@jshookmcp/jshook 0.2.3 → 0.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +14 -5
- package/README.zh.md +18 -3
- package/dist/packages/extension-sdk/src/bridges/shared.js +2 -2
- package/dist/packages/extension-sdk/src/plugin.d.ts +5 -0
- package/dist/packages/extension-sdk/src/plugin.js +119 -33
- package/dist/packages/extension-sdk/src/workflow.d.ts +156 -0
- package/dist/packages/extension-sdk/src/workflow.js +236 -0
- package/dist/src/config/search-defaults.js +161 -0
- package/dist/src/constants.d.ts +3 -0
- package/dist/src/constants.js +4 -1
- package/dist/src/index.d.ts +1 -1
- package/dist/src/index.js +13 -17
- package/dist/src/modules/analyzer/CodeAnalyzer.d.ts +1 -3
- package/dist/src/modules/analyzer/CodeAnalyzer.js +16 -28
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.d.ts +1 -2
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.js +1 -45
- package/dist/src/modules/analyzer/IntelligentAnalyzer.d.ts +1 -37
- package/dist/src/modules/analyzer/IntelligentAnalyzer.js +9 -142
- package/dist/src/modules/analyzer/PatternDetector.js +3 -3
- package/dist/src/modules/analyzer/PatternDetectorAuthPatterns.js +1 -1
- package/dist/src/modules/browser/BrowserDiscovery.js +2 -2
- package/dist/src/modules/browser/BrowserModeManager.js +11 -10
- package/dist/src/modules/browser/TabRegistry.js +2 -2
- package/dist/src/modules/browser/UnifiedBrowserManager.d.ts +1 -0
- package/dist/src/modules/browser/UnifiedBrowserManager.js +18 -3
- package/dist/src/modules/captcha/AICaptchaDetector.d.ts +1 -10
- package/dist/src/modules/captcha/AICaptchaDetector.js +7 -201
- package/dist/src/modules/collector/CodeCollector.js +4 -5
- package/dist/src/modules/collector/DOMInspector.js +48 -58
- package/dist/src/modules/collector/PageController.d.ts +17 -4
- package/dist/src/modules/collector/PageController.js +2 -5
- package/dist/src/modules/collector/PageScriptCollectors.js +3 -3
- package/dist/src/modules/crypto/CryptoDetector.d.ts +1 -4
- package/dist/src/modules/crypto/CryptoDetector.js +2 -42
- package/dist/src/modules/crypto/CryptoRules.js +1 -1
- package/dist/src/modules/debugger/BlackboxManager.js +1 -1
- package/dist/src/modules/debugger/DebuggerManager.impl.core.scope.js +1 -1
- package/dist/src/modules/debugger/ScriptManager.impl.extract-function-tree.js +4 -2
- package/dist/src/modules/debugger/WatchExpressionManager.js +1 -1
- package/dist/src/modules/deobfuscator/Deobfuscator.d.ts +1 -4
- package/dist/src/modules/deobfuscator/Deobfuscator.js +4 -39
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.d.ts +0 -3
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.js +2 -8
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.d.ts +1 -2
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.js +3 -55
- package/dist/src/modules/deobfuscator/JScramblerDeobfuscator.js +3 -4
- package/dist/src/modules/deobfuscator/VMDeobfuscator.d.ts +2 -10
- package/dist/src/modules/deobfuscator/VMDeobfuscator.js +3 -128
- package/dist/src/modules/deobfuscator/webcrack.js +15 -2
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.d.ts +5 -8
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.js +10 -102
- package/dist/src/modules/emulator/EnvironmentEmulator.d.ts +1 -5
- package/dist/src/modules/emulator/EnvironmentEmulator.js +7 -91
- package/dist/src/modules/emulator/EnvironmentEmulatorFetch.js +58 -61
- package/dist/src/modules/emulator/templates/chrome-env.d.ts +17 -7
- package/dist/src/modules/emulator/templates/chrome-env.js +14 -7
- package/dist/src/modules/external/ExternalToolRunner.js +25 -22
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.compose.js +5 -5
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.network.js +311 -311
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.runtime.js +410 -410
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.storage.js +122 -122
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.d.ts +13 -0
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.js +42 -0
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.dynamic.js +194 -194
- package/dist/src/modules/monitor/FetchInterceptor.d.ts +46 -0
- package/dist/src/modules/monitor/FetchInterceptor.js +191 -0
- package/dist/src/modules/monitor/PerformanceMonitor.js +8 -7
- package/dist/src/modules/monitor/PlaywrightNetworkMonitor.js +62 -62
- package/dist/src/modules/process/BaseMemoryManager.d.ts +1 -1
- package/dist/src/modules/process/LinuxProcessManager.js +2 -0
- package/dist/src/modules/process/MacProcessManager.js +25 -25
- package/dist/src/modules/process/MemoryManager.d.ts +1 -1
