@jshookmcp/jshook 0.2.2 → 0.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +661 -661
- package/README.md +15 -6
- package/README.zh.md +19 -4
- package/dist/native/scripts/linux/enum-windows.sh +12 -12
- package/dist/native/scripts/macos/enum-windows.applescript +22 -22
- package/dist/native/scripts/windows/enum-windows-by-class.ps1 +51 -51
- package/dist/native/scripts/windows/enum-windows.ps1 +44 -44
- package/dist/native/scripts/windows/inject-dll.ps1 +21 -21
- package/dist/packages/extension-sdk/src/bridges/shared.js +2 -2
- package/dist/packages/extension-sdk/src/plugin.d.ts +5 -0
- package/dist/packages/extension-sdk/src/plugin.js +119 -33
- package/dist/packages/extension-sdk/src/workflow.d.ts +156 -0
- package/dist/packages/extension-sdk/src/workflow.js +236 -0
- package/dist/src/config/search-defaults.js +161 -0
- package/dist/src/constants.d.ts +3 -0
- package/dist/src/constants.js +4 -1
- package/dist/src/index.d.ts +1 -1
- package/dist/src/index.js +13 -17
- package/dist/src/modules/analyzer/CodeAnalyzer.d.ts +1 -3
- package/dist/src/modules/analyzer/CodeAnalyzer.js +16 -28
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.d.ts +1 -2
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.js +1 -45
- package/dist/src/modules/analyzer/IntelligentAnalyzer.d.ts +1 -37
- package/dist/src/modules/analyzer/IntelligentAnalyzer.js +9 -142
- package/dist/src/modules/analyzer/PatternDetector.js +3 -3
- package/dist/src/modules/analyzer/PatternDetectorAuthPatterns.js +1 -1
- package/dist/src/modules/browser/BrowserDiscovery.d.ts +6 -5
- package/dist/src/modules/browser/BrowserDiscovery.js +3 -3
- package/dist/src/modules/browser/BrowserModeManager.d.ts +1 -1
- package/dist/src/modules/browser/BrowserModeManager.js +11 -10
- package/dist/src/modules/browser/TabRegistry.js +2 -2
- package/dist/src/modules/browser/UnifiedBrowserManager.d.ts +1 -0
- package/dist/src/modules/browser/UnifiedBrowserManager.js +19 -4
- package/dist/src/modules/captcha/AICaptchaDetector.d.ts +14 -23
- package/dist/src/modules/captcha/AICaptchaDetector.js +8 -202
- package/dist/src/modules/captcha/CaptchaDetector.d.ts +31 -17
- package/dist/src/modules/captcha/CaptchaDetector.js +1 -1
- package/dist/src/modules/collector/CodeCache.d.ts +2 -2
- package/dist/src/modules/collector/CodeCollector.d.ts +12 -9
- package/dist/src/modules/collector/CodeCollector.js +5 -6
- package/dist/src/modules/collector/DOMInspector.d.ts +3 -2
- package/dist/src/modules/collector/DOMInspector.js +49 -59
- package/dist/src/modules/collector/PageController.d.ts +17 -4
- package/dist/src/modules/collector/PageController.js +2 -5
- package/dist/src/modules/collector/PageScriptCollectors.js +3 -3
- package/dist/src/modules/crypto/CryptoDetector.d.ts +1 -4
- package/dist/src/modules/crypto/CryptoDetector.js +2 -42
- package/dist/src/modules/crypto/CryptoRules.js +1 -1
- package/dist/src/modules/debugger/BlackboxManager.js +1 -1
- package/dist/src/modules/debugger/DebuggerManager.impl.core.scope.js +1 -1
- package/dist/src/modules/debugger/ScriptManager.impl.extract-function-tree.js +5 -3
- package/dist/src/modules/debugger/WatchExpressionManager.js +1 -1
- package/dist/src/modules/deobfuscator/Deobfuscator.d.ts +1 -4
- package/dist/src/modules/deobfuscator/Deobfuscator.js +4 -39
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.d.ts +0 -3
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.js +2 -8
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.d.ts +2 -3
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.js +5 -57
- package/dist/src/modules/deobfuscator/JScramblerDeobfuscator.js +3 -4
- package/dist/src/modules/deobfuscator/PackerDeobfuscator.js +1 -1
- package/dist/src/modules/deobfuscator/VMDeobfuscator.d.ts +2 -10
- package/dist/src/modules/deobfuscator/VMDeobfuscator.js +3 -128
- package/dist/src/modules/deobfuscator/webcrack.js +15 -2
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.d.ts +5 -8
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.js +10 -102
- package/dist/src/modules/emulator/EnvironmentEmulator.d.ts +1 -5
- package/dist/src/modules/emulator/EnvironmentEmulator.js +7 -91
- package/dist/src/modules/emulator/EnvironmentEmulatorFetch.js +58 -61
- package/dist/src/modules/emulator/templates/chrome-env.d.ts +17 -7
- package/dist/src/modules/emulator/templates/chrome-env.js +14 -7
- package/dist/src/modules/external/ExternalToolRunner.d.ts +1 -1
- package/dist/src/modules/external/ExternalToolRunner.js +26 -23
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.d.ts +13 -0
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.js +42 -0
- package/dist/src/modules/monitor/FetchInterceptor.d.ts +46 -0
- package/dist/src/modules/monitor/FetchInterceptor.js +191 -0
- package/dist/src/modules/monitor/PerformanceMonitor.js +8 -7
- package/dist/src/modules/process/BaseMemoryManager.d.ts +1 -1
- package/dist/src/modules/process/LinuxProcessManager.js +4 -2
- package/dist/src/modules/process/MacProcessManager.js +1 -1
- package/dist/src/modules/process/MemoryManager.d.ts +1 -1
- package/dist/src/modules/process/MemoryManager.js +2 -2
- package/dist/src/modules/process/ProcessManager.impl.js +1 -1
- package/dist/src/modules/process/memory/AuditTrail.js +1 -1
- package/dist/src/modules/process/memory/reader.js +35 -3
- package/dist/src/modules/process/memory/regions.enumerate.js +1 -1
- package/dist/src/modules/process/memory/regions.protection.js +42 -9
- package/dist/src/modules/process/memory/scanner.d.ts +5 -1
- package/dist/src/modules/process/memory/scanner.darwin.js +57 -0
- package/dist/src/modules/process/memory/scanner.js +88 -4
- package/dist/src/modules/process/memory/writer.js +44 -4
- package/dist/src/modules/security/ExecutionSandbox.js +7 -8
- package/dist/src/modules/stealth/FingerprintManager.js +1 -1
- package/dist/src/modules/stealth/StealthScripts.d.ts +4 -2
- package/dist/src/modules/stealth/StealthScripts.js +53 -14
- package/dist/src/modules/stealth/StealthVerifier.d.ts +1 -1
- package/dist/src/modules/stealth/StealthVerifier.js +2 -4
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.d.ts +14 -0
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.js +181 -2
- package/dist/src/modules/trace/TraceDB.js +12 -6
- package/dist/src/modules/trace/TraceRecorder.js +1 -5
- package/dist/src/native/AntiCheatDetector.js +67 -16
