mirror of
https://github.com/gchq/CyberChef.git
synced 2026-02-25 11:11:43 +01:00
Compare commits
19 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
576905e8b8 | ||
|
|
77a3b91afe | ||
|
|
40b58aa144 | ||
|
|
d5bcdc8eed | ||
|
|
28ec56a27f | ||
|
|
bf2afcd2ef | ||
|
|
8f710461da | ||
|
|
c2cf535f88 | ||
|
|
ced9ab68fa | ||
|
|
cdb197a9c3 | ||
|
|
c8eacb9942 | ||
|
|
1c8e37cb64 | ||
|
|
1b0ced9f9b | ||
|
|
7b245b084a | ||
|
|
b00f64518f | ||
|
|
c3434e894d | ||
|
|
dd66f728b3 | ||
|
|
2f89130f41 | ||
|
|
e9dd7eceb8 |
2
.github/workflows/master.yml
vendored
2
.github/workflows/master.yml
vendored
@@ -15,7 +15,7 @@ jobs:
|
||||
- name: Set node version
|
||||
uses: actions/setup-node@v1
|
||||
with:
|
||||
node-version: '17.x'
|
||||
node-version: '18.x'
|
||||
|
||||
- name: Install
|
||||
run: |
|
||||
|
||||
2
.github/workflows/pull_requests.yml
vendored
2
.github/workflows/pull_requests.yml
vendored
@@ -14,7 +14,7 @@ jobs:
|
||||
- name: Set node version
|
||||
uses: actions/setup-node@v1
|
||||
with:
|
||||
node-version: '17.x'
|
||||
node-version: '18.x'
|
||||
|
||||
- name: Install
|
||||
run: |
|
||||
|
||||
2
.github/workflows/releases.yml
vendored
2
.github/workflows/releases.yml
vendored
@@ -15,7 +15,7 @@ jobs:
|
||||
- name: Set node version
|
||||
uses: actions/setup-node@v1
|
||||
with:
|
||||
node-version: '17.x'
|
||||
node-version: '18.x'
|
||||
|
||||
- name: Install
|
||||
run: |
|
||||
|
||||
3417
package-lock.json
generated
3417
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
11
package.json
11
package.json
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "cyberchef",
|
||||
"version": "9.46.2",
|
||||
"version": "9.46.7",
|
||||
"description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
|
||||
"author": "n1474335 <n1474335@gmail.com>",
|
||||
"homepage": "https://gchq.github.io/CyberChef",
|
||||
@@ -49,7 +49,7 @@
|
||||
"babel-loader": "^8.2.5",
|
||||
"babel-plugin-dynamic-import-node": "^2.3.3",
|
||||
"babel-plugin-transform-builtin-extend": "1.1.2",
|
||||
"chromedriver": "^101.0.0",
|
||||
"chromedriver": "^103.0.0",
|
||||
"cli-progress": "^3.11.1",
|
||||
"colors": "^1.4.0",
|
||||
"copy-webpack-plugin": "^11.0.0",
|
||||
@@ -77,7 +77,6 @@
|
||||
"postcss-import": "^14.1.0",
|
||||
"postcss-loader": "^7.0.0",
|
||||
"prompt": "^1.3.0",
|
||||
"sass-loader": "^13.0.0",
|
||||
"sitemap": "^7.1.1",
|
||||
"terser": "^5.14.0",
|
||||
"webpack": "^5.73.0",
|
||||
@@ -129,7 +128,7 @@
|
||||
"jsrsasign": "^10.5.23",
|
||||
"kbpgp": "2.1.15",
|
||||
"libbzip2-wasm": "0.0.4",
|
||||
"libyara-wasm": "^1.1.0",
|
||||
"libyara-wasm": "^1.2.1",
|
||||
"lodash": "^4.17.21",
|
||||
"loglevel": "^1.8.0",
|
||||
"loglevel-message-prefix": "^3.0.0",
|
||||
@@ -140,7 +139,6 @@
|
||||
"ngeohash": "^0.6.3",
|
||||
"node-forge": "^1.3.1",
|
||||
"node-md6": "^0.1.0",
|
||||
"node-sass": "^7.0.1",
|
||||
"nodom": "^2.4.0",
|
||||
"notepack.io": "^3.0.1",
|
||||
"nwmatcher": "^1.4.4",
|
||||
@@ -156,7 +154,7 @@
|
||||
"split.js": "^1.6.5",
|
||||
"ssdeep.js": "0.0.3",
|
||||