- package/dist/src/modules/process/MemoryManager.js +2 -2
- package/dist/src/modules/process/memory/AuditTrail.js +1 -1
- package/dist/src/modules/process/memory/availability.js +49 -49
- package/dist/src/modules/process/memory/injector.js +185 -185
- package/dist/src/modules/process/memory/reader.js +85 -53
- package/dist/src/modules/process/memory/regions.dump.js +51 -51
- package/dist/src/modules/process/memory/regions.enumerate.js +108 -108
- package/dist/src/modules/process/memory/regions.modules.js +80 -80
- package/dist/src/modules/process/memory/regions.protection.js +148 -115
- package/dist/src/modules/process/memory/scanner.d.ts +5 -1
- package/dist/src/modules/process/memory/scanner.darwin.js +98 -41
- package/dist/src/modules/process/memory/scanner.js +88 -4
- package/dist/src/modules/process/memory/scanner.windows.js +124 -124
- package/dist/src/modules/process/memory/writer.js +98 -58
- package/dist/src/modules/security/ExecutionSandbox.js +51 -52
- package/dist/src/modules/stealth/FingerprintManager.js +1 -1
- package/dist/src/modules/stealth/StealthScripts.d.ts +1 -0
- package/dist/src/modules/stealth/StealthScripts.js +18 -13
- package/dist/src/modules/stealth/StealthVerifier.js +1 -3
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.d.ts +14 -0
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.js +181 -2
- package/dist/src/modules/trace/TraceDB.js +75 -69
- package/dist/src/modules/trace/TraceRecorder.js +1 -5
- package/dist/src/native/AntiCheatDetector.js +67 -16
- package/dist/src/native/CodeInjector.js +3 -3
- package/dist/src/native/HardwareBreakpoint.js +24 -15
- package/dist/src/native/HeapAnalyzer.js +2 -2
- package/dist/src/native/MemoryController.js +1 -1
- package/dist/src/native/MemoryScanSession.js +2 -2
- package/dist/src/native/MemoryScanner.js +4 -8
- package/dist/src/native/NativeMemoryManager.impl.js +2 -2
- package/dist/src/native/PEAnalyzer.js +14 -15
- package/dist/src/native/PointerChainEngine.js +2 -4
- package/dist/src/native/ScriptLoader.js +4 -9
- package/dist/src/native/Speedhack.js +1 -1
- package/dist/src/native/StructureAnalyzer.js +52 -33
- package/dist/src/native/Win32API.d.ts +1 -0
- package/dist/src/native/Win32API.js +13 -0
- package/dist/src/native/Win32Debug.js +19 -19
- package/dist/src/native/platform/darwin/DarwinAPI.d.ts +2 -0
- package/dist/src/native/platform/darwin/DarwinAPI.js +8 -0
- package/dist/src/native/platform/darwin/DarwinMemoryProvider.js +6 -1
- package/dist/src/server/MCPServer.context.d.ts +2 -1
- package/dist/src/server/MCPServer.d.ts +2 -1
- package/dist/src/server/MCPServer.domain.d.ts +1 -1
- package/dist/src/server/MCPServer.domain.js +81 -16
- package/dist/src/server/MCPServer.js +41 -14
- package/dist/src/server/MCPServer.resources.d.ts +2 -0
- package/dist/src/server/MCPServer.resources.js +91 -0
- package/dist/src/server/MCPServer.search.handlers.call.js +2 -1
- package/dist/src/server/MCPServer.search.helpers.js +1 -1
- package/dist/src/server/MCPServer.transport.js +12 -0
- package/dist/src/server/ToolCallContextGuard.js +8 -0
- package/dist/src/server/ToolRouter.d.ts +25 -9
- package/dist/src/server/ToolRouter.intent.d.ts +26 -0
- package/dist/src/server/ToolRouter.intent.js +77 -0
- package/dist/src/server/ToolRouter.js +103 -284
- package/dist/src/server/ToolRouter.policy.d.ts +22 -0
- package/dist/src/server/ToolRouter.policy.js +163 -0
- package/dist/src/server/ToolRouter.probe.d.ts +17 -0
- package/dist/src/server/ToolRouter.probe.js +103 -0
- package/dist/src/server/ToolRouter.renderer.d.ts +9 -0
- package/dist/src/server/ToolRouter.renderer.js +52 -0
- package/dist/src/server/activation/ActivationController.js +15 -12
- package/dist/src/server/activation/CompoundConditionEngine.js +1 -1
- package/dist/src/server/activation/PredictiveBooster.js +1 -3
- package/dist/src/server/domains/analysis/definitions.js +155 -655
- package/dist/src/server/domains/analysis/handlers.impl.js +26 -20
- package/dist/src/server/domains/analysis/handlers.web-tools.js +2 -1
- package/dist/src/server/domains/analysis/manifest.js +6 -4
- package/dist/src/server/domains/antidebug/definitions.js +25 -111
- package/dist/src/server/domains/browser/definitions.tools.advanced.js +59 -88
- package/dist/src/server/domains/browser/definitions.tools.behavior.js +120 -227
- package/dist/src/server/domains/browser/definitions.tools.page-core.js +210 -439
- package/dist/src/server/domains/browser/definitions.tools.page-system.js +108 -250
