npm - @jshookmcp/jshook - Versions diffs - 0.1.6 → 0.1.8 - Mend

@jshookmcp/jshook 0.1.6 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (65) hide show

package/LICENSE +661 -661
package/README.md +145 -100
package/README.zh.md +81 -36
package/dist/constants.d.ts +1 -1
package/dist/constants.js +3 -1
package/dist/index.js +0 -0
package/dist/modules/analyzer/QualityAnalyzer.js +1 -1
package/dist/modules/browser/BrowserDiscovery.js +2 -2
package/dist/modules/browser/BrowserModeManager.js +3 -3
package/dist/modules/captcha/AICaptchaDetector.d.ts +12 -16
package/dist/modules/captcha/AICaptchaDetector.js +229 -209
package/dist/modules/captcha/CaptchaDetector.constants.d.ts +2 -0
package/dist/modules/captcha/CaptchaDetector.constants.js +116 -25
package/dist/modules/captcha/CaptchaDetector.d.ts +2 -11
package/dist/modules/captcha/CaptchaDetector.js +102 -51
package/dist/modules/captcha/types.d.ts +46 -0
package/dist/modules/captcha/types.js +52 -0
package/dist/modules/deobfuscator/AdvancedDeobfuscator.d.ts +15 -20
package/dist/modules/deobfuscator/AdvancedDeobfuscator.js +66 -234
package/dist/modules/deobfuscator/Deobfuscator.d.ts +3 -10
package/dist/modules/deobfuscator/Deobfuscator.js +125 -404
package/dist/modules/deobfuscator/webcrack.d.ts +13 -0
package/dist/modules/deobfuscator/webcrack.js +164 -0
package/dist/modules/detector/ObfuscationDetector.d.ts +6 -0
package/dist/modules/detector/ObfuscationDetector.js +53 -2
package/dist/modules/hook/AIHookGenerator.js +1 -1
package/dist/modules/process/MacProcessManager.js +25 -25
package/dist/modules/process/memory/availability.js +49 -49
package/dist/modules/process/memory/injector.js +185 -185
package/dist/modules/process/memory/reader.js +50 -50
package/dist/modules/process/memory/scanner.js +165 -165
package/dist/modules/process/memory/writer.js +55 -55
package/dist/native/scripts/linux/enum-windows.sh +12 -12
package/dist/native/scripts/macos/enum-windows.applescript +22 -22
package/dist/native/scripts/windows/enum-windows-by-class.ps1 +51 -51
package/dist/native/scripts/windows/enum-windows.ps1 +44 -44
package/dist/native/scripts/windows/inject-dll.ps1 +21 -21
package/dist/server/domains/analysis/definitions.js +223 -2
package/dist/server/domains/analysis/handlers.impl.d.ts +2 -3
package/dist/server/domains/analysis/handlers.impl.js +60 -15
package/dist/server/domains/analysis/manifest.js +2 -5
package/dist/server/domains/browser/definitions.tools.behavior.js +36 -24
package/dist/server/domains/browser/definitions.tools.page-core.js +53 -53
package/dist/server/domains/browser/definitions.tools.runtime.js +40 -40
package/dist/server/domains/browser/definitions.tools.security.js +80 -77
package/dist/server/domains/browser/handlers/camoufox-flow.js +0 -1
package/dist/server/domains/browser/handlers/captcha-solver.d.ts +1 -1
package/dist/server/domains/browser/handlers/captcha-solver.js +121 -54
package/dist/server/domains/browser/handlers/page-navigation.js +0 -2
package/dist/server/domains/browser/handlers.impl.d.ts +1 -1
package/dist/server/domains/browser/handlers.impl.js +3 -3
package/dist/server/domains/browser/manifest.js +1 -1
package/dist/server/domains/shared/modules.d.ts +1 -0
package/dist/server/domains/transform/handlers.impl.transform-base.js +102 -102
package/dist/server/domains/workflow/handlers.impl.workflow-base.js +51 -51
package/dist/types/deobfuscator.d.ts +43 -1
package/dist/types/index.d.ts +1 -1
package/dist/utils/config.js +19 -10
package/package.json +30 -44
package/scripts/postinstall.cjs +37 -0
package/src/native/scripts/linux/enum-windows.sh +12 -12
package/src/native/scripts/macos/enum-windows.applescript +22 -22
package/src/native/scripts/windows/enum-windows-by-class.ps1 +51 -51
package/src/native/scripts/windows/enum-windows.ps1 +44 -44
package/src/native/scripts/windows/inject-dll.ps1 +21 -21