"stream-browserify": "^3.0.0",
|
||||
"tesseract.js": "2.1.5",
|
||||
"tesseract.js": "3.0.2",
|
||||
"ua-parser-js": "^1.0.2",
|
||||
"unorm": "^1.6.0",
|
||||
"utf8": "^3.0.0",
|
||||
@@ -169,6 +167,7 @@
|
||||
"scripts": {
|
||||
"start": "npx grunt dev",
|
||||
"build": "npx grunt prod",
|
||||
"node": "npx grunt node",
|
||||
"repl": "node --experimental-modules --experimental-json-modules --experimental-specifier-resolution=node --no-warnings src/node/repl.mjs",
|
||||
"test": "npx grunt configTests && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation tests/node/index.mjs && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation tests/operations/index.mjs",
|
||||
"testnodeconsumer": "npx grunt testnodeconsumer",
|
||||
|
||||
@@ -184,7 +184,7 @@ class Protobuf {
|
||||
bytes: String,
|
||||
longs: Number,
|
||||
enums: String,
|
||||
defualts: true
|
||||
defaults: true
|
||||
});
|
||||
const output = {};
|
||||
|
||||
|
||||
@@ -12,10 +12,8 @@ import { isImage } from "../lib/FileType.mjs";
|
||||
import { toBase64 } from "../lib/Base64.mjs";
|
||||
import { isWorkerEnvironment } from "../Utils.mjs";
|
||||
|
||||
import Tesseract from "tesseract.js";
|
||||
const { createWorker } = Tesseract;
|
||||
|
||||
import process from "process";
|
||||
import { createWorker } from "tesseract.js";
|
||||
|
||||
/**
|
||||
* Optical Character Recognition operation
|
||||
@@ -55,7 +53,7 @@ class OpticalCharacterRecognition extends Operation {
|
||||
|
||||
const type = isImage(input);
|
||||
if (!type) {
|
||||
throw new OperationError("Invalid File Type");
|
||||
throw new OperationError("Unsupported file type (supported: jpg,png,pbm,bmp) or no file provided");
|
||||
}
|
||||
|
||||
const assetDir = isWorkerEnvironment() ? `${self.docURL}/assets/` : `${process.cwd()}/src/core/vendor/`;
|
||||
@@ -74,7 +72,7 @@ class OpticalCharacterRecognition extends Operation {
|
||||
}
|
||||
});
|
||||
await worker.load();
|
||||
self.sendStatusMessage("Loading English language...");
|
||||
self.sendStatusMessage(`Loading English language pack...`);
|
||||
await worker.loadLanguage("eng");
|
||||
self.sendStatusMessage("Intialising Tesseract API...");
|
||||
await worker.initialize("eng");
|
||||
|
||||
@@ -23,7 +23,7 @@ class ParseSSHHostKey extends Operation {
|
||||
|
||||
this.name = "Parse SSH Host Key";
|
||||
this.module = "Default";
|
||||
this.description = "Parses a SSH host key and extracts fields from it.<br>The key type can be:<ul><li>ssh-rsa</li><li>ssh-dss</li><li>ecdsa-sha2</li></ul>The key format can be either Hex or Base64.";
|
||||
this.description = "Parses a SSH host key and extracts fields from it.<br>The key type can be:<ul><li>ssh-rsa</li><li>ssh-dss</li><li>ecdsa-sha2</li><li>ssh-ed25519</li></ul>The key format can be either Hex or Base64.";
|
||||
this.infoURL = "https://wikipedia.org/wiki/Secure_Shell";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
@@ -71,6 +71,8 @@ class ParseSSHHostKey extends Operation {
|
||||
} else if (keyType.startsWith("ecdsa-sha2")) {
|
||||
