@jshookmcp/jshook 0.2.2 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +661 -661
- package/README.md +4 -4
- package/README.zh.md +3 -3
- package/dist/native/scripts/linux/enum-windows.sh +12 -12
- package/dist/native/scripts/macos/enum-windows.applescript +22 -22
- package/dist/native/scripts/windows/enum-windows-by-class.ps1 +51 -51
- package/dist/native/scripts/windows/enum-windows.ps1 +44 -44
- package/dist/native/scripts/windows/inject-dll.ps1 +21 -21
- package/dist/src/modules/analyzer/CodeAnalyzer.d.ts +1 -1
- package/dist/src/modules/analyzer/CodeAnalyzer.js +1 -1
- package/dist/src/modules/browser/BrowserDiscovery.d.ts +6 -5
- package/dist/src/modules/browser/BrowserDiscovery.js +1 -1
- package/dist/src/modules/browser/BrowserModeManager.d.ts +1 -1
- package/dist/src/modules/browser/BrowserModeManager.js +1 -1
- package/dist/src/modules/browser/UnifiedBrowserManager.js +1 -1
- package/dist/src/modules/captcha/AICaptchaDetector.d.ts +22 -22
- package/dist/src/modules/captcha/AICaptchaDetector.js +75 -75
- package/dist/src/modules/captcha/CaptchaDetector.d.ts +31 -17
- package/dist/src/modules/captcha/CaptchaDetector.js +1 -1
- package/dist/src/modules/collector/CodeCache.d.ts +2 -2
- package/dist/src/modules/collector/CodeCollector.d.ts +12 -9
- package/dist/src/modules/collector/CodeCollector.js +1 -1
- package/dist/src/modules/collector/DOMInspector.d.ts +3 -2
- package/dist/src/modules/collector/DOMInspector.js +1 -1
- package/dist/src/modules/crypto/CryptoDetector.d.ts +1 -1
- package/dist/src/modules/crypto/CryptoDetector.js +1 -1
- package/dist/src/modules/debugger/ScriptManager.impl.extract-function-tree.js +1 -1
- package/dist/src/modules/deobfuscator/Deobfuscator.d.ts +1 -1
- package/dist/src/modules/deobfuscator/Deobfuscator.js +1 -1
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.d.ts +1 -1
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.js +2 -2
- package/dist/src/modules/deobfuscator/PackerDeobfuscator.js +1 -1
- package/dist/src/modules/deobfuscator/VMDeobfuscator.d.ts +1 -1
- package/dist/src/modules/deobfuscator/VMDeobfuscator.js +82 -82
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.js +1 -1
- package/dist/src/modules/external/ExternalToolRunner.d.ts +1 -1
- package/dist/src/modules/external/ExternalToolRunner.js +1 -1
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.compose.js +5 -5
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.network.js +311 -311
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.runtime.js +410 -410
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.storage.js +122 -122
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.dynamic.js +194 -194
- package/dist/src/modules/monitor/PlaywrightNetworkMonitor.js +62 -62
- package/dist/src/modules/process/LinuxProcessManager.js +2 -2
- package/dist/src/modules/process/MacProcessManager.js +26 -26
- package/dist/src/modules/process/ProcessManager.impl.js +1 -1
- package/dist/src/modules/process/memory/availability.js +49 -49
- package/dist/src/modules/process/memory/injector.js +185 -185
- package/dist/src/modules/process/memory/reader.js +50 -50
- package/dist/src/modules/process/memory/regions.dump.js +51 -51
- package/dist/src/modules/process/memory/regions.enumerate.js +107 -107
- package/dist/src/modules/process/memory/regions.modules.js +80 -80
- package/dist/src/modules/process/memory/regions.protection.js +106 -106
- package/dist/src/modules/process/memory/scanner.darwin.js +41 -41
- package/dist/src/modules/process/memory/scanner.windows.js +124 -124
- package/dist/src/modules/process/memory/writer.js +54 -54
- package/dist/src/modules/security/ExecutionSandbox.js +44 -44
- package/dist/src/modules/stealth/StealthScripts.d.ts +3 -2
- package/dist/src/modules/stealth/StealthScripts.js +35 -1
- package/dist/src/modules/stealth/StealthVerifier.d.ts +1 -1
- package/dist/src/modules/stealth/StealthVerifier.js +1 -1
- package/dist/src/modules/trace/TraceDB.js +63 -63
- package/dist/src/native/CodeInjector.js +1 -1
- package/dist/src/native/HardwareBreakpoint.js +1 -1
- package/dist/src/server/MCPServer.js +1 -0
- package/dist/src/server/MCPServer.search.helpers.js +1 -1
- package/dist/src/server/MCPServer.tools.js +1 -1
- package/dist/src/server/ToolCallContextGuard.d.ts +5 -0
- package/dist/src/server/ToolCallContextGuard.js +77 -0
- package/dist/src/server/ToolRouter.d.ts +1 -1
- package/dist/src/server/ToolRouter.js +2 -2
- package/dist/src/server/domains/analysis/handlers.impl.d.ts +8 -8
- package/dist/src/server/domains/analysis/handlers.impl.js +8 -8
- package/dist/src/server/domains/analysis/handlers.web-tools.js +2 -2
- package/dist/src/server/domains/browser/definitions.tools.page-core.js +59 -59
- package/dist/src/server/domains/browser/definitions.tools.runtime.js +41 -41