package/dist/modules/captcha/CaptchaDetector.d.ts CHANGED Viewed

@@ -1,15 +1,6 @@
 import { Page } from 'rebrowser-puppeteer-core';
-export interface CaptchaDetectionResult {
-    detected: boolean;
-    type?: 'slider' | 'image' | 'recaptcha' | 'hcaptcha' | 'cloudflare' | 'page_redirect' | 'url_redirect' | 'unknown';
-    selector?: string;
-    title?: string;
-    url?: string;
-    confidence: number;
-    vendor?: 'geetest' | 'tencent' | 'aliyun' | 'cloudflare' | 'akamai' | 'datadome' | 'perimeter-x' | 'recaptcha' | 'hcaptcha' | 'unknown';
-    details?: unknown;
-    falsePositiveReason?: string;
-}
+import type { CaptchaDetectionResult } from '../captcha/types.js';
+export type { CaptchaDetectionResult } from '../captcha/types.js';
 export declare class CaptchaDetector {
     private static readonly EXCLUDE_SELECTORS;
     private static readonly CAPTCHA_SELECTORS;

package/dist/modules/captcha/CaptchaDetector.js CHANGED Viewed

@@ -29,11 +29,11 @@ export class CaptchaDetector {
                 return vendorCheck;
             }
             logger.info('No CAPTCHA detected by current heuristics');
-            return { detected: false, confidence: 0 };
+            return { detected: false, type: 'none', confidence: 0 };
         }
         catch (error) {
             logger.error('CAPTCHA detection failed', error);
-            return { detected: false, confidence: 0 };
+            return { detected: false, type: 'none', confidence: 0 };
         }
     }
     async checkUrl(page) {
@@ -42,53 +42,82 @@ export class CaptchaDetector {
         for (const excludeKeyword of CaptchaDetector.EXCLUDE_KEYWORDS.url) {
             if (lowerUrl.includes(excludeKeyword)) {
                 logger.debug(`URL matched exclusion keyword: ${excludeKeyword}`);
-                return { detected: false, confidence: 0, falsePositiveReason: `URL exclusion: ${excludeKeyword}` };
+                return {
+                    detected: false,
+                    type: 'none',
+                    confidence: 0,
+                    falsePositiveReason: `URL exclusion: ${excludeKeyword}`,
+                };
             }
         }
         for (const keyword of CaptchaDetector.CAPTCHA_KEYWORDS.url) {
             if (lowerUrl.includes(keyword)) {
                 let type = 'url_redirect';
-                let vendor = 'unknown';
+                let providerHint;
                 let confidence = 70;
-                if (url.includes('cloudflare') || url.includes('cdn-cgi')) {
-                    type = 'cloudflare';
-                    vendor = 'cloudflare';
-                    confidence = 95;
-                }
-                else if (url.includes('recaptcha')) {
-                    type = 'recaptcha';
-                    vendor = 'recaptcha';
+                if (lowerUrl.includes('cloudflare') ||
+                    lowerUrl.includes('cdn-cgi') ||
+                    lowerUrl.includes('akamai') ||
+                    lowerUrl.includes('datadome') ||
+                    lowerUrl.includes('perimeterx') ||
+                    lowerUrl.includes('perimeter') ||
+                    lowerUrl.includes('px-captcha') ||
+                    lowerUrl.includes('incapsula') ||
+                    lowerUrl.includes('distil') ||
+                    lowerUrl.includes('shield-square')) {
+                    type = 'browser_check';
+                    providerHint = 'edge_service';
                     confidence = 95;
                 }
-                else if (url.includes('hcaptcha')) {
-                    type = 'hcaptcha';
-                    vendor = 'hcaptcha';
+                else if (lowerUrl.includes('recaptcha') ||
+                    lowerUrl.includes('turnstile') ||
+                    lowerUrl.includes('hcaptcha')) {
+                    type = 'widget';
+                    providerHint = 'embedded_widget';
                     confidence = 95;
                 }
-                else if (url.includes('geetest')) {
+                else if (lowerUrl.includes('geetest') ||
+                    lowerUrl.includes('aliyun/captcha') ||
+                    lowerUrl.includes('tencent/captcha') ||
+                    lowerUrl.includes('netease-captcha') ||
+                    lowerUrl.includes('yidun')) {
                     type = 'slider';
-                    vendor = 'geetest';
+                    providerHint = 'regional_service';
+                    confidence = 90;
+                }
+                else if (lowerUrl.includes('arkose') ||
+                    lowerUrl.includes('funcaptcha') ||
+                    lowerUrl.includes('friendly-captcha') ||
+                    lowerUrl.includes('keycaptcha') ||
+                    lowerUrl.includes('iw-captcha')) {
+                    type = 'widget';
+                    providerHint = 'managed_service';
                     confidence = 90;
                 }
                 if (confidence < 80) {
