mirrors/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2025-04-22 07:46:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merged upstream master

Browse source
This commit is contained in:
n1474335 2017-09-17 14:53:17 +01:00
commit d3246b7c8b
85 changed files with 3265 additions and 1477 deletions
Download patch file Download diff file Expand all files Collapse all files

136
src/core/Utils.js
View file

@ -843,6 +843,139 @@ const Utils = {
},
/**
* Encodes a URI fragment (#) or query (?) using a minimal amount of percent-encoding.
*
* RFC 3986 defines legal characters for the fragment and query parts of a URL to be as follows:
*
* fragment = *( pchar / "/" / "?" )
* query = *( pchar / "/" / "?" )
* pchar = unreserved / pct-encoded / sub-delims / ":" / "@"
* unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
* pct-encoded = "%" HEXDIG HEXDIG
* sub-delims = "!" / "$" / "&" / "'" / "(" / ")"
* / "*" / "+" / "," / ";" / "="
*
* Meaning that the list of characters that need not be percent-encoded are alphanumeric plus:
* -._~!$&'()*+,;=:@/?
*
* & and = are still escaped as they are used to serialise the key-value pairs in CyberChef
* fragments. + is also escaped so as to prevent it being decoded to a space.
*
* @param {string} str
* @returns {string}
*/
encodeURIFragment: function(str) {
const LEGAL_CHARS = {
"%2D": "-",
"%2E": ".",
"%5F": "_",
"%7E": "~",
"%21": "!",
"%24": "$",
//"%26": "&",
"%27": "'",
"%28": "(",
"%29": ")",
"%2A": "*",
//"%2B": "+",
"%2C": ",",
"%3B": ";",
//"%3D": "=",
"%3A": ":",
"%40": "@",
"%2F": "/",
"%3F": "?"
};
str = encodeURIComponent(str);
return str.replace(/%[0-9A-F]{2}/g, function (match) {
return LEGAL_CHARS[match] || match;
});
},
/**
* Generates a "pretty" recipe format from a recipeConfig object.
*
* "Pretty" CyberChef recipe formats are designed to be included in the fragment (#) or query (?)
* parts of the URL. They can also be loaded into CyberChef through the 'Load' interface. In order
* to make this format as readable as possible, various special characters are used unescaped. This
* reduces the amount of percent-encoding included in the URL which is typically difficult to read,
* as well as substantially increasing the overall length. These characteristics can be quite
* offputting for users.
*
* @param {Object[]} recipeConfig
* @param {boolean} newline - whether to add a newline after each operation
* @returns {string}
*/
generatePrettyRecipe: function(recipeConfig, newline) {
let prettyConfig = "",
name = "",
args = "",
disabled = "",
bp = "";
recipeConfig.forEach(op => {
name = op.op.replace(/ /g, "_");
args = JSON.stringify(op.args)
.slice(1, -1) // Remove [ and ] as they are implied
// We now need to switch double-quoted (") strings to single-quotes (') as these do not
// need to be percent-encoded.
.replace(/'/g, "\\'") // Escape single quotes
.replace(/\\"/g, '"') // Unescape double quotes
.replace(/(^|,|{|:)"/g, "$1'") // Replace opening " with '
.replace(/"(,|:|}|$)/g, "'$1"); // Replace closing " with '
disabled = op.disabled ? "/disabled": "";
bp = op.breakpoint ? "/breakpoint" : "";
prettyConfig += `${name}(${args}${disabled}${bp})`;
if (newline) prettyConfig += "\n";
});
return prettyConfig;
},
/**
* Converts a recipe string to the JSON representation of the recipe.
* Accepts either stringified JSON or bespoke "pretty" recipe format.
*
* @param {string} recipe
* @returns {Object[]}
*/
parseRecipeConfig: function(recipe) {
recipe = recipe.trim();
if (recipe.length === 0) return [];
if (recipe[0] === "[") return JSON.parse(recipe);
// Parse bespoke recipe format
recipe = recipe.replace(/\n/g, "");
let m,
recipeRegex = /([^(]+)\(((?:'[^'\\]*(?:\\.[^'\\]*)*'|[^)/])*)(\/[^)]+)?\)/g,
recipeConfig = [],
args;
while ((m = recipeRegex.exec(recipe))) {
// Translate strings in args back to double-quotes
args = m[2]
.replace(/"/g, '\\"') // Escape double quotes
.replace(/(^|,|{|:)'/g, '$1"') // Replace opening ' with "
.replace(/([^\\])'(,|:|}|$)/g, '$1"$2') // Replace closing ' with "
.replace(/\\'/g, "'"); // Unescape single quotes
args = "[" + args + "]";
let op = {
op: m[1].replace(/_/g, " "),
args: JSON.parse(args)
};
if (m[3] && m[3].indexOf("disabled") > 0) op.disabled = true;
if (m[3] && m[3].indexOf("breakpoint") > 0) op.breakpoint = true;
recipeConfig.push(op);
}
return recipeConfig;
},
/**
* Expresses a number of milliseconds in a human readable format.
*
@ -1102,7 +1235,8 @@ const Utils = {
"Forward slash": /\//g,
"Backslash": /\\/g,
"0x": /0x/g,
"\\x": /\\x/g
"\\x": /\\x/g,
"None": /\s+/g // Included here to remove whitespace when there shouldn't be any
},

21
src/core/config/Categories.js
View file

@ -122,6 +122,8 @@ const Categories = [
"AND",
"ADD",
"SUB",
"Bit shift left",
"Bit shift right",
"Rotate left",
"Rotate right",
"ROT13",
@ -173,7 +175,6 @@ const Categories = [
"Tail",
"Count occurrences",
"Expand alphabet range",
"Parse escaped string",
"Drop bytes",
"Take bytes",
"Pad lines",
@ -188,6 +189,8 @@ const Categories = [
"Parse UNIX file permissions",
"Swap endianness",
"Parse colour code",
"Escape string",
"Unescape string",
]
},
{
@ -215,6 +218,7 @@ const Categories = [
"Extract dates",
"Regular expression",
"XPath expression",
"JPath expression",
"CSS selector",
"Extract EXIF",
]
@ -243,20 +247,21 @@ const Categories = [
"MD2",
"MD4",
"MD5",
"MD6",
"SHA0",
"SHA1",
"SHA224",
"SHA256",
"SHA384",
"SHA512",
"SHA2",
"SHA3",
"RIPEMD-160",
"Keccak",
"Shake",
"RIPEMD",
"HMAC",
"Fletcher-8 Checksum",
"Fletcher-16 Checksum",
"Fletcher-32 Checksum",
"Fletcher-64 Checksum",
"Adler-32 Checksum",
"CRC-16 Checksum",
"CRC-32 Checksum",
"TCP/IP Checksum",
]
@ -278,7 +283,9 @@ const Categories = [
"CSS Beautify",
"CSS Minify",
"XPath expression",
"JPath expression",
"CSS selector",
"Microsoft Script Decoder",
"Strip HTML tags",
"Diff",
"To Snake case",
@ -294,6 +301,8 @@ const Categories = [
"Detect File Type",
"Scan for Embedded Files",
"Generate UUID",
"Generate TOTP",
"Generate HOTP",
"Render Image",
"Remove EXIF",
"Extract EXIF",