- package/dist/src/server/domains/browser/definitions.tools.security.js +114 -114
- package/dist/src/server/domains/browser/handlers/facade-initializer.d.ts +3 -3
- package/dist/src/server/domains/browser/handlers/facade-initializer.js +3 -3
- package/dist/src/server/domains/browser/handlers/framework-state.js +210 -0
- package/dist/src/server/domains/browser/handlers/stealth-injection.js +8 -2
- package/dist/src/server/domains/browser/handlers.impl.d.ts +15 -11
- package/dist/src/server/domains/browser/handlers.impl.js +4 -4
- package/dist/src/server/domains/coordination/definitions.js +67 -0
- package/dist/src/server/domains/coordination/index.d.ts +18 -0
- package/dist/src/server/domains/coordination/index.js +132 -0
- package/dist/src/server/domains/coordination/manifest.js +15 -0
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.replay.js +2 -2
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.shared.js +77 -77
- package/dist/src/server/domains/hooks/ai-handlers.js +3 -3
- package/dist/src/server/domains/maintenance/handlers.d.ts +2 -2
- package/dist/src/server/domains/maintenance/handlers.js +2 -2
- package/dist/src/server/domains/platform/handlers/bridge-handlers.d.ts +1 -1
- package/dist/src/server/domains/platform/handlers/bridge-handlers.js +1 -1
- package/dist/src/server/domains/platform/handlers/miniapp-handlers.d.ts +1 -1
- package/dist/src/server/domains/platform/handlers/miniapp-handlers.js +1 -1
- package/dist/src/server/domains/process/handlers.impl.core.runtime.inject.js +1 -1
- package/dist/src/server/domains/trace/TraceSummarizer.d.ts +60 -0
- package/dist/src/server/domains/trace/TraceSummarizer.js +109 -0
- package/dist/src/server/domains/trace/definitions.tools.js +101 -71
- package/dist/src/server/domains/trace/handlers.d.ts +2 -1
- package/dist/src/server/domains/trace/handlers.js +59 -4
- package/dist/src/server/domains/trace/manifest.js +3 -1
- package/dist/src/server/domains/transform/handlers.impl.transform-base.js +103 -103
- package/dist/src/server/domains/wasm/handlers.js +2 -2
- package/dist/src/server/domains/workflow/handlers.impl.workflow-account-bundle.js +1 -1
- package/dist/src/server/domains/workflow/handlers.impl.workflow-api.js +51 -51
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.js +51 -51
- package/dist/src/server/extensions/ExtensionManager.roots.js +15 -5
- package/dist/src/server/http/HttpMiddleware.js +1 -1
- package/dist/src/server/registry/contracts.d.ts +6 -0
- package/dist/src/server/sandbox/MCPBridge.d.ts +9 -0
- package/dist/src/server/sandbox/MCPBridge.js +22 -0
- package/dist/src/server/sandbox/QuickJSSandbox.d.ts +4 -1
- package/dist/src/server/sandbox/QuickJSSandbox.js +149 -0
- package/dist/src/server/sandbox/SandboxHelpers.js +250 -250
- package/dist/src/server/sandbox/types.d.ts +13 -0
- package/dist/src/server/search/AffinityGraph.d.ts +7 -1
- package/dist/src/server/search/AffinityGraph.js +24 -3
- package/dist/src/services/LLMService.js +1 -1
- package/dist/src/utils/UnifiedCacheManager.d.ts +1 -1
- package/dist/src/utils/UnifiedCacheManager.js +2 -2
- package/dist/src/utils/cliFastPath.js +18 -4
- package/package.json +5 -3
- package/scripts/postinstall.cjs +37 -37
- package/src/native/scripts/linux/enum-windows.sh +12 -12
- package/src/native/scripts/macos/enum-windows.applescript +22 -22
- package/src/native/scripts/windows/enum-windows-by-class.ps1 +51 -51
- package/src/native/scripts/windows/enum-windows.ps1 +44 -44
- package/src/native/scripts/windows/inject-dll.ps1 +21 -21
package/README.md
CHANGED
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
|
|
9
9
|
English | [中文](./README.zh.md)
|
|
10
10
|
|
|
11
|
-
An MCP (Model Context Protocol) server providing **
|
|
11
|
+
An MCP (Model Context Protocol) server providing **290+ built-in tools** across **17+ domains** (including core meta-tools) — with runtime extension loading from `plugins/` and `workflows/` for AI-assisted JavaScript analysis and security analysis. Combines browser automation, Chrome DevTools Protocol debugging, network monitoring, intelligent JavaScript hooks, LLM-powered code analysis, process/memory inspection, WASM toolchain, binary encoding, anti-anti-debug, GraphQL discovery, source map reconstruction, AST transforms, crypto reconstruction, platform package analysis, Burp Suite / native analysis tool bridges, human behavior simulation, CAPTCHA solving, batch account workflows, and high-level composite workflow orchestration in a single server.
|
|
12
12
|
|
|
13
13
|
## Documentation / Quick Links
|
|
14
14
|
|
|
@@ -20,7 +20,7 @@ An MCP (Model Context Protocol) server providing **249 built-in tools** — **24
|
|
|
20
20
|
## 🌟 Key Highlights
|
|
21
21
|
|
|
22
22
|
- 🤖 **AI-Driven Analysis**: Leverage LLMs for intelligent JavaScript deobfuscation, cryptographic algorithm detection, and AST-level code comprehension.