                     const domCheck = await this.verifyByDOM(page);
                     if (!domCheck) {
                         logger.debug(`URL keyword match in DOM, skipping: ${keyword}`);
-                        return { detected: false, confidence: 0, falsePositiveReason: `URLDOM: ${keyword}` };
+                        return {
+                            detected: false,
+                            type: 'none',
+                            confidence: 0,
+                            falsePositiveReason: `URLDOM: ${keyword}`,
+                        };
                     }
                     confidence = 85;
                 }
-                logger.warn(`CAPTCHA URL keyword detected: ${keyword} (confidence: ${confidence}%)`);
+                logger.warn(`CAPTCHA URL signal detected (confidence: ${confidence}%)`);
                 return {
                     detected: true,
                     type,
                     url,
-                    vendor,
+                    providerHint,
                     confidence,
                 };
             }
         }
-        return { detected: false, confidence: 0 };
+        return { detected: false, type: 'none', confidence: 0 };
     }
     async checkTitle(page) {
         const title = await page.title();
@@ -96,7 +125,12 @@ export class CaptchaDetector {
         for (const excludeKeyword of CaptchaDetector.EXCLUDE_KEYWORDS.title) {
             if (lowerTitle.includes(excludeKeyword.toLowerCase())) {
                 logger.debug(`Title matched exclusion keyword: ${excludeKeyword}`);
-                return { detected: false, confidence: 0, falsePositiveReason: `Title exclusion: ${excludeKeyword}` };
+                return {
+                    detected: false,
+                    type: 'none',
+                    confidence: 0,
+                    falsePositiveReason: `Title exclusion: ${excludeKeyword}`,
+                };
             }
         }
         for (const keyword of CaptchaDetector.CAPTCHA_KEYWORDS.title) {
@@ -104,7 +138,12 @@ export class CaptchaDetector {
                 const domCheck = await this.verifyByDOM(page);
                 if (!domCheck) {
                     logger.debug(`DOM keyword is common UI element, skipping: ${keyword}`);
-                    return { detected: false, confidence: 0, falsePositiveReason: `DOM: ${keyword}` };
+                    return {
+                        detected: false,
+                        type: 'none',
+                        confidence: 0,
+                        falsePositiveReason: `DOM: ${keyword}`,
+                    };
                 }
                 logger.warn(`CAPTCHA DOM keyword detected: ${keyword}`);
                 return {
@@ -115,7 +154,7 @@ export class CaptchaDetector {
                 };
             }
         }
-        return { detected: false, confidence: 0 };
+        return { detected: false, type: 'none', confidence: 0 };
     }
     async checkDOMElements(page) {
         for (const selector of CaptchaDetector.CAPTCHA_SELECTORS.slider) {
@@ -128,19 +167,21 @@ export class CaptchaDetector {
                         logger.debug(`Selector is generic, skipping: ${selector}`);
                         continue;
                     }
-                    logger.warn(`CAPTCHA selector detected: ${selector}`);
-                    let vendor = 'unknown';
-                    if (selector.includes('geetest'))
-                        vendor = 'geetest';
-                    else if (selector.includes('nc_') || selector.includes('aliyun'))
-                        vendor = 'aliyun';
-                    else if (selector.includes('tcaptcha') || selector.includes('tencent'))
-                        vendor = 'tencent';
+                    logger.warn(`Slider CAPTCHA selector detected: ${selector}`);
+                    let providerHint;
+                    if (selector.includes('geetest') ||
+                        selector.includes('nc_') ||
+                        selector.includes('aliyun') ||
+                        selector.includes('tcaptcha') ||
+                        selector.includes('tencent') ||
+                        selector.includes('yidun')) {
+                        providerHint = 'regional_service';
+                    }
                     return {
                         detected: true,
                         type: 'slider',
                         selector,
-                        vendor,
+                        providerHint,
                         confidence: 95,
                     };
                 }
@@ -149,12 +190,12 @@ export class CaptchaDetector {
         for (const selector of CaptchaDetector.CAPTCHA_SELECTORS.recaptcha) {
             const element = await page.$(selector);
             if (element) {
-                logger.warn(`reCAPTCHA element detected: ${selector}`);
+                logger.warn(`Embedded challenge widget detected: ${selector}`);
                 return {
                     detected: true,