- package/dist/src/native/CodeInjector.js +4 -4
- package/dist/src/native/HardwareBreakpoint.js +25 -16
- package/dist/src/native/HeapAnalyzer.js +2 -2
- package/dist/src/native/MemoryController.js +1 -1
- package/dist/src/native/MemoryScanSession.js +2 -2
- package/dist/src/native/MemoryScanner.js +4 -8
- package/dist/src/native/NativeMemoryManager.impl.js +2 -2
- package/dist/src/native/PEAnalyzer.js +14 -15
- package/dist/src/native/PointerChainEngine.js +2 -4
- package/dist/src/native/ScriptLoader.js +4 -9
- package/dist/src/native/Speedhack.js +1 -1
- package/dist/src/native/StructureAnalyzer.js +52 -33
- package/dist/src/native/Win32API.d.ts +1 -0
- package/dist/src/native/Win32API.js +13 -0
- package/dist/src/native/Win32Debug.js +19 -19
- package/dist/src/native/platform/darwin/DarwinAPI.d.ts +2 -0
- package/dist/src/native/platform/darwin/DarwinAPI.js +8 -0
- package/dist/src/native/platform/darwin/DarwinMemoryProvider.js +6 -1
- package/dist/src/server/MCPServer.context.d.ts +2 -1
- package/dist/src/server/MCPServer.d.ts +2 -1
- package/dist/src/server/MCPServer.domain.d.ts +1 -1
- package/dist/src/server/MCPServer.domain.js +81 -16
- package/dist/src/server/MCPServer.js +42 -14
- package/dist/src/server/MCPServer.resources.d.ts +2 -0
- package/dist/src/server/MCPServer.resources.js +91 -0
- package/dist/src/server/MCPServer.search.handlers.call.js +2 -1
- package/dist/src/server/MCPServer.search.helpers.js +2 -2
- package/dist/src/server/MCPServer.tools.js +1 -1
- package/dist/src/server/MCPServer.transport.js +12 -0
- package/dist/src/server/ToolCallContextGuard.d.ts +5 -0
- package/dist/src/server/ToolCallContextGuard.js +85 -0
- package/dist/src/server/ToolRouter.d.ts +26 -10
- package/dist/src/server/ToolRouter.intent.d.ts +26 -0
- package/dist/src/server/ToolRouter.intent.js +77 -0
- package/dist/src/server/ToolRouter.js +103 -284
- package/dist/src/server/ToolRouter.policy.d.ts +22 -0
- package/dist/src/server/ToolRouter.policy.js +163 -0
- package/dist/src/server/ToolRouter.probe.d.ts +17 -0
- package/dist/src/server/ToolRouter.probe.js +103 -0
- package/dist/src/server/ToolRouter.renderer.d.ts +9 -0
- package/dist/src/server/ToolRouter.renderer.js +52 -0
- package/dist/src/server/activation/ActivationController.js +15 -12
- package/dist/src/server/activation/CompoundConditionEngine.js +1 -1
- package/dist/src/server/activation/PredictiveBooster.js +1 -3
- package/dist/src/server/domains/analysis/definitions.js +155 -655
- package/dist/src/server/domains/analysis/handlers.impl.d.ts +8 -8
- package/dist/src/server/domains/analysis/handlers.impl.js +34 -28
- package/dist/src/server/domains/analysis/handlers.web-tools.js +4 -3
- package/dist/src/server/domains/analysis/manifest.js +6 -4
- package/dist/src/server/domains/antidebug/definitions.js +25 -111
- package/dist/src/server/domains/browser/definitions.tools.advanced.js +59 -88
- package/dist/src/server/domains/browser/definitions.tools.behavior.js +120 -227
- package/dist/src/server/domains/browser/definitions.tools.page-core.js +157 -386
- package/dist/src/server/domains/browser/definitions.tools.page-system.js +108 -250
- package/dist/src/server/domains/browser/definitions.tools.runtime.js +61 -174
- package/dist/src/server/domains/browser/definitions.tools.security.js +92 -237
- package/dist/src/server/domains/browser/handlers/camoufox-browser.js +3 -2
- package/dist/src/server/domains/browser/handlers/captcha-solver.js +3 -3
- package/dist/src/server/domains/browser/handlers/dom-query.js +2 -1
- package/dist/src/server/domains/browser/handlers/facade-initializer.d.ts +3 -3
- package/dist/src/server/domains/browser/handlers/facade-initializer.js +3 -3
- package/dist/src/server/domains/browser/handlers/framework-state.js +231 -3
- package/dist/src/server/domains/browser/handlers/indexeddb-dump.js +21 -20
- package/dist/src/server/domains/browser/handlers/script-management.js +1 -1
- package/dist/src/server/domains/browser/handlers/stealth-injection.js +8 -2
- package/dist/src/server/domains/browser/handlers.impl.d.ts +15 -12
- package/dist/src/server/domains/browser/handlers.impl.js +5 -6
- package/dist/src/server/domains/browser/manifest.js +37 -13
- package/dist/src/server/domains/coordination/definitions.js +50 -149
- package/dist/src/server/domains/coordination/index.d.ts +20 -1
- package/dist/src/server/domains/coordination/index.js +133 -0
- package/dist/src/server/domains/coordination/manifest.js +15 -0
- package/dist/src/server/domains/debugger/definitions.tools.advanced.js +72 -189
- package/dist/src/server/domains/debugger/definitions.tools.core.js +114 -288
- package/dist/src/server/domains/debugger/manifest.js +9 -2
- package/dist/src/server/domains/encoding/definitions.js +43 -153
- package/dist/src/server/domains/encoding/handlers.base.js +2 -2
- package/dist/src/server/domains/evidence/definitions.d.ts +2 -0
- package/dist/src/server/domains/evidence/definitions.js +42 -0
- package/dist/src/server/domains/evidence/handlers.d.ts +582 -0
- package/dist/src/server/domains/evidence/handlers.js +60 -0
- package/dist/src/server/domains/evidence/index.d.ts +2 -0
- package/dist/src/server/domains/evidence/index.js +2 -0
- package/dist/src/server/domains/evidence/manifest.d.ts +63 -0
- package/dist/src/server/domains/evidence/manifest.js +78 -0
- package/dist/src/server/domains/graphql/definitions.js +53 -141
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.replay.js +92 -114
- package/dist/src/server/domains/hooks/ai-handlers.d.ts +0 -7
- package/dist/src/server/domains/hooks/ai-handlers.js +4 -70
- package/dist/src/server/domains/hooks/definitions.js +69 -335
- package/dist/src/server/domains/hooks/manifest.d.ts +1 -1
- package/dist/src/server/domains/hooks/manifest.js +1 -2
- package/dist/src/server/domains/instrumentation/definitions.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/definitions.js +99 -0
- package/dist/src/server/domains/instrumentation/handlers.d.ts +78 -0
- package/dist/src/server/domains/instrumentation/handlers.js +206 -0
- package/dist/src/server/domains/instrumentation/index.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/index.js +2 -0
- package/dist/src/server/domains/instrumentation/manifest.d.ts +63 -0
- package/dist/src/server/domains/instrumentation/manifest.js +114 -0
- package/dist/src/server/domains/macro/definitions.js +16 -43
