@ai-jshook/mcp 0.1.1

package/dist/modules/deobfuscator/JScramberDeobfuscator.js

@@ -0,0 +1,239 @@
+import * as parser from '@babel/parser';
+import traverse from '@babel/traverse';
+import generate from '@babel/generator';
+import * as t from '@babel/types';
+import { logger } from '../../utils/logger.js';
+export class JScramberDeobfuscator {
+    async deobfuscate(options) {
+        const { code, removeDeadCode = true, restoreControlFlow = true, decryptStrings = true, simplifyExpressions = true, } = options;
+        logger.info('🔓 开始JScrambler反混淆...');
+        const transformations = [];
+        const warnings = [];
+        let currentCode = code;
+        try {
+            const ast = parser.parse(currentCode, {
+                sourceType: 'unambiguous',
+                plugins: ['jsx', 'typescript'],
+                errorRecovery: true,
+            });
+            if (this.detectSelfDefending(ast)) {
+                this.removeSelfDefending(ast);
+                transformations.push('移除自我防御代码');
+            }
+            if (decryptStrings) {
+                const decrypted = this.decryptStrings(ast);
+                if (decrypted > 0) {
+                    transformations.push(`解密字符串: ${decrypted}个`);
+                }
+            }
+            if (restoreControlFlow) {
+                const restored = this.restoreControlFlow(ast);
+                if (restored > 0) {
+                    transformations.push(`还原控制流: ${restored}个`);
+                }
+            }
+            if (removeDeadCode) {
+                const removed = this.removeDeadCode(ast);
+                if (removed > 0) {
+                    transformations.push(`移除死代码: ${removed}个`);
+                }
+            }
+            if (simplifyExpressions) {
+                const simplified = this.simplifyExpressions(ast);
+                if (simplified > 0) {
+                    transformations.push(`简化表达式: ${simplified}个`);
+                }
+            }
+            const output = generate(ast, {
+                comments: true,
+                compact: false,
+            });
+            currentCode = output.code;
+            const confidence = this.calculateConfidence(transformations.length);
+            logger.info(`✅ JScrambler反混淆完成，应用了 ${transformations.length} 个转换`);
+            return {
+                code: currentCode,
+                success: true,
+                transformations,
+                warnings,
+                confidence,
+            };
+        }
+        catch (error) {
+            logger.error('JScrambler反混淆失败', error);
+            return {
+                code: currentCode,
+                success: false,
+                transformations,
+                warnings: [...warnings, String(error)],
+                confidence: 0,
+            };
+        }
+    }
+    detectSelfDefending(ast) {
+        let hasSelfDefending = false;
+        traverse(ast, {
+            FunctionDeclaration(path) {
+                if (path.node.body.body.some((stmt) => t.isDebuggerStatement(stmt))) {
+                    hasSelfDefending = true;
+                }
+                const code = generate(path.node).code;
+                if (code.includes('toString') && code.includes('constructor')) {
+                    hasSelfDefending = true;
+                }
+            },
+        });
+        return hasSelfDefending;
+    }
+    removeSelfDefending(ast) {
+        traverse(ast, {
+            DebuggerStatement(path) {
+                path.remove();
+            },
+            CallExpression(path) {
+                if (t.isIdentifier(path.node.callee) &&
+                    (path.node.callee.name === 'setInterval' || path.node.callee.name === 'setTimeout')) {
+                    const arg = path.node.arguments[0];
+                    if (t.isFunctionExpression(arg) || t.isArrowFunctionExpression(arg)) {
+                        const body = arg.body;
+                        if (t.isBlockStatement(body)) {
+                            if (body.body.some((stmt) => t.isDebuggerStatement(stmt))) {
+                                path.remove();
+                            }
+                        }
+                    }
+                }