-                    type: 'recaptcha',
+                    type: 'widget',
                     selector,
-                    vendor: 'recaptcha',
+                    providerHint: 'embedded_widget',
                     confidence: 98,
                 };
             }
@@ -162,12 +203,12 @@ export class CaptchaDetector {
         for (const selector of CaptchaDetector.CAPTCHA_SELECTORS.hcaptcha) {
             const element = await page.$(selector);
             if (element) {
-                logger.warn(`hCaptcha element detected: ${selector}`);
+                logger.warn(`Embedded challenge widget detected: ${selector}`);
                 return {
                     detected: true,
-                    type: 'hcaptcha',
+                    type: 'widget',
                     selector,
-                    vendor: 'hcaptcha',
+                    providerHint: 'embedded_widget',
                     confidence: 98,
                 };
             }
@@ -175,24 +216,29 @@ export class CaptchaDetector {
         for (const selector of CaptchaDetector.CAPTCHA_SELECTORS.cloudflare) {
             const element = await page.$(selector);
             if (element) {
-                logger.warn(`Cloudflare challenge detected: ${selector}`);
+                logger.warn(`Edge browser-check challenge detected: ${selector}`);
                 return {
                     detected: true,
-                    type: 'cloudflare',
+                    type: 'browser_check',
                     selector,
-                    vendor: 'cloudflare',
+                    providerHint: 'edge_service',
                     confidence: 97,
                 };
             }
         }
-        return { detected: false, confidence: 0 };
+        return { detected: false, type: 'none', confidence: 0 };
     }
     async checkPageText(page) {
         const bodyText = await page.evaluate(() => document.body.innerText);
         for (const excludeKeyword of CaptchaDetector.EXCLUDE_KEYWORDS.text) {
             if (bodyText.includes(excludeKeyword)) {
                 logger.debug(`Body text matched exclusion keyword: ${excludeKeyword}`);
-                return { detected: false, confidence: 0, falsePositiveReason: `Text exclusion: ${excludeKeyword}` };
+                return {
+                    detected: false,
+                    type: 'none',
+                    confidence: 0,
+                    falsePositiveReason: `Text exclusion: ${excludeKeyword}`,
+                };
             }
         }
         for (const keyword of CaptchaDetector.CAPTCHA_KEYWORDS.text) {
@@ -200,7 +246,12 @@ export class CaptchaDetector {
                 const domCheck = await this.verifyByDOM(page);
                 if (!domCheck) {
                     logger.debug(`Keyword is common element, skipping: ${keyword}`);
-                    return { detected: false, confidence: 0, falsePositiveReason: `DOM: ${keyword}` };
+                    return {
+                        detected: false,
+                        type: 'none',
+                        confidence: 0,
+                        falsePositiveReason: `DOM: ${keyword}`,
+                    };
                 }
                 logger.warn(`CAPTCHA keyword detected: ${keyword}`);
                 return {
@@ -211,7 +262,7 @@ export class CaptchaDetector {
                 };
             }
         }
-        return { detected: false, confidence: 0 };
+        return { detected: false, type: 'none', confidence: 0 };
     }
     async checkVendorSpecific(page) {
         const geetestCheck = await page.evaluate(() => {
@@ -219,11 +270,11 @@ export class CaptchaDetector {
             return !!win.initGeetest || document.querySelector('.geetest_holder');
         });
         if (geetestCheck) {
-            logger.warn('Geetest CAPTCHA indicators detected');
+            logger.warn('Regional slider CAPTCHA indicators detected');
             return {
                 detected: true,
                 type: 'slider',
-                vendor: 'geetest',
+                providerHint: 'regional_service',
                 confidence: 95,
             };
         }
@@ -232,15 +283,15 @@ export class CaptchaDetector {
             return !!win.TencentCaptcha || document.querySelector('.tcaptcha-transform');
         });
         if (tencentCheck) {
-            logger.warn('Tencent CAPTCHA indicators detected');
+            logger.warn('Regional slider CAPTCHA indicators detected');
             return {
                 detected: true,
                 type: 'slider',
-                vendor: 'tencent',
+                providerHint: 'regional_service',
                 confidence: 95,
             };
         }
-        return { detected: false, confidence: 0 };
+        return { detected: false, type: 'none', confidence: 0 };
     }
     async waitForCompletion(page, timeout = 300000) {
         logger.info('Waiting for CAPTCHA to be solved...');