288
src/core/config/OperationConfig.js
View file

@ -26,9 +26,11 @@ import IP from "../operations/IP.js";
import JS from "../operations/JS.js";
import MAC from "../operations/MAC.js";
import MorseCode from "../operations/MorseCode.js";
import MS from "../operations/MS.js";
import NetBIOS from "../operations/NetBIOS.js";
import Numberwang from "../operations/Numberwang.js";
import OS from "../operations/OS.js";
import OTP from "../operations/OTP.js";
import PublicKey from "../operations/PublicKey.js";
import Punycode from "../operations/Punycode.js";
import QuotedPrintable from "../operations/QuotedPrintable.js";
@ -521,6 +523,7 @@ const OperationConfig = {
}
]
},
"To Charcode": {
module: "Default",
description: "Converts text to its unicode character code equivalent.<br><br>e.g. <code>Γειά σου</code> becomes <code>0393 03b5 03b9 03ac 20 03c3 03bf 03c5</code>",
@ -1595,41 +1598,41 @@ const OperationConfig = {
},
"Rotate right": {
module: "Default",
description: "Rotates each byte to the right by the number of bits specified. Currently only supports 8-bit values.",
description: "Rotates each byte to the right by the number of bits specified, optionally carrying the excess bits over to the next byte. Currently only supports 8-bit values.",
highlight: true,
highlightReverse: true,
inputType: "byteArray",
outputType: "byteArray",
args: [
{
name: "Number of bits",
name: "Amount",
type: "number",
value: Rotate.ROTATE_AMOUNT
},
{
name: "Rotate as a whole",
name: "Carry through",
type: "boolean",
value: Rotate.ROTATE_WHOLE
value: Rotate.ROTATE_CARRY
}
]
},
"Rotate left": {
module: "Default",
description: "Rotates each byte to the left by the number of bits specified. Currently only supports 8-bit values.",
description: "Rotates each byte to the left by the number of bits specified, optionally carrying the excess bits over to the next byte. Currently only supports 8-bit values.",
highlight: true,
highlightReverse: true,
inputType: "byteArray",
outputType: "byteArray",
args: [
{
name: "Number of bits",
name: "Amount",
type: "number",
value: Rotate.ROTATE_AMOUNT
},
{
name: "Rotate as a whole",
name: "Carry through",
type: "boolean",
value: Rotate.ROTATE_WHOLE
value: Rotate.ROTATE_CARRY
}
]
},
@ -2139,7 +2142,7 @@ const OperationConfig = {
},
"Extract domains": {
module: "Default",
description: "Extracts domain names with common Top-Level Domains (TLDs).<br>Note that this will not include paths. Use <strong>Extract URLs</strong> to find entire URLs.",
description: "Extracts domain names.<br>Note that this will not include paths. Use <strong>Extract URLs</strong> to find entire URLs.",
inputType: "string",
outputType: "string",
args: [
@ -2244,6 +2247,24 @@ const OperationConfig = {
}
]
},
"JPath expression": {
module: "Code",
description: "Extract information from a JSON object with a JPath query.",
inputType: "string",
outputType: "string",
args: [
{
name: "Query",
type: "string",
value: Code.JPATH_INITIAL
},
{
name: "Result delimiter",
type: "binaryShortString",
value: Code.JPATH_DELIMITER
}
]
},
"CSS selector": {
module: "Code",
description: "Extract information from an HTML document with a CSS selector",
@ -2862,6 +2883,29 @@ const OperationConfig = {
outputType: "string",
args: []
},
"MD6": {
module: "Hashing",
description: "The MD6 (Message-Digest 6) algorithm is a cryptographic hash function. It uses a Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs.",
inputType: "string",
outputType: "string",
args: [
{
name: "Size",
type: "number",
value: Hash.MD6_SIZE
},
{
name: "Levels",
type: "number",
value: Hash.MD6_LEVELS
},
{
name: "Key",
type: "string",
value: ""
}
]
},
"SHA0": {
module: "Hashing",
description: "SHA-0 is a retronym applied to the original version of the 160-bit hash function published in 1993 under the name 'SHA'. It was withdrawn shortly after publication due to an undisclosed 'significant flaw' and replaced by the slightly revised version SHA-1.",
@ -2876,53 +2920,76 @@ const OperationConfig = {
outputType: "string",
args: []
},
"SHA224": {
"SHA2": {
module: "Hashing",
description: "SHA-224 is largely identical to SHA-256 but is truncated to 224 bytes.",
inputType: "string",
outputType: "string",
args: []
},
"SHA256": {
module: "Hashing",
description: "SHA-256 is one of the four variants in the SHA-2 set. It isn't as widely used as SHA-1, though it provides much better security.",
inputType: "string",
outputType: "string",
args: []
},
"SHA384": {
module: "Hashing",
description: "SHA-384 is largely identical to SHA-512 but is truncated to 384 bytes.",
inputType: "string",
outputType: "string",
args: []
},
"SHA512": {
module: "Hashing",
description: "SHA-512 is largely identical to SHA-256 but operates on 64-bit words rather than 32.",
inputType: "string",
outputType: "string",
args: []
},
"SHA3": {
module: "Hashing",
description: "This is an implementation of Keccak[c=2d]. SHA3 functions based on different implementations of Keccak will give different results.",
description: "The SHA-2 (Secure Hash Algorithm 2) hash functions were designed by the NSA. SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA224, SHA256, SHA384, SHA512.<br><br><ul><li>SHA-512 operates on 64-bit words.</li><li>SHA-256 operates on 32-bit words.</li><li>SHA-384 is largely identical to SHA-512 but is truncated to 384 bytes.</li><li>SHA-224 is largely identical to SHA-256 but is truncated to 224 bytes.</li><li>SHA-512/224 and SHA-512/256 are truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.</li></ul>",
inputType: "string",
outputType: "string",
args: [
{
name: "Output length",
name: "Size",
type: "option",
value: Hash.SHA3_LENGTH
value: Hash.SHA2_SIZE
}
]
},
"RIPEMD-160": {
"SHA3": {
module: "Hashing",
description: "RIPEMD (RACE Integrity Primitives Evaluation Message Digest) is a family of cryptographic hash functions developed in Leuven, Belgium, by Hans Dobbertin, Antoon Bosselaers and Bart Preneel at the COSIC research group at the Katholieke Universiteit Leuven, and first published in 1996.<br><br>RIPEMD was based upon the design principles used in MD4, and is similar in performance to the more popular SHA-1.<br><br>RIPEMD-160 is an improved, 160-bit version of the original RIPEMD, and the most common version in the family.",
description: "The SHA-3 (Secure Hash Algorithm 3) hash functions were released by NIST on August 5, 2015. Although part of the same series of standards, SHA-3 is internally quite different from the MD5-like structure of SHA-1 and SHA-2.<br><br>SHA-3 is a subset of the broader cryptographic primitive family Keccak designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, building upon RadioGatún.",
inputType: "string",
outputType: "string",
args: []
args: [
{
name: "Size",