+            },
+        });
+    }
+    decryptStrings(ast) {
+        let count = 0;
+        const decryptFunctions = this.findDecryptFunctions(ast);
+        traverse(ast, {
+            CallExpression(path) {
+                if (t.isIdentifier(path.node.callee)) {
+                    const funcName = path.node.callee.name;
+                    if (decryptFunctions.has(funcName)) {
+                        try {
+                            const decrypted = '[DECRYPTED_STRING]';
+                            path.replaceWith(t.stringLiteral(decrypted));
+                            count++;
+                        }
+                        catch {
+                        }
+                    }
+                }
+            },
+        });
+        return count;
+    }
+    findDecryptFunctions(ast) {
+        const decryptFunctions = new Set();
+        traverse(ast, {
+            FunctionDeclaration(path) {
+                const code = generate(path.node).code;
+                if (code.includes('charCodeAt') &&
+                    code.includes('fromCharCode') &&
+                    code.includes('split')) {
+                    if (path.node.id) {
+                        decryptFunctions.add(path.node.id.name);
+                    }
+                }
+            },
+        });
+        return decryptFunctions;
+    }
+    restoreControlFlow(ast) {
+        let count = 0;
+        const self = this;
+        traverse(ast, {
+            WhileStatement(path) {
+                if (self.isControlFlowFlatteningPattern(path.node)) {
+                    try {
+                        self.unflattenControlFlowPattern(path);
+                        count++;
+                    }
+                    catch {
+                    }
+                }
+            },
+        });
+        return count;
+    }
+    isControlFlowFlatteningPattern(node) {
+        if (!t.isBooleanLiteral(node.test) || !node.test.value) {
+            return false;
+        }
+        if (!t.isBlockStatement(node.body)) {
+            return false;
+        }
+        const firstStmt = node.body.body[0];
+        return t.isSwitchStatement(firstStmt);
+    }
+    unflattenControlFlowPattern(path) {
+        const whileStmt = path.node;
+        if (t.isBlockStatement(whileStmt.body)) {
+            const switchStmt = whileStmt.body.body[0];
+            if (t.isSwitchStatement(switchStmt)) {
+                path.replaceWithMultiple(switchStmt.cases.map((c) => c.consequent).flat());
+            }
+        }
+    }
+    removeDeadCode(ast) {
+        let count = 0;
+        traverse(ast, {
+            IfStatement(path) {
+                if (t.isBooleanLiteral(path.node.test)) {
+                    if (path.node.test.value) {
+                        path.replaceWith(path.node.consequent);
+                    }
+                    else {
+                        if (path.node.alternate) {
+                            path.replaceWith(path.node.alternate);
+                        }
+                        else {
+                            path.remove();
+                        }
+                    }
+                    count++;
+                }
+            },
+        });
+        return count;
+    }
+    simplifyExpressions(ast) {
+        let count = 0;
+        traverse(ast, {
+            BinaryExpression(path) {
+                if (t.isNumericLiteral(path.node.left) && t.isNumericLiteral(path.node.right)) {
+                    const left = path.node.left.value;
+                    const right = path.node.right.value;
+                    let result;
+                    switch (path.node.operator) {
+                        case '+':
+                            result = left + right;
+                            break;
+                        case '-':
+                            result = left - right;
+                            break;
+                        case '*':
+                            result = left * right;
+                            break;
+                        case '/':
+                            result = left / right;
+                            break;
+                    }
+                    if (result !== undefined) {