- package/dist/src/server/domains/browser/definitions.tools.runtime.js +98 -211
- package/dist/src/server/domains/browser/definitions.tools.security.js +194 -339
- package/dist/src/server/domains/browser/handlers/camoufox-browser.js +3 -2
- package/dist/src/server/domains/browser/handlers/captcha-solver.js +3 -3
- package/dist/src/server/domains/browser/handlers/dom-query.js +2 -1
- package/dist/src/server/domains/browser/handlers/framework-state.js +27 -9
- package/dist/src/server/domains/browser/handlers/indexeddb-dump.js +21 -20
- package/dist/src/server/domains/browser/handlers/script-management.js +1 -1
- package/dist/src/server/domains/browser/handlers.impl.d.ts +1 -2
- package/dist/src/server/domains/browser/handlers.impl.js +2 -3
- package/dist/src/server/domains/browser/manifest.js +37 -13
- package/dist/src/server/domains/coordination/definitions.js +50 -216
- package/dist/src/server/domains/coordination/index.d.ts +2 -1
- package/dist/src/server/domains/coordination/index.js +1 -0
- package/dist/src/server/domains/debugger/definitions.tools.advanced.js +72 -189
- package/dist/src/server/domains/debugger/definitions.tools.core.js +114 -288
- package/dist/src/server/domains/debugger/manifest.js +9 -2
- package/dist/src/server/domains/encoding/definitions.js +43 -153
- package/dist/src/server/domains/encoding/handlers.base.js +2 -2
- package/dist/src/server/domains/evidence/definitions.d.ts +2 -0
- package/dist/src/server/domains/evidence/definitions.js +42 -0
- package/dist/src/server/domains/evidence/handlers.d.ts +582 -0
- package/dist/src/server/domains/evidence/handlers.js +60 -0
- package/dist/src/server/domains/evidence/index.d.ts +2 -0
- package/dist/src/server/domains/evidence/index.js +2 -0
- package/dist/src/server/domains/evidence/manifest.d.ts +63 -0
- package/dist/src/server/domains/evidence/manifest.js +78 -0
- package/dist/src/server/domains/graphql/definitions.js +53 -141
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.replay.js +92 -114
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.shared.js +77 -77
- package/dist/src/server/domains/hooks/ai-handlers.d.ts +0 -7
- package/dist/src/server/domains/hooks/ai-handlers.js +1 -67
- package/dist/src/server/domains/hooks/definitions.js +69 -335
- package/dist/src/server/domains/hooks/manifest.d.ts +1 -1
- package/dist/src/server/domains/hooks/manifest.js +1 -2
- package/dist/src/server/domains/instrumentation/definitions.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/definitions.js +99 -0
- package/dist/src/server/domains/instrumentation/handlers.d.ts +78 -0
- package/dist/src/server/domains/instrumentation/handlers.js +206 -0
- package/dist/src/server/domains/instrumentation/index.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/index.js +2 -0
- package/dist/src/server/domains/instrumentation/manifest.d.ts +63 -0
- package/dist/src/server/domains/instrumentation/manifest.js +114 -0
- package/dist/src/server/domains/macro/definitions.js +16 -43
- package/dist/src/server/domains/maintenance/definitions.js +60 -219
- package/dist/src/server/domains/maintenance/handlers.extensions.js +78 -20
- package/dist/src/server/domains/memory/definitions.js +387 -559
- package/dist/src/server/domains/memory/handlers/hooks.d.ts +55 -0
- package/dist/src/server/domains/memory/handlers/hooks.js +115 -0
- package/dist/src/server/domains/memory/handlers/integrity.d.ts +77 -0
- package/dist/src/server/domains/memory/handlers/integrity.js +180 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.js +82 -0
- package/dist/src/server/domains/memory/handlers/readwrite.d.ts +41 -0
- package/dist/src/server/domains/memory/handlers/readwrite.js +78 -0
- package/dist/src/server/domains/memory/handlers/scan.d.ts +35 -0
- package/dist/src/server/domains/memory/handlers/scan.js +97 -0
- package/dist/src/server/domains/memory/handlers/session.d.ts +23 -0
- package/dist/src/server/domains/memory/handlers/session.js +49 -0
- package/dist/src/server/domains/memory/handlers/structure.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/structure.js +74 -0
- package/dist/src/server/domains/memory/handlers.impl.d.ts +49 -54
- package/dist/src/server/domains/memory/handlers.impl.js +63 -494
- package/dist/src/server/domains/memory/manifest.js +236 -64
- package/dist/src/server/domains/native-bridge/definitions.js +54 -192
- package/dist/src/server/domains/native-bridge/index.d.ts +1 -0
- package/dist/src/server/domains/native-bridge/index.js +2 -1
- package/dist/src/server/domains/network/auth-extractor.js +1 -1
