAKE2b).run(arrayBuffer, ["160", "Hex", {string: "", option: "UTF8"}]) +
"\nBLAKE2b-256: " + (new BLAKE2b).run(arrayBuffer, ["256", "Hex", {string: "", option: "UTF8"}]) +
"\nBLAKE2b-384: " + (new BLAKE2b).run(arrayBuffer, ["384", "Hex", {string: "", option: "UTF8"}]) +
"\nBLAKE2b-512: " + (new BLAKE2b).run(arrayBuffer, ["512", "Hex", {string: "", option: "UTF8"}]) +
"\nBLAKE2s-128: " + (new BLAKE2s).run(arrayBuffer, ["128", "Hex", {string: "", option: "UTF8"}]) +
"\nBLAKE2s-160: " + (new BLAKE2s).run(arrayBuffer, ["160", "Hex", {string: "", option: "UTF8"}]) +
"\nBLAKE2s-256: " + (new BLAKE2s).run(arrayBuffer, ["256", "Hex", {string: "", option: "UTF8"}]) +
"\nStreebog-256: " + (new Streebog).run(arrayBuffer, ["256"]) +
"\nStreebog-512: " + (new Streebog).run(arrayBuffer, ["512"]) +
"\nGOST: " + (new GOSTHash).run(arrayBuffer, ["D-A"]) +
"\nSSDEEP: " + (new SSDEEP()).run(str) +
"\nCTPH: " + (new CTPH()).run(str) +
"\n\nChecksums:" +
"\nFletcher-8: " + (new Fletcher8Checksum).run(byteArray, []) +
"\nFletcher-16: " + (new Fletcher16Checksum).run(byteArray, []) +
"\nFletcher-32: " + (new Fletcher32Checksum).run(byteArray, []) +
"\nFletcher-64: " + (new Fletcher64Checksum).run(byteArray, []) +
"\nAdler-32: " + (new Adler32Checksum).run(byteArray, []) +
"\nCRC-8: " + (new CRC8Checksum).run(arrayBuffer, ["CRC-8"]) +
"\nCRC-16: " + (new CRC16Checksum).run(arrayBuffer, []) +
"\nCRC-32: " + (new CRC32Checksum).run(arrayBuffer, []);
const [length, includeNames] = args;
this.inputArrayBuffer = input;
this.inputStr = Utils.arrayBufferToStr(input, false);
this.inputByteArray = new Uint8Array(input);
let digest, output = "";
// iterate over each of the hashes
this.hashes.forEach(hash => {
digest = this.executeAlgo(hash.algo, hash.inputType, hash.params || []);
output += this.formatDigest(digest, length, includeNames, hash.name);
});
if (length === "All") {
output += "\nChecksums:\n";
this.checksums.forEach(checksum => {
digest = this.executeAlgo(checksum.algo, checksum.inputType, checksum.params || []);
output += this.formatDigest(digest, length, includeNames, checksum.name);
});
}
return output;
}
/**
* Executes a hash or checksum algorithm
*
* @param {Function} algo - The hash or checksum algorithm
* @param {string} inputType
* @param {Object[]} [params=[]]
* @returns {string}
*/
executeAlgo(algo, inputType, params=[]) {
let digest = null;
switch (inputType) {
case "arrayBuffer":
digest = algo.run(this.inputArrayBuffer, params);
break;
case "str":
digest = algo.run(this.inputStr, params);
break;
case "byteArray":
digest = algo.run(this.inputByteArray, params);
break;
default:
throw new OperationError("Unknown hash input type: " + inputType);
}
return digest;
}
/**
* Formats the digest depending on user-specified arguments
* @param {string} digest
* @param {string} length
* @param {boolean} includeNames
* @param {string} name
* @returns {string}
*/
formatDigest(digest, length, includeNames, name) {
if (length !== "All" && (digest.length * 4) !== parseInt(length, 10))
return "";
if (!includeNames)
return digest + "\n";
return `${name}:${" ".repeat(13-name.length)}${digest}\n`;
}
}
export default GenerateAllHashes;

2
src/core/operations/GenerateQRCode.mjs
View file

@ -44,7 +44,7 @@ class GenerateQRCode extends Operation {
{
"name": "Margin (num modules)",
"type": "number",
"value": 2,
"value": 4,
"min": 0
},
{

33
src/core/operations/JPathExpression.mjs
View file

@ -4,7 +4,7 @@
* @license Apache-2.0
*/
import jpath from "jsonpath";
import {JSONPath} from "jsonpath-plus";
import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
@ -27,14 +27,20 @@ class JPathExpression extends Operation {
this.outputType = "string";
this.args = [
{
"name": "Query",
"type": "string",
"value": ""
name: "Query",
type: "string",
value: ""
},
{
"name": "Result delimiter",
"type": "binaryShortString",
"value": "\\n"
name: "Result delimiter",
type: "binaryShortString",
value: "\\n"
},
{
name: "Prevent eval",
type: "boolean",
value: true,
description: "Evaluated expressions are disabled by default for security reasons"
}
];
}
@ -45,18 +51,21 @@ class JPathExpression extends Operation {
* @returns {string}
*/
run(input, args) {
const [query, delimiter] = args;
let results,
obj;
const [query, delimiter, preventEval] = args;
let results, jsonObj;
try {
obj = JSON.parse(input);
jsonObj = JSON.parse(input);
} catch (err) {
throw new OperationError(`Invalid input JSON: ${err.message}`);
}
try {
results = jpath.query(obj, query);
results = JSONPath({
path: query,
json: jsonObj,
preventEval: preventEval
});
} catch (err) {
throw new OperationError(`Invalid JPath expression: ${err.message}`);
}

7
src/core/operations/JSONToCSV.mjs
View file

@ -114,8 +114,11 @@ class JSONToCSV extends Operation {
* @returns {string}
*/
escapeCellContents(data, force=false) {
if (typeof data === "number") data = data.toString();
if (force && typeof data !== "string") data = JSON.stringify(data);
if (data !== "string") {
const isPrimitive = data == null || typeof data !== "object";
if (isPrimitive) data = `${data}`;
else if (force) data = JSON.stringify(data);
}
// Double quotes should be doubled up
data = data.replace(/"/g, '""');