+                        path.replaceWith(t.numericLiteral(result));
+                        count++;
+                    }
+                }
+            },
+        });
+        return count;
+    }
+    calculateConfidence(transformationCount) {
+        return Math.min(transformationCount / 5, 1.0);
+    }
+}
+//# sourceMappingURL=JScramberDeobfuscator.js.map

package/dist/modules/deobfuscator/JScramberDeobfuscator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"JScramberDeobfuscator.js","sourceRoot":"","sources":["../../../src/modules/deobfuscator/JScramberDeobfuscator.ts"],"names":[],"mappings":"AAiBA,OAAO,KAAK,MAAM,MAAM,eAAe,CAAC;AACxC,OAAO,QAAQ,MAAM,iBAAiB,CAAC;AACvC,OAAO,QAAQ,MAAM,kBAAkB,CAAC;AACxC,OAAO,KAAK,CAAC,MAAM,cAAc,CAAC;AAClC,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AA2B/C,MAAM,OAAO,qBAAqB;IAIhC,KAAK,CAAC,WAAW,CAAC,OAAqC;QACrD,MAAM,EACJ,IAAI,EACJ,cAAc,GAAG,IAAI,EACrB,kBAAkB,GAAG,IAAI,EACzB,cAAc,GAAG,IAAI,EACrB,mBAAmB,GAAG,IAAI,GAC3B,GAAG,OAAO,CAAC;QAEZ,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAErC,MAAM,eAAe,GAAa,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,IAAI,WAAW,GAAG,IAAI,CAAC;QAEvB,IAAI,CAAC;YAEH,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE;gBACpC,UAAU,EAAE,aAAa;gBACzB,OAAO,EAAE,CAAC,KAAK,EAAE,YAAY,CAAC;gBAC9B,aAAa,EAAE,IAAI;aACpB,CAAC,CAAC;YAGH,IAAI,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;gBAClC,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;gBAC9B,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACnC,CAAC;YAGD,IAAI,cAAc,EAAE,CAAC;gBACnB,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;gBAC3C,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;oBAClB,eAAe,CAAC,IAAI,CAAC,UAAU,SAAS,GAAG,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC;YAGD,IAAI,kBAAkB,EAAE,CAAC;gBACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;gBAC9C,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;oBACjB,eAAe,CAAC,IAAI,CAAC,UAAU,QAAQ,GAAG,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC;YAGD,IAAI,cAAc,EAAE,CAAC;gBACnB,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;gBACzC,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;oBAChB,eAAe,CAAC,IAAI,CAAC,UAAU,OAAO,GAAG,CAAC,CAAC;gBAC7C,CAAC;YACH,CAAC;YAGD,IAAI,mBAAmB,EAAE,CAAC;gBACxB,MAAM,UAAU,GAAG,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;gBACjD,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;oBACnB,eAAe,CAAC,IAAI,CAAC,UAAU,UAAU,GAAG,CAAC,CAAC;gBAChD,CAAC;YACH,CAAC;YAGD,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,EAAE;gBAC3B,QAAQ,EAAE,IAAI;gBACd,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YAEH,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC;YAG1B,MAAM,UAAU,GAAG,IAAI,CAAC,mBAAmB,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YAEpE,MAAM,CAAC,IAAI,CAAC,yBAAyB,eAAe,CAAC,MAAM,MAAM,CAAC,CAAC;YAEnE,OAAO;gBACL,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,IAAI;gBACb,eAAe;gBACf,QAAQ;gBACR,UAAU;aACX,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;YACvC,OAAO;gBACL,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,KAAK;gBACd,eAAe;gBACf,QAAQ,EAAE,CAAC,GAAG,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;gBACtC,UAAU,EAAE,CAAC;aACd,CAAC;QACJ,CAAC;IACH,CAAC;IAKO,mBAAmB,CAAC,GAAW;QACrC,IAAI,gBAAgB,GAAG,KAAK,CAAC;QAE7B,QAAQ,CAAC,GAAG,EAAE;YACZ,mBAAmB,CAAC,IAAI;gBAEtB,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;oBACpE,gBAAgB,GAAG,IAAI,CAAC;gBAC1B,CAAC;gBAGD,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;gBACtC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBAC9D,gBAAgB,GAAG,IAAI,CAAC;gBAC1B,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAKO,mBAAmB,CAAC,GAAW;QACrC,QAAQ,CAAC,GAAG,EAAE;YAEZ,iBAAiB,CAAC,IAAI;gBACpB,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,CAAC;YAGD,cAAc,CAAC,IAAI;gBACjB,IACE,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC;oBAChC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,aAAa,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,CAAC,EACnF,CAAC;oBACD,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oBACnC,IAAI,CAAC,CAAC,oBAAoB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,yBAAyB,CAAC,GAAG,CAAC,EAAE,CAAC;wBACpE,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;wBACtB,IAAI,