- package/dist/src/server/domains/maintenance/definitions.js +60 -219
- package/dist/src/server/domains/maintenance/handlers.d.ts +2 -2
- package/dist/src/server/domains/maintenance/handlers.extensions.js +78 -20
- package/dist/src/server/domains/maintenance/handlers.js +2 -2
- package/dist/src/server/domains/memory/definitions.js +387 -559
- package/dist/src/server/domains/memory/handlers/hooks.d.ts +55 -0
- package/dist/src/server/domains/memory/handlers/hooks.js +115 -0
- package/dist/src/server/domains/memory/handlers/integrity.d.ts +77 -0
- package/dist/src/server/domains/memory/handlers/integrity.js +180 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.js +82 -0
- package/dist/src/server/domains/memory/handlers/readwrite.d.ts +41 -0
- package/dist/src/server/domains/memory/handlers/readwrite.js +78 -0
- package/dist/src/server/domains/memory/handlers/scan.d.ts +35 -0
- package/dist/src/server/domains/memory/handlers/scan.js +97 -0
- package/dist/src/server/domains/memory/handlers/session.d.ts +23 -0
- package/dist/src/server/domains/memory/handlers/session.js +49 -0
- package/dist/src/server/domains/memory/handlers/structure.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/structure.js +74 -0
- package/dist/src/server/domains/memory/handlers.impl.d.ts +49 -54
- package/dist/src/server/domains/memory/handlers.impl.js +63 -494
- package/dist/src/server/domains/memory/manifest.js +236 -64
- package/dist/src/server/domains/native-bridge/definitions.js +54 -192
- package/dist/src/server/domains/native-bridge/index.d.ts +1 -0
- package/dist/src/server/domains/native-bridge/index.js +2 -1
- package/dist/src/server/domains/network/auth-extractor.js +1 -1
- package/dist/src/server/domains/network/definitions.js +175 -578
- package/dist/src/server/domains/network/handlers.base.core.d.ts +64 -0
- package/dist/src/server/domains/network/handlers.base.core.js +623 -0
- package/dist/src/server/domains/network/handlers.base.d.ts +2 -124
- package/dist/src/server/domains/network/handlers.base.js +3 -878
- package/dist/src/server/domains/network/handlers.base.performance.d.ts +63 -0
- package/dist/src/server/domains/network/handlers.base.performance.js +193 -0
- package/dist/src/server/domains/network/handlers.base.types.d.ts +42 -0
- package/dist/src/server/domains/network/handlers.base.types.js +89 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.d.ts +1 -1
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.d.ts +21 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.js +186 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.js +1 -1
- package/dist/src/server/domains/network/manifest.js +15 -0
- package/dist/src/server/domains/network/replay.js +1 -4
- package/dist/src/server/domains/platform/definitions.js +121 -112
- package/dist/src/server/domains/platform/handlers/bridge-handlers.d.ts +5 -1
- package/dist/src/server/domains/platform/handlers/bridge-handlers.js +194 -5
- package/dist/src/server/domains/platform/handlers/electron-asar-helpers.js +26 -6
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.js +170 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.js +193 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.d.ts +6 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.js +95 -2
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.js +370 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.js +78 -0
- package/dist/src/server/domains/platform/handlers/miniapp-handlers.d.ts +1 -1
- package/dist/src/server/domains/platform/handlers/miniapp-handlers.js +4 -4
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.js +207 -0
- package/dist/src/server/domains/platform/handlers.d.ts +48 -0
- package/dist/src/server/domains/platform/handlers.js +29 -0
- package/dist/src/server/domains/platform/manifest.js +38 -0
- package/dist/src/server/domains/process/definitions.js +163 -647
- package/dist/src/server/domains/process/handlers.base.d.ts +3 -95
- package/dist/src/server/domains/process/handlers.base.js +7 -462
- package/dist/src/server/domains/process/handlers.base.process.d.ts +61 -0
- package/dist/src/server/domains/process/handlers.base.process.js +417 -0
- package/dist/src/server/domains/process/handlers.base.types.d.ts +57 -0
- package/dist/src/server/domains/process/handlers.base.types.js +50 -0
- package/dist/src/server/domains/process/handlers.impl.core.runtime.inject.js +19 -17
- package/dist/src/server/domains/process/manifest.js +6 -1
- package/dist/src/server/domains/sandbox/definitions.js +11 -33
- package/dist/src/server/domains/sandbox/handlers.js +8 -3
- package/dist/src/server/domains/shared/ResponseBuilder.d.ts +209 -0
- package/dist/src/server/domains/shared/ResponseBuilder.js +48 -0
- package/dist/src/server/domains/shared/modules.d.ts +0 -2
- package/dist/src/server/domains/shared/modules.js +0 -1
- package/dist/src/server/domains/sourcemap/definitions.js +27 -111
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-common.js +7 -2
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-main.js +1 -1
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-parse-base.js +1 -1
- package/dist/src/server/domains/sourcemap/manifest.d.ts +1 -1
- package/dist/src/server/domains/sourcemap/manifest.js +1 -1
- package/dist/src/server/domains/streaming/definitions.js +36 -148
- package/dist/src/server/domains/streaming/handlers.impl.streaming-sse.js +163 -164
- package/dist/src/server/domains/streaming/handlers.impl.streaming-ws.js +1 -1
- package/dist/src/server/domains/trace/TraceSummarizer.d.ts +60 -0
- package/dist/src/server/domains/trace/TraceSummarizer.js +112 -0
- package/dist/src/server/domains/trace/definitions.tools.js +51 -176
- package/dist/src/server/domains/trace/handlers.d.ts +2 -1
- package/dist/src/server/domains/trace/handlers.js +62 -9
- package/dist/src/server/domains/trace/index.d.ts +2 -1
- package/dist/src/server/domains/trace/index.js +2 -1
- package/dist/src/server/domains/trace/manifest.js +18 -4
- package/dist/src/server/domains/transform/definitions.js +50 -210
- package/dist/src/server/domains/transform/handlers.impl.transform-base.js +6 -6
- package/dist/src/server/domains/transform/handlers.impl.transform-crypto.js +18 -19
- package/dist/src/server/domains/transform/manifest.d.ts +1 -1
- package/dist/src/server/domains/transform/manifest.js +1 -1