|
|
23
|
-
- ⚡ **Search-First Context Efficiency**: BM25-powered `search_tools` + dynamic boosts cut jshook's tool-schema init delta from ~
|
|
23
|
+
- ⚡ **Search-First Context Efficiency**: BM25-powered `search_tools` + dynamic boosts cut jshook's tool-schema init delta from ~40.0K+ tokens (`full`) to ~3.0K (`search`) (Claude server-side count; excludes Claude Code base prompt).
|
|
24
24
|
- 🎯 **Progressive Capability Tiers**: Three built-in profiles (`search`/`workflow`/`full`), with `search` as the default base tier for on-demand capability scaling.
|
|
25
25
|
- 🌐 **Full-Stack Automation**: Seamlessly orchestrate Chromium/Camoufox browsers, CDP debugging, and network interception as atomic actions.
|
|
26
26
|
- 🛡️ **Advanced Anti-Debug**: Built-in evasion for debugger statements, timing checks, and strict headless bot fingerprinting techniques.
|
|
@@ -42,11 +42,11 @@ Provides a comprehensive suite of tools for AI-assisted JavaScript analysis, bro
|
|
|
42
42
|
- **Lazy Domain Initialization**: Handler classes instantiated via Proxy on first invocation, not during startup
|
|
43
43
|
- **Domain Self-Discovery**: Runtime manifest scanning (`domains/*/manifest.ts`) replaces hardcoded imports; add new domains by creating a single manifest file
|
|
44
44
|
- **B-Skeleton Contracts**: Extensibility contracts for plugins (`PluginContract`), workflows (`WorkflowContract`), and observability (`InstrumentationContract`)
|
|
45
|
-
- **Context Efficiency Benchmark**: Built-in tool-schema init delta (Claude server-side count
|
|
45
|
+
- **Context Efficiency Benchmark**: Built-in tool-schema init delta (Claude server-side count): `search` ≈ 3,000 tokens vs `full` ≈ 40,000+ tokens (10+ vs 290+ built-in tools; values change as tools/descriptions evolve)
|
|
46
46
|
|
|
47
47
|
## Tool Domains
|
|
48
48
|
|
|
49
|
-
The server provides **
|
|
49
|
+
The server provides **290+ built-in tools** across **17+ domains** (`antidebug`, `browser`, `coordination`, `core`, `debugger`, `encoding`, `graphql`, `hooks`, `maintenance`, `network`, `platform`, `process`, `sourcemap`, `streaming`, `transform`, `wasm`, and `workflow`).
|
|
50
50
|
|
|
51
51
|
> **[View the complete Tool Reference ↗](https://vmoranv.github.io/jshookmcp/reference/)**
|
|
52
52
|
|
package/README.zh.md
CHANGED
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
|
|
9
9
|
[English](./README.md) | 中文
|
|
10
10
|
|
|
11
|
-
面向 AI 辅助 JavaScript 分析与安全分析的 MCP(模型上下文协议)服务器,提供 **
|
|
11
|
+
面向 AI 辅助 JavaScript 分析与安全分析的 MCP(模型上下文协议)服务器,提供 **290+ 个内置工具**——跨越 **17+ 个工具域**(包含核心元工具)——并支持从 `plugins/` 与 `workflows/` 目录运行时动态扩展。集成浏览器自动化、Chrome DevTools Protocol 调试、网络监控、智能 JavaScript Hook、LLM 驱动代码分析、进程/内存操作、WASM 工具链、二进制编码、反反调试、GraphQL 发现、Source Map 重建、AST 变换、加密重构、平台包分析、Burp Suite / Native 分析工具桥接及高层复合工作流编排。
|
|
12
12
|
|
|
13
13
|
## 文档与快速导航
|
|
14
14
|
|
|
@@ -20,7 +20,7 @@
|
|
|
20
20
|
## 🌟 核心亮点
|
|
21
21
|
|
|
22
22
|
- 🤖 **AI 智能分析**:结合大语言模型实现 JavaScript 语义级反混淆、加密算法识别与深度 AST 结构理解。
|
|
23
|
-
- ⚡ **搜索优先的上下文效率**:BM25 驱动的 `search_tools` 配合动态加权,可将 jshook 内置配置档位中的“工具 schema 增量初始化上下文”从 `full` 档约 ~
|
|
23
|
+
- ⚡ **搜索优先的上下文效率**:BM25 驱动的 `search_tools` 配合动态加权,可将 jshook 内置配置档位中的“工具 schema 增量初始化上下文”从 `full` 档约 ~40.0K+ tokens 降至 `search` 档约 ~3.0K(Claude 服务端计数;不含 Claude Code 基线提示词)。
|
|
24
24
|
- 🎯 **渐进式能力分层**:内置三档配置(`search`/`workflow`/`full`),默认从 `search` 基座档启动,按需升级能力范围。
|
|
25
25
|
- 🌐 **全链路自动化**:将浏览器环境(Chromium/Camoufox)、CDP 底层调试与网络拦截无缝整合为原子操作。
|
|
26
26
|
- 🛡️ **高级反反调试**:内置强大的指纹伪装与检测绕过补丁,轻松应对各类反爬与调试器对抗保护。
|
|
@@ -42,7 +42,7 @@
|
|
|
42
42
|
- **域延迟初始化**:处理器类通过 Proxy 在首次调用时实例化,而非启动时预加载
|
|
43
43
|
- **域自发现架构**:运行时扫描 `domains/*/manifest.ts` 替代硬编码导入;新增域只需创建一个 manifest 文件
|
|
44
44
|
- **B-Skeleton 契约**:插件(`PluginContract`)、工作流(`WorkflowContract`)、可观测性(`InstrumentationContract`)的扩展性契约
|
|
45
|
-
- **上下文效率基准**:基于 Claude 服务端对当前内置工具 schema
|
|
45
|
+