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;4BAC7B,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;gCAC1D,IAAI,CAAC,MAAM,EAAE,CAAC;4BAChB,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC,CAAC;IACL,CAAC;IAKO,cAAc,CAAC,GAAW;QAChC,IAAI,KAAK,GAAG,CAAC,CAAC;QAGd,MAAM,gBAAgB,GAAG,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAExD,QAAQ,CAAC,GAAG,EAAE;YACZ,cAAc,CAAC,IAAI;gBAEjB,IAAI,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;oBACvC,IAAI,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAEnC,IAAI,CAAC;4BACH,MAAM,SAAS,GAAG,oBAAoB,CAAC;4BACvC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC;4BAC7C,KAAK,EAAE,CAAC;wBACV,CAAC;wBAAC,MAAM,CAAC;wBAET,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,KAAK,CAAC;IACf,CAAC;IAKO,oBAAoB,CAAC,GAAW;QACtC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAU,CAAC;QAE3C,QAAQ,CAAC,GAAG,EAAE;YACZ,mBAAmB,CAAC,IAAI;gBACtB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;gBAEtC,IACE,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC;oBAC3B,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC;oBAC7B,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EACtB,CAAC;oBACD,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;wBACjB,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;oBAC1C,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAKO,kBAAkB,CAAC,GAAW;QACpC,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,MAAM,IAAI,GAAG,IAAI,CAAC;QAElB,QAAQ,CAAC,GAAG,EAAE;YACZ,cAAc,CAAC,IAAI;gBAEjB,IAAI,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAEnD,IAAI,CAAC;wBACH,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;wBACvC,KAAK,EAAE,CAAC;oBACV,CAAC;oBAAC,MAAM,CAAC;oBAET,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,KAAK,CAAC;IACf,CAAC;IAKO,8BAA8B,CAAC,IAAsB;QAE3D,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YACvD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACnC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpC,OAAO,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;IACxC,CAAC;IAKO,2BAA2B,CAAC,IAAS;QAE3C,MAAM,SAAS,GAAG,IAAI,CAAC,IAAwB,CAAC;QAChD,IAAI,CAAC,CAAC,gBAAgB,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;YACvC,MAAM,UAAU,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC1C,IAAI,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,EAAE,CAAC;gBAEpC,IAAI,CAAC,mBAAmB,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;YAC7E,CAAC;QACH,CAAC;IACH,CAAC;IAKO,cAAc,CAAC,GAAW;QAChC,IAAI,KAAK,GAAG,CAAC,CAAC;QAEd,QAAQ,CAAC,GAAG,EAAE;YACZ,WAAW,CAAC,IAAI;gBAEd,IAAI,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACvC,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;wBAEzB,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;oBACzC,CAAC;yBAAM,CAAC;wBAEN,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;4BACxB,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;wBACxC,CAAC;6BAAM,CAAC;4BACN,IAAI,CAAC,MAAM,EAAE,CAAC;wBAChB,CAAC;oBACH,CAAC;oBACD,KAAK,EAAE,CAAC;gBACV,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,KAAK,CAAC;IACf,CAAC;IAKO,mBAAmB,CAAC,GAAW;QACrC,IAAI,KAAK,GAAG,CAAC,CAAC;QAEd,QAAQ,CAAC,GAAG,EAAE;YACZ,gBAAgB,CAAC,IAAI;gBAEnB,IAAI,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC9E,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC;oBAClC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;oBACpC,IAAI,MAA0B,CAAC;oBAE/B,QAAQ,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;wBAC3B,KAAK,GAAG;4BACN,MAAM,GAAG,IAAI,GAAG,KAAK,CAAC;4BACtB,MAAM;wBACR,KAAK,GAAG;4BACN,MAAM,GAAG,IAAI,GAAG,KAAK,CAAC;4BACtB,MAAM;wBACR,KAAK,GAAG;4BACN,MAAM,GAAG,IAAI,GAAG,KAAK,CAAC;4BACtB,MAAM;wBACR,KAAK,GAAG;4BACN,MAAM,GAAG,IAAI,GAAG,KAAK,CAAC;4BACtB,MAAM;oBACV,CAAC;oBAED,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;wBACzB,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;wBAC3C,KAAK,EAAE,CAAC;oBACV,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,OAAO,KAAK,CAAC;IACf,CAAC;IAKO,mBAAmB,CAAC,mBAA2B;QAErD,OAAO,IAAI,CAAC,GAAG,CAAC,mBAAmB,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;IAChD,CAAC;CACF"}

package/dist/modules/deobfuscator/PackerDeobfuscator.d.ts

@@ -0,0 +1,38 @@
+export interface PackerDeobfuscatorOptions {
+    code: string;
+    maxIterations?: number;
+}
+export interface PackerDeobfuscatorResult {
+    code: string;