- package/dist/src/server/domains/wasm/definitions.js +55 -232
- package/dist/src/server/domains/wasm/handlers.js +3 -3
- package/dist/src/server/domains/workflow/definitions.js +144 -414
- package/dist/src/server/domains/workflow/handlers.impl.workflow-account-bundle.js +2 -2
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.d.ts +2 -0
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.js +126 -87
- package/dist/src/server/domains/workflow/handlers.impl.workflow-batch.js +5 -5
- package/dist/src/server/evidence/ReverseEvidenceGraph.d.ts +20 -0
- package/dist/src/server/evidence/ReverseEvidenceGraph.js +208 -0
- package/dist/src/server/evidence/index.d.ts +2 -0
- package/dist/src/server/evidence/index.js +1 -0
- package/dist/src/server/evidence/types.d.ts +22 -0
- package/dist/src/server/evidence/types.js +1 -0
- package/dist/src/server/extensions/ExtensionManager.d.ts +1 -0
- package/dist/src/server/extensions/ExtensionManager.discovery.js +72 -9
- package/dist/src/server/extensions/ExtensionManager.integrity.js +1 -1
- package/dist/src/server/extensions/ExtensionManager.js +193 -40
- package/dist/src/server/extensions/ExtensionManager.roots.d.ts +1 -1
- package/dist/src/server/extensions/ExtensionManager.roots.js +19 -9
- package/dist/src/server/extensions/plugin-config.js +1 -1
- package/dist/src/server/extensions/plugin-env.d.ts +1 -1
- package/dist/src/server/extensions/plugin-env.js +10 -4
- package/dist/src/server/extensions/types.d.ts +17 -0
- package/dist/src/server/extensions/types.js +1 -1
- package/dist/src/server/http/HttpMiddleware.js +1 -1
- package/dist/src/server/instrumentation/EvidenceGraphBridge.d.ts +13 -0
- package/dist/src/server/instrumentation/EvidenceGraphBridge.js +150 -0
- package/dist/src/server/instrumentation/InstrumentationSession.d.ts +60 -0
- package/dist/src/server/instrumentation/InstrumentationSession.js +269 -0
- package/dist/src/server/instrumentation/index.d.ts +2 -0
- package/dist/src/server/instrumentation/index.js +2 -0
- package/dist/src/server/instrumentation/types.d.ts +62 -0
- package/dist/src/server/instrumentation/types.js +7 -0
- package/dist/src/server/macros/MacroConfigLoader.d.ts +6 -5
- package/dist/src/server/macros/MacroConfigLoader.js +61 -59
- package/dist/src/server/macros/MacroRunner.js +6 -2
- package/dist/src/server/macros/builtins/index.d.ts +2 -3
- package/dist/src/server/macros/builtins/index.js +51 -7
- package/dist/src/server/plugins/PluginContract.d.ts +1 -1
- package/dist/src/server/registry/contracts.d.ts +7 -1
- package/dist/src/server/registry/discovery.js +5 -4
- package/dist/src/server/registry/ensure-browser-core.js +0 -3
- package/dist/src/server/registry/index.js +4 -4
- package/dist/src/server/registry/tool-builder.d.ts +46 -0
- package/dist/src/server/registry/tool-builder.js +105 -0
- package/dist/src/server/sandbox/MCPBridge.d.ts +9 -0
- package/dist/src/server/sandbox/MCPBridge.js +22 -0
- package/dist/src/server/sandbox/QuickJSSandbox.d.ts +4 -1
- package/dist/src/server/sandbox/QuickJSSandbox.js +162 -2
- package/dist/src/server/sandbox/types.d.ts +13 -0
- package/dist/src/server/search/AffinityGraph.d.ts +7 -1
- package/dist/src/server/search/AffinityGraph.js +24 -3
- package/dist/src/server/search/EmbeddingWorker.js +5 -3
- package/dist/src/server/search/FeedbackTracker.d.ts +9 -0
- package/dist/src/server/search/FeedbackTracker.js +26 -0
- package/dist/src/server/search/QueryNormalizer.d.ts +6 -0
- package/dist/src/server/search/QueryNormalizer.js +94 -0
- package/dist/src/server/search/ToolSearchEngineImpl.d.ts +2 -3
- package/dist/src/server/search/ToolSearchEngineImpl.js +38 -88
- package/dist/src/server/workflows/WorkflowContract.d.ts +24 -0
- package/dist/src/server/workflows/WorkflowContract.js +12 -0
- package/dist/src/server/workflows/WorkflowEngine.d.ts +1 -0
- package/dist/src/server/workflows/WorkflowEngine.js +136 -3
- package/dist/src/types/config.d.ts +0 -14
- package/dist/src/types/deobfuscator.d.ts +0 -1
- package/dist/src/types/index.d.ts +1 -1
- package/dist/src/utils/DetailedDataManager.js +2 -0
- package/dist/src/utils/RingBuffer.js +5 -5
- package/dist/src/utils/TokenBudgetManager.js +1 -1
- package/dist/src/utils/UnifiedCacheManager.d.ts +1 -1
- package/dist/src/utils/UnifiedCacheManager.js +3 -3
- package/dist/src/utils/artifactRetention.js +2 -2
- package/dist/src/utils/betterSqlite3.d.ts +11 -0
- package/dist/src/utils/betterSqlite3.js +88 -0
- package/dist/src/utils/browserExecutable.js +2 -2
- package/dist/src/utils/cliFastPath.js +17 -6
- package/dist/src/utils/config.js +4 -26
- package/dist/src/utils/environmentDoctor.js +138 -11
- package/dist/src/utils/outputPaths.js +16 -9
- package/dist/src/utils/parallel.js +1 -3
- package/package.json +76 -72
- package/scripts/postinstall.cjs +37 -37
- package/src/native/scripts/linux/enum-windows.sh +12 -12
- package/src/native/scripts/macos/enum-windows.applescript +22 -22
- package/src/native/scripts/windows/enum-windows-by-class.ps1 +51 -51
- package/src/native/scripts/windows/enum-windows.ps1 +44 -44
- package/src/native/scripts/windows/inject-dll.ps1 +21 -21
- package/workflows/.gitkeep +0 -0
- package/dist/src/modules/analyzer/AISummarizer.d.ts +0 -39
- package/dist/src/modules/analyzer/AISummarizer.js +0 -122
- package/dist/src/modules/hook/AIHookGenerator.d.ts +0 -52
- package/dist/src/modules/hook/AIHookGenerator.js +0 -360
- package/dist/src/modules/hook/AIHookGeneratorTemplates.d.ts +0 -9
- package/dist/src/modules/hook/AIHookGeneratorTemplates.js +0 -157
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.js +0 -25
- package/dist/src/server/macros/builtins/unpacker-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/unpacker-flow.js +0 -25
- package/dist/src/services/LLMService.d.ts +0 -37
- package/dist/src/services/LLMService.js +0 -233
- package/dist/src/services/prompts/analysis.d.ts +0 -9
- package/dist/src/services/prompts/analysis.js +0 -158
- package/dist/src/services/prompts/crypto.d.ts +0 -2
- package/dist/src/services/prompts/crypto.js +0 -108
- package/dist/src/services/prompts/deobfuscation.d.ts +0 -6
- package/dist/src/services/prompts/deobfuscation.js +0 -300
- package/dist/src/services/prompts/environment.d.ts +0 -16
- package/dist/src/services/prompts/environment.js +0 -372
- package/dist/src/services/prompts/intelligence.d.ts +0 -4