- **上下文效率基准**:基于 Claude 服务端对当前内置工具 schema 的实测计数,`search` 档 ≈ 3,000 tokens,`full` 档 ≈ 40,000+ tokens(当前分别为 10+ 与 290+ 个 built-in tools;数值会随工具与描述变更而变化)
|
|
46
46
|
|
|
47
47
|
## 项目统计
|
|
48
48
|
|
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
#!/bin/bash
|
|
2
|
-
# enum-windows.sh
|
|
3
|
-
# Linux window enumeration script (placeholder)
|
|
4
|
-
|
|
5
|
-
TARGET_PID=$1
|
|
6
|
-
|
|
7
|
-
# Use xdotool or wmctrl for window enumeration
|
|
8
|
-
# This is a placeholder for future implementation
|
|
9
|
-
|
|
10
|
-
if command -v xdotool &> /dev/null; then
|
|
11
|
-
xdotool search --pid "$TARGET_PID" --name "" get-window-name
|
|
12
|
-
fi
|
|
1
|
+
#!/bin/bash
|
|
2
|
+
# enum-windows.sh
|
|
3
|
+
# Linux window enumeration script (placeholder)
|
|
4
|
+
|
|
5
|
+
TARGET_PID=$1
|
|
6
|
+
|
|
7
|
+
# Use xdotool or wmctrl for window enumeration
|
|
8
|
+
# This is a placeholder for future implementation
|
|
9
|
+
|
|
10
|
+
if command -v xdotool &> /dev/null; then
|
|
11
|
+
xdotool search --pid "$TARGET_PID" --name "" get-window-name
|
|
12
|
+
fi
|
|
@@ -1,22 +1,22 @@
|
|
|
1
|
-
-- enum-windows.applescript
|
|
2
|
-
-- macOS window enumeration script (placeholder)
|
|
3
|
-
|
|
4
|
-
param TargetPid
|
|
5
|
-
|
|
6
|
-
-- AppleScript implementation for window enumeration
|
|
7
|
-
-- This is a placeholder for future implementation
|
|
8
|
-
|
|
9
|
-
tell application "System Events"
|
|
10
|
-
set windowList to {}
|
|
11
|
-
repeat with proc in (every process whose unix id is TargetPid)
|
|
12
|
-
repeat with win in windows of proc
|
|
13
|
-
set end of windowList to {¬
|
|
14
|
-
title: name of win, ¬
|
|
15
|
-
position: position of win, ¬
|
|
16
|
-
size: size of win ¬
|
|
17
|
-
}
|
|
18
|
-
end repeat
|
|
19
|
-
end repeat
|
|
20
|
-
end tell
|
|
21
|
-
|
|
22
|
-
return windowList
|
|
1
|
+
-- enum-windows.applescript
|
|
2
|
+
-- macOS window enumeration script (placeholder)
|
|
3
|
+
|
|
4
|
+
param TargetPid
|
|
5
|
+
|
|
6
|
+
-- AppleScript implementation for window enumeration
|
|
7
|
+
-- This is a placeholder for future implementation
|
|
8
|
+
|
|
9
|
+
tell application "System Events"
|
|
10
|
+
set windowList to {}
|
|
11
|
+
repeat with proc in (every process whose unix id is TargetPid)
|
|
12
|
+
repeat with win in windows of proc
|
|
13
|
+
set end of windowList to {¬
|
|
14
|
+
title: name of win, ¬
|
|
15
|
+
position: position of win, ¬
|
|
16
|
+
size: size of win ¬
|
|
17
|
+
}
|
|
18
|
+
end repeat
|
|
19
|
+
end repeat
|
|
20
|
+
end tell
|
|
21
|
+
|
|
22
|
+
return windowList
|
|
@@ -1,51 +1,51 @@
|
|
|
1
|
-
param(
|
|
2
|
-
[string]$ClassPattern
|
|
3
|
-
)
|
|
4
|
-
|
|
5
|
-
Add-Type @"
|
|
6
|
-
using System;
|
|
7
|
-
using System.Runtime.InteropServices;
|
|
8
|
-
public class Win32 {
|
|
9
|
-
[DllImport("user32.dll")] public static extern IntPtr FindWindowEx(IntPtr parent, IntPtr childAfter, string className, string title);
|
|
10
|
-
[DllImport("user32.dll")] public static extern int GetWindowThreadProcessId(IntPtr hWnd, out int pid);
|
|
11
|
-
[DllImport("user32.dll")] public static extern int GetWindowText(IntPtr hWnd, System.Text.StringBuilder text, int count);
|
|
12
|
-
[DllImport("user32.dll")] public static extern int GetClassName(IntPtr hWnd, System.Text.StringBuilder className, int maxCount);
|
|
13
|
-
}
|
|
14
|
-
"@
|
|
15
|
-
|
|
16
|
-
$windows = @()
|
|
17
|
-
$hwnd = [IntPtr]::Zero
|
|
18
|
-
while ($true) {
|
|
19
|
-
$hwnd = [Win32]::FindWindowEx([IntPtr]::Zero, $hwnd, $null, $null)
|
|
20
|
-
if ($hwnd -eq [IntPtr]::Zero) { break }
|
|
21
|
-
|
|
22
|
-
$className = New-Object System.Text.StringBuilder 256
|
|
23
|
-
[Win32]::GetClassName($hwnd, $className, 256) | Out-Null
|
|
24
|
-
$classNameStr = $className.ToString()
|
|
25
|
-
|
|
26
|
-
# Support wildcard pattern matching
|
|
27
|
-
$isMatch = $false
|
|
28
|
-
if ($ClassPattern -eq $classNameStr) {
|
|
29
|
-
$isMatch = $true
|
|
30
|
-
} elseif ($ClassPattern.Contains('*')) {