+    success: boolean;
+    iterations: number;
+    warnings: string[];
+}
+export declare class PackerDeobfuscator {
+    static detect(code: string): boolean;
+    deobfuscate(options: PackerDeobfuscatorOptions): Promise<PackerDeobfuscatorResult>;
+    private unpack;
+    private parsePackerParams;
+    private executeUnpacker;
+    private base;
+    beautify(code: string): string;
+}
+export declare class AAEncodeDeobfuscator {
+    static detect(code: string): boolean;
+    deobfuscate(code: string): Promise<string>;
+}
+export declare class URLEncodeDeobfuscator {
+    static detect(code: string): boolean;
+    deobfuscate(code: string): Promise<string>;
+}
+export declare class UniversalUnpacker {
+    private packerDeobfuscator;
+    private aaencodeDeobfuscator;
+    private urlencodeDeobfuscator;
+    deobfuscate(code: string): Promise<{
+        code: string;
+        type: string;
+        success: boolean;
+    }>;
+}
+//# sourceMappingURL=PackerDeobfuscator.d.ts.map

package/dist/modules/deobfuscator/PackerDeobfuscator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PackerDeobfuscator.d.ts","sourceRoot":"","sources":["../../../src/modules/deobfuscator/PackerDeobfuscator.ts"],"names":[],"mappings":"AAoBA,MAAM,WAAW,yBAAyB;IACxC,IAAI,EAAE,MAAM,CAAC;IACb,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAKD,MAAM,WAAW,wBAAwB;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAKD,qBAAa,kBAAkB;IAI7B,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAS9B,WAAW,CAAC,OAAO,EAAE,yBAAyB,GAAG,OAAO,CAAC,wBAAwB,CAAC;IA8CxF,OAAO,CAAC,MAAM;IA+Bd,OAAO,CAAC,iBAAiB;IAkCzB,OAAO,CAAC,eAAe;IAwBvB,OAAO,CAAC,IAAI;IAmBZ,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;CAc/B;AAMD,qBAAa,oBAAoB;IAI/B,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAQ9B,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAgBjD;AAMD,qBAAa,qBAAqB;IAIhC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAS9B,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAYjD;AAMD,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,kBAAkB,CAA4B;IACtD,OAAO,CAAC,oBAAoB,CAA8B;IAC1D,OAAO,CAAC,qBAAqB,CAA+B;IAKtD,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;QACvC,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;CA2CH"}

package/dist/modules/deobfuscator/PackerDeobfuscator.js

@@ -0,0 +1,191 @@
+import { logger } from '../../utils/logger.js';
+export class PackerDeobfuscator {
+    static detect(code) {
+        const packerPattern = /eval\s*\(\s*function\s*\(\s*p\s*,\s*a\s*,\s*c\s*,\s*k\s*,\s*e\s*,\s*[dr]\s*\)/;
+        return packerPattern.test(code);
+    }
+    async deobfuscate(options) {
+        const { code, maxIterations = 5 } = options;
+        logger.info('📦 开始Packer反混淆...');
+        const warnings = [];
+        let currentCode = code;
+        let iterations = 0;
+        try {
+            while (PackerDeobfuscator.detect(currentCode) && iterations < maxIterations) {
+                const unpacked = this.unpack(currentCode);
+                if (!unpacked || unpacked === currentCode) {
+                    warnings.push('解包失败或已达到最终状态');
+                    break;
+                }
+                currentCode = unpacked;
+                iterations++;
+                logger.info(`📦 完成第 ${iterations} 次解包`);
+            }
+            logger.info(`✅ Packer反混淆完成，共 ${iterations} 次迭代`);
+            return {
+                code: currentCode,
+                success: true,
+                iterations,
+                warnings,
+            };
+        }
+        catch (error) {
+            logger.error('Packer反混淆失败', error);
+            return {
+                code: currentCode,
+                success: false,
+                iterations,
+                warnings: [...warnings, String(error)],
+            };
+        }
+    }
+    unpack(code) {
+        const match = code.match(/eval\s*\(\s*function\s*\(\s*p\s*,\s*a\s*,\s*c\s*,\s*k\s*,\s*e\s*,\s*[dr]\s*\)\s*{([\s\S]*?)}\s*\((.*?)\)\s*\)/);
+        if (!match || !match[2]) {
+            return code;
+        }
+        const args = match[2];
+        const params = this.parsePackerParams(args);
+        if (!params) {
+            return code;
+        }
+        try {
+            const unpacked = this.executeUnpacker(params);