7
src/core/operations/JWTDecode.mjs
View file

@ -26,6 +26,13 @@ class JWTDecode extends Operation {
this.inputType = "string";
this.outputType = "JSON";
this.args = [];
this.checks = [
{
pattern: "^ey([A-Za-z0-9_-]+)\\.ey([A-Za-z0-9_-]+)\\.([A-Za-z0-9_-]+)$",
flags: "",
args: []
},
];
}
/**

41
src/core/operations/LMHash.mjs Normal file
View file

@ -0,0 +1,41 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import {smbhash} from "ntlm";
/**
* LM Hash operation
*/
class LMHash extends Operation {
/**
* LMHash constructor
*/
constructor() {
super();
this.name = "LM Hash";
this.module = "Crypto";
this.description = "An LM Hash, or LAN Manager Hash, is a deprecated way of storing passwords on old Microsoft operating systems. It is particularly weak and can be cracked in seconds on modern hardware using rainbow tables.";
this.infoURL = "https://wikipedia.org/wiki/LAN_Manager#Password_hashing_algorithm";
this.inputType = "string";
this.outputType = "string";
this.args = [];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
return smbhash.lmhash(input);
}
}
export default LMHash;

43
src/core/operations/LZ4Compress.mjs Normal file
View file

@ -0,0 +1,43 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import lz4 from "lz4js";
/**
* LZ4 Compress operation
*/
class LZ4Compress extends Operation {
/**
* LZ4Compress constructor
*/
constructor() {
super();
this.name = "LZ4 Compress";
this.module = "Compression";
this.description = "LZ4 is a lossless data compression algorithm that is focused on compression and decompression speed. It belongs to the LZ77 family of byte-oriented compression schemes.";
this.infoURL = "https://wikipedia.org/wiki/LZ4_(compression_algorithm)";
this.inputType = "ArrayBuffer";
this.outputType = "ArrayBuffer";
this.args = [];
}
/**
* @param {ArrayBuffer} input
* @param {Object[]} args
* @returns {ArrayBuffer}
*/
run(input, args) {
const inBuf = new Uint8Array(input);
const compressed = lz4.compress(inBuf);
return compressed.buffer;
}
}
export default LZ4Compress;

43
src/core/operations/LZ4Decompress.mjs Normal file
View file

@ -0,0 +1,43 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import lz4 from "lz4js";
/**
* LZ4 Decompress operation
*/
class LZ4Decompress extends Operation {
/**
* LZ4Decompress constructor
*/
constructor() {
super();
this.name = "LZ4 Decompress";
this.module = "Compression";
this.description = "LZ4 is a lossless data compression algorithm that is focused on compression and decompression speed. It belongs to the LZ77 family of byte-oriented compression schemes.";
this.infoURL = "https://wikipedia.org/wiki/LZ4_(compression_algorithm)";
this.inputType = "ArrayBuffer";
this.outputType = "ArrayBuffer";
this.args = [];
}
/**
* @param {ArrayBuffer} input
* @param {Object[]} args
* @returns {ArrayBuffer}
*/
run(input, args) {
const inBuf = new Uint8Array(input);
const decompressed = lz4.decompress(inBuf);
return decompressed.buffer;
}
}
export default LZ4Decompress;

64
src/core/operations/LZMACompress.mjs Normal file
View file

@ -0,0 +1,64 @@
/**
* @author Matt C [me@mitt.dev]
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
import { compress } from "@blu3r4y/lzma";
import {isWorkerEnvironment} from "../Utils.mjs";
/**
* LZMA Compress operation
*/
class LZMACompress extends Operation {
/**
* LZMACompress constructor
*/
constructor() {
super();
this.name = "LZMA Compress";
this.module = "Compression";
this.description = "Compresses data using the Lempel\u2013Ziv\u2013Markov chain algorithm. Compression mode determines the speed and effectiveness of the compression: 1 is fastest and less effective, 9 is slowest and most effective";
this.infoURL = "https://wikipedia.org/wiki/Lempel%E2%80%93Ziv%E2%80%93Markov_chain_algorithm";
this.inputType = "ArrayBuffer";
this.outputType = "ArrayBuffer";
this.args = [
{
name: "Compression Mode",
type: "option",
value: [
"1", "2", "3", "4", "5", "6", "7", "8", "9"
],
"defaultIndex": 6
}
];
}
/**
* @param {ArrayBuffer} input
* @param {Object[]} args
* @returns {ArrayBuffer}
*/
async run(input, args) {
const mode = Number(args[0]);
return new Promise((resolve, reject) => {
compress(new Uint8Array(input), mode, (result, error) => {
if (error) {
reject(new OperationError(`Failed to compress input: ${error.message}`));
}
// The compression returns as an Int8Array, but we can just get the unsigned data from the buffer
resolve(new Int8Array(result).buffer);
}, (percent) => {
if (isWorkerEnvironment()) self.sendStatusMessage(`Compressing input: ${(percent*100).toFixed(2)}%`);
});
});
}
}
export default LZMACompress;