|
|
31
|
-
# Convert wildcard pattern to regex
|
|
32
|
-
$regexPattern = [regex]::Escape($ClassPattern).Replace('\*', '.*')
|
|
33
|
-
if ($classNameStr -match $regexPattern) {
|
|
34
|
-
$isMatch = $true
|
|
35
|
-
}
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
if ($isMatch) {
|
|
39
|
-
$windowPid = 0
|
|
40
|
-
[Win32]::GetWindowThreadProcessId($hwnd, [ref]$windowPid) | Out-Null
|
|
41
|
-
$title = New-Object System.Text.StringBuilder 256
|
|
42
|
-
[Win32]::GetWindowText($hwnd, $title, 256) | Out-Null
|
|
43
|
-
$windows += @{
|
|
44
|
-
Handle = $hwnd.ToString()
|
|
45
|
-
Title = $title.ToString()
|
|
46
|
-
ClassName = $classNameStr
|
|
47
|
-
ProcessId = $windowPid
|
|
48
|
-
}
|
|
49
|
-
}
|
|
50
|
-
}
|
|
51
|
-
$windows | ConvertTo-Json -Compress
|
|
1
|
+
param(
|
|
2
|
+
[string]$ClassPattern
|
|
3
|
+
)
|
|
4
|
+
|
|
5
|
+
Add-Type @"
|
|
6
|
+
using System;
|
|
7
|
+
using System.Runtime.InteropServices;
|
|
8
|
+
public class Win32 {
|
|
9
|
+
[DllImport("user32.dll")] public static extern IntPtr FindWindowEx(IntPtr parent, IntPtr childAfter, string className, string title);
|
|
10
|
+
[DllImport("user32.dll")] public static extern int GetWindowThreadProcessId(IntPtr hWnd, out int pid);
|
|
11
|
+
[DllImport("user32.dll")] public static extern int GetWindowText(IntPtr hWnd, System.Text.StringBuilder text, int count);
|
|
12
|
+
[DllImport("user32.dll")] public static extern int GetClassName(IntPtr hWnd, System.Text.StringBuilder className, int maxCount);
|
|
13
|
+
}
|
|
14
|
+
"@
|
|
15
|
+
|
|
16
|
+
$windows = @()
|
|
17
|
+
$hwnd = [IntPtr]::Zero
|
|
18
|
+
while ($true) {
|
|
19
|
+
$hwnd = [Win32]::FindWindowEx([IntPtr]::Zero, $hwnd, $null, $null)
|
|
20
|
+
if ($hwnd -eq [IntPtr]::Zero) { break }
|
|
21
|
+
|
|
22
|
+
$className = New-Object System.Text.StringBuilder 256
|
|
23
|
+
[Win32]::GetClassName($hwnd, $className, 256) | Out-Null
|
|
24
|
+
$classNameStr = $className.ToString()
|
|
25
|
+
|
|
26
|
+
# Support wildcard pattern matching
|
|
27
|
+
$isMatch = $false
|
|
28
|
+
if ($ClassPattern -eq $classNameStr) {
|
|
29
|
+
$isMatch = $true
|
|
30
|
+
} elseif ($ClassPattern.Contains('*')) {
|
|
31
|
+
# Convert wildcard pattern to regex
|
|
32
|
+
$regexPattern = [regex]::Escape($ClassPattern).Replace('\*', '.*')
|
|
33
|
+
if ($classNameStr -match $regexPattern) {
|
|
34
|
+
$isMatch = $true
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
if ($isMatch) {
|
|
39
|
+
$windowPid = 0
|
|
40
|
+
[Win32]::GetWindowThreadProcessId($hwnd, [ref]$windowPid) | Out-Null
|
|
41
|
+
$title = New-Object System.Text.StringBuilder 256
|
|
42
|
+
[Win32]::GetWindowText($hwnd, $title, 256) | Out-Null
|
|
43
|
+
$windows += @{
|
|
44
|
+
Handle = $hwnd.ToString()
|
|
45
|
+
Title = $title.ToString()
|
|
46
|
+
ClassName = $classNameStr
|
|
47
|
+
ProcessId = $windowPid
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
$windows | ConvertTo-Json -Compress
|
|
@@ -1,44 +1,44 @@
|
|
|
1
|
-
param(
|
|
2
|
-
[int]$TargetPid
|
|
3
|
-
)
|
|
4
|
-
|
|
5
|
-
Add-Type @"
|
|
6
|
-
using System;
|
|
7
|
-
using System.Runtime.InteropServices;
|
|
8
|
-
public class Win32 {
|
|
9
|
-
[DllImport("user32.dll")] public static extern IntPtr FindWindowEx(IntPtr parent, IntPtr childAfter, string className, string title);
|
|
10
|
-
[DllImport("user32.dll")] public static extern int GetWindowThreadProcessId(IntPtr hWnd, out int pid);
|
|
11
|
-
[DllImport("user32.dll")] public static extern int GetWindowText(IntPtr hWnd, System.Text.StringBuilder text, int count);
|
|
12
|
-
[DllImport("user32.dll")] public static extern int GetClassName(IntPtr hWnd, System.Text.StringBuilder className, int maxCount);
|
|
13
|
-
[DllImport("user32.dll")] public static extern bool GetWindowRect(IntPtr hWnd, out RECT rect);
|
|
14
|
-
[StructLayout(LayoutKind.Sequential)] public struct RECT { public int Left, Top, Right, Bottom; }