output += `\nCurve: ${Utils.byteArrayToChars(fromHex(fields[1]))}`;
|
||||
output += `\nPoint: 0x${fields.slice(2)}`;
|
||||
} else if (keyType === "ssh-ed25519") {
|
||||
output += `\nx: 0x${fields[1]}`;
|
||||
} else {
|
||||
output += "\nUnsupported key type.";
|
||||
output += `\nParameters: ${fields.slice(1)}`;
|
||||
|
||||
@@ -52,7 +52,17 @@ class YARARules extends Operation {
|
||||
name: "Show counts",
|
||||
type: "boolean",
|
||||
value: true
|
||||
}
|
||||
},
|
||||
{
|
||||
name: "Show rule warnings",
|
||||
type: "boolean",
|
||||
value: true
|
||||
},
|
||||
{
|
||||
name: "Show console module messages",
|
||||
type: "boolean",
|
||||
value: true
|
||||
},
|
||||
];
|
||||
}
|
||||
|
||||
@@ -64,7 +74,7 @@ class YARARules extends Operation {
|
||||
async run(input, args) {
|
||||
if (isWorkerEnvironment())
|
||||
self.sendStatusMessage("Instantiating YARA...");
|
||||
const [rules, showStrings, showLengths, showMeta, showCounts] = args;
|
||||
const [rules, showStrings, showLengths, showMeta, showCounts, showRuleWarns, showConsole] = args;
|
||||
return new Promise((resolve, reject) => {
|
||||
Yara().then(yara => {
|
||||
if (isWorkerEnvironment()) self.sendStatusMessage("Converting data for YARA.");
|
||||
@@ -83,11 +93,19 @@ class YARARules extends Operation {
|
||||
const compileError = resp.compileErrors.get(i);
|
||||
if (!compileError.warning) {
|
||||
reject(new OperationError(`Error on line ${compileError.lineNumber}: ${compileError.message}`));
|
||||
} else {
|
||||
matchString += `Warning on line ${compileError.lineNumber}: ${compileError.message}`;
|
||||
} else if (showRuleWarns) {
|
||||
matchString += `Warning on line ${compileError.lineNumber}: ${compileError.message}\n`;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (showConsole) {
|
||||
const consoleLogs = resp.consoleLogs;
|
||||
for (let i = 0; i < consoleLogs.size(); i++) {
|
||||
matchString += consoleLogs.get(i) + "\n";
|
||||
}
|
||||
}
|
||||
|
||||
const matchedRules = resp.matchedRules;
|
||||
for (let i = 0; i < matchedRules.size(); i++) {
|
||||
const rule = matchedRules.get(i);
|
||||
@@ -100,11 +118,11 @@ class YARARules extends Operation {
|
||||
}
|
||||
meta = meta.slice(0, -2) + "]";
|
||||
}
|
||||
const countString = showCounts ? `${matches.size()} time${matches.size() > 1 ? "s" : ""}` : "";
|
||||
const countString = matches.size() === 0 ? "" : (showCounts ? ` (${matches.size()} time${matches.size() > 1 ? "s" : ""})` : "");
|
||||
if (matches.size() === 0 || !(showStrings || showLengths)) {
|
||||
matchString += `Input matches rule "${rule.ruleName}"${meta}${countString.length > 0 ? ` ${countString}`: ""}.\n`;
|
||||
} else {
|
||||
matchString += `Rule "${rule.ruleName}"${meta} matches (${countString}):\n`;
|
||||
matchString += `Rule "${rule.ruleName}"${meta} matches${countString}:\n`;
|
||||
for (let j = 0; j < matches.size(); j++) {
|
||||
const match = matches.get(j);
|
||||
if (showStrings || showLengths) {
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
import "highlight.js/styles/vs.css";
|