57
src/core/operations/LZMADecompress.mjs Normal file
View file

@ -0,0 +1,57 @@
/**
* @author Matt C [me@mitt.dev]
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import OperationError from "../errors/OperationError.mjs";
import {decompress} from "@blu3r4y/lzma";
import Utils, {isWorkerEnvironment} from "../Utils.mjs";
/**
* LZMA Decompress operation
*/
class LZMADecompress extends Operation {
/**
* LZMADecompress constructor
*/
constructor() {
super();
this.name = "LZMA Decompress";
this.module = "Compression";
this.description = "Decompresses data using the Lempel-Ziv-Markov chain Algorithm.";
this.infoURL = "https://wikipedia.org/wiki/Lempel%E2%80%93Ziv%E2%80%93Markov_chain_algorithm";
this.inputType = "ArrayBuffer";
this.outputType = "ArrayBuffer";
}
/**
* @param {ArrayBuffer} input
* @param {Object[]} args
* @returns {ArrayBuffer}
*/
async run(input, args) {
return new Promise((resolve, reject) => {
decompress(new Uint8Array(input), (result, error) => {
if (error) {
reject(new OperationError(`Failed to decompress input: ${error.message}`));
}
// The decompression returns either a String or an untyped unsigned int8 array, but we can just get the unsigned data from the buffer
if (typeof result == "string") {
resolve(Utils.strToArrayBuffer(result));
} else {
resolve(new Int8Array(result).buffer);
}
}, (percent) => {
if (isWorkerEnvironment()) self.sendStatusMessage(`Decompressing input: ${(percent*100).toFixed(2)}%`);
});
});
}
}
export default LZMADecompress;

46
src/core/operations/NTHash.mjs Normal file
View file

@ -0,0 +1,46 @@
/**
* @author brun0ne [brunonblok@gmail.com]
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import cptable from "codepage";
import {runHash} from "../lib/Hash.mjs";
/**
* NT Hash operation
*/
class NTHash extends Operation {
/**
* NTHash constructor
*/
constructor() {
super();
this.name = "NT Hash";
this.module = "Crypto";
this.description = "An NT Hash, sometimes referred to as an NTLM hash, is a method of storing passwords on Windows systems. It works by running MD4 on UTF-16LE encoded input. NTLM hashes are considered weak because they can be brute-forced very easily with modern hardware.";
this.infoURL = "https://wikipedia.org/wiki/NT_LAN_Manager";
this.inputType = "string";
this.outputType = "string";
this.args = [];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const format = 1200; // UTF-16LE
const encoded = cptable.utils.encode(format, input);
const hashed = runHash("md4", encoded);
return hashed.toUpperCase();
}
}
export default NTHash;

8
src/core/operations/OpticalCharacterRecognition.mjs
View file

@ -12,10 +12,8 @@ import { isImage } from "../lib/FileType.mjs";
import { toBase64 } from "../lib/Base64.mjs";
import { isWorkerEnvironment } from "../Utils.mjs";
import Tesseract from "tesseract.js";
const { createWorker } = Tesseract;
import process from "process";
import { createWorker } from "tesseract.js";
/**
* Optical Character Recognition operation
@ -55,7 +53,7 @@ class OpticalCharacterRecognition extends Operation {
const type = isImage(input);
if (!type) {
throw new OperationError("Invalid File Type");
throw new OperationError("Unsupported file type (supported: jpg,png,pbm,bmp) or no file provided");
}
const assetDir = isWorkerEnvironment() ? `${self.docURL}/assets/` : `${process.cwd()}/src/core/vendor/`;
@ -74,7 +72,7 @@ class OpticalCharacterRecognition extends Operation {
}
});
await worker.load();
self.sendStatusMessage("Loading English language...");
self.sendStatusMessage(`Loading English language pack...`);
await worker.loadLanguage("eng");
self.sendStatusMessage("Intialising Tesseract API...");
await worker.initialize("eng");

4
src/core/operations/ParseASN1HexString.mjs
View file

@ -45,8 +45,8 @@ class ParseASN1HexString extends Operation {
*/
run(input, args) {
const [index, truncateLen] = args;
return r.ASN1HEX.dump(input.replace(/\s/g, ""), {
"ommitLongOctet": truncateLen
return r.ASN1HEX.dump(input.replace(/\s/g, "").toLowerCase(), {
"ommit_long_octet": truncateLen
}, index);
}

4
src/core/operations/ParseSSHHostKey.mjs
View file

@ -23,7 +23,7 @@ class ParseSSHHostKey extends Operation {
this.name = "Parse SSH Host Key";
this.module = "Default";
this.description = "Parses a SSH host key and extracts fields from it.<br>The key type can be:<ul><li>ssh-rsa</li><li>ssh-dss</li><li>ecdsa-sha2</li></ul>The key format can be either Hex or Base64.";
this.description = "Parses a SSH host key and extracts fields from it.<br>The key type can be:<ul><li>ssh-rsa</li><li>ssh-dss</li><li>ecdsa-sha2</li><li>ssh-ed25519</li></ul>The key format can be either Hex or Base64.";
this.infoURL = "https://wikipedia.org/wiki/Secure_Shell";
this.inputType = "string";
this.outputType = "string";
@ -71,6 +71,8 @@ class ParseSSHHostKey extends Operation {
} else if (keyType.startsWith("ecdsa-sha2")) {
output += `\nCurve: ${Utils.byteArrayToChars(fromHex(fields[1]))}`;
output += `\nPoint: 0x${fields.slice(2)}`;
} else if (keyType === "ssh-ed25519") {
output += `\nx: 0x${fields[1]}`;
} else {
output += "\nUnsupported key type.";
output += `\nParameters: ${fields.slice(1)}`;

38
src/core/operations/ParseX509Certificate.mjs
View file

@ -57,23 +57,29 @@ class ParseX509Certificate extends Operation {
const cert = new r.X509(),
inputFormat = args[0];
switch (inputFormat) {
case "DER Hex":
input = input.replace(/\s/g, "");
cert.readCertHex(input);
break;
case "PEM":
cert.readCertPEM(input);
break;
case "Base64":
cert.readCertHex(toHex(fromBase64(input, null, "byteArray"), ""));
break;
case "Raw":
cert.readCertHex(toHex(Utils.strToByteArray(input), ""));
break;
default:
throw "Undefined input format";
let undefinedInputFormat = false;
try {
switch (inputFormat) {
case "DER Hex":
input = input.replace(/\s/g, "").toLowerCase();
cert.readCertHex(input);
break;
case "PEM":
cert.readCertPEM(input);
break;
case "Base64":
cert.readCertHex(toHex(fromBase64(input, null, "byteArray"), ""));
break;
case "Raw":
cert.readCertHex(toHex(Utils.strToByteArray(input), ""));
break;
default:
undefinedInputFormat = true;
}
} catch (e) {
throw "Certificate load error (non-certificate input?)";
}
if (undefinedInputFormat) throw "Undefined input format";
const sn = cert.getSerialNumberHex(),
issuer = cert.getIssuer(),