|
|
15
|
-
}
|
|
16
|
-
"@
|
|
17
|
-
|
|
18
|
-
$windows = @()
|
|
19
|
-
$hwnd = [IntPtr]::Zero
|
|
20
|
-
while ($true) {
|
|
21
|
-
$hwnd = [Win32]::FindWindowEx([IntPtr]::Zero, $hwnd, $null, $null)
|
|
22
|
-
if ($hwnd -eq [IntPtr]::Zero) { break }
|
|
23
|
-
$windowPid = 0
|
|
24
|
-
[Win32]::GetWindowThreadProcessId($hwnd, [ref]$windowPid) | Out-Null
|
|
25
|
-
if ($windowPid -eq $TargetPid) {
|
|
26
|
-
$title = New-Object System.Text.StringBuilder 256
|
|
27
|
-
$className = New-Object System.Text.StringBuilder 256
|
|
28
|
-
[Win32]::GetWindowText($hwnd, $title, 256) | Out-Null
|
|
29
|
-
[Win32]::GetClassName($hwnd, $className, 256) | Out-Null
|
|
30
|
-
$rect = New-Object Win32+RECT
|
|
31
|
-
[Win32]::GetWindowRect($hwnd, [ref]$rect) | Out-Null
|
|
32
|
-
$windows += @{
|
|
33
|
-
Handle = $hwnd.ToString()
|
|
34
|
-
Title = $title.ToString()
|
|
35
|
-
ClassName = $className.ToString()
|
|
36
|
-
ProcessId = $windowPid
|
|
37
|
-
Left = $rect.Left
|
|
38
|
-
Top = $rect.Top
|
|
39
|
-
Right = $rect.Right
|
|
40
|
-
Bottom = $rect.Bottom
|
|
41
|
-
}
|
|
42
|
-
}
|
|
43
|
-
}
|
|
44
|
-
$windows | ConvertTo-Json -Compress
|
|
1
|
+
param(
|
|
2
|
+
[int]$TargetPid
|
|
3
|
+
)
|
|
4
|
+
|
|
5
|
+
Add-Type @"
|
|
6
|
+
using System;
|
|
7
|
+
using System.Runtime.InteropServices;
|
|
8
|
+
public class Win32 {
|
|
9
|
+
[DllImport("user32.dll")] public static extern IntPtr FindWindowEx(IntPtr parent, IntPtr childAfter, string className, string title);
|
|
10
|
+
[DllImport("user32.dll")] public static extern int GetWindowThreadProcessId(IntPtr hWnd, out int pid);
|
|
11
|
+
[DllImport("user32.dll")] public static extern int GetWindowText(IntPtr hWnd, System.Text.StringBuilder text, int count);
|
|
12
|
+
[DllImport("user32.dll")] public static extern int GetClassName(IntPtr hWnd, System.Text.StringBuilder className, int maxCount);
|
|
13
|
+
[DllImport("user32.dll")] public static extern bool GetWindowRect(IntPtr hWnd, out RECT rect);
|
|
14
|
+
[StructLayout(LayoutKind.Sequential)] public struct RECT { public int Left, Top, Right, Bottom; }
|
|
15
|
+
}
|
|
16
|
+
"@
|
|
17
|
+
|
|
18
|
+
$windows = @()
|
|
19
|
+
$hwnd = [IntPtr]::Zero
|
|
20
|
+
while ($true) {
|
|
21
|
+
$hwnd = [Win32]::FindWindowEx([IntPtr]::Zero, $hwnd, $null, $null)
|
|
22
|
+
if ($hwnd -eq [IntPtr]::Zero) { break }
|
|
23
|
+
$windowPid = 0
|
|
24
|
+
[Win32]::GetWindowThreadProcessId($hwnd, [ref]$windowPid) | Out-Null
|
|
25
|
+
if ($windowPid -eq $TargetPid) {
|
|
26
|
+
$title = New-Object System.Text.StringBuilder 256
|
|
27
|
+
$className = New-Object System.Text.StringBuilder 256
|
|
28
|
+
[Win32]::GetWindowText($hwnd, $title, 256) | Out-Null
|
|
29
|
+
[Win32]::GetClassName($hwnd, $className, 256) | Out-Null
|
|
30
|
+
$rect = New-Object Win32+RECT
|
|
31
|
+
[Win32]::GetWindowRect($hwnd, [ref]$rect) | Out-Null
|
|
32
|
+
$windows += @{
|
|
33
|
+
Handle = $hwnd.ToString()
|
|
34
|
+
Title = $title.ToString()
|
|
35
|
+
ClassName = $className.ToString()
|
|
36
|
+
ProcessId = $windowPid
|
|
37
|
+
Left = $rect.Left
|
|
38
|
+
Top = $rect.Top
|
|
39
|
+
Right = $rect.Right
|
|
40
|
+
Bottom = $rect.Bottom
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
$windows | ConvertTo-Json -Compress
|
|
@@ -1,21 +1,21 @@
|
|
|
1
|
-
param(
|
|
2
|
-
[int]$TargetPid,
|
|
3
|
-
[string]$DllPath
|
|
4
|
-
)
|
|
5
|
-
|
|
6
|
-
Add-Type @"
|
|
7
|
-
using System;
|
|
8
|
-
using System.Runtime.InteropServices;
|
|
9
|
-
public class Injector {
|
|
10
|
-
[DllImport("kernel32.dll")] public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
11
|
-
[DllImport("kernel32.dll")] public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr addr, int size, int alloc, int protect);
|
|
12
|
-
[DllImport("kernel32.dll")] public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
|
|
13
|
-