||||
|
||||
/* Frameworks */
|
||||
import "./vendors/bootstrap.scss";
|
||||
import "bootstrap-material-design/dist/css/bootstrap-material-design.css";
|
||||
import "bootstrap-colorpicker/dist/css/bootstrap-colorpicker.css";
|
||||
|
||||
/* CyberChef styles */
|
||||
|
||||
23
src/web/stylesheets/vendors/bootstrap.scss
vendored
23
src/web/stylesheets/vendors/bootstrap.scss
vendored
@@ -1,23 +0,0 @@
|
||||
/**
|
||||
* Bootstrap Material Design with overrides
|
||||
*
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2018
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
|
||||
@import "~bootstrap-material-design/scss/variables/colors";
|
||||
|
||||
$theme-colors: (
|
||||
primary: $blue-700,
|
||||
success: $green,
|
||||
info: $light-blue,
|
||||
warning: $deep-orange,
|
||||
danger: $red,
|
||||
light: $grey-100,
|
||||
dark: $grey-800
|
||||
);
|
||||
|
||||
$bmd-form-line-height: 1.25;
|
||||
|
||||
@import "~bootstrap-material-design/scss/core";
|
||||
@@ -49,6 +49,18 @@ Point: 0x046c59592006272250a15070142a6be36d1e45464313f930d985a6e6f0eba3cd39d0367
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "SSH Host Key: Ed25519",
|
||||
input: "AAAAC3NzaC1lZDI1NTE5AAAAIBOF6r99IkvqGu1kwZrHHIqjpTB5w79bpv67B/Aw3+WJ",
|
||||
expectedOutput: `Key type: ssh-ed25519
|
||||
x: 0x1385eabf7d224bea1aed64c19ac71c8aa3a53079c3bf5ba6febb07f030dfe589`,
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "Parse SSH Host Key",
|
||||
args: ["Base64"]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "SSH Host Key: Extract key",
|
||||
input: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiJZ/9W9Ix/Dk9b+K4E+RGCug1AtkGXaJ9vNIY0YHFHLpWsB8DAuh/cGEI9TLbL1gzR2wG+RJNQ2EAQVWe6ypkK63Jm4zw4re+vhEiszpnP889J0h5N9yzyTndesrl4d3cQtv861FcKDPxUJbRALdtl6gwOB7BCL8gsXJLLVLO4EesrbPXD454qpVt7CgJXEXByOFjcIm3XwkdOnXMPHHnMSD7EIN1SvQMD6PfIDrbDd6KQt5QXW/Rc/BsfX5cbUIV1QW5A/GbepXHHKmWRtLC2J/mH3hW2Zq/hITPEaJdG1CtIilQmJaZGXpfGIwFeb0Av9pSL926arZZ6vDi9ctF test@test",
|
||||
|
||||
@@ -40,10 +40,10 @@ TestRegister.addTests([
|
||||
"Apple": [
|
||||
28
|
||||
],
|
||||
"Banana": "You",
|
||||
"Carrot": [
|
||||
"Me"
|
||||
]
|
||||
],
|
||||
"Banana": "You"
|
||||
}, null, 4),
|
||||
recipeConfig: [
|
||||
{
|
||||
@@ -72,10 +72,10 @@ TestRegister.addTests([
|
||||
"Apple": [
|
||||
28
|
||||
],
|
||||
"Banana": "You",
|
||||
"Carrot": [
|
||||
"Me"
|
||||
]
|
||||
],
|
||||
"Banana": "You"
|
||||
},
|
||||
"Unknown Fields": {
|
||||
"4": 43,
|
||||
@@ -111,10 +111,10 @@ TestRegister.addTests([
|
||||
"Apple": [
|
||||
28
|
||||
],
|
||||
"Banana": "You",
|
||||
"Carrot": [
|
||||
"Me"
|
||||
],
|
||||
"Banana": "You",
|
||||
"Date": 43,
|
||||
"Elderberry": {
|
||||
"Fig": "abc123",
|
||||
@@ -154,10 +154,10 @@ TestRegister.addTests([
|
||||
input: "0d1c0000001203596f751a024d65202b2a0a0a06616263313233120031ba32a96cc10200003801",
|
||||
expectedOutput: JSON.stringify({
|
||||
"Test": {
|
||||
"Banana (string)": "You",
|
||||
"Carrot (string)": [
|
||||
"Me"
|
||||
],
|
||||
"Banana (string)": "You",
|
||||
"Date (int32)": 43,
|
||||