type: "option",
value: Hash.SHA3_SIZE
}
]
},
"Keccak": {
module: "Hashing",
description: "The Keccak hash algorithm was designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, building upon RadioGatún. It was selected as the winner of the SHA-3 design competition.<br><br>This version of the algorithm is Keccak[c=2d] and differs from the SHA-3 specification.",
inputType: "string",
outputType: "string",
args: [
{
name: "Size",
type: "option",
value: Hash.KECCAK_SIZE
}
]
},
"Shake": {
module: "Hashing",
description: "Shake is an Extendable Output Function (XOF) of the SHA-3 hash algorithm, part of the Keccak family, allowing for variable output length/size.",
inputType: "string",
outputType: "string",
args: [
{
name: "Capacity",
type: "option",
value: Hash.SHAKE_CAPACITY
},
{
name: "Size",
type: "number",
value: Hash.SHAKE_SIZE
}
]
},
"RIPEMD": {
module: "Hashing",
description: "RIPEMD (RACE Integrity Primitives Evaluation Message Digest) is a family of cryptographic hash functions developed in Leuven, Belgium, by Hans Dobbertin, Antoon Bosselaers and Bart Preneel at the COSIC research group at the Katholieke Universiteit Leuven, and first published in 1996.<br><br>RIPEMD was based upon the design principles used in MD4, and is similar in performance to the more popular SHA-1.<br><br>",
inputType: "string",
outputType: "string",
args: [
{
name: "Size",
type: "option",
value: Hash.RIPEMD_SIZE
}
]
},
"HMAC": {
module: "Hashing",
@ -2980,7 +3047,14 @@ const OperationConfig = {
"CRC-32 Checksum": {
module: "Hashing",
description: "A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.<br><br>The CRC was invented by W. Wesley Peterson in 1961; the 32-bit CRC function of Ethernet and many other standards is the work of several researchers and was published in 1975.",
inputType: "byteArray",
inputType: "string",
outputType: "string",
args: []
},
"CRC-16 Checksum": {
module: "Hashing",
description: "A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.<br><br>The CRC was invented by W. Wesley Peterson in 1961.",
inputType: "string",
outputType: "string",
args: []
},
@ -3187,6 +3261,13 @@ const OperationConfig = {
}
]
},
"Microsoft Script Decoder": {
module: "Default",
description: "Decodes Microsoft Encoded Script files that have been encoded with Microsoft's custom encoding. These are often VBS (Visual Basic Script) files that are encoded and renamed with a '.vbe' extention or JS (JScript) files renamed with a '.jse' extention.<br><br><b>Sample</b><br><br>Encoded:<br><code>#@~^RQAAAA==-mD~sX|:/TP{~J:+dYbxL~@!F@*@!+@*@!&amp;@*eEI@#@&amp;@#@&amp;.jm.raY 214Wv:zms/obI0xEAAA==^#~@</code><br><br>Decoded:<br><code>var my_msg = &#34;Testing <1><2><3>!&#34;;\n\nVScript.Echo(my_msg);</code>",
inputType: "string",
outputType: "string",
args: []
},
"Syntax highlighter": {
module: "Code",
description: "Adds syntax highlighting to a range of source code languages. Note that this will not indent the code. Use one of the 'Beautify' operations for that.",
@ -3207,13 +3288,6 @@ const OperationConfig = {
}
]
},
"Parse escaped string": {
module: "Default",
description: "Replaces escaped characters with the bytes they represent.<br><br>e.g.<code>Hello\\nWorld</code> becomes <code>Hello<br>World</code>",
inputType: "string",
outputType: "string",
args: []
},
"TCP/IP Checksum": {
module: "Hashing",
description: "Calculates the checksum for a TCP (Transport Control Protocol) or IP (Internet Protocol) header from an input of raw bytes.",
@ -3253,6 +3327,20 @@ const OperationConfig = {
}
]
},
"Escape string": {
module: "Default",
description: "Escapes special characters in a string so that they do not cause conflicts. For example, <code>Don't stop me now</code> becomes <code>Don\\'t stop me now</code>.",
inputType: "string",
outputType: "string",
args: []
},
"Unescape string": {
module: "Default",
description: "Unescapes characters in a string that have been escaped. For example, <code>Don\\'t stop me now</code> becomes <code>Don't stop me now</code>.",
inputType: "string",
outputType: "string",
args: []
},
"To Morse Code": {
module: "Default",
description: "Translates alphanumeric characters into International Morse Code.<br><br>Ignores non-Morse characters.<br><br>e.g. <code>SOS</code> becomes <code>... --- ...</code>",
@ -3567,6 +3655,102 @@ const OperationConfig = {
]
},
"Bit shift left": {
module: "Default",
description: "Shifts the bits in each byte towards the left by the specified amount.",
inputType: "byteArray",
outputType: "byteArray",
highlight: true,
highlightReverse: true,
args: [
{
name: "Amount",
type: "number",
value: 1
},
]
},
"Bit shift right": {
module: "Default",
description: "Shifts the bits in each byte towards the right by the specified amount.<br><br><i>Logical shifts</i> replace the leftmost bits with zeros.<br><i>Arithmetic shifts</i> preserve the most significant bit (MSB) of the original byte keeping the sign the same (positive or negative).",
inputType: "byteArray",
outputType: "byteArray",
highlight: true,
highlightReverse: true,
args: [
{
name: "Amount",
type: "number",
value: 1
},
{
name: "Type",
type: "option",
value: BitwiseOp.BIT_SHIFT_TYPE
}
]
},
"Generate TOTP": {
module: "Default",
description: "The Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time. It has been adopted as Internet Engineering Task Force standard RFC 6238, is the cornerstone of Initiative For Open Authentication (OATH), and is used in a number of two-factor authentication systems. A TOTP is an HOTP where the counter is the current time.<br><br>Enter the secret as the input or leave it blank for a random secret to be generated. T0 and T1 are in seconds.",
inputType: "byteArray",
outputType: "string",
args: [
{
name: "Name",
type: "string",
value: ""
},
{
name: "Key size",
type: "number",
value: 32
},
{
name: "Code length",
type: "number",
value: 6
},
{
name: "Epoch offset (T0)",
type: "number",
value: 0
},
{
name: "Interval (T1)",
type: "number",
value: 30
}
]
},
"Generate HOTP": {
module: "Default",
description: "The HMAC-based One-Time Password algorithm (HOTP) is an algorithm that computes a one-time password from a shared secret key and an incrementing counter. It has been adopted as Internet Engineering Task Force standard RFC 4226, is the cornerstone of Initiative For Open Authentication (OATH), and is used in a number of two-factor authentication systems.<br><br>Enter the secret as the input or leave it blank for a random secret to be generated.",
inputType: "string",
outputType: "string",
args: [
{
name: "Name",
type: "string",
value: ""
},
{
name: "Key size",
type: "number",
value: 32
},
{
name: "Code length",
type: "number",
value: 6
},
{
name: "Counter",
type: "number",
value: 0
}
]
},
};