- package/dist/src/server/domains/network/definitions.js +175 -578
- package/dist/src/server/domains/network/handlers.base.core.d.ts +64 -0
- package/dist/src/server/domains/network/handlers.base.core.js +623 -0
- package/dist/src/server/domains/network/handlers.base.d.ts +2 -124
- package/dist/src/server/domains/network/handlers.base.js +3 -878
- package/dist/src/server/domains/network/handlers.base.performance.d.ts +63 -0
- package/dist/src/server/domains/network/handlers.base.performance.js +193 -0
- package/dist/src/server/domains/network/handlers.base.types.d.ts +42 -0
- package/dist/src/server/domains/network/handlers.base.types.js +89 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.d.ts +1 -1
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.d.ts +21 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.js +186 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.js +1 -1
- package/dist/src/server/domains/network/manifest.js +15 -0
- package/dist/src/server/domains/network/replay.js +1 -4
- package/dist/src/server/domains/platform/definitions.js +121 -112
- package/dist/src/server/domains/platform/handlers/bridge-handlers.d.ts +4 -0
- package/dist/src/server/domains/platform/handlers/bridge-handlers.js +193 -4
- package/dist/src/server/domains/platform/handlers/electron-asar-helpers.js +26 -6
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.js +170 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.js +193 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.d.ts +6 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.js +95 -2
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.js +370 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.js +78 -0
- package/dist/src/server/domains/platform/handlers/miniapp-handlers.js +3 -3
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.js +207 -0
- package/dist/src/server/domains/platform/handlers.d.ts +48 -0
- package/dist/src/server/domains/platform/handlers.js +29 -0
- package/dist/src/server/domains/platform/manifest.js +38 -0
- package/dist/src/server/domains/process/definitions.js +163 -647
- package/dist/src/server/domains/process/handlers.base.d.ts +3 -95
- package/dist/src/server/domains/process/handlers.base.js +7 -462
- package/dist/src/server/domains/process/handlers.base.process.d.ts +61 -0
- package/dist/src/server/domains/process/handlers.base.process.js +417 -0
- package/dist/src/server/domains/process/handlers.base.types.d.ts +57 -0
- package/dist/src/server/domains/process/handlers.base.types.js +50 -0
- package/dist/src/server/domains/process/handlers.impl.core.runtime.inject.js +18 -16
- package/dist/src/server/domains/process/manifest.js +6 -1
- package/dist/src/server/domains/sandbox/definitions.js +11 -33
- package/dist/src/server/domains/sandbox/handlers.js +8 -3
- package/dist/src/server/domains/shared/ResponseBuilder.d.ts +209 -0
- package/dist/src/server/domains/shared/ResponseBuilder.js +48 -0
- package/dist/src/server/domains/shared/modules.d.ts +0 -2
- package/dist/src/server/domains/shared/modules.js +0 -1
- package/dist/src/server/domains/sourcemap/definitions.js +27 -111
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-common.js +7 -2
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-main.js +1 -1
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-parse-base.js +1 -1
- package/dist/src/server/domains/sourcemap/manifest.d.ts +1 -1
- package/dist/src/server/domains/sourcemap/manifest.js +1 -1
- package/dist/src/server/domains/streaming/definitions.js +36 -148
- package/dist/src/server/domains/streaming/handlers.impl.streaming-sse.js +163 -164
- package/dist/src/server/domains/streaming/handlers.impl.streaming-ws.js +1 -1
- package/dist/src/server/domains/trace/TraceSummarizer.js +8 -5
- package/dist/src/server/domains/trace/definitions.tools.js +51 -206
- package/dist/src/server/domains/trace/handlers.js +10 -12
- package/dist/src/server/domains/trace/index.d.ts +2 -1
- package/dist/src/server/domains/trace/index.js +2 -1
- package/dist/src/server/domains/trace/manifest.js +15 -3
- package/dist/src/server/domains/transform/definitions.js +50 -210
- package/dist/src/server/domains/transform/handlers.impl.transform-base.js +108 -108
- package/dist/src/server/domains/transform/handlers.impl.transform-crypto.js +18 -19
- package/dist/src/server/domains/transform/manifest.d.ts +1 -1
- package/dist/src/server/domains/transform/manifest.js +1 -1
- package/dist/src/server/domains/wasm/definitions.js +55 -232
- package/dist/src/server/domains/wasm/handlers.js +1 -1