- package/dist/src/services/prompts/intelligence.js +0 -250
- package/dist/src/services/prompts/taint.d.ts +0 -2
- package/dist/src/services/prompts/taint.js +0 -54
|
@@ -0,0 +1,191 @@
|
|
|
1
|
+
import { logger } from '../../utils/logger.js';
|
|
2
|
+
import { randomUUID } from 'node:crypto';
|
|
3
|
+
export class FetchInterceptor {
|
|
4
|
+
cdpSession;
|
|
5
|
+
rules = new Map();
|
|
6
|
+
enabled = false;
|
|
7
|
+
eventHandler = null;
|
|
8
|
+
compiledPatterns = new Map();
|
|
9
|
+
constructor(cdpSession) {
|
|
10
|
+
this.cdpSession = cdpSession;
|
|
11
|
+
}
|
|
12
|
+
async enable(ruleInputs) {
|
|
13
|
+
const newRules = [];
|
|
14
|
+
for (const input of ruleInputs) {
|
|
15
|
+
const rule = this.createRule(input);
|
|
16
|
+
this.rules.set(rule.id, rule);
|
|
17
|
+
this.compiledPatterns.set(rule.id, this.compilePattern(rule));
|
|
18
|
+
newRules.push(rule);
|
|
19
|
+
}
|
|
20
|
+
await this.applyRules();
|
|
21
|
+
if (!this.eventHandler) {
|
|
22
|
+
this.eventHandler = (params) => {
|
|
23
|
+
void this.handleRequestPaused(params);
|
|
24
|
+
};
|
|
25
|
+
this.cdpSession.on('Fetch.requestPaused', this.eventHandler);
|
|
26
|
+
}
|
|
27
|
+
this.enabled = true;
|
|
28
|
+
logger.info(`FetchInterceptor enabled with ${this.rules.size} rule(s)`);
|
|
29
|
+
return newRules;
|
|
30
|
+
}
|
|
31
|
+
async disable() {
|
|
32
|
+
const count = this.rules.size;
|
|
33
|
+
if (this.eventHandler) {
|
|
34
|
+
try {
|
|
35
|
+
this.cdpSession.off('Fetch.requestPaused', this.eventHandler);
|
|
36
|
+
}
|
|
37
|
+
catch {
|
|
38
|
+
}
|
|
39
|
+
this.eventHandler = null;
|
|
40
|
+
}
|
|
41
|
+
try {
|
|
42
|
+
await this.cdpSession.send('Fetch.disable');
|
|
43
|
+
}
|
|
44
|
+
catch (error) {
|
|
45
|
+
logger.warn('Fetch.disable failed:', error);
|
|
46
|
+
}
|
|
47
|
+
this.rules.clear();
|
|
48
|
+
this.compiledPatterns.clear();
|
|
49
|
+
this.enabled = false;
|
|
50
|
+
logger.info(`FetchInterceptor disabled, removed ${count} rule(s)`);
|
|
51
|
+
return { removedRules: count };
|
|
52
|
+
}
|
|
53
|
+
async removeRule(ruleId) {
|
|
54
|
+
const removed = this.rules.delete(ruleId);
|
|
55
|
+
this.compiledPatterns.delete(ruleId);
|
|
56
|
+
if (removed) {
|
|
57
|
+
if (this.rules.size === 0) {
|
|
58
|
+
await this.disable();
|
|
59
|
+
}
|
|
60
|
+
else {
|
|
61
|
+
await this.applyRules();
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
return removed;
|
|
65
|
+
}
|
|
66
|
+
listRules() {
|
|
67
|
+
const rules = Array.from(this.rules.values());
|
|
68
|
+
return {
|
|
69
|
+
enabled: this.enabled,
|
|
70
|
+
rules,
|
|
71
|
+
totalHits: rules.reduce((sum, r) => sum + r.hitCount, 0),
|
|
72
|
+
};
|
|
73
|
+
}
|
|
74
|
+
isEnabled() {
|
|
75
|
+
return this.enabled;
|
|
76
|
+
}
|
|
77
|
+
createRule(input) {
|
|
78
|
+
const headers = [];
|
|
79
|
+
if (input.responseHeaders) {
|
|
80
|
+
for (const [name, value] of Object.entries(input.responseHeaders)) {
|
|
81
|
+
headers.push({ name, value });
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
return {
|
|
85
|
+
id: randomUUID().slice(0, 8),
|
|
86
|
+
urlPattern: input.urlPattern,
|
|
87
|
+
urlPatternType: input.urlPatternType ?? 'glob',
|
|
88
|
+
stage: input.stage ?? 'Response',
|
|
89
|
+
responseCode: input.responseCode ?? 200,
|
|
90
|
+
responseHeaders: headers,
|
|
91
|
+
responseBody: input.responseBody ?? '',
|
|
92
|
+
hitCount: 0,
|
|
93
|
+
createdAt: Date.now(),
|
|
94
|
+
};
|
|
95
|
+
}
|
|
96
|
+
compilePattern(rule) {
|
|
97
|
+
if (rule.urlPatternType === 'regex') {
|
|
98
|
+
try {
|
|
99
|
+
return new RegExp(rule.urlPattern, 'i');
|
|
100
|
+
}
|
|
101
|
+
catch {
|
|
102
|
+
return new RegExp(rule.urlPattern.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'), 'i');
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
const escaped = rule.urlPattern
|
|
106
|
+
.replace(/[.+?^${}()|[\]\\]/g, '\\$&')
|
|
107
|
+
.replace(/\*\*/g, '⟨GLOBSTAR⟩')
|
|
108
|
+
.replace(/\*/g, '[^/]*')
|
|
109
|
+
.replace(/⟨GLOBSTAR⟩/g, '.*');
|
|
110
|
+
return new RegExp(escaped, 'i');
|
|
111
|
+
}
|
|
112
|
+
async applyRules() {
|
|
113
|
+
const patterns = [];
|
|
114
|
+
for (const rule of this.rules.values()) {
|
|
115
|
+
patterns.push({
|
|
116
|
+
urlPattern: rule.urlPatternType === 'glob' ? rule.urlPattern : '*',
|
|
117
|
+
requestStage: rule.stage,
|
|
118
|
+
});
|
|
119
|
+
}
|
|
120
|
+
if (patterns.length === 0) {
|
|
121
|
+
return;
|
|
122
|
+
}
|
|
123
|
+
try {
|
|
124
|
+
try {
|
|
125
|
+
await this.cdpSession.send('Fetch.disable');
|
|
126
|
+
}
|
|
127
|
+
catch {
|
|
128
|
+
}
|
|
129
|
+
await this.cdpSession.send('Fetch.enable', {
|
|
130
|
+
patterns: patterns.length > 0 ? patterns : [{ urlPattern: '*', requestStage: 'Response' }],
|
|
131
|
+
handleAuthRequests: false,
|
|
132
|
+
});
|
|
133
|
+
}
|
|
134
|
+
catch (error) {
|
|
135
|
+
logger.error('Failed to apply Fetch interception rules:', error);
|
|
136
|
+
throw error;
|
|
137
|
+
}
|
|
138
|
+
}
|
|
139
|
+
async handleRequestPaused(params) {
|
|
140
|
+
const requestUrl = params.request.url;
|
|
141
|
+
for (const [ruleId, rule] of this.rules) {
|
|
142
|
+
const pattern = this.compiledPatterns.get(ruleId);
|
|
143
|
+
if (!pattern)
|
|
144
|
+
continue;
|
|
145
|
+
if (pattern.test(requestUrl)) {
|
|
146
|
+
rule.hitCount++;
|
|
147
|
+
logger.info(`[FetchInterceptor] Rule "${rule.urlPattern}" matched: ${requestUrl}`);
|
|
148
|
+
try {
|
|
149
|
+
const headers = [...rule.responseHeaders];
|
|
150
|
+
if (!headers.some((h) => h.name.toLowerCase() === 'content-type')) {
|
|
151
|
+
const body = rule.responseBody;
|
|
152
|
+
if (body.startsWith('{') || body.startsWith('[')) {
|
|
153
|
+
headers.push({ name: 'Content-Type', value: 'application/json' });
|
|
154
|
+
}
|
|
155
|
+
else {
|
|
156
|
+
headers.push({ name: 'Content-Type', value: 'text/plain' });
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
if (!headers.some((h) => h.name.toLowerCase() === 'access-control-allow-origin')) {
|
|
160
|
+
headers.push({ name: 'Access-Control-Allow-Origin', value: '*' });
|
|
161
|
+
}
|
|
162
|
+
await this.cdpSession.send('Fetch.fulfillRequest', {
|
|
163
|
+
requestId: params.requestId,
|
|
164
|
+
responseCode: rule.responseCode,
|
|
165
|
+
responseHeaders: headers,
|
|
166
|
+
body: Buffer.from(rule.responseBody, 'utf-8').toString('base64'),
|
|
167
|
+
});
|
|
168
|
+