2
src/core/config/modules/Code.js
View file

@ -10,6 +10,7 @@ import Code from "../../operations/Code.js";
* - vkbeautify
* - xmldom
* - xpath
* - jpath
* - googlecodeprettify
*
* @author n1474335 [n1474335@gmail.com]
@ -37,6 +38,7 @@ OpModules.Code = {
"To Snake case": Code.runToSnakeCase,
"To Camel case": Code.runToCamelCase,
"To Kebab case": Code.runToKebabCase,
"JPath expression": Code.runJpath,
};
export default OpModules;

11
src/core/config/modules/Default.js
View file

@ -15,9 +15,11 @@ import Hexdump from "../../operations/Hexdump.js";
import HTML from "../../operations/HTML.js";
import MAC from "../../operations/MAC.js";
import MorseCode from "../../operations/MorseCode.js";
import MS from "../../operations/MS.js";
import NetBIOS from "../../operations/NetBIOS.js";
import Numberwang from "../../operations/Numberwang.js";
import OS from "../../operations/OS.js";
import OTP from "../../operations/OTP.js";
import QuotedPrintable from "../../operations/QuotedPrintable.js";
import Rotate from "../../operations/Rotate.js";
import SeqUtils from "../../operations/SeqUtils.js";
@ -37,6 +39,7 @@ import UUID from "../../operations/UUID.js";
* Libraries:
* - Utils.js
* - CryptoJS
* - otp
*
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2017
@ -85,6 +88,8 @@ OpModules.Default = {
"ROT47": Rotate.runRot47,
"Rotate left": Rotate.runRotl,
"Rotate right": Rotate.runRotr,
"Bit shift left": BitwiseOp.runBitShiftLeft,
"Bit shift right": BitwiseOp.runBitShiftRight,
"XOR": BitwiseOp.runXor,
"XOR Brute Force": BitwiseOp.runXorBrute,
"OR": BitwiseOp.runXor,
@ -104,7 +109,8 @@ OpModules.Default = {
"Find / Replace": StrUtils.runFindReplace,
"Split": StrUtils.runSplit,
"Filter": StrUtils.runFilter,
"Parse escaped string": StrUtils.runParseEscapedString,
"Escape string": StrUtils.runEscape,
"Unescape string": StrUtils.runUnescape,
"Head": StrUtils.runHead,
"Tail": StrUtils.runTail,
"Remove whitespace": Tidy.runRemoveWhitespace,
@ -137,12 +143,15 @@ OpModules.Default = {
"Extract domains": Extract.runDomains,
"Extract file paths": Extract.runFilePaths,
"Extract dates": Extract.runDates,
"Microsoft Script Decoder": MS.runDecodeScript,
"Entropy": Entropy.runEntropy,
"Frequency distribution": Entropy.runFreqDistrib,
"Detect File Type": FileType.runDetect,
"Scan for Embedded Files": FileType.runScanForEmbeddedFiles,
"Generate UUID": UUID.runGenerateV4,
"Numberwang": Numberwang.run,
"Generate TOTP": OTP.runTOTP,
"Generate HOTP": OTP.runHOTP,
"Fork": FlowControl.runFork,
"Merge": FlowControl.runMerge,
"Jump": FlowControl.runJump,

14
src/core/config/modules/Hashing.js
View file

@ -6,8 +6,9 @@ import Hash from "../../operations/Hash.js";
* Hashing module.
*
* Libraries:
* - CryptoJS
* - CryptoApi
* - node-md6
* - js-sha3
* - ./Checksum.js
*
* @author n1474335 [n1474335@gmail.com]
@ -22,20 +23,21 @@ OpModules.Hashing = {
"MD2": Hash.runMD2,
"MD4": Hash.runMD4,
"MD5": Hash.runMD5,
"MD6": Hash.runMD6,
"SHA0": Hash.runSHA0,
"SHA1": Hash.runSHA1,
"SHA224": Hash.runSHA224,
"SHA256": Hash.runSHA256,
"SHA384": Hash.runSHA384,
"SHA512": Hash.runSHA512,
"SHA2": Hash.runSHA2,
"SHA3": Hash.runSHA3,
"RIPEMD-160": Hash.runRIPEMD160,
"Keccak": Hash.runKeccak,
"Shake": Hash.runShake,
"RIPEMD": Hash.runRIPEMD,
"HMAC": Hash.runHMAC,
"Fletcher-8 Checksum": Checksum.runFletcher8,
"Fletcher-16 Checksum": Checksum.runFletcher16,
"Fletcher-32 Checksum": Checksum.runFletcher32,
"Fletcher-64 Checksum": Checksum.runFletcher64,
"Adler-32 Checksum": Checksum.runAdler32,
"CRC-16 Checksum": Checksum.runCRC16,
"CRC-32 Checksum": Checksum.runCRC32,
"TCP/IP Checksum": Checksum.runTCPIP,
};

40
src/core/operations/BitwiseOp.js
View file

@ -251,6 +251,46 @@ const BitwiseOp = {
},
/**
* Bit shift left operation.
*
* @param {byteArray} input
* @param {Object[]} args
* @returns {byteArray}
*/
runBitShiftLeft: function(input, args) {
const amount = args[0];
return input.map(b => {
return (b << amount) & 0xff;
});
},
/**
* @constant
* @default
*/
BIT_SHIFT_TYPE: ["Logical shift", "Arithmetic shift"],
/**
* Bit shift right operation.
*
* @param {byteArray} input
* @param {Object[]} args
* @returns {byteArray}
*/
runBitShiftRight: function(input, args) {
const amount = args[0],
type = args[1],
mask = type === "Logical shift" ? 0 : 0x80;
return input.map(b => {
return (b >>> amount) ^ (b & mask);
});
},
/**
* XOR bitwise calculation.
*

8
src/core/operations/ByteRepr.js
View file

@ -196,7 +196,7 @@ const ByteRepr = {
/**
* Highlight to hex
* Highlight from hex
*
* @param {Object[]} pos
* @param {number} pos[].start
@ -288,10 +288,8 @@ const ByteRepr = {
* @returns {byteArray}
*/
runFromBinary: function(input, args) {
if (args[0] !== "None") {
const delimRegex = Utils.regexRep[args[0] || "Space"];
input = input.replace(delimRegex, "");
}
const delimRegex = Utils.regexRep[args[0] || "Space"];
input = input.replace(delimRegex, "");
const output = [];
const byteLen = 8;