- package/dist/src/server/domains/workflow/definitions.js +144 -414
- package/dist/src/server/domains/workflow/handlers.impl.workflow-account-bundle.js +1 -1
- package/dist/src/server/domains/workflow/handlers.impl.workflow-api.js +51 -51
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.d.ts +2 -0
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.js +126 -87
- package/dist/src/server/domains/workflow/handlers.impl.workflow-batch.js +5 -5
- package/dist/src/server/evidence/ReverseEvidenceGraph.d.ts +20 -0
- package/dist/src/server/evidence/ReverseEvidenceGraph.js +208 -0
- package/dist/src/server/evidence/index.d.ts +2 -0
- package/dist/src/server/evidence/index.js +1 -0
- package/dist/src/server/evidence/types.d.ts +22 -0
- package/dist/src/server/evidence/types.js +1 -0
- package/dist/src/server/extensions/ExtensionManager.d.ts +1 -0
- package/dist/src/server/extensions/ExtensionManager.discovery.js +72 -9
- package/dist/src/server/extensions/ExtensionManager.integrity.js +1 -1
- package/dist/src/server/extensions/ExtensionManager.js +193 -40
- package/dist/src/server/extensions/ExtensionManager.roots.d.ts +1 -1
- package/dist/src/server/extensions/ExtensionManager.roots.js +4 -4
- package/dist/src/server/extensions/plugin-config.js +1 -1
- package/dist/src/server/extensions/plugin-env.d.ts +1 -1
- package/dist/src/server/extensions/plugin-env.js +10 -4
- package/dist/src/server/extensions/types.d.ts +17 -0
- package/dist/src/server/extensions/types.js +1 -1
- package/dist/src/server/instrumentation/EvidenceGraphBridge.d.ts +13 -0
- package/dist/src/server/instrumentation/EvidenceGraphBridge.js +150 -0
- package/dist/src/server/instrumentation/InstrumentationSession.d.ts +60 -0
- package/dist/src/server/instrumentation/InstrumentationSession.js +269 -0
- package/dist/src/server/instrumentation/index.d.ts +2 -0
- package/dist/src/server/instrumentation/index.js +2 -0
- package/dist/src/server/instrumentation/types.d.ts +62 -0
- package/dist/src/server/instrumentation/types.js +7 -0
- package/dist/src/server/macros/MacroConfigLoader.d.ts +6 -5
- package/dist/src/server/macros/MacroConfigLoader.js +61 -59
- package/dist/src/server/macros/MacroRunner.js +6 -2
- package/dist/src/server/macros/builtins/index.d.ts +2 -3
- package/dist/src/server/macros/builtins/index.js +51 -7
- package/dist/src/server/plugins/PluginContract.d.ts +1 -1
- package/dist/src/server/registry/contracts.d.ts +1 -1
- package/dist/src/server/registry/discovery.js +5 -4
- package/dist/src/server/registry/ensure-browser-core.js +0 -3
- package/dist/src/server/registry/index.js +4 -4
- package/dist/src/server/registry/tool-builder.d.ts +46 -0
- package/dist/src/server/registry/tool-builder.js +105 -0
- package/dist/src/server/sandbox/QuickJSSandbox.js +16 -5
- package/dist/src/server/sandbox/SandboxHelpers.js +250 -250
- package/dist/src/server/search/EmbeddingWorker.js +5 -3
- package/dist/src/server/search/FeedbackTracker.d.ts +9 -0
- package/dist/src/server/search/FeedbackTracker.js +26 -0
- package/dist/src/server/search/QueryNormalizer.d.ts +6 -0
- package/dist/src/server/search/QueryNormalizer.js +94 -0
- package/dist/src/server/search/ToolSearchEngineImpl.d.ts +2 -3
- package/dist/src/server/search/ToolSearchEngineImpl.js +38 -88
- package/dist/src/server/workflows/WorkflowContract.d.ts +24 -0
- package/dist/src/server/workflows/WorkflowContract.js +12 -0
- package/dist/src/server/workflows/WorkflowEngine.d.ts +1 -0
- package/dist/src/server/workflows/WorkflowEngine.js +136 -3
- package/dist/src/types/config.d.ts +0 -14
- package/dist/src/types/deobfuscator.d.ts +0 -1
- package/dist/src/types/index.d.ts +1 -1
- package/dist/src/utils/DetailedDataManager.js +2 -0
- package/dist/src/utils/RingBuffer.js +5 -5
- package/dist/src/utils/TokenBudgetManager.js +1 -1
- package/dist/src/utils/UnifiedCacheManager.js +1 -1
- package/dist/src/utils/artifactRetention.js +2 -2
- package/dist/src/utils/betterSqlite3.d.ts +11 -0
- package/dist/src/utils/betterSqlite3.js +88 -0
- package/dist/src/utils/browserExecutable.js +2 -2
- package/dist/src/utils/cliFastPath.js +5 -8
- package/dist/src/utils/config.js +4 -26
- package/dist/src/utils/environmentDoctor.js +138 -11
- package/dist/src/utils/outputPaths.js +16 -9
- package/dist/src/utils/parallel.js +1 -3
- package/package.json +74 -72
- package/workflows/.gitkeep +0 -0
- package/dist/src/modules/analyzer/AISummarizer.d.ts +0 -39
- package/dist/src/modules/analyzer/AISummarizer.js +0 -122
- package/dist/src/modules/hook/AIHookGenerator.d.ts +0 -52