+            return unpacked || code;
+        }
+        catch (error) {
+            logger.warn('解包执行失败', error);
+            return code;
+        }
+    }
+    parsePackerParams(argsString) {
+        try {
+            const parseFunc = new Function(`return [${argsString}];`);
+            const params = parseFunc();
+            if (params.length < 4) {
+                return null;
+            }
+            return {
+                p: params[0] || '',
+                a: params[1] || 0,
+                c: params[2] || 0,
+                k: (params[3] || '').split('|'),
+                e: params[4] || function (c) { return c; },
+                d: params[5] || function () { return ''; },
+            };
+        }
+        catch {
+            return null;
+        }
+    }
+    executeUnpacker(params) {
+        const { p, a, k } = params;
+        let { c } = params;
+        let result = p;
+        while (c--) {
+            const replacement = k[c];
+            if (replacement) {
+                const pattern = new RegExp('\\b' + this.base(c, a) + '\\b', 'g');
+                result = result.replace(pattern, replacement);
+            }
+        }
+        return result;
+    }
+    base(num, radix) {
+        const digits = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+        if (num === 0) {
+            return '0';
+        }
+        let result = '';
+        while (num > 0) {
+            result = digits[num % radix] + result;
+            num = Math.floor(num / radix);
+        }
+        return result || '0';
+    }
+    beautify(code) {
+        let result = code;
+        result = result.replace(/;/g, ';\n');
+        result = result.replace(/{/g, '{\n');
+        result = result.replace(/}/g, '\n}\n');
+        result = result.replace(/\n\n+/g, '\n\n');
+        return result.trim();
+    }
+}
+export class AAEncodeDeobfuscator {
+    static detect(code) {
+        return code.includes('゜-゜') || code.includes('ω゜') || code.includes('o゜)');
+    }
+    async deobfuscate(code) {
+        logger.info('😊 开始AAEncode反混淆...');
+        try {
+            const decoded = new Function(`return (${code})`)();
+            logger.info('✅ AAEncode反混淆完成');
+            return decoded;
+        }
+        catch (error) {
+            logger.error('AAEncode反混淆失败', error);
+            return code;
+        }
+    }
+}
+export class URLEncodeDeobfuscator {
+    static detect(code) {
+        const percentCount = (code.match(/%[0-9A-Fa-f]{2}/g) || []).length;
+        return percentCount > 10;
+    }
+    async deobfuscate(code) {
+        logger.info('🔗 开始URLEncode反混淆...');
+        try {
+            const decoded = decodeURIComponent(code);
+            logger.info('✅ URLEncode反混淆完成');
+            return decoded;
+        }
+        catch (error) {
+            logger.error('URLEncode反混淆失败', error);
+            return code;
+        }
+    }
+}
+export class UniversalUnpacker {
+    packerDeobfuscator = new PackerDeobfuscator();
+    aaencodeDeobfuscator = new AAEncodeDeobfuscator();
+    urlencodeDeobfuscator = new URLEncodeDeobfuscator();
+    async deobfuscate(code) {
+        logger.info('🔍 自动检测混淆类型...');
+        if (PackerDeobfuscator.detect(code)) {
+            logger.info('检测到: Packer混淆');
+            const result = await this.packerDeobfuscator.deobfuscate({ code });
+            return {
+                code: result.code,
+                type: 'Packer',
+                success: result.success,
+            };
+        }
+        if (AAEncodeDeobfuscator.detect(code)) {
+            logger.info('检测到: AAEncode混淆');
+            const decoded = await this.aaencodeDeobfuscator.deobfuscate(code);
+            return {
+                code: decoded,
+                type: 'AAEncode',
+                success: decoded !== code,
+            };
+        }
+        if (URLEncodeDeobfuscator.detect(code)) {
+            logger.info('检测到: URLEncode混淆');
+            const decoded = await this.urlencodeDeobfuscator.deobfuscate(code);
+            return {
+                code: decoded,
+                type: 'URLEncode',
+                success: decoded !== code,
+            };
+        }
+        logger.info('未检测到已知的混淆类型');
+        return {