42
src/core/operations/Checksum.js
View file

@ -1,3 +1,4 @@
import * as CRC from "js-crc";
import Utils from "../Utils.js";
@ -119,19 +120,24 @@ const Checksum = {
/**
* CRC-32 Checksum operation.
*
* @param {byteArray} input
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runCRC32: function(input, args) {
let crcTable = global.crcTable || (global.crcTable = Checksum._genCRCTable()),
crc = 0 ^ (-1);
return CRC.crc32(input);
},
for (let i = 0; i < input.length; i++) {
crc = (crc >>> 8) ^ crcTable[(crc ^ input[i]) & 0xff];
}
return Utils.hex((crc ^ (-1)) >>> 0);
/**
* CRC-16 Checksum operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runCRC16: function(input, args) {
return CRC.crc16(input);
},
@ -168,28 +174,6 @@ const Checksum = {
return Utils.hex(0xffff - csum);
},
/**
* Generates a CRC table for use with CRC checksums.
*
* @private
* @returns {array}
*/
_genCRCTable: function() {
let c,
crcTable = [];
for (let n = 0; n < 256; n++) {
c = n;
for (let k = 0; k < 8; k++) {
c = ((c & 1) ? (0xEDB88320 ^ (c >>> 1)) : (c >>> 1));
}
crcTable[n] = c;
}
return crcTable;
},
};
export default Checksum;

4
src/core/operations/Cipher.js
View file

@ -766,8 +766,8 @@ const Cipher = {
* @returns {string}
*/
runSubstitute: function (input, args) {
let plaintext = Utils.expandAlphRange(args[0]).join(),
ciphertext = Utils.expandAlphRange(args[1]).join(),
let plaintext = Utils.expandAlphRange(args[0]).join(""),
ciphertext = Utils.expandAlphRange(args[1]).join(""),
output = "",
index = -1;

43
src/core/operations/Code.js
View file

@ -4,6 +4,7 @@ import Utils from "../Utils.js";
import vkbeautify from "vkbeautify";
import {DOMParser as dom} from "xmldom";
import xpath from "xpath";
import jpath from "jsonpath";
import prettyPrintOne from "imports-loader?window=>global!exports-loader?prettyPrintOne!google-code-prettify/bin/prettify.min.js";
@ -355,6 +356,48 @@ const Code = {
},
/**
* @constant
* @default
*/
JPATH_INITIAL: "",
/**
* @constant
* @default
*/
JPATH_DELIMITER: "\\n",
/**
* JPath expression operation.
*
* @author Matt C (matt@artemisbot.uk)
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runJpath: function(input, args) {
let query = args[0],
delimiter = args[1],
results,
obj;
try {
obj = JSON.parse(input);
} catch (err) {
return "Invalid input JSON: " + err.message;
}
try {
results = jpath.query(obj, query);
} catch (err) {
return "Invalid JPath expression: " + err.message;
}
return results.map(result => JSON.stringify(result)).join(delimiter);
},
/**
* @constant
* @default

11
src/core/operations/Extract.js
View file

@ -170,9 +170,9 @@ const Extract = {
protocol = "[A-Z]+://",
hostname = "[-\\w]+(?:\\.\\w[-\\w]*)+",
port = ":\\d+",
path = "/[^.!,?;\"'<>()\\[\\]{}\\s\\x7F-\\xFF]*";
path = "/[^.!,?\"<>\\[\\]{}\\s\\x7F-\\xFF]*";
path += "(?:[.!,?]+[^.!,?;\"'<>()\\[\\]{}\\s\\x7F-\\xFF]+)*";
path += "(?:[.!,?]+[^.!,?\"<>\\[\\]{}\\s\\x7F-\\xFF]+)*";
const regex = new RegExp(protocol + hostname + "(?:" + port +
")?(?:" + path + ")?", "ig");
return Extract._search(input, regex, null, displayTotal);
@ -187,11 +187,8 @@ const Extract = {
* @returns {string}
*/
runDomains: function(input, args) {
let displayTotal = args[0],
protocol = "https?://",
hostname = "[-\\w\\.]+",
tld = "\\.(?:com|net|org|biz|info|co|uk|onion|int|mobi|name|edu|gov|mil|eu|ac|ae|af|de|ca|ch|cn|cy|es|gb|hk|il|in|io|tv|me|nl|no|nz|ro|ru|tr|us|az|ir|kz|uz|pk)+",
regex = new RegExp("(?:" + protocol + ")?" + hostname + tld, "ig");
const displayTotal = args[0],
regex = /\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/ig;
return Extract._search(input, regex, null, displayTotal);
},