package/dist/modules/captcha/types.d.ts ADDED Viewed

@@ -0,0 +1,46 @@
+export declare const CAPTCHA_TYPES: readonly ["slider", "image", "widget", "browser_check", "page_redirect", "url_redirect", "text_input", "none", "unknown"];
+export type CaptchaType = (typeof CAPTCHA_TYPES)[number];
+export declare const CAPTCHA_PROVIDER_HINTS: readonly ["regional_service", "embedded_widget", "edge_service", "managed_service", "external_review", "unknown"];
+export type CaptchaProviderHint = (typeof CAPTCHA_PROVIDER_HINTS)[number];
+export declare const LEGACY_CAPTCHA_TYPE_ALIASES: Readonly<Record<string, CaptchaType>>;
+export declare const LEGACY_CAPTCHA_PROVIDER_HINT_ALIASES: Readonly<Record<string, CaptchaProviderHint>>;
+export interface CaptchaDetectionResultBase {
+    detected: boolean;
+    type: CaptchaType;
+    providerHint?: CaptchaProviderHint;
+    confidence: number;
+}
+export interface CaptchaDetectionResult extends CaptchaDetectionResultBase {
+    selector?: string;
+    title?: string;
+    url?: string;
+    details?: unknown;
+    falsePositiveReason?: string;
+}
+export interface CaptchaLocation {
+    x: number;
+    y: number;
+    width: number;
+    height: number;
+}
+export interface AICaptchaDetectionResult extends CaptchaDetectionResultBase {
+    reasoning: string;
+    location?: CaptchaLocation | null;
+    screenshot?: string;
+    screenshotPath?: string;
+    suggestions?: string[];
+}
+export interface CaptchaDetectionConfig {
+    autoDetectCaptcha?: boolean;
+    autoSwitchHeadless?: boolean;
+    captchaTimeout?: number;
+    defaultHeadless?: boolean;
+    askBeforeSwitchBack?: boolean;
+}
+export interface CaptchaPageInfo {
+    url: string;
+    title: string;
+    bodyText: string;
+    hasIframes: boolean;
+    suspiciousElements: string[];
+}