- package/dist/src/modules/hook/AIHookGenerator.js +0 -360
- package/dist/src/modules/hook/AIHookGeneratorTemplates.d.ts +0 -9
- package/dist/src/modules/hook/AIHookGeneratorTemplates.js +0 -157
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.js +0 -25
- package/dist/src/server/macros/builtins/unpacker-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/unpacker-flow.js +0 -25
- package/dist/src/services/LLMService.d.ts +0 -37
- package/dist/src/services/LLMService.js +0 -233
- package/dist/src/services/prompts/analysis.d.ts +0 -9
- package/dist/src/services/prompts/analysis.js +0 -158
- package/dist/src/services/prompts/crypto.d.ts +0 -2
- package/dist/src/services/prompts/crypto.js +0 -108
- package/dist/src/services/prompts/deobfuscation.d.ts +0 -6
- package/dist/src/services/prompts/deobfuscation.js +0 -300
- package/dist/src/services/prompts/environment.d.ts +0 -16
- package/dist/src/services/prompts/environment.js +0 -372
- package/dist/src/services/prompts/intelligence.d.ts +0 -4
- package/dist/src/services/prompts/intelligence.js +0 -250
- package/dist/src/services/prompts/taint.d.ts +0 -2
- package/dist/src/services/prompts/taint.js +0 -54
|
@@ -1,104 +1,104 @@
|
|
|
1
1
|
import { logger } from '../../../utils/logger.js';
|
|
2
2
|
import { executePowerShellScript } from '../../process/memory/types.js';
|
|
3
3
|
function buildDllInjectionScript(pid, dllPath) {
|
|
4
|
-
return `
|
|
5
|
-
Add-Type @"
|
|
6
|
-
using System;
|
|
7
|
-
using System.Runtime.InteropServices;
|
|
8
|
-
using System.ComponentModel;
|
|
9
|
-
using System.IO;
|
|
10
|
-
|
|
11
|
-
public class DllInjector {
|
|
12
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
13
|
-
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
14
|
-
|
|
15
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
16
|
-
public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr addr, int size, int allocType, int protect);
|
|
17
|
-
|
|
18
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
19
|
-
public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
|
|
20
|
-
|
|
21
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
22
|
-
public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr attr, int stackSize, IntPtr startAddr, IntPtr param, int flags, out int threadId);
|
|
23
|
-
|
|
24
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
25
|
-
public static extern IntPtr GetModuleHandle(string name);
|
|
26
|
-
|
|
27
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
28
|
-
public static extern IntPtr GetProcAddress(IntPtr hModule, string name);
|
|
29
|
-
|
|
30
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
31
|
-
public static extern bool CloseHandle(IntPtr handle);
|
|
32
|
-
|
|
33
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
34
|
-
public static extern bool VirtualFreeEx(IntPtr hProcess, IntPtr addr, int size, int freeType);
|
|
35
|
-
|
|
36
|
-
const int PROCESS_CREATE_THREAD = 0x0002;
|
|
37
|
-
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
38
|
-
const int PROCESS_VM_OPERATION = 0x0008;
|
|
39
|
-
const int PROCESS_VM_WRITE = 0x0020;
|
|
40
|
-
const int MEM_COMMIT = 0x1000;
|
|
41
|
-
const int MEM_RESERVE = 0x2000;
|
|
42
|
-
const int PAGE_READWRITE = 0x04;
|
|
43
|
-
const int MEM_RELEASE = 0x8000;
|
|
44
|
-
|
|
45
|
-
public static object Inject(int pid, string dllPath) {
|
|
46
|
-
if (!File.Exists(dllPath)) {
|
|
47
|
-
return new { success = false, error = "DLL not found: " + dllPath };
|
|
48
|
-
}
|
|
49
|
-
|
|
50
|
-
IntPtr hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE, false, pid);
|
|
51
|
-
if (hProcess == IntPtr.Zero) {
|
|
52
|
-
int error = Marshal.GetLastWin32Error();
|
|
53
|
-
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
try {
|
|
57
|
-
byte[] dllBytes = System.Text.Encoding.ASCII.GetBytes(dllPath + "\\0");
|
|
58
|
-
IntPtr remoteMem = VirtualAllocEx(hProcess, IntPtr.Zero, dllBytes.Length, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
|
|
59
|
-
if (remoteMem == IntPtr.Zero) {
|
|
60
|
-
int error = Marshal.GetLastWin32Error();
|
|
61
|
-
throw new Win32Exception(error, "Failed to allocate memory in target");
|
|
62
|
-
}
|
|
63
|
-
|
|
64
|
-
try {
|
|
65
|
-
int written;
|
|
66
|
-
if (!WriteProcessMemory(hProcess, remoteMem, dllBytes, dllBytes.Length, out written)) {
|
|
67
|
-
int error = Marshal.GetLastWin32Error();
|
|
68
|
-
throw new Win32Exception(error, "Failed to write DLL path to target");
|
|
69
|
-
}
|
|
70
|
-
|
|
71
|
-
IntPtr hKernel32 = GetModuleHandle("kernel32.dll");
|
|
72
|
-