314
src/core/operations/Hash.js
View file

@ -1,6 +1,7 @@
import Utils from "../Utils.js";
import CryptoJS from "crypto-js";
import CryptoApi from "crypto-api";
import MD6 from "node-md6";
import * as SHA3 from "js-sha3";
import Checksum from "./Checksum.js";
@ -23,7 +24,7 @@ const Hash = {
* @returns {string}
*/
runMD2: function (input, args) {
return Utils.toHexFast(CryptoApi.hash("md2", input, {}));
return CryptoApi.hash("md2", input, {}).stringify("hex");
},
@ -35,7 +36,7 @@ const Hash = {
* @returns {string}
*/
runMD4: function (input, args) {
return Utils.toHexFast(CryptoApi.hash("md4", input, {}));
return CryptoApi.hash("md4", input, {}).stringify("hex");
},
@ -47,8 +48,39 @@ const Hash = {
* @returns {string}
*/
runMD5: function (input, args) {
input = CryptoJS.enc.Latin1.parse(input); // Cast to WordArray
return CryptoJS.MD5(input).toString(CryptoJS.enc.Hex);
return CryptoApi.hash("md5", input, {}).stringify("hex");
},
/**
* @constant
* @default
*/
MD6_SIZE: 256,
/**
* @constant
* @default
*/
MD6_LEVELS: 64,
/**
* MD6 operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runMD6: function (input, args) {
const size = args[0],
levels = args[1],
key = args[2];
if (size < 0 || size > 512)
return "Size must be between 0 and 512";
if (levels < 0)
return "Levels must be greater than 0";
return MD6.getHashOfText(input, size, key, levels);
},
@ -60,7 +92,7 @@ const Hash = {
* @returns {string}
*/
runSHA0: function (input, args) {
return Utils.toHexFast(CryptoApi.hash("sha0", input, {}));
return CryptoApi.hash("sha0", input, {}).stringify("hex");
},
@ -72,60 +104,7 @@ const Hash = {
* @returns {string}
*/
runSHA1: function (input, args) {
input = CryptoJS.enc.Latin1.parse(input);
return CryptoJS.SHA1(input).toString(CryptoJS.enc.Hex);
},
/**
* SHA224 operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runSHA224: function (input, args) {
input = CryptoJS.enc.Latin1.parse(input);
return CryptoJS.SHA224(input).toString(CryptoJS.enc.Hex);
},
/**
* SHA256 operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runSHA256: function (input, args) {
input = CryptoJS.enc.Latin1.parse(input);
return CryptoJS.SHA256(input).toString(CryptoJS.enc.Hex);
},
/**
* SHA384 operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runSHA384: function (input, args) {
input = CryptoJS.enc.Latin1.parse(input);
return CryptoJS.SHA384(input).toString(CryptoJS.enc.Hex);
},
/**
* SHA512 operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runSHA512: function (input, args) {
input = CryptoJS.enc.Latin1.parse(input);
return CryptoJS.SHA512(input).toString(CryptoJS.enc.Hex);
return CryptoApi.hash("sha1", input, {}).stringify("hex");
},
@ -133,7 +112,26 @@ const Hash = {
* @constant
* @default
*/
SHA3_LENGTH: ["512", "384", "256", "224"],
SHA2_SIZE: ["512", "256", "384", "224", "512/256", "512/224"],
/**
* SHA2 operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runSHA2: function (input, args) {
const size = args[0];
return CryptoApi.hash("sha" + size, input, {}).stringify("hex");
},
/**
* @constant
* @default
*/
SHA3_SIZE: ["512", "384", "256", "224"],
/**
* SHA3 operation.
@ -143,25 +141,27 @@ const Hash = {
* @returns {string}
*/
runSHA3: function (input, args) {
input = CryptoJS.enc.Latin1.parse(input);
let sha3Length = args[0],
options = {
outputLength: parseInt(sha3Length, 10)
};
return CryptoJS.SHA3(input, options).toString(CryptoJS.enc.Hex);
},
const size = parseInt(args[0], 10);
let algo;
switch (size) {
case 224:
algo = SHA3.sha3_224;
break;
case 384:
algo = SHA3.sha3_384;
break;
case 256:
algo = SHA3.sha3_256;
break;
case 512:
algo = SHA3.sha3_512;
break;
default:
return "Invalid size";
}
/**
* RIPEMD-160 operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runRIPEMD160: function (input, args) {
input = CryptoJS.enc.Latin1.parse(input);
return CryptoJS.RIPEMD160(input).toString(CryptoJS.enc.Hex);
return algo(input);
},
@ -169,7 +169,121 @@ const Hash = {
* @constant
* @default
*/
HMAC_FUNCTIONS: ["MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "RIPEMD-160"],
KECCAK_SIZE: ["512", "384", "256", "224"],
/**
* Keccak operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runKeccak: function (input, args) {
const size = parseInt(args[0], 10);
let algo;
switch (size) {
case 224:
algo = SHA3.keccak224;
break;
case 384:
algo = SHA3.keccak384;
break;
case 256:
algo = SHA3.keccak256;
break;
case 512:
algo = SHA3.keccak512;
break;
default:
return "Invalid size";
}
return algo(input);
},
/**
* @constant
* @default
*/
SHAKE_CAPACITY: ["256", "128"],
/**
* @constant
* @default
*/
SHAKE_SIZE: 512,
/**
* Shake operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runShake: function (input, args) {
const capacity = parseInt(args[0], 10),
size = args[1];
let algo;
if (size < 0)
return "Size must be greater than 0";
switch (capacity) {
case 128:
algo = SHA3.shake128;
break;
case 256:
algo = SHA3.shake256;
break;
default:
return "Invalid size";
}
return algo(input, size);
},
/**
* @constant
* @default
*/
RIPEMD_SIZE: ["320", "256", "160", "128"],
/**
* RIPEMD operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runRIPEMD: function (input, args) {
const size = args[0];
return CryptoApi.hash("ripemd" + size, input, {}).stringify("hex");
},
/**
* @constant
* @default
*/
HMAC_FUNCTIONS: [
"MD2",
"MD4",
"MD5",
"SHA0",
"SHA1",
"SHA224",
"SHA256",
"SHA384",
"SHA512",
"SHA512/224",
"SHA512/256",
"RIPEMD128",
"RIPEMD160",
"RIPEMD256",
"RIPEMD320",
],
/**
* HMAC operation.
@ -179,19 +293,12 @@ const Hash = {
* @returns {string}
*/
runHMAC: function (input, args) {
const hashFunc = args[1];
input = CryptoJS.enc.Latin1.parse(input);
const execute = {
"MD5": CryptoJS.HmacMD5(input, args[0]),
"SHA1": CryptoJS.HmacSHA1(input, args[0]),
"SHA224": CryptoJS.HmacSHA224(input, args[0]),
"SHA256": CryptoJS.HmacSHA256(input, args[0]),
"SHA384": CryptoJS.HmacSHA384(input, args[0]),
"SHA512": CryptoJS.HmacSHA512(input, args[0]),
"SHA3": CryptoJS.HmacSHA3(input, args[0]),
"RIPEMD-160": CryptoJS.HmacRIPEMD160(input, args[0]),
};
return execute[hashFunc].toString(CryptoJS.enc.Hex);
const password = args[0],
hashFunc = args[1].toLowerCase(),
hmac = CryptoApi.mac("hmac", password, hashFunc, {});
hmac.update(input);
return hmac.finalize().stringify("hex");
},
@ -207,24 +314,35 @@ const Hash = {
output = "MD2: " + Hash.runMD2(input, []) +
"\nMD4: " + Hash.runMD4(input, []) +
"\nMD5: " + Hash.runMD5(input, []) +
"\nMD6: " + Hash.runMD6(input, []) +
"\nSHA0: " + Hash.runSHA0(input, []) +
"\nSHA1: " + Hash.runSHA1(input, []) +
"\nSHA2 224: " + Hash.runSHA224(input, []) +
"\nSHA2 256: " + Hash.runSHA256(input, []) +
"\nSHA2 384: " + Hash.runSHA384(input, []) +
"\nSHA2 512: " + Hash.runSHA512(input, []) +
"\nSHA2 224: " + Hash.runSHA2(input, ["224"]) +
"\nSHA2 256: " + Hash.runSHA2(input, ["256"]) +
"\nSHA2 384: " + Hash.runSHA2(input, ["384"]) +
"\nSHA2 512: " + Hash.runSHA2(input, ["512"]) +
"\nSHA3 224: " + Hash.runSHA3(input, ["224"]) +
"\nSHA3 256: " + Hash.runSHA3(input, ["256"]) +
"\nSHA3 384: " + Hash.runSHA3(input, ["384"]) +
"\nSHA3 512: " + Hash.runSHA3(input, ["512"]) +
"\nRIPEMD-160: " + Hash.runRIPEMD160(input, []) +
"\nKeccak 224: " + Hash.runKeccak(input, ["224"]) +
"\nKeccak 256: " + Hash.runKeccak(input, ["256"]) +
"\nKeccak 384: " + Hash.runKeccak(input, ["384"]) +
"\nKeccak 512: " + Hash.runKeccak(input, ["512"]) +
"\nShake 128: " + Hash.runShake(input, ["128", 256]) +
"\nShake 256: " + Hash.runShake(input, ["256", 512]) +
"\nRIPEMD-128: " + Hash.runRIPEMD(input, ["128"]) +
"\nRIPEMD-160: " + Hash.runRIPEMD(input, ["160"]) +
"\nRIPEMD-256: " + Hash.runRIPEMD(input, ["256"]) +
"\nRIPEMD-320: " + Hash.runRIPEMD(input, ["320"]) +
"\n\nChecksums:" +
"\nFletcher-8: " + Checksum.runFletcher8(byteArray, []) +
"\nFletcher-16: " + Checksum.runFletcher16(byteArray, []) +
"\nFletcher-32: " + Checksum.runFletcher32(byteArray, []) +
"\nFletcher-64: " + Checksum.runFletcher64(byteArray, []) +
"\nAdler-32: " + Checksum.runAdler32(byteArray, []) +
"\nCRC-32: " + Checksum.runCRC32(byteArray, []);
"\nCRC-16: " + Checksum.runCRC16(input, []) +
"\nCRC-32: " + Checksum.runCRC32(input, []);
return output;
},