8
src/core/operations/PseudoRandomNumberGenerator.mjs
View file

@ -52,8 +52,12 @@ class PseudoRandomNumberGenerator extends Operation {
let bytes;
if (isWorkerEnvironment() && self.crypto) {
bytes = self.crypto.getRandomValues(new Uint8Array(numBytes));
bytes = Utils.arrayBufferToStr(bytes.buffer);
bytes = new ArrayBuffer(numBytes);
const CHUNK_SIZE = 65536;
for (let i = 0; i < numBytes; i += CHUNK_SIZE) {
self.crypto.getRandomValues(new Uint8Array(bytes, i, Math.min(numBytes - i, CHUNK_SIZE)));
}
bytes = Utils.arrayBufferToStr(bytes);
} else {
bytes = forge.random.getBytesSync(numBytes);
}

247
src/core/operations/Rabbit.mjs Normal file
View file

@ -0,0 +1,247 @@
/**
* @author mikecat
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import Utils from "../Utils.mjs";
import { toHexFast } from "../lib/Hex.mjs";
import OperationError from "../errors/OperationError.mjs";
/**
* Rabbit operation
*/
class Rabbit extends Operation {
/**
* Rabbit constructor
*/
constructor() {
super();
this.name = "Rabbit";
this.module = "Ciphers";
this.description = "Rabbit is a high-speed stream cipher introduced in 2003 and defined in RFC 4503.<br><br>The cipher uses a 128-bit key and an optional 64-bit initialization vector (IV).<br><br>big-endian: based on RFC4503 and RFC3447<br>little-endian: compatible with Crypto++";
this.infoURL = "https://wikipedia.org/wiki/Rabbit_(cipher)";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
"name": "Key",
"type": "toggleString",
"value": "",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "IV",
"type": "toggleString",
"value": "",
"toggleValues": ["Hex", "UTF8", "Latin1", "Base64"]
},
{
"name": "Endianness",
"type": "option",
"value": ["Big", "Little"]
},
{
"name": "Input",
"type": "option",
"value": ["Raw", "Hex"]
},
{
"name": "Output",
"type": "option",
"value": ["Raw", "Hex"]
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const key = Utils.convertToByteArray(args[0].string, args[0].option),
iv = Utils.convertToByteArray(args[1].string, args[1].option),
endianness = args[2],
inputType = args[3],
outputType = args[4];
const littleEndian = endianness === "Little";
if (key.length !== 16) {
throw new OperationError(`Invalid key length: ${key.length} bytes (expected: 16)`);
}
if (iv.length !== 0 && iv.length !== 8) {
throw new OperationError(`Invalid IV length: ${iv.length} bytes (expected: 0 or 8)`);
}
// Inner State
const X = new Uint32Array(8), C = new Uint32Array(8);
let b = 0;
// Counter System
const A = [
0x4d34d34d, 0xd34d34d3, 0x34d34d34, 0x4d34d34d,
0xd34d34d3, 0x34d34d34, 0x4d34d34d, 0xd34d34d3
];
const counterUpdate = function() {
for (let j = 0; j < 8; j++) {
const temp = C[j] + A[j] + b;
b = (temp / ((1 << 30) * 4)) >>> 0;
C[j] = temp;
}
};
// Next-State Function
const g = function(u, v) {
const uv = (u + v) >>> 0;
const upper = uv >>> 16, lower = uv & 0xffff;
const upperUpper = upper * upper;
const upperLower2 = 2 * upper * lower;
const lowerLower = lower * lower;
const mswTemp = upperUpper + ((upperLower2 / (1 << 16)) >>> 0);
const lswTemp = lowerLower + (upperLower2 & 0xffff) * (1 << 16);
const msw = mswTemp + ((lswTemp / ((1 << 30) * 4)) >>> 0);
const lsw = lswTemp >>> 0;
return lsw ^ msw;
};
const leftRotate = function(value, width) {
return (value << width) | (value >>> (32 - width));
};
const nextStateHelper1 = function(v0, v1, v2) {
return v0 + leftRotate(v1, 16) + leftRotate(v2, 16);
};
const nextStateHelper2 = function(v0, v1, v2) {
return v0 + leftRotate(v1, 8) + v2;
};
const G = new Uint32Array(8);
const nextState = function() {
for (let j = 0; j < 8; j++) {
G[j] = g(X[j], C[j]);
}
X[0] = nextStateHelper1(G[0], G[7], G[6]);
X[1] = nextStateHelper2(G[1], G[0], G[7]);
X[2] = nextStateHelper1(G[2], G[1], G[0]);
X[3] = nextStateHelper2(G[3], G[2], G[1]);
X[4] = nextStateHelper1(G[4], G[3], G[2]);
X[5] = nextStateHelper2(G[5], G[4], G[3]);
X[6] = nextStateHelper1(G[6], G[5], G[4]);
X[7] = nextStateHelper2(G[7], G[6], G[5]);
};
// Key Setup Scheme
const K = new Uint16Array(8);
if (littleEndian) {
for (let i = 0; i < 8; i++) {
K[i] = (key[1 + 2 * i] << 8) | key[2 * i];
}
} else {
for (let i = 0; i < 8; i++) {
K[i] = (key[14 - 2 * i] << 8) | key[15 - 2 * i];
}
}
for (let j = 0; j < 8; j++) {
if (j % 2 === 0) {
X[j] = (K[(j + 1) % 8] << 16) | K[j];
C[j] = (K[(j + 4) % 8] << 16) | K[(j + 5) % 8];
} else {
X[j] = (K[(j + 5) % 8] << 16) | K[(j + 4) % 8];
C[j] = (K[j] << 16) | K[(j + 1) % 8];
}
}
for (let i = 0; i < 4; i++) {
counterUpdate();
nextState();
}
for (let j = 0; j < 8; j++) {
C[j] = C[j] ^ X[(j + 4) % 8];
}
// IV Setup Scheme
if (iv.length === 8) {
const getIVValue = function(a, b, c, d) {
if (littleEndian) {
return (iv[a] << 24) | (iv[b] << 16) |
(iv[c] << 8) | iv[d];
} else {
return (iv[7 - a] << 24) | (iv[7 - b] << 16) |
(iv[7 - c] << 8) | iv[7 - d];
}
};
C[0] = C[0] ^ getIVValue(3, 2, 1, 0);
C[1] = C[1] ^ getIVValue(7, 6, 3, 2);
C[2] = C[2] ^ getIVValue(7, 6, 5, 4);
C[3] = C[3] ^ getIVValue(5, 4, 1, 0);
C[4] = C[4] ^ getIVValue(3, 2, 1, 0);
C[5] = C[5] ^ getIVValue(7, 6, 3, 2);
C[6] = C[6] ^ getIVValue(7, 6, 5, 4);
C[7] = C[7] ^ getIVValue(5, 4, 1, 0);
for (let i = 0; i < 4; i++) {
counterUpdate();
nextState();
}
}
// Extraction Scheme
const S = new Uint8Array(16);
const extract = function() {
let pos = 0;
const addPart = function(value) {
S[pos++] = value >>> 8;
S[pos++] = value & 0xff;
};
counterUpdate();
nextState();
addPart((X[6] >>> 16) ^ (X[1] & 0xffff));
addPart((X[6] & 0xffff) ^ (X[3] >>> 16));
addPart((X[4] >>> 16) ^ (X[7] & 0xffff));
addPart((X[4] & 0xffff) ^ (X[1] >>> 16));
addPart((X[2] >>> 16) ^ (X[5] & 0xffff));
addPart((X[2] & 0xffff) ^ (X[7] >>> 16));
addPart((X[0] >>> 16) ^ (X[3] & 0xffff));
addPart((X[0] & 0xffff) ^ (X[5] >>> 16));
if (littleEndian) {
for (let i = 0, j = S.length - 1; i < j;) {
const temp = S[i];
S[i] = S[j];
S[j] = temp;
i++;
j--;
}
}
};
const data = Utils.convertToByteString(input, inputType);
const result = new Uint8Array(data.length);
for (let i = 0; i <= data.length - 16; i += 16) {
extract();
for (let j = 0; j < 16; j++) {
result[i + j] = data.charCodeAt(i + j) ^ S[j];
}
}
if (data.length % 16 !== 0) {
const offset = data.length - data.length % 16;
const length = data.length - offset;
extract();
if (littleEndian) {
for (let j = 0; j < length; j++) {
result[offset + j] = data.charCodeAt(offset + j) ^ S[j];
}
} else {
for (let j = 0; j < length; j++) {
result[offset + j] = data.charCodeAt(offset + j) ^ S[16 - length + j];
}
}
}
if (outputType === "Hex") {
return toHexFast(result);
}
return Utils.byteArrayToChars(result);
}
}
export default Rabbit;