IntPtr loadLibraryAddr = GetProcAddress(hKernel32, "LoadLibraryA");
|
|
73
|
-
if (loadLibraryAddr == IntPtr.Zero) {
|
|
74
|
-
throw new Exception("Failed to get LoadLibraryA address");
|
|
75
|
-
}
|
|
76
|
-
|
|
77
|
-
int threadId;
|
|
78
|
-
IntPtr hThread = CreateRemoteThread(hProcess, IntPtr.Zero, 0, loadLibraryAddr, remoteMem, 0, out threadId);
|
|
79
|
-
if (hThread == IntPtr.Zero) {
|
|
80
|
-
int error = Marshal.GetLastWin32Error();
|
|
81
|
-
throw new Win32Exception(error, "Failed to create remote thread");
|
|
82
|
-
}
|
|
83
|
-
|
|
84
|
-
CloseHandle(hThread);
|
|
85
|
-
return new { success = true, remoteThreadId = threadId };
|
|
86
|
-
} finally {
|
|
87
|
-
VirtualFreeEx(hProcess, remoteMem, 0, MEM_RELEASE);
|
|
88
|
-
}
|
|
89
|
-
} finally {
|
|
90
|
-
CloseHandle(hProcess);
|
|
91
|
-
}
|
|
92
|
-
}
|
|
93
|
-
}
|
|
94
|
-
"@
|
|
95
|
-
|
|
96
|
-
try {
|
|
97
|
-
$result = [DllInjector]::Inject(${pid}, "${dllPath.replace(/\\/g, '\\\\').replace(/"/g, '`"').replace(/`/g, '``').replace(/\$/g, '`$')}")
|
|
98
|
-
$result | ConvertTo-Json -Compress
|
|
99
|
-
} catch {
|
|
100
|
-
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
101
|
-
}
|
|
4
|
+
return `
|
|
5
|
+
Add-Type @"
|
|
6
|
+
using System;
|
|
7
|
+
using System.Runtime.InteropServices;
|
|
8
|
+
using System.ComponentModel;
|
|
9
|
+
using System.IO;
|
|
10
|
+
|
|
11
|
+
public class DllInjector {
|
|
12
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
13
|
+
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
14
|
+
|
|
15
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
16
|
+
public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr addr, int size, int allocType, int protect);
|
|
17
|
+
|
|
18
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
19
|
+
public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
|
|
20
|
+
|
|
21
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
22
|
+
public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr attr, int stackSize, IntPtr startAddr, IntPtr param, int flags, out int threadId);
|
|
23
|
+
|
|
24
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
25
|
+
public static extern IntPtr GetModuleHandle(string name);
|
|
26
|
+
|
|
27
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
28
|
+
public static extern IntPtr GetProcAddress(IntPtr hModule, string name);
|
|
29
|
+
|
|
30
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
31
|
+
public static extern bool CloseHandle(IntPtr handle);
|
|
32
|
+
|
|
33
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
34
|
+
public static extern bool VirtualFreeEx(IntPtr hProcess, IntPtr addr, int size, int freeType);
|
|
35
|
+
|
|
36
|
+
const int PROCESS_CREATE_THREAD = 0x0002;
|
|
37
|
+
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
38
|
+
const int PROCESS_VM_OPERATION = 0x0008;
|
|
39
|
+
const int PROCESS_VM_WRITE = 0x0020;
|
|
40
|
+
const int MEM_COMMIT = 0x1000;
|
|
41
|
+
const int MEM_RESERVE = 0x2000;
|
|
42
|
+
const int PAGE_READWRITE = 0x04;
|
|
43
|
+
const int MEM_RELEASE = 0x8000;
|
|
44
|
+
|
|
45
|
+
public static object Inject(int pid, string dllPath) {
|
|
46
|
+
if (!File.Exists(dllPath)) {
|
|
47
|
+
return new { success = false, error = "DLL not found: " + dllPath };
|
|
48
|
+
}
|
|
49
|
+
|
|
50
|
+
IntPtr hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE, false, pid);
|
|
51
|
+
if (hProcess == IntPtr.Zero) {
|
|
52
|
+
int error = Marshal.GetLastWin32Error();
|
|
53
|
+
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
try {
|
|
57
|
+
byte[] dllBytes = System.Text.Encoding.ASCII.GetBytes(dllPath + "\\0");
|
|
58
|
+
IntPtr remoteMem = VirtualAllocEx(hProcess, IntPtr.Zero, dllBytes.Length, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
|
|
59
|
+
if (remoteMem == IntPtr.Zero) {
|
|
60
|
+
int error = Marshal.GetLastWin32Error();
|
|
61
|
+
throw new Win32Exception(error, "Failed to allocate memory in target");
|
|
62
|
+
}
|
|
63
|
+
|
|
64
|
+
try {
|
|
65
|
+
int written;
|
|
66
|
+
if (!WriteProcessMemory(hProcess, remoteMem, dllBytes, dllBytes.Length, out written)) {
|
|
67
|
+
int error = Marshal.GetLastWin32Error();
|
|
68
|
+
throw new Win32Exception(error, "Failed to write DLL path to target");
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
IntPtr hKernel32 = GetModuleHandle("kernel32.dll");
|
|
72
|
+
IntPtr loadLibraryAddr = GetProcAddress(hKernel32, "LoadLibraryA");
|
|
73
|
+
if (loadLibraryAddr == IntPtr.Zero) {
|
|
74
|
+
throw new Exception("Failed to get LoadLibraryA address");
|
|
75
|
+
}
|
|