213
src/core/operations/MS.js Normal file
View file

@ -0,0 +1,213 @@
/**
* Microsoft operations.
*
* @author bmwhitn [brian.m.whitney@outlook.com]
* @copyright Crown Copyright 2017
* @license Apache-2.0
*
* @namespace
*/
const MS = {
/**
* @constant
* @default
*/
D_DECODE: [
"",
"",
"",
"",
"",
"",
"",
"",
"",
"\x57\x6E\x7B",
"\x4A\x4C\x41",
"\x0B\x0B\x0B",
"\x0C\x0C\x0C",
"\x4A\x4C\x41",
"\x0E\x0E\x0E",
"\x0F\x0F\x0F",
"\x10\x10\x10",
"\x11\x11\x11",
"\x12\x12\x12",
"\x13\x13\x13",
"\x14\x14\x14",
"\x15\x15\x15",
"\x16\x16\x16",
"\x17\x17\x17",
"\x18\x18\x18",
"\x19\x19\x19",
"\x1A\x1A\x1A",
"\x1B\x1B\x1B",
"\x1C\x1C\x1C",
"\x1D\x1D\x1D",
"\x1E\x1E\x1E",
"\x1F\x1F\x1F",
"\x2E\x2D\x32",
"\x47\x75\x30",
"\x7A\x52\x21",
"\x56\x60\x29",
"\x42\x71\x5B",
"\x6A\x5E\x38",
"\x2F\x49\x33",
"\x26\x5C\x3D",
"\x49\x62\x58",
"\x41\x7D\x3A",
"\x34\x29\x35",
"\x32\x36\x65",
"\x5B\x20\x39",
"\x76\x7C\x5C",
"\x72\x7A\x56",
"\x43\x7F\x73",
"\x38\x6B\x66",
"\x39\x63\x4E",
"\x70\x33\x45",
"\x45\x2B\x6B",
"\x68\x68\x62",
"\x71\x51\x59",
"\x4F\x66\x78",
"\x09\x76\x5E",
"\x62\x31\x7D",
"\x44\x64\x4A",
"\x23\x54\x6D",
"\x75\x43\x71",
"\x4A\x4C\x41",
"\x7E\x3A\x60",
"\x4A\x4C\x41",
"\x5E\x7E\x53",
"\x40\x4C\x40",
"\x77\x45\x42",
"\x4A\x2C\x27",
"\x61\x2A\x48",
"\x5D\x74\x72",
"\x22\x27\x75",
"\x4B\x37\x31",
"\x6F\x44\x37",
"\x4E\x79\x4D",
"\x3B\x59\x52",
"\x4C\x2F\x22",
"\x50\x6F\x54",
"\x67\x26\x6A",
"\x2A\x72\x47",
"\x7D\x6A\x64",
"\x74\x39\x2D",
"\x54\x7B\x20",
"\x2B\x3F\x7F",
"\x2D\x38\x2E",
"\x2C\x77\x4C",
"\x30\x67\x5D",
"\x6E\x53\x7E",
"\x6B\x47\x6C",
"\x66\x34\x6F",
"\x35\x78\x79",
"\x25\x5D\x74",
"\x21\x30\x43",
"\x64\x23\x26",
"\x4D\x5A\x76",
"\x52\x5B\x25",
"\x63\x6C\x24",
"\x3F\x48\x2B",
"\x7B\x55\x28",
"\x78\x70\x23",
"\x29\x69\x41",
"\x28\x2E\x34",
"\x73\x4C\x09",
"\x59\x21\x2A",
"\x33\x24\x44",
"\x7F\x4E\x3F",
"\x6D\x50\x77",
"\x55\x09\x3B",
"\x53\x56\x55",
"\x7C\x73\x69",
"\x3A\x35\x61",
"\x5F\x61\x63",
"\x65\x4B\x50",
"\x46\x58\x67",
"\x58\x3B\x51",
"\x31\x57\x49",
"\x69\x22\x4F",
"\x6C\x6D\x46",
"\x5A\x4D\x68",
"\x48\x25\x7C",
"\x27\x28\x36",
"\x5C\x46\x70",
"\x3D\x4A\x6E",
"\x24\x32\x7A",
"\x79\x41\x2F",
"\x37\x3D\x5F",
"\x60\x5F\x4B",
"\x51\x4F\x5A",
"\x20\x42\x2C",
"\x36\x65\x57"
],
/**
* @constant
* @default
*/
D_COMBINATION: [
0, 1, 2, 0, 1, 2, 1, 2, 2, 1, 2, 1, 0, 2, 1, 2, 0, 2, 1, 2, 0, 0, 1, 2, 2, 1, 0, 2, 1, 2, 2, 1,
0, 0, 2, 1, 2, 1, 2, 0, 2, 0, 0, 1, 2, 0, 2, 1, 0, 2, 1, 2, 0, 0, 1, 2, 2, 0, 0, 1, 2, 0, 2, 1
],
/**
* Decodes Microsoft Encoded Script files that can be read and executed by cscript.exe/wscript.exe.
* This is a conversion of a Python script that was originally created by Didier Stevens
* (https://DidierStevens.com).
*
* @private
* @param {string} data
* @returns {string}
*/
_decode: function (data) {
let result = [];
let index = -1;
data = data.replace(/@&/g, String.fromCharCode(10))
.replace(/@#/g, String.fromCharCode(13))
.replace(/@\*/g, ">")
.replace(/@!/g, "<")
.replace(/@\$/g, "@");
for (let i = 0; i < data.length; i++) {
let byte = data.charCodeAt(i);
let char = data.charAt(i);
if (byte < 128) {
index++;
}
if ((byte === 9 || byte > 31 && byte < 128) &&
byte !== 60 &&
byte !== 62 &&
byte !== 64) {
char = MS.D_DECODE[byte].charAt(MS.D_COMBINATION[index % 64]);
}
result.push(char);
}
return result.join("");
},
/**
* Microsoft Script Decoder operation.
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
runDecodeScript: function (input, args) {
let matcher = /#@~\^.{6}==(.+).{6}==\^#~@/;
let encodedData = matcher.exec(input);
if (encodedData){
return MS._decode(encodedData[1]);
} else {
return "";
}
}
};
export default MS;