return;
|
|
169
|
+
}
|
|
170
|
+
catch (error) {
|
|
171
|
+
logger.error(`[FetchInterceptor] fulfillRequest failed for ${requestUrl}:`, error);
|
|
172
|
+
}
|
|
173
|
+
}
|
|
174
|
+
}
|
|
175
|
+
try {
|
|
176
|
+
if (params.responseStatusCode !== undefined) {
|
|
177
|
+
await this.cdpSession.send('Fetch.continueResponse', {
|
|
178
|
+
requestId: params.requestId,
|
|
179
|
+
});
|
|
180
|
+
}
|
|
181
|
+
else {
|
|
182
|
+
await this.cdpSession.send('Fetch.continueRequest', {
|
|
183
|
+
requestId: params.requestId,
|
|
184
|
+
});
|
|
185
|
+
}
|
|
186
|
+
}
|
|
187
|
+
catch (error) {
|
|
188
|
+
logger.warn(`[FetchInterceptor] continue failed for ${requestUrl}:`, error);
|
|
189
|
+
}
|
|
190
|
+
}
|
|
191
|
+
}
|
|
@@ -94,6 +94,12 @@ function collectTopHeapAllocations(root, topN) {
|
|
|
94
94
|
}
|
|
95
95
|
return { sampleCount, topAllocations };
|
|
96
96
|
}
|
|
97
|
+
async function PING(cdp) {
|
|
98
|
+
await Promise.race([
|
|
99
|
+
cdp.send('Runtime.evaluate', { expression: '1', returnByValue: true }),
|
|
100
|
+
new Promise((_, reject) => setTimeout(() => reject(new Error('cdp_unreachable')), 500)),
|
|
101
|
+
]);
|
|
102
|
+
}
|
|
97
103
|
export class PerformanceMonitor {
|
|
98
104
|
collector;
|
|
99
105
|
cdpSession = null;
|
|
@@ -107,12 +113,6 @@ export class PerformanceMonitor {
|
|
|
107
113
|
this.collector = collector;
|
|
108
114
|
}
|
|
109
115
|
async ensureCDPSession() {
|
|
110
|
-
const PING = async (cdp) => {
|
|
111
|
-
await Promise.race([
|
|
112
|
-
cdp.send('Runtime.evaluate', { expression: '1', returnByValue: true }),
|
|
113
|
-
new Promise((_, reject) => setTimeout(() => reject(new Error('cdp_unreachable')), 500)),
|
|
114
|
-
]);
|
|
115
|
-
};
|
|
116
116
|
if (!this.cdpSession) {
|
|
117
117
|
const page = await this.collector.getActivePage();
|
|
118
118
|
this.cdpSession = await Promise.race([
|
|
@@ -133,7 +133,8 @@ export class PerformanceMonitor {
|
|
|
133
133
|
try {
|
|
134
134
|
await this.cdpSession.detach();
|
|
135
135
|
}
|
|
136
|
-
catch {
|
|
136
|
+
catch {
|
|
137
|
+
}
|
|
137
138
|
this.cdpSession = null;
|
|
138
139
|
const page = await this.collector.getActivePage();
|
|
139
140
|
this.cdpSession = await Promise.race([
|
|
@@ -3,7 +3,7 @@ export declare abstract class BaseMemoryManager {
|
|
|
3
3
|
abstract readonly platform: string;
|
|
4
4
|
abstract readMemory(pid: number, address: number, size: number): Promise<MemoryReadResult>;
|
|
5
5
|
abstract writeMemory(pid: number, address: number, data: Buffer): Promise<MemoryWriteResult>;
|
|
6
|
-
abstract scanMemory(pid: number, pattern: string, patternType: PatternType): Promise<MemoryScanResult>;
|
|
6
|
+
abstract scanMemory(pid: number, pattern: string, patternType: PatternType, suspendTarget?: boolean): Promise<MemoryScanResult>;
|
|
7
7
|
abstract checkMemoryProtection(pid: number, address: number): Promise<MemoryProtectionInfo>;
|
|
8
8
|
abstract enumerateRegions(pid: number): Promise<{
|
|
9
9
|
success: boolean;
|
|
@@ -42,6 +42,8 @@ export class LinuxProcessManager {
|
|
|
42
42
|
const parts = line.trim().split(/\s+/);
|
|
43
43
|
if (parts.length >= 11) {
|
|
44
44
|
const pid = parseInt(parts[1] || '0', 10);
|
|
45
|
+
if (isNaN(pid))
|
|
46
|
+
continue;
|
|
45
47
|
const cpu = parseFloat(parts[2] || '0');
|
|
46
48
|
const mem = parseFloat(parts[3] || '0');
|
|
47
49
|
const command = parts.slice(10).join(' ');
|
|
@@ -214,7 +216,7 @@ export class LinuxProcessManager {
|
|
|
214
216
|
const ppidMatch = status.match(/PPid:\s*(\d+)/);
|
|
215
217
|
return {
|
|
216
218
|
commandLine: cmdline.trim() || undefined,
|
|
217
|
-
parentPid: ppidMatch
|
|
219
|
+
parentPid: ppidMatch?.[1] ? parseInt(ppidMatch[1], 10) : undefined,
|
|
218
220
|
};
|
|
219
221
|
}
|
|
220
222
|
catch (error) {
|
|
@@ -228,7 +230,7 @@ export class LinuxProcessManager {
|
|
|
228
230
|
const commandLine = options?.commandLine ?? (await this.getProcessCommandLine(pid)).commandLine;
|
|
229
231
|
if (commandLine) {
|
|
230
232
|
const match = commandLine.match(/--remote-debugging-port=(\d+)/);
|
|
231
|
-
if (match
|
|
233
|
+
if (match?.[1]) {
|
|
232
234
|
return parseInt(match[1], 10);
|
|
233
235
|
}
|
|
234
236
|
}
|
|
@@ -275,7 +275,7 @@ export class MacProcessManager {
|
|
|
275
275
|
const commandLine = options?.commandLine ?? (await this.getProcessCommandLine(pid)).commandLine;
|
|
276
276
|
if (commandLine) {
|
|
277
277
|
const match = commandLine.match(/--remote-debugging-port=(\d+)/);
|
|
278
|
-
if (match
|
|
278
|
+
if (match?.[1]) {
|
|
279
279
|
return parseInt(match[1], 10);
|
|
280
280
|
}
|
|
281
281
|
}
|
|
@@ -15,7 +15,7 @@ export declare class MemoryManager {
|
|
|
15
15
|
}[];
|
|
16
16
|
error?: string;
|
|
17
17
|
}>;
|
|
18
|
-
scanMemory(pid: number, pattern: string, patternType?: PatternType): Promise<MemoryScanResult>;
|
|
18
|
+
scanMemory(pid: number, pattern: string, patternType?: PatternType, suspendTarget?: boolean): Promise<MemoryScanResult>;
|
|
19
19
|
scanMemoryFiltered(pid: number, pattern: string, addresses: string[], patternType?: PatternType): Promise<MemoryScanResult>;
|
|
20
20
|
dumpMemoryRegion(pid: number, startAddress: string, size: number, outputPath: string): Promise<{
|
|
21
21
|
success: boolean;
|
|
@@ -29,8 +29,8 @@ export class MemoryManager {
|
|
|
29
29
|
async batchMemoryWrite(pid, patches) {
|
|
30
30
|
return _batchMemoryWrite(pid, patches, (p, addr, data, enc) => this.writeMemory(p, addr, data, enc));
|
|
31
31
|
}
|
|
32
|
-
async scanMemory(pid, pattern, patternType = 'hex') {
|
|
33
|
-
return _scanMemory(this.platform, pid, pattern, patternType);
|
|
32
|
+
async scanMemory(pid, pattern, patternType = 'hex', suspendTarget = false) {
|
|
33
|
+
return _scanMemory(this.platform, pid, pattern, patternType, suspendTarget);
|
|
34
34
|
}
|
|
35
35
|
async scanMemoryFiltered(pid, pattern, addresses, patternType = 'hex') {
|
|
36
36
|
return _scanMemoryFiltered(pid, pattern, addresses, patternType, (p, addr, size) => this.readMemory(p, addr, size), (p, pat, type) => this.scanMemory(p, pat, type));
|
|
@@ -189,7 +189,7 @@ export class ProcessManager {
|
|
|
189
189
|
const commandLine = options?.commandLine ?? (await this.getProcessCommandLine(pid)).commandLine;
|
|
190
190
|
if (commandLine) {
|
|
191
191
|
const match = commandLine.match(/--remote-debugging-port=(\d+)/);
|