20
src/core/operations/RawInflate.mjs
View file

@ -7,7 +7,6 @@
import Operation from "../Operation.mjs";
import {INFLATE_BUFFER_TYPE} from "../lib/Zlib.mjs";
import rawinflate from "zlibjs/bin/rawinflate.min.js";
import OperationError from "../errors/OperationError.mjs";
const Zlib = rawinflate.Zlib;
@ -83,25 +82,6 @@ class RawInflate extends Operation {
}),
result = new Uint8Array(inflate.decompress());
// Raw Inflate sometimes messes up and returns nonsense like this:
// ]....]....]....]....]....]....]....]....]....]....]....]....]....]...
// e.g. Input data of [8b, 1d, dc, 44]
// Look for the first two square brackets:
if (result.length > 158 && result[0] === 93 && result[5] === 93) {
// If the first two square brackets are there, check that the others
// are also there. If they are, throw an error. If not, continue.
let valid = false;
for (let i = 0; i < 155; i += 5) {
if (result[i] !== 93) {
valid = true;
}
}
if (!valid) {
throw new OperationError("Error: Unable to inflate data");
}
}
// This seems to be the easiest way...
return result.buffer;
}

22
src/core/operations/Reverse.mjs
View file

@ -5,6 +5,7 @@
*/
import Operation from "../Operation.mjs";
import Utils from "../Utils.mjs";
/**
* Reverse operation
@ -26,7 +27,8 @@ class Reverse extends Operation {
{
"name": "By",
"type": "option",
"value": ["Character", "Line"]
"value": ["Byte", "Character", "Line"],
"defaultIndex": 1
}
];
}
@ -57,6 +59,24 @@ class Reverse extends Operation {
result.push(0x0a);
}
return result.slice(0, input.length);
} else if (args[0] === "Character") {
const inputString = Utils.byteArrayToUtf8(input);
let result = "";
for (let i = inputString.length - 1; i >= 0; i--) {
const c = inputString.charCodeAt(i);
if (i > 0 && 0xdc00 <= c && c <= 0xdfff) {
const c2 = inputString.charCodeAt(i - 1);
if (0xd800 <= c2 && c2 <= 0xdbff) {
// surrogates
result += inputString.charAt(i - 1);
result += inputString.charAt(i);
i--;
continue;
}
}
result += inputString.charAt(i);
}
return Utils.strToUtf8ByteArray(result);
} else {
return input.reverse();
}