55
src/core/operations/OTP.js Executable file
View file

@ -0,0 +1,55 @@
import otp from "otp";
import Base64 from "./Base64.js";
/**
* One-Time Password operations.
*
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2017
* @license Apache-2.0
*
* @namespace
*/
const OTP = {
/**
* Generate TOTP operation.
*
* @param {byteArray} input
* @param {Object[]} args
* @returns {string}
*/
runTOTP: function(input, args) {
const otpObj = otp({
name: args[0],
keySize: args[1],
codeLength: args[2],
secret: Base64.runTo32(input, []),
epoch: args[3],
timeSlice: args[4]
});
return `URI: ${otpObj.totpURL}\n\nPassword: ${otpObj.totp()}`;
},
/**
* Generate HOTP operation.
*
* @param {byteArray} input
* @param {Object[]} args
* @returns {string}
*/
runHOTP: function(input, args) {
const otpObj = otp({
name: args[0],
keySize: args[1],
codeLength: args[2],
secret: Base64.runTo32(input, []),
});
const counter = args[3];
return `URI: ${otpObj.hotpURL}\n\nPassword: ${otpObj.hotp(counter)}`;
},
};
export default OTP;

2
src/core/operations/PublicKey.js
View file

@ -61,8 +61,6 @@ const PublicKey = {
sig = cert.getSignatureValueHex(),
sigStr = "",
extensions = cert.getInfo().split("X509v3 Extensions:\n")[1].split("signature")[0];
window.cert = cert;
window.r = r;
// Public Key fields
pkFields.push({

10
src/core/operations/Rotate.js
View file

@ -20,7 +20,7 @@ const Rotate = {
* @constant
* @default
*/
ROTATE_WHOLE: false,
ROTATE_CARRY: false,
/**
* Runs rotation operations across the input data.
@ -53,7 +53,7 @@ const Rotate = {
*/
runRotr: function(input, args) {
if (args[1]) {
return Rotate._rotrWhole(input, args[0]);
return Rotate._rotrCarry(input, args[0]);
} else {
return Rotate._rot(input, args[0], Rotate._rotr);
}
@ -69,7 +69,7 @@ const Rotate = {
*/
runRotl: function(input, args) {
if (args[1]) {
return Rotate._rotlWhole(input, args[0]);
return Rotate._rotlCarry(input, args[0]);
} else {
return Rotate._rot(input, args[0], Rotate._rotl);
}
@ -197,7 +197,7 @@ const Rotate = {
* @param {number} amount
* @returns {byteArray}
*/
_rotrWhole: function(data, amount) {
_rotrCarry: function(data, amount) {
let carryBits = 0,
newByte,
result = [];
@ -223,7 +223,7 @@ const Rotate = {
* @param {number} amount
* @returns {byteArray}
*/
_rotlWhole: function(data, amount) {
_rotlCarry: function(data, amount) {
let carryBits = 0,
newByte,
result = [];

80
src/core/operations/StrUtils.js
View file

@ -35,11 +35,11 @@ const StrUtils = {
},
{
name: "URL",
value: "([A-Za-z]+://)([-\\w]+(?:\\.\\w[-\\w]*)+)(:\\d+)?(/[^.!,?;\"\\x27<>()\\[\\]{}\\s\\x7F-\\xFF]*(?:[.!,?]+[^.!,?;\"\\x27<>()\\[\\]{}\\s\\x7F-\\xFF]+)*)?"
value: "([A-Za-z]+://)([-\\w]+(?:\\.\\w[-\\w]*)+)(:\\d+)?(/[^.!,?\"<>\\[\\]{}\\s\\x7F-\\xFF]*(?:[.!,?]+[^.!,?\"<>\\[\\]{}\\s\\x7F-\\xFF]+)*)?"
},
{
name: "Domain",
value: "(?:(https?):\\/\\/)?([-\\w.]+)\\.(com|net|org|biz|info|co|uk|onion|int|mobi|name|edu|gov|mil|eu|ac|ae|af|de|ca|ch|cn|cy|es|gb|hk|il|in|io|tv|me|nl|no|nz|ro|ru|tr|us|az|ir|kz|uz|pk)+"
value: "\\b((?=[a-z0-9-]{1,63}\\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\\.)+[a-z]{2,63}\\b"
},
{
name: "Windows file path",
@ -372,14 +372,84 @@ const StrUtils = {
/**
* Parse escaped string operation.
* @constant
* @default
*/
ESCAPE_REPLACEMENTS: [
{"escaped": "\\\\", "unescaped": "\\"}, // Must be first
{"escaped": "\\'", "unescaped": "'"},
{"escaped": "\\\"", "unescaped": "\""},
{"escaped": "\\n", "unescaped": "\n"},
{"escaped": "\\r", "unescaped": "\r"},
{"escaped": "\\t", "unescaped": "\t"},
{"escaped": "\\b", "unescaped": "\b"},
{"escaped": "\\f", "unescaped": "\f"},
],
/**
* Escape string operation.
*
* @author Vel0x [dalemy@microsoft.com]
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*
* @example
* StrUtils.runUnescape("Don't do that", [])
* > "Don\'t do that"
* StrUtils.runUnescape(`Hello
* World`, [])
* > "Hello\nWorld"
*/
runParseEscapedString: function(input, args) {
return Utils.parseEscapedChars(input);
runEscape: function(input, args) {
return StrUtils._replaceByKeys(input, "unescaped", "escaped");
},
/**
* Unescape string operation.
*
* @author Vel0x [dalemy@microsoft.com]
*
* @param {string} input
* @param {Object[]} args
* @returns {string}
*
* @example
* StrUtils.runUnescape("Don\'t do that", [])
* > "Don't do that"
* StrUtils.runUnescape("Hello\nWorld", [])
* > `Hello
* World`
*/
runUnescape: function(input, args) {
return StrUtils._replaceByKeys(input, "escaped", "unescaped");
},
/**
* Replaces all matching tokens in ESCAPE_REPLACEMENTS with the correction. The
* ordering is determined by the patternKey and the replacementKey.
*
* @author Vel0x [dalemy@microsoft.com]
* @author Matt C [matt@artemisbot.uk]
*
* @param {string} input
* @param {string} pattern_key
* @param {string} replacement_key
* @returns {string}
*/
_replaceByKeys: function(input, patternKey, replacementKey) {
let output = input;
// Catch the \\x encoded characters
if (patternKey === "escaped") output = Utils.parseEscapedChars(input);
StrUtils.ESCAPE_REPLACEMENTS.forEach(replacement => {
output = output.split(replacement[patternKey]).join(replacement[replacementKey]);
});
return output;
},