|
192
|
-
if (match
|
|
192
|
+
if (match?.[1]) {
|
|
193
193
|
return parseInt(match[1], 10);
|
|
194
194
|
}
|
|
195
195
|
}
|
|
@@ -5,7 +5,7 @@ export class MemoryAuditTrail {
|
|
|
5
5
|
capacity;
|
|
6
6
|
constructor(capacity = 5000) {
|
|
7
7
|
this.capacity = Number.isInteger(capacity) && capacity > 0 ? capacity : 5000;
|
|
8
|
-
this.buffer =
|
|
8
|
+
this.buffer = Array.from({ length: this.capacity });
|
|
9
9
|
}
|
|
10
10
|
record(entry) {
|
|
11
11
|
const fullEntry = {
|
|
@@ -2,7 +2,9 @@ import { promises as fs } from 'node:fs';
|
|
|
2
2
|
import { logger } from '../../../utils/logger.js';
|
|
3
3
|
import { nativeMemoryManager } from '../../../native/NativeMemoryManager.js';
|
|
4
4
|
import { isKoffiAvailable } from '../../../native/Win32API.js';
|
|
5
|
+
import { MEMORY_MAX_READ_BYTES } from '../../../constants.js';
|
|
5
6
|
import { execAsync, executePowerShellScript, } from '../../process/memory/types.js';
|
|
7
|
+
const HEX_ADDR = /^(?:0x)?[0-9a-fA-F]{1,16}$/;
|
|
6
8
|
async function readMemoryWindows(pid, address, size) {
|
|
7
9
|
try {
|
|
8
10
|
const psScript = `
|
|
@@ -107,11 +109,32 @@ async function readMemoryMac(pid, address, size, checkProtectionFn) {
|
|
|
107
109
|
if (address === 0) {
|
|
108
110
|
return { success: false, error: 'Invalid address: null pointer (0x0)' };
|
|
109
111
|
}
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
return { success: false, error: `Invalid size: must be 1–${MAX_READ_SIZE} bytes` };
|
|
112
|
+
if (size <= 0 || size > MEMORY_MAX_READ_BYTES) {
|
|
113
|
+
return { success: false, error: `Invalid size: must be 1–${MEMORY_MAX_READ_BYTES} bytes` };
|
|
113
114
|
}
|
|
114
115
|
const addrHex = `0x${address.toString(16)}`;
|
|
116
|
+
try {
|
|
117
|
+
const { createPlatformProvider } = await import('../../../native/platform/factory.js');
|
|
118
|
+
const provider = createPlatformProvider();
|
|
119
|
+
const avail = await provider.checkAvailability();
|
|
120
|
+
if (avail.available) {
|
|
121
|
+
const handle = provider.openProcess(pid, false);
|
|
122
|
+
try {
|
|
123
|
+
const result = provider.readMemory(handle, BigInt(address), size);
|
|
124
|
+
const hex = Array.from(result.data.subarray(0, result.bytesRead))
|
|
125
|
+
.map((b) => b.toString(16).padStart(2, '0').toUpperCase())
|
|
126
|
+
.join(' ');
|
|
127
|
+
logger.debug('Native Mach memory read succeeded (zero-pause)');
|
|
128
|
+
return { success: true, data: hex };
|
|
129
|
+
}
|
|
130
|
+
finally {
|
|
131
|
+
provider.closeProcess(handle);
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
catch (nativeErr) {
|
|
136
|
+
logger.debug('Native Mach read failed, falling back to lldb:', nativeErr);
|
|
137
|
+
}
|
|
115
138
|
const prot = await checkProtectionFn(pid, addrHex);
|
|
116
139
|
if (!prot.success) {
|
|
117
140
|
return { success: false, error: `Cannot verify memory region: ${prot.error}` };
|
|
@@ -144,10 +167,19 @@ async function readMemoryMac(pid, address, size, checkProtectionFn) {
|
|
|
144
167
|
}
|
|
145
168
|
export async function readMemory(platform, pid, address, size, checkProtectionFn) {
|
|
146
169
|
try {
|
|
170
|
+
if (!HEX_ADDR.test(address)) {
|
|
171
|
+
return { success: false, error: 'Invalid address format. Use hex like "0x12345678"' };
|
|
172
|
+
}
|
|
147
173
|
const addrNum = parseInt(address, 16);
|
|
148
174
|
if (isNaN(addrNum)) {
|
|
149
175
|
return { success: false, error: 'Invalid address format. Use hex like "0x12345678"' };
|
|
150
176
|
}
|
|
177
|
+
if (size <= 0 || size > MEMORY_MAX_READ_BYTES) {
|
|
178
|
+
return {
|
|
179
|
+
success: false,
|
|
180
|
+
error: `Read size must be 1–${MEMORY_MAX_READ_BYTES} bytes (${(MEMORY_MAX_READ_BYTES / 1024 / 1024).toFixed(0)} MB)`,
|
|
181
|
+
};
|
|
182
|
+
}
|
|
151
183
|
if (platform === 'win32' && isKoffiAvailable()) {
|
|
152
184
|
try {
|
|
153
185
|
const result = await nativeMemoryManager.readMemory(pid, address, size);
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import { readFileSync } from 'fs';
|
|
2
2
|
import { logger } from '../../../utils/logger.js';
|
|
3
3
|
import { execAsync, executePowerShellScript, } from '../../process/memory/types.js';
|
|
4
|
-
import { parseProcMaps, formatLinuxProtection } from './linux/mapsParser.js';
|
|
5
4
|
import { nativeMemoryManager } from '../../../native/NativeMemoryManager.js';
|
|
6
5
|
import { isKoffiAvailable } from '../../../native/NativeMemoryManager.utils.js';
|
|
6
|
+
import { parseProcMaps, formatLinuxProtection } from './linux/mapsParser.js';
|
|
7
7
|
function buildEnumerateRegionsScript(pid) {
|
|
8
8
|
return `
|
|
9
9
|
Add-Type @"
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { promises as fsAsync } from 'fs';
|
|
2
2
|
import { logger } from '../../../utils/logger.js';
|
|
3
3
|
import { execAsync, executePowerShellScript, } from '../../process/memory/types.js';
|
|
4
|
-
import { parseProcMaps, formatLinuxProtection } from './linux/mapsParser.js';
|
|
5
4
|
import { nativeMemoryManager } from '../../../native/NativeMemoryManager.js';
|
|
6
5
|
import { isKoffiAvailable } from '../../../native/NativeMemoryManager.utils.js';
|
|
6
|
+
import { parseProcMaps, formatLinuxProtection } from './linux/mapsParser.js';
|
|
7
7
|
function buildProtectionCheckScript(pid, address) {
|
|
8
8
|
return `
|
|
9
9
|
Add-Type @"
|
|
@@ -117,7 +117,7 @@ export async function checkMemoryProtection(platform, pid, address) {
|
|
|
117
117
|
const addrNum = BigInt(address.startsWith('0x') ? address : `0x${address}`);
|
|
118
118
|
if (platform === 'linux') {
|
|
119
119
|
try {
|
|
120
|
-
const mapsContent =
|
|
120
|
+
const mapsContent = await fsAsync.readFile(`/proc/${pid}/maps`, 'utf-8');
|
|
121
121
|
const regions = parseProcMaps(mapsContent);
|
|
122
122
|
const region = regions.find((r) => addrNum >= r.start && addrNum < r.end);
|
|
123
123
|
if (!region) {
|
|
@@ -139,8 +139,41 @@ export async function checkMemoryProtection(platform, pid, address) {
|
|
|
139
139
|
}
|
|
140
140
|
if (platform === 'darwin') {
|
|
141
141
|
try {
|
|
142
|
-
const
|
|
143
|
-
|
|
142
|
+
const { createPlatformProvider } = await import('../../../native/platform/factory.js');
|
|
143
|
+
const provider = createPlatformProvider();
|
|
144
|
+
const avail = await provider.checkAvailability();
|
|
145
|
+
if (avail.available) {
|
|
146
|
+