78
src/core/operations/Shuffle.mjs Normal file
View file

@ -0,0 +1,78 @@
/**
* @author mikecat
* @copyright Crown Copyright 2022
* @license Apache-2.0
*/
import Operation from "../Operation.mjs";
import Utils from "../Utils.mjs";
import {INPUT_DELIM_OPTIONS} from "../lib/Delim.mjs";
/**
* Shuffle operation
*/
class Shuffle extends Operation {
/**
* Shuffle constructor
*/
constructor() {
super();
this.name = "Shuffle";
this.module = "Default";
this.description = "Randomly reorders input elements.";
this.infoURL = "https://wikipedia.org/wiki/Shuffling";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
name: "Delimiter",
type: "option",
value: INPUT_DELIM_OPTIONS
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const delim = Utils.charRep(args[0]);
if (input.length === 0) return input;
// return a random number in [0, 1)
const rng = (typeof crypto) !== "undefined" && crypto.getRandomValues ? (function() {
const buf = new Uint32Array(2);
return function() {
// generate 53-bit random integer: 21 + 32 bits
crypto.getRandomValues(buf);
const value = (buf[0] >>> (32 - 21)) * ((1 << 30) * 4) + buf[1];
return value / ((1 << 23) * (1 << 30));
};
})() : Math.random;
// return a random integer in [0, max)
const randint = function(max) {
return Math.floor(rng() * max);
};
// Split input into shuffleable sections
const toShuffle = input.split(delim);
// shuffle elements
for (let i = toShuffle.length - 1; i > 0; i--) {
const idx = randint(i + 1);
const tmp = toShuffle[idx];
toShuffle[idx] = toShuffle[i];
toShuffle[i] = tmp;
}
return toShuffle.join(delim);
}
}
export default Shuffle;

6
src/core/operations/Sort.mjs
View file

@ -7,7 +7,7 @@
import Operation from "../Operation.mjs";
import Utils from "../Utils.mjs";
import {INPUT_DELIM_OPTIONS} from "../lib/Delim.mjs";
import {caseInsensitiveSort, ipSort, numericSort, hexadecimalSort} from "../lib/Sort.mjs";
import {caseInsensitiveSort, ipSort, numericSort, hexadecimalSort, lengthSort} from "../lib/Sort.mjs";
/**
* Sort operation
@ -39,7 +39,7 @@ class Sort extends Operation {
{
"name": "Order",
"type": "option",
"value": ["Alphabetical (case sensitive)", "Alphabetical (case insensitive)", "IP address", "Numeric", "Numeric (hexadecimal)"]
"value": ["Alphabetical (case sensitive)", "Alphabetical (case insensitive)", "IP address", "Numeric", "Numeric (hexadecimal)", "Length"]
}
];
}
@ -65,6 +65,8 @@ class Sort extends Operation {
sorted = sorted.sort(numericSort);
} else if (order === "Numeric (hexadecimal)") {
sorted = sorted.sort(hexadecimalSort);
} else if (order === "Length") {
sorted = sorted.sort(lengthSort);
}
if (sortReverse) sorted.reverse();

56
src/core/operations/Substitute.mjs
View file

@ -34,10 +34,50 @@ class Substitute extends Operation {
"name": "Ciphertext",
"type": "binaryString",
"value": "XYZABCDEFGHIJKLMNOPQRSTUVW"
},
{
"name": "Ignore case",
"type": "boolean",
"value": false
}
];
}
/**
* Convert a single character using the dictionary, if ignoreCase is true then
* check in the dictionary for both upper and lower case versions of the character.
* In output the input character case is preserved.
* @param {string} char
* @param {Object} dict
* @param {boolean} ignoreCase
* @returns {string}
*/
cipherSingleChar(char, dict, ignoreCase) {
if (!ignoreCase)
return dict[char] || char;
const isUpperCase = char === char.toUpperCase();
// convert using the dictionary keeping the case of the input character
if (dict[char] !== undefined) {
// if the character is in the dictionary return the value with the input case
return isUpperCase ? dict[char].toUpperCase() : dict[char].toLowerCase();
}
// check for the other case, if it is in the dictionary return the value with the right case
if (isUpperCase) {
if (dict[char.toLowerCase()] !== undefined)
return dict[char.toLowerCase()].toUpperCase();
} else {
if (dict[char.toUpperCase()] !== undefined)
return dict[char.toUpperCase()].toLowerCase();
}
return char;
}
/**
* @param {string} input
* @param {Object[]} args
@ -45,17 +85,23 @@ class Substitute extends Operation {
*/
run(input, args) {
const plaintext = Utils.expandAlphRange([...args[0]]),
ciphertext = Utils.expandAlphRange([...args[1]]);
let output = "",
index = -1;
ciphertext = Utils.expandAlphRange([...args[1]]),
ignoreCase = args[2];
let output = "";
if (plaintext.length !== ciphertext.length) {
output = "Warning: Plaintext and Ciphertext lengths differ\n\n";
}
// create dictionary for conversion
const dict = {};
for (let i = 0; i < Math.min(ciphertext.length, plaintext.length); i++) {
dict[plaintext[i]] = ciphertext[i];
}
// map every letter with the conversion function
for (const character of input) {
index = plaintext.indexOf(character);
output += index > -1 && index < ciphertext.length ? ciphertext[index] : character;
output += this.cipherSingleChar(character, dict, ignoreCase);
}
return output;