[DllImport("kernel32.dll")] public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr attr, int stack, IntPtr start, IntPtr param, int flags, out int threadId);
|
|
14
|
-
[DllImport("kernel32.dll")] public static extern IntPtr GetModuleHandle(string name);
|
|
15
|
-
[DllImport("kernel32.dll")] public static extern IntPtr GetProcAddress(IntPtr hModule, string name);
|
|
16
|
-
[DllImport("kernel32.dll")] public static extern bool CloseHandle(IntPtr handle);
|
|
17
|
-
}
|
|
18
|
-
"@
|
|
19
|
-
|
|
20
|
-
# Injection requires elevated privileges and is disabled for safety
|
|
21
|
-
Write-Output "DLL injection is disabled for safety in this implementation. PID: $TargetPid, DLL: $DllPath"
|
|
1
|
+
param(
|
|
2
|
+
[int]$TargetPid,
|
|
3
|
+
[string]$DllPath
|
|
4
|
+
)
|
|
5
|
+
|
|
6
|
+
Add-Type @"
|
|
7
|
+
using System;
|
|
8
|
+
using System.Runtime.InteropServices;
|
|
9
|
+
public class Injector {
|
|
10
|
+
[DllImport("kernel32.dll")] public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
11
|
+
[DllImport("kernel32.dll")] public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr addr, int size, int alloc, int protect);
|
|
12
|
+
[DllImport("kernel32.dll")] public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
|
|
13
|
+
[DllImport("kernel32.dll")] public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr attr, int stack, IntPtr start, IntPtr param, int flags, out int threadId);
|
|
14
|
+
[DllImport("kernel32.dll")] public static extern IntPtr GetModuleHandle(string name);
|
|
15
|
+
[DllImport("kernel32.dll")] public static extern IntPtr GetProcAddress(IntPtr hModule, string name);
|
|
16
|
+
[DllImport("kernel32.dll")] public static extern bool CloseHandle(IntPtr handle);
|
|
17
|
+
}
|
|
18
|
+
"@
|
|
19
|
+
|
|
20
|
+
# Injection requires elevated privileges and is disabled for safety
|
|
21
|
+
Write-Output "DLL injection is disabled for safety in this implementation. PID: $TargetPid, DLL: $DllPath"
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { UnderstandCodeOptions, UnderstandCodeResult } from '../../types/index.js';
|
|
2
|
-
import { LLMService } from '../../services/LLMService.js';
|
|
2
|
+
import { type LLMService } from '../../services/LLMService.js';
|
|
3
3
|
export declare class CodeAnalyzer {
|
|
4
4
|
private llm;
|
|
5
5
|
constructor(llm: LLMService);
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import * as parser from '@babel/parser';
|
|
2
2
|
import traverse from '@babel/traverse';
|
|
3
|
-
import {
|
|
3
|
+
import {} from '../../services/LLMService.js';
|
|
4
4
|
import { generateCodeAnalysisPrompt } from '../../services/prompts/analysis.js';
|
|
5
5
|
import { logger } from '../../utils/logger.js';
|
|
6
6
|
import { identifySecurityRisks } from '../analyzer/SecurityCodeAnalyzer.js';
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { ScriptLoader } from '../../native/ScriptLoader.js';
|
|
1
2
|
export interface BrowserInfo {
|
|
2
3
|
type: 'chrome' | 'edge' | 'firefox' | 'unknown';
|
|
3
4
|
pid: number;
|
|
@@ -12,16 +13,16 @@ export interface BrowserSignature {
|
|
|
12
13
|
debugPorts: number[];
|
|
13
14
|
}
|
|
14
15
|
export declare class BrowserDiscovery {
|
|
15
|
-
|
|
16
|
-
|
|
16
|
+
protected scriptLoader: ScriptLoader;
|
|
17
|
+
protected browserSignatures: Map<string, BrowserSignature>;
|
|
17
18
|
constructor();
|
|
18
|
-
|
|
19
|
+
protected sanitizePsInput(value: string): string;
|
|
19
20
|
private escapePowerShellSingleQuoted;
|
|
20
21
|
discoverBrowsers(): Promise<BrowserInfo[]>;
|
|
21
|
-
|
|
22
|
+
protected findBySignature(type: string, signature: BrowserSignature): Promise<BrowserInfo[]>;
|
|
22
23
|
findByWindowClass(classNamePattern: string): Promise<BrowserInfo[]>;
|
|
23
24
|
findByProcessName(name: string): Promise<BrowserInfo[]>;
|
|
24
|
-
|
|
25
|
+
protected parseWindowsResult(stdout: string, _classNamePattern: string): BrowserInfo[];
|
|
25
26
|
private parseProcessResult;
|
|
26
27
|