const handle = provider.openProcess(pid, false);
|
|
147
|
+
try {
|
|
148
|
+
const region = provider.queryRegion(handle, addrNum);
|
|
149
|
+
if (region) {
|
|
150
|
+
const protStr = [
|
|
151
|
+
region.isReadable ? 'r' : '-',
|
|
152
|
+
region.isWritable ? 'w' : '-',
|
|
153
|
+
region.isExecutable ? 'x' : '-',
|
|
154
|
+
].join('');
|
|
155
|
+
return {
|
|
156
|
+
success: true,
|
|
157
|
+
protection: protStr,
|
|
158
|
+
isReadable: region.isReadable,
|
|
159
|
+
isWritable: region.isWritable,
|
|
160
|
+
isExecutable: region.isExecutable,
|
|
161
|
+
regionStart: `0x${region.baseAddress.toString(16)}`,
|
|
162
|
+
regionSize: region.size,
|
|
163
|
+
};
|
|
164
|
+
}
|
|
165
|
+
return { success: false, error: `Address ${address} not found in any memory region` };
|
|
166
|
+
}
|
|
167
|
+
finally {
|
|
168
|
+
provider.closeProcess(handle);
|
|
169
|
+
}
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
catch {
|
|
173
|
+
}
|
|
174
|
+
try {
|
|
175
|
+
const darwinAddr = parseInt(address, 16);
|
|
176
|
+
if (isNaN(darwinAddr))
|
|
144
177
|
return { success: false, error: 'Invalid address format' };
|
|
145
178
|
const { stdout } = await execAsync(`vmmap -v ${pid}`, {
|
|
146
179
|
timeout: 15000,
|
|
@@ -153,7 +186,7 @@ export async function checkMemoryProtection(platform, pid, address) {
|
|
|
153
186
|
continue;
|
|
154
187
|
const start = parseInt(m[2], 16);
|
|
155
188
|
const end = parseInt(m[3], 16);
|
|
156
|
-
if (
|
|
189
|
+
if (darwinAddr >= start && darwinAddr < end) {
|
|
157
190
|
const prot = m[4];
|
|
158
191
|
return {
|
|
159
192
|
success: true,
|
|
@@ -195,11 +228,11 @@ export async function checkMemoryProtection(platform, pid, address) {
|
|
|
195
228
|
}
|
|
196
229
|
}
|
|
197
230
|
try {
|
|
198
|
-
const
|
|
199
|
-
if (isNaN(
|
|
231
|
+
const winAddr = parseInt(address, 16);
|
|
232
|
+
if (isNaN(winAddr)) {
|
|
200
233
|
return { success: false, error: 'Invalid address format' };
|
|
201
234
|
}
|
|
202
|
-
const psScript = buildProtectionCheckScript(pid,
|
|
235
|
+
const psScript = buildProtectionCheckScript(pid, winAddr);
|
|
203
236
|
const { stdout } = await executePowerShellScript(psScript, {
|
|
204
237
|
maxBuffer: 1024 * 1024,
|
|
205
238
|
timeout: 30000,
|
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
import type { Platform, MemoryScanResult, PatternType } from '../../process/memory/types.js';
|
|
2
2
|
export { buildPatternBytesAndMask, patternToBytesMac } from './scanner.patterns.js';
|
|
3
|
-
export
|
|
3
|
+
export interface ScanOptions {
|
|
4
|
+
patternType?: PatternType;
|
|
5
|
+
suspendTarget?: boolean;
|
|
6
|
+
}
|
|
7
|
+
export declare function scanMemory(platform: Platform, pid: number, pattern: string, patternType?: PatternType, suspendTarget?: boolean): Promise<MemoryScanResult>;
|
|
4
8
|
export declare function scanMemoryFiltered(pid: number, pattern: string, addresses: string[], patternType: PatternType | undefined, _readMemoryFn: (pid: number, address: string, size: number) => Promise<{
|
|
5
9
|
success: boolean;
|
|
6
10
|
data?: string;
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
import { promises as fs } from 'node:fs';
|
|
2
|
+
import { logger } from '../../../utils/logger.js';
|
|
2
3
|
import { execAsync } from '../../process/memory/types.js';
|
|
3
4
|
import { patternToBytesMac } from './scanner.patterns.js';
|
|
5
|
+
import { findPatternInBuffer } from '../../../native/NativeMemoryManager.utils.js';
|
|
4
6
|
export async function scanMemoryMac(pid, pattern, patternType) {
|
|
5
7
|
let patternBytes;
|
|
6
8
|
let patternMask;
|
|
@@ -16,6 +18,61 @@ export async function scanMemoryMac(pid, pattern, patternType) {
|
|
|
16
18
|
error: e instanceof Error ? e.message : 'Invalid pattern',
|
|
17
19
|
};
|
|
18
20
|
}
|
|
21
|
+
try {
|
|
22
|
+
const nativeResult = await scanMemoryMacNative(pid, patternBytes, patternMask);
|
|
23
|
+
if (nativeResult)
|
|
24
|
+
return nativeResult;
|
|
25
|
+
}
|
|
26
|
+
catch (nativeErr) {
|
|
27
|
+
logger.debug('Native Mach scan failed, falling back to lldb:', nativeErr);
|
|
28
|
+
}
|
|
29
|
+
return scanMemoryMacLldb(pid, patternBytes, patternMask);
|
|
30
|
+
}
|
|
31
|
+
async function scanMemoryMacNative(pid, patternBytes, patternMask) {
|
|
32
|
+
const { createPlatformProvider } = await import('../../../native/platform/factory.js');
|
|
33
|
+
const provider = createPlatformProvider();
|
|
34
|
+
const avail = await provider.checkAvailability();
|
|
35
|
+
if (!avail.available)
|
|
36
|
+
return null;
|
|
37
|
+
const handle = provider.openProcess(pid, false);
|
|
38
|
+
const foundAddresses = [];
|
|
39
|
+
const maxResults = 1000;
|
|
40
|
+
const maxRegionSize = 32 * 1024 * 1024;
|
|
41
|
+
try {
|
|
42
|
+
let address = 0n;
|
|
43
|
+
for (let i = 0; i < 50000 && foundAddresses.length < maxResults; i++) {
|
|
44
|
+
const region = provider.queryRegion(handle, address);
|
|
45
|
+
if (!region)
|
|
46
|
+
break;
|
|
47
|
+
if (region.isReadable && region.size > 0 && region.size <= maxRegionSize) {
|
|
48
|
+
try {
|
|
49
|
+
const result = provider.readMemory(handle, region.baseAddress, region.size);
|
|
50
|
+
const matches = findPatternInBuffer(result.data, patternBytes, patternMask);
|
|
51
|
+
for (const offset of matches) {
|
|
52
|
+
foundAddresses.push(`0x${(region.baseAddress + BigInt(offset)).toString(16)}`);
|
|
53
|
+
if (foundAddresses.length >= maxResults)
|
|
54
|
+
break;
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
catch {
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
address = region.baseAddress + BigInt(region.size);
|
|
61
|
+
if (address <= region.baseAddress)
|
|
62
|
+
break;
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
finally {
|
|
66
|
+
provider.closeProcess(handle);
|
|
67
|
+
}
|
|
68
|
+
logger.debug(`Native Mach scan completed (zero-pause): ${foundAddresses.length} results`);
|
|
69
|
+
return {
|
|
70
|
+
success: true,
|
|
71
|
+
addresses: foundAddresses,
|
|
72
|
+
stats: { patternLength: patternBytes.length, resultsFound: foundAddresses.length },
|
|
73
|
+
};
|
|
74
|
+
}
|
|
75
|
+
async function scanMemoryMacLldb(pid, patternBytes, patternMask) {
|
|
19
76
|
const byteList = patternBytes.map((b) => `0x${b.toString(16)}`).join(',');
|
|
20
77
|
const maskList = patternMask.join(',');
|
|
21
78
|
const tag = `${pid}_${Date.now()}`;
|