60
src/core/operations/ToTable.mjs
View file

@ -20,7 +20,7 @@ class ToTable extends Operation {
this.name = "To Table";
this.module = "Default";
this.description = "Data can be split on different characters and rendered as an HTML or ASCII table with an optional header row.<br><br>Supports the CSV (Comma Separated Values) file format by default. Change the cell delimiter argument to <code>\\t</code> to support TSV (Tab Separated Values) or <code>|</code> for PSV (Pipe Separated Values).<br><br>You can enter as many delimiters as you like. Each character will be treat as a separate possible delimiter.";
this.description = "Data can be split on different characters and rendered as an HTML, ASCII or Markdown table with an optional header row.<br><br>Supports the CSV (Comma Separated Values) file format by default. Change the cell delimiter argument to <code>\\t</code> to support TSV (Tab Separated Values) or <code>|</code> for PSV (Pipe Separated Values).<br><br>You can enter as many delimiters as you like. Each character will be treat as a separate possible delimiter.";
this.infoURL = "https://wikipedia.org/wiki/Comma-separated_values";
this.inputType = "string";
this.outputType = "html";
@ -43,7 +43,7 @@ class ToTable extends Operation {
{
"name": "Format",
"type": "option",
"value": ["ASCII", "HTML"]
"value": ["ASCII", "HTML", "Markdown"]
}
];
}
@ -66,6 +66,9 @@ class ToTable extends Operation {
case "ASCII":
return asciiOutput(tableData);
case "HTML":
return htmlOutput(tableData);
case "Markdown":
return markdownOutput(tableData);
default:
return htmlOutput(tableData);
}
@ -183,6 +186,59 @@ class ToTable extends Operation {
return output;
}
}
/**
* Outputs an array of data as a Markdown table.
*
* @param {string[][]} tableData
* @returns {string}
*/
function markdownOutput(tableData) {
const headerDivider = "-";
const verticalBorder = "|";
let output = "";
const longestCells = [];
// Find longestCells value per column to pad cells equally.
tableData.forEach(function(row, index) {
row.forEach(function(cell, cellIndex) {
if (longestCells[cellIndex] === undefined || cell.length > longestCells[cellIndex]) {
longestCells[cellIndex] = cell.length;
}
});
});
// Ignoring the checkbox, as current Mardown renderer in CF doesn't handle table without headers
const row = tableData.shift();
output += outputRow(row, longestCells);
let rowOutput = verticalBorder;
row.forEach(function(cell, index) {
rowOutput += " " + headerDivider + " " + verticalBorder;
});
output += rowOutput += "\n";
// Add the rest of the table rows.
tableData.forEach(function(row, index) {
output += outputRow(row, longestCells);
});
return output;
/**
* Outputs a row of correctly padded cells.
*/
function outputRow(row, longestCells) {
let rowOutput = verticalBorder;
row.forEach(function(cell, index) {
rowOutput += " " + cell + " ".repeat(longestCells[index] - cell.length) + " " + verticalBorder;
});
rowOutput += "\n";
return rowOutput;
}
}
}
}

5
src/core/operations/TripleDESDecrypt.mjs
View file

@ -70,7 +70,7 @@ class TripleDESDecrypt extends Operation {
inputType = args[3],
outputType = args[4];
if (key.length !== 24) {
if (key.length !== 24 && key.length !== 16) {
throw new OperationError(`Invalid key length: ${key.length} bytes
Triple DES uses a key length of 24 bytes (192 bits).
@ -85,7 +85,8 @@ Make sure you have specified the type correctly (e.g. Hex vs UTF8).`);
input = Utils.convertToByteString(input, inputType);
const decipher = forge.cipher.createDecipher("3DES-" + mode, key);
const decipher = forge.cipher.createDecipher("3DES-" + mode,
key.length === 16 ? key + key.substring(0, 8) : key);
/* Allow for a "no padding" mode */
if (noPadding) {

5
src/core/operations/TripleDESEncrypt.mjs
View file

@ -69,7 +69,7 @@ class TripleDESEncrypt extends Operation {
inputType = args[3],
outputType = args[4];
if (key.length !== 24) {
if (key.length !== 24 && key.length !== 16) {
throw new OperationError(`Invalid key length: ${key.length} bytes
Triple DES uses a key length of 24 bytes (192 bits).
@ -84,7 +84,8 @@ Make sure you have specified the type correctly (e.g. Hex vs UTF8).`);
input = Utils.convertToByteString(input, inputType);
const cipher = forge.cipher.createCipher("3DES-" + mode, key);
const cipher = forge.cipher.createCipher("3DES-" + mode,
key.length === 16 ? key + key.substring(0, 8) : key);
cipher.start({iv: iv});
cipher.update(forge.util.createBuffer(input));
cipher.finish();

3
src/core/operations/UNIXTimestampToWindowsFiletime.mjs
View file

@ -79,6 +79,9 @@ class UNIXTimestampToWindowsFiletime extends Operation {
flipped += result.charAt(i);
flipped += result.charAt(i + 1);
}
if (result.length % 2 !== 0) {
flipped += "0" + result.charAt(0);
}
result = flipped;
}

2
src/core/operations/ViewBitPlane.mjs
View file

@ -90,7 +90,7 @@ class ViewBitPlane extends Operation {
* @returns {html}
*/
present(data) {
if (!data.length) return "";
if (!data.byteLength) return "";
const type = isImage(data);
return `<img src="data:${type};base64,${toBase64(data)}">`;

5
src/core/operations/WindowsFiletimeToUNIXTimestamp.mjs
View file

@ -52,7 +52,10 @@ class WindowsFiletimeToUNIXTimestamp extends Operation {
if (format === "Hex (little endian)") {
// Swap endianness
let result = "";
for (let i = input.length - 2; i >= 0; i -= 2) {
if (input.length % 2 !== 0) {
result += input.charAt(input.length - 1);
}
for (let i = input.length - input.length % 2 - 2; i >= 0; i -= 2) {
result += input.charAt(i);
result += input.charAt(i + 1);
}