+            code,
+            type: 'Unknown',
+            success: false,
+        };
+    }
+}
+//# sourceMappingURL=PackerDeobfuscator.js.map

package/dist/modules/deobfuscator/PackerDeobfuscator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"PackerDeobfuscator.js","sourceRoot":"","sources":["../../../src/modules/deobfuscator/PackerDeobfuscator.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAuB/C,MAAM,OAAO,kBAAkB;IAI7B,MAAM,CAAC,MAAM,CAAC,IAAY;QAExB,MAAM,aAAa,GAAG,+EAA+E,CAAC;QACtG,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClC,CAAC;IAKD,KAAK,CAAC,WAAW,CAAC,OAAkC;QAClD,MAAM,EAAE,IAAI,EAAE,aAAa,GAAG,CAAC,EAAE,GAAG,OAAO,CAAC;QAE5C,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEjC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,IAAI,WAAW,GAAG,IAAI,CAAC;QACvB,IAAI,UAAU,GAAG,CAAC,CAAC;QAEnB,IAAI,CAAC;YAEH,OAAO,kBAAkB,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,UAAU,GAAG,aAAa,EAAE,CAAC;gBAC5E,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;gBAE1C,IAAI,CAAC,QAAQ,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;oBAC1C,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;oBAC9B,MAAM;gBACR,CAAC;gBAED,WAAW,GAAG,QAAQ,CAAC;gBACvB,UAAU,EAAE,CAAC;gBACb,MAAM,CAAC,IAAI,CAAC,UAAU,UAAU,MAAM,CAAC,CAAC;YAC1C,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,mBAAmB,UAAU,MAAM,CAAC,CAAC;YAEjD,OAAO;gBACL,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,IAAI;gBACb,UAAU;gBACV,QAAQ;aACT,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YACnC,OAAO;gBACL,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,KAAK;gBACd,UAAU;gBACV,QAAQ,EAAE,CAAC,GAAG,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;aACvC,CAAC;QACJ,CAAC;IACH,CAAC;IAKO,MAAM,CAAC,IAAY;QAEzB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CACtB,+GAA+G,CAChH,CAAC;QAEF,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAGtB,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAGD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YAC9C,OAAO,QAAQ,IAAI,IAAI,CAAC;QAC1B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YAC7B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAKO,iBAAiB,CAAC,UAAkB;QAQ1C,IAAI,CAAC;YAGH,MAAM,SAAS,GAAG,IAAI,QAAQ,CAAC,WAAW,UAAU,IAAI,CAAC,CAAC;YAC1D,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAE3B,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO;gBACL,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE;gBAClB,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;gBACjB,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;gBACjB,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;gBAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,UAAU,CAAM,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC;gBAC/C,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,cAAc,OAAO,EAAE,CAAC,CAAC,CAAC;aAC3C,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAKO,eAAe,CACrB,MAAkF;QAElF,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC;QAC3B,IAAI,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC;QAGnB,IAAI,MAAM,GAAG,CAAC,CAAC;QAGf,OAAO,CAAC,EAAE,EAAE,CAAC;YACX,MAAM,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACzB,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,EAAE,GAAG,CAAC,CAAC;gBACjE,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAKO,IAAI,CAAC,GAAW,EAAE,KAAa;QACrC,MAAM,MAAM,GAAG,gEAAgE,CAAC;QAEhF,IAAI,GAAG,KAAK,CAAC,EAAE,CAAC;YACd,OAAO,GAAG,CAAC;QACb,CAAC;QAED,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,OAAO,GAAG,GAAG,CAAC,EAAE,CAAC;YACf,MAAM,GAAG,MAAM,CAAC,GAAG,GAAG,KAAK,CAAC,GAAG,MAAM,CAAC;YACtC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC;QAChC,CAAC;QAED,OAAO,MAAM,IAAI,GAAG,CAAC;IACvB,CAAC;IAKD,QAAQ,CAAC,IAAY;QAEnB,IAAI,MAAM,GAAG,IAAI,CAAC;QAGlB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACrC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACrC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAGvC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAE1C,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC;IACvB,CAAC;CACF;AAMD,MAAM,OAAO,oBAAoB;IAI/B,MAAM,CAAC,MAAM,CAAC,IAAY;QAExB,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC7E,CAAC;IAKD,KAAK,CAAC,WAAW,CAAC,IAAY;QAC5B,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QAEnC,IAAI,CAAC;YAIH,MAAM,OAAO,GAAG,IAAI,QAAQ,CAAC,WAAW,IAAI,GAAG,CAAC,EAAE,CAAC;YAEnD,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAC/B,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;YACrC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF;AAMD,MAAM,OAAO,qBAAqB;IAIhC,MAAM,CAAC,MAAM,CAAC,IAAY;QAExB,MAAM,YAAY,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;QACnE,OAAO,YAAY,GAAG,EAAE,CAAC;IAC3B,CAAC;IAKD,KAAK,CAAC,WAAW,CAAC,IAAY;QAC5B,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QAEpC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;YACzC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YAChC,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CACF;AAMD,MAAM,OAAO,iBAAiB;IACpB,kBAAkB,GAAG,IAAI,kBAAkB,EAAE,CAAC;IAC9C,oBAAoB,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAClD,qBAAqB,GAAG,IAAI,qBAAqB,EAAE,CAAC;IAK5D,KAAK,CAAC,WAAW,CAAC,IAAY;QAK5B,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAG9B,IAAI,kBAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC7B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;YACnE,OAAO;gBACL,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,IAAI,EAAE,QAAQ;gBACd,OAAO,EAAE,MAAM,CAAC,OAAO;aACxB,CAAC;QACJ,CAAC;QAGD,IAAI,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACtC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAC/B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YAClE,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,OAAO,KAAK,IAAI;aAC1B,CAAC;QACJ,CAAC;QAGD,IAAI,qBAAqB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACvC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YAChC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YACnE,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,OAAO,KAAK,IAAI;aAC1B,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC3B,OAAO;YACL,IAAI;YACJ,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,KAAK;SACf,CAAC;IACJ,CAAC;CACF"}

package/dist/modules/detector/ObfuscationDetector.d.ts

@@ -0,0 +1,35 @@
+import { ObfuscationType, VMFeatures } from '../../types/index.js';
+export interface DetectionResult {
+    types: ObfuscationType[];
+    confidence: Record<ObfuscationType, number>;
+    features: string[];
+    recommendations: string[];
+    vmFeatures?: VMFeatures;
+}
+export declare class ObfuscationDetector {
+    private jsvmpDetector;
+    constructor();
+    detect(code: string): DetectionResult;
+    private detectVMProtectionDetailed;
+    private detectJavaScriptObfuscator;
+    private detectWebpack;
+    private detectUglify;
+    private detectVMProtection;
+    private detectInvisibleUnicode;
+    private detectControlFlowFlattening;
+    private detectStringArrayRotation;
+    private detectDeadCodeInjection;
+    private detectOpaquePredicates;
+    private detectJSFuck;
+    private detectAAEncode;
+    private detectJJEncode;
+    private detectPacker;
+    private detectEvalObfuscation;
+    private detectBase64Encoding;
+    private detectHexEncoding;
+    private detectSelfModifying;
+    private detectJScrambler;
+    private detectURLEncode;
+    generateReport(result: DetectionResult): string;
+}
+//# sourceMappingURL=ObfuscationDetector.d.ts.map

package/dist/modules/detector/ObfuscationDetector.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ObfuscationDetector.d.ts","sourceRoot":"","sources":["../../../src/modules/detector/ObfuscationDetector.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAInE,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,eAAe,EAAE,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAC5C,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,UAAU,CAAC,EAAE,UAAU,CAAC;CACzB;AAED,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,aAAa,CAAoB;;IASzC,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe;IAwLrC,OAAO,CAAC,0BAA0B;IAyBlC,OAAO,CAAC,0BAA0B;IAWlC,OAAO,CAAC,aAAa;IAQrB,OAAO,CAAC,YAAY;IAMpB,OAAO,CAAC,kBAAkB;IAW1B,OAAO,CAAC,sBAAsB;IAK9B,OAAO,CAAC,2BAA2B;IAInC,OAAO,CAAC,yBAAyB;IAQjC,OAAO,CAAC,uBAAuB;IAO/B,OAAO,CAAC,sBAAsB;IAI9B,OAAO,CAAC,YAAY;IAMpB,OAAO,CAAC,cAAc;IAKtB,OAAO,CAAC,cAAc;IAItB,OAAO,CAAC,YAAY;IAMpB,OAAO,CAAC,qBAAqB;IAK7B,OAAO,CAAC,oBAAoB;IAO5B,OAAO,CAAC,iBAAiB;IAKzB,OAAO,CAAC,mBAAmB;IAW3B,OAAO,CAAC,gBAAgB;IA6BxB,OAAO,CAAC,eAAe;IASvB,cAAc,CAAC,MAAM,EAAE,eAAe,GAAG,MAAM;CAqBhD"}