"Imbe (Options)": "Option1"
|
||||
},
|
||||
|
||||
@@ -8,6 +8,22 @@
|
||||
*/
|
||||
import TestRegister from "../../lib/TestRegister.mjs";
|
||||
|
||||
const CONSOLE_COMPILE_WARNING_RULE = `import "console"
|
||||
rule a
|
||||
{
|
||||
strings:
|
||||
$s=" "
|
||||
condition:
|
||||
$s and console.log("log rule a")
|
||||
}
|
||||
rule b
|
||||
{
|
||||
strings:
|
||||
$s=" "
|
||||
condition:
|
||||
$s and console.hex("log rule b: int8(0)=", int8(0))
|
||||
}`;
|
||||
|
||||
TestRegister.addTests([
|
||||
{
|
||||
name: "YARA Match: simple foobar",
|
||||
@@ -20,5 +36,56 @@ TestRegister.addTests([
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "YARA Match: hashing rules",
|
||||
input: "Hello World!",
|
||||
expectedOutput: "Input matches rule \"HelloWorldMD5\".\nInput matches rule \"HelloWorldSHA256\".\n",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "YARA Rules",
|
||||
"args": [
|
||||
`import "hash"
|
||||
rule HelloWorldMD5 {
|
||||
condition:
|
||||
hash.md5(0,filesize) == "ed076287532e86365e841e92bfc50d8c"
|
||||
}
|
||||
|
||||
rule HelloWorldSHA256 {
|
||||
condition:
|
||||
hash.sha256(0,filesize) == "7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069"
|
||||
}`,
|
||||
true, true, true, true, false, false
|
||||
],
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "YARA Match: compile warnings",
|
||||
input: "CyberChef Yara",
|
||||
expectedOutput: "Warning on line 5: string \"$s\" may slow down scanning\n" +
|
||||
"Warning on line 12: string \"$s\" may slow down scanning\n" +
|
||||
"Input matches rule \"a\".\n" +
|
||||
"Input matches rule \"b\".\n",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "YARA Rules",
|
||||
"args": [CONSOLE_COMPILE_WARNING_RULE, false, false, false, false, true, false],
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "YARA Match: console messages",
|
||||
input: "CyberChef Yara",
|
||||
expectedOutput: "log rule a\n" +
|
||||
"log rule b: int8(0)=0x43\n" +
|
||||
"Input matches rule \"a\".\n" +
|
||||
"Input matches rule \"b\".\n",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "YARA Rules",
|
||||
"args": [CONSOLE_COMPILE_WARNING_RULE, false, false, false, false, false, true],
|
||||
}
|
||||
],
|
||||
},
|
||||
]);
|
||||
|
||||
|
||||
@@ -109,7 +109,8 @@ module.exports = {
|
||||
"buffer": require.resolve("buffer/"),
|
||||
"crypto": require.resolve("crypto-browserify"),
|
||||
"stream": require.resolve("stream-browserify"),
|
||||
"zlib": require.resolve("browserify-zlib")
|
||||
"zlib": require.resolve("browserify-zlib"),
|
||||
"process": false
|
||||
}
|
||||
},
|
||||
module: {
|
||||
@@ -164,19 +165,6 @@ module.exports = {
|
||||
"postcss-loader",
|
||||
]
|
||||
},
|
||||
{
|
||||
test: /\.scss$/,
|
||||
use: [
|
||||
{
|
||||
loader: MiniCssExtractPlugin.loader,
|
||||
options: {
|
||||
publicPath: "../"
|
||||
}
|
||||
},
|
||||
"css-loader",
|
||||
"sass-loader",
|
||||
]
|
||||
},
|
||||
{
|
||||
test: /\.(ico|eot|ttf|woff|woff2)$/,
|
||||
type: "asset/resource",
|
||||
|
||||
Reference in New Issue
Block a user