30
src/core/operations/YARARules.mjs
View file

@ -52,7 +52,17 @@ class YARARules extends Operation {
name: "Show counts",
type: "boolean",
value: true
}
},
{
name: "Show rule warnings",
type: "boolean",
value: true
},
{
name: "Show console module messages",
type: "boolean",
value: true
},
];
}
@ -64,7 +74,7 @@ class YARARules extends Operation {
async run(input, args) {
if (isWorkerEnvironment())
self.sendStatusMessage("Instantiating YARA...");
const [rules, showStrings, showLengths, showMeta, showCounts] = args;
const [rules, showStrings, showLengths, showMeta, showCounts, showRuleWarns, showConsole] = args;
return new Promise((resolve, reject) => {
Yara().then(yara => {
if (isWorkerEnvironment()) self.sendStatusMessage("Converting data for YARA.");
@ -83,11 +93,19 @@ class YARARules extends Operation {
const compileError = resp.compileErrors.get(i);
if (!compileError.warning) {
reject(new OperationError(`Error on line ${compileError.lineNumber}: ${compileError.message}`));
} else {
matchString += `Warning on line ${compileError.lineNumber}: ${compileError.message}`;
} else if (showRuleWarns) {
matchString += `Warning on line ${compileError.lineNumber}: ${compileError.message}\n`;
}
}
}
if (showConsole) {
const consoleLogs = resp.consoleLogs;
for (let i = 0; i < consoleLogs.size(); i++) {
matchString += consoleLogs.get(i) + "\n";
}
}
const matchedRules = resp.matchedRules;
for (let i = 0; i < matchedRules.size(); i++) {
const rule = matchedRules.get(i);
@ -100,11 +118,11 @@ class YARARules extends Operation {
}
meta = meta.slice(0, -2) + "]";
}
const countString = showCounts ? `${matches.size()} time${matches.size() > 1 ? "s" : ""}` : "";
const countString = matches.size() === 0 ? "" : (showCounts ? ` (${matches.size()} time${matches.size() > 1 ? "s" : ""})` : "");
if (matches.size() === 0 || !(showStrings || showLengths)) {
matchString += `Input matches rule "${rule.ruleName}"${meta}${countString.length > 0 ? ` ${countString}`: ""}.\n`;
} else {
matchString += `Rule "${rule.ruleName}"${meta} matches (${countString}):\n`;
matchString += `Rule "${rule.ruleName}"${meta} matches${countString}:\n`;
for (let j = 0; j < matches.size(); j++) {
const match = matches.get(j);
if (showStrings || showLengths) {

10
src/web/HTMLIngredient.mjs
View file

@ -30,6 +30,7 @@ class HTMLIngredient {
this.rows = config.rows || false;
this.target = config.target;
this.defaultIndex = config.defaultIndex || 0;
this.maxLength = config.maxLength || null;
this.toggleValues = config.toggleValues;
this.ingId = this.app.nextIngId();
this.id = "ing-" + this.ingId;
@ -63,7 +64,8 @@ class HTMLIngredient {
tabindex="${this.tabIndex}"
arg-name="${this.name}"
value="${this.value}"
${this.disabled ? "disabled" : ""}>
${this.disabled ? "disabled" : ""}
${this.maxLength ? `maxlength="${this.maxLength}"` : ""}>
</div>`;
break;
case "shortString":
@ -78,7 +80,8 @@ class HTMLIngredient {
tabindex="${this.tabIndex}"
arg-name="${this.name}"
value="${this.value}"
${this.disabled ? "disabled" : ""}>
${this.disabled ? "disabled" : ""}
${this.maxLength ? `maxlength="${this.maxLength}"` : ""}>
</div>`;
break;
case "toggleString":
@ -93,7 +96,8 @@ class HTMLIngredient {
tabindex="${this.tabIndex}"
arg-name="${this.name}"
value="${this.value}"
${this.disabled ? "disabled" : ""}>
${this.disabled ? "disabled" : ""}
${this.maxLength ? `maxlength="${this.maxLength}"` : ""}>
</div>
<div class="input-group-append">
<button class="btn btn-secondary dropdown-toggle" type="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">${this.toggleValues[0]}</button>

2
src/web/stylesheets/index.js
View file

@ -10,7 +10,7 @@
import "highlight.js/styles/vs.css";
/* Frameworks */
import "./vendors/bootstrap.scss";
import "bootstrap-material-design/dist/css/bootstrap-material-design.css";
import "bootstrap-colorpicker/dist/css/bootstrap-colorpicker.css";
/* CyberChef styles */

25
src/web/stylesheets/utils/_overrides.css
View file

@ -82,7 +82,17 @@ a:focus {
border-color: var(--btn-success-hover-border-colour);
}
select.form-control:not([size]):not([multiple]), select.custom-file-control:not([size]):not([multiple]) {
select.form-control,
select.form-control:focus {
background-color: var(--primary-background-colour) !important;
}
select.form-control:focus {
transition: none !important;
}
select.form-control:not([size]):not([multiple]),
select.custom-file-control:not([size]):not([multiple]) {
height: unset !important;
}
@ -145,7 +155,8 @@ optgroup {
color: var(--primary-font-colour);
}
.table-bordered th, .table-bordered td {
.table-bordered th,
.table-bordered td {
border: 1px solid var(--table-border-colour);
}
@ -172,7 +183,9 @@ optgroup {
color: var(--subtext-font-colour);
}
.nav-tabs>li>a.nav-link.active, .nav-tabs>li>a.nav-link.active:focus, .nav-tabs>li>a.nav-link.active:hover {
.nav-tabs>li>a.nav-link.active,
.nav-tabs>li>a.nav-link.active:focus,
.nav-tabs>li>a.nav-link.active:hover {
background-color: var(--secondary-background-colour);
border-color: var(--secondary-border-colour);
border-bottom-color: transparent;
@ -183,7 +196,8 @@ optgroup {
border-color: var(--primary-border-colour);
}
.nav a.nav-link:focus, .nav a.nav-link:hover {
.nav a.nav-link:focus,
.nav a.nav-link:hover {
background-color: var(--secondary-border-colour);
}
@ -199,7 +213,8 @@ optgroup {
color: var(--primary-font-colour);
}
.dropdown-menu a:focus, .dropdown-menu a:hover {
.dropdown-menu a:focus,
.dropdown-menu a:hover {
background-color: var(--secondary-background-colour);
color: var(--primary-font-colour);
}

23
src/web/stylesheets/vendors/bootstrap.scss vendored
View file

@ -1,23 +0,0 @@
/**
* Bootstrap Material Design with overrides
*
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2018
* @license Apache-2.0
*/
@import "~bootstrap-material-design/scss/variables/colors";
$theme-colors: (
primary: $blue-700,
success: $green,
info: $light-blue,
warning: $deep-orange,
danger: $red,
light: $grey-100,
dark: $grey-800
);
$bmd-form-line-height: 1.25;
@import "~bootstrap-material-design/scss/core";