package/dist/modules/captcha/types.js ADDED Viewed

@@ -0,0 +1,52 @@
+export const CAPTCHA_TYPES = [
+    'slider',
+    'image',
+    'widget',
+    'browser_check',
+    'page_redirect',
+    'url_redirect',
+    'text_input',
+    'none',
+    'unknown',
+];
+export const CAPTCHA_PROVIDER_HINTS = [
+    'regional_service',
+    'embedded_widget',
+    'edge_service',
+    'managed_service',
+    'external_review',
+    'unknown',
+];
+export const LEGACY_CAPTCHA_TYPE_ALIASES = {
+    recaptcha: 'widget',
+    hcaptcha: 'widget',
+    turnstile: 'widget',
+    cloudflare: 'browser_check',
+};
+export const LEGACY_CAPTCHA_PROVIDER_HINT_ALIASES = {
+    geetest: 'regional_service',
+    tencent: 'regional_service',
+    aliyun: 'regional_service',
+    keycaptcha: 'regional_service',
+    yidun: 'regional_service',
+    'netease-captcha': 'regional_service',
+    recaptcha: 'embedded_widget',
+    hcaptcha: 'embedded_widget',
+    turnstile: 'embedded_widget',
+    cloudflare: 'edge_service',
+    akamai: 'edge_service',
+    datadome: 'edge_service',
+    'perimeter-x': 'edge_service',
+    perimeterx: 'edge_service',
+    perimeter: 'edge_service',
+    'px-captcha': 'edge_service',
+    incapsula: 'edge_service',
+    distil: 'edge_service',
+    'shield-square': 'edge_service',
+    arkose: 'managed_service',
+    funcaptcha: 'managed_service',
+    'friendly-captcha': 'managed_service',
+    'iw-captcha': 'managed_service',
+    'external-ai-required': 'external_review',
+    unknown: 'unknown',
+};

package/dist/modules/deobfuscator/AdvancedDeobfuscator.d.ts CHANGED Viewed

@@ -1,10 +1,19 @@
-import { LLMService } from '../../services/LLMService.js';
+import type { DeobfuscateBundleSummary, DeobfuscateMappingRule, DeobfuscateSavedArtifact } from '../../types/deobfuscator.js';
 export interface AdvancedDeobfuscateOptions {
     code: string;
     detectOnly?: boolean;
     aggressiveVM?: boolean;
     useASTOptimization?: boolean;
     timeout?: number;
+    unpack?: boolean;
+    unminify?: boolean;
+    jsx?: boolean;
+    mangle?: boolean;
+    outputDir?: string;
+    forceOutput?: boolean;
+    includeModuleCode?: boolean;
+    maxBundleModules?: number;
+    mappings?: DeobfuscateMappingRule[];
 }
 export interface AdvancedDeobfuscateResult {
     code: string;
@@ -12,6 +21,11 @@ export interface AdvancedDeobfuscateResult {
     confidence: number;
     warnings: string[];
     astOptimized?: boolean;
+    bundle?: DeobfuscateBundleSummary;
+    savedTo?: string;
+    savedArtifacts?: DeobfuscateSavedArtifact[];
+    engine?: 'webcrack';
+    webcrackApplied?: boolean;
     vmDetected?: {
         type: string;
         instructions: number;
@@ -19,25 +33,6 @@ export interface AdvancedDeobfuscateResult {
     };
 }
 export declare class AdvancedDeobfuscator {
-    private llm?;
-    private vmDeobfuscator;
-    constructor(llm?: LLMService);
     deobfuscate(options: AdvancedDeobfuscateOptions): Promise<AdvancedDeobfuscateResult>;
-    private detectInvisibleUnicode;
-    private decodeInvisibleUnicode;
-    private detectControlFlowFlattening;
-    private unflattenControlFlow;
-    private detectStringArrayRotation;
-    private derotateStringArray;
-    private detectDeadCodeInjection;
-    private removeDeadCode;
-    private detectOpaquePredicates;
-    private removeOpaquePredicates;
-    private llmCleanup;
-    private normalizeCode;
-    private detectStringEncoding;
-    private decodeStrings;
-    private applyASTOptimizations;
     private calculateConfidence;
-    private estimateCodeComplexity;
 }