detectDebugPort(pid: number, ports: number[]): Promise<number | null>;
|
|
27
28
|
private checkDebugPortFromCommandLine;
|
|
@@ -228,7 +228,7 @@ export class BrowserDiscovery {
|
|
|
228
228
|
const data = JSON.parse(stdout.trim());
|
|
229
229
|
const commandLine = data.CommandLine || '';
|
|
230
230
|
const match = commandLine.match(/--remote-debugging-port=(\d+)/);
|
|
231
|
-
if (match
|
|
231
|
+
if (match?.[1]) {
|
|
232
232
|
return parseInt(match[1], 10);
|
|
233
233
|
}
|
|
234
234
|
return null;
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { existsSync } from 'fs';
|
|
2
|
-
import puppeteer, {
|
|
2
|
+
import puppeteer, {} from 'rebrowser-puppeteer-core';
|
|
3
3
|
import { logger } from '../../utils/logger.js';
|
|
4
4
|
import { findBrowserExecutable } from '../../utils/browserExecutable.js';
|
|
5
5
|
import { CaptchaDetector } from '../captcha/CaptchaDetector.js';
|
|
@@ -225,7 +225,7 @@ export class UnifiedBrowserManager {
|
|
|
225
225
|
}
|
|
226
226
|
async attachToExistingChrome(preferredPorts = [9222, 9229, 9333]) {
|
|
227
227
|
const browserInfo = await this.findChromeWithDebugPort(preferredPorts);
|
|
228
|
-
if (!browserInfo
|
|
228
|
+
if (!browserInfo?.debugPort) {
|
|
229
229
|
logger.info('No existing Chrome browser with debug port found');
|
|
230
230
|
return null;
|
|
231
231
|
}
|
|
@@ -1,28 +1,28 @@
|
|
|
1
|
-
import { Page } from 'rebrowser-puppeteer-core';
|
|
2
|
-
import { LLMService } from '../../services/LLMService.js';
|
|
3
|
-
import type { AICaptchaDetectionResult } from '../captcha/types.js';
|
|
1
|
+
import { type Page } from 'rebrowser-puppeteer-core';
|
|
2
|
+
import { type LLMService } from '../../services/LLMService.js';
|
|
3
|
+
import type { AICaptchaDetectionResult, CaptchaProviderHint, CaptchaType, CaptchaPageInfo } from '../captcha/types.js';
|
|
4
4
|
export type { AICaptchaDetectionResult } from '../captcha/types.js';
|
|
5
5
|
export declare class AICaptchaDetector {
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
6
|
+
protected llm: LLMService;
|
|
7
|
+
protected screenshotDir: string;
|
|
8
|
+
protected hasLoggedVisionFallback: boolean;
|
|
9
9
|
constructor(llm: LLMService, screenshotDir?: string);
|
|
10
|
-
|
|
10
|
+
protected saveScreenshot(screenshotBase64: string): Promise<string>;
|
|
11
11
|
detect(page: Page): Promise<AICaptchaDetectionResult>;
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
12
|
+
protected getPageInfo(page: Page): Promise<CaptchaPageInfo>;
|
|
13
|
+
protected analyzeWithAI(screenshot: string, pageInfo: CaptchaPageInfo): Promise<AICaptchaDetectionResult>;
|
|
14
|
+
protected buildAnalysisPrompt(pageInfo: CaptchaPageInfo): string;
|
|
15
|
+
protected parseAIResponse(response: string, screenshotPath: string): AICaptchaDetectionResult;
|
|
16
|
+
protected fallbackTextAnalysis(pageInfo: CaptchaPageInfo): AICaptchaDetectionResult;
|
|
17
|
+
protected sanitizePageInfoForPrompt(pageInfo: CaptchaPageInfo): CaptchaPageInfo;
|
|
18
|
+
protected sanitizeUntrustedText(value: string, maxLength: number): string;
|
|
19
|
+
protected normalizeCaptchaType(type: unknown, detected: boolean): CaptchaType;
|
|
20
|
+
protected normalizeProviderHint(providerHint: unknown, detected: boolean): CaptchaProviderHint | undefined;
|
|
21
|
+
protected normalizeDetected(value: unknown): boolean;
|
|
22
|
+
protected normalizeConfidence(confidence: unknown): number;
|
|
23
|
+
protected applyLocalGuardrails(pageInfo: CaptchaPageInfo, aiResult: AICaptchaDetectionResult): AICaptchaDetectionResult;
|
|
24
|
+
protected hasStrongCaptchaElementSignals(elements: string[]): boolean;
|
|
25
|
+
protected hasStrongOverrideSignals(pageInfo: CaptchaPageInfo): boolean;
|
|
26
|
+
protected evaluateFallbackTextAnalysis(pageInfo: CaptchaPageInfo): AICaptchaDetectionResult;
|
|
27
27
|
waitForCompletion(page: Page, timeout?: number): Promise<boolean>;
|
|
28
28
|
}
|