76
|
+
|
|
77
|
+
int threadId;
|
|
78
|
+
IntPtr hThread = CreateRemoteThread(hProcess, IntPtr.Zero, 0, loadLibraryAddr, remoteMem, 0, out threadId);
|
|
79
|
+
if (hThread == IntPtr.Zero) {
|
|
80
|
+
int error = Marshal.GetLastWin32Error();
|
|
81
|
+
throw new Win32Exception(error, "Failed to create remote thread");
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
CloseHandle(hThread);
|
|
85
|
+
return new { success = true, remoteThreadId = threadId };
|
|
86
|
+
} finally {
|
|
87
|
+
VirtualFreeEx(hProcess, remoteMem, 0, MEM_RELEASE);
|
|
88
|
+
}
|
|
89
|
+
} finally {
|
|
90
|
+
CloseHandle(hProcess);
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
"@
|
|
95
|
+
|
|
96
|
+
try {
|
|
97
|
+
$result = [DllInjector]::Inject(${pid}, "${dllPath.replace(/\\/g, '\\\\').replace(/"/g, '`"').replace(/`/g, '``').replace(/\$/g, '`$')}")
|
|
98
|
+
$result | ConvertTo-Json -Compress
|
|
99
|
+
} catch {
|
|
100
|
+
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
101
|
+
}
|
|
102
102
|
`.trim();
|
|
103
103
|
}
|
|
104
104
|
export async function injectDll(platform, pid, dllPath) {
|
|
@@ -130,93 +130,93 @@ export async function injectDll(platform, pid, dllPath) {
|
|
|
130
130
|
}
|
|
131
131
|
}
|
|
132
132
|
function buildShellcodeInjectionScript(pid, shellcode) {
|
|
133
|
-
return `
|
|
134
|
-
Add-Type @"
|
|
135
|
-
using System;
|
|
136
|
-
using System.Runtime.InteropServices;
|
|
137
|
-
using System.ComponentModel;
|
|
138
|
-
|
|
139
|
-
public class ShellcodeInjector {
|
|
140
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
141
|
-
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
142
|
-
|
|
143
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
144
|
-
public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr addr, int size, int allocType, int protect);
|
|
145
|
-
|
|
146
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
147
|
-
public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
|
|
148
|
-
|
|
149
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
150
|
-
public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr attr, int stackSize, IntPtr startAddr, IntPtr param, int flags, out int threadId);
|
|
151
|
-
|
|
152
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
153
|
-
public static extern bool CloseHandle(IntPtr handle);
|
|
154
|
-
|
|
155
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
156
|
-
public static extern bool VirtualProtectEx(IntPtr hProcess, IntPtr addr, int size, int newProtect, out int oldProtect);
|
|
157
|
-
|
|
158
|
-
const int PROCESS_CREATE_THREAD = 0x0002;
|
|
159
|
-
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
160
|
-
const int PROCESS_VM_OPERATION = 0x0008;
|
|
161
|
-
const int PROCESS_VM_WRITE = 0x0020;
|
|
162
|
-
const int MEM_COMMIT = 0x1000;
|
|
163
|
-
const int MEM_RESERVE = 0x2000;
|
|
164
|
-
const int PAGE_READWRITE = 0x04;
|
|
165
|
-
const int PAGE_EXECUTE_READWRITE = 0x40;
|
|
166
|
-
|
|
167
|
-
public static object Inject(int pid, byte[] shellcode) {
|
|
168
|
-
IntPtr hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE, false, pid);
|
|
169
|
-
if (hProcess == IntPtr.Zero) {
|
|
170
|
-
int error = Marshal.GetLastWin32Error();
|
|
171
|
-
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
172
|
-
}
|
|
173
|
-
|
|
174
|
-
try {
|
|
175
|
-
IntPtr remoteMem = VirtualAllocEx(hProcess, IntPtr.Zero, shellcode.Length, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
|
|
176
|
-
if (remoteMem == IntPtr.Zero) {
|
|
177
|
-
int error = Marshal.GetLastWin32Error();
|
|
178
|
-
throw new Win32Exception(error, "Failed to allocate memory in target");
|
|
179
|
-
}
|
|
180
|
-
|
|
181
|
-
try {
|
|
182
|
-
int written;
|
|
183
|
-
if (!WriteProcessMemory(hProcess, remoteMem, shellcode, shellcode.Length, out written)) {
|
|
184
|
-
int error = Marshal.GetLastWin32Error();
|
|
185
|
-
throw new Win32Exception(error, "Failed to write shellcode to target");
|
|
186
|
-
}
|
|
187
|
-
|
|
188
|
-
int oldProtect;
|
|
189
|
-
if (!VirtualProtectEx(hProcess, remoteMem, shellcode.Length, PAGE_EXECUTE_READWRITE, out oldProtect)) {
|
|
190
|
-
int error = Marshal.GetLastWin32Error();
|
|
191
|
-
throw new Win32Exception(error, "Failed to change memory protection to executable");
|
|
192
|
-
}
|
|
193
|
-
|
|
194
|
-
int threadId;
|
|
195
|
-
IntPtr hThread = CreateRemoteThread(hProcess, IntPtr.Zero, 0, remoteMem, IntPtr.Zero, 0, out threadId);
|
|
196
|
-
if (hThread == IntPtr.Zero) {
|
|
197
|
-
int error = Marshal.GetLastWin32Error();
|
|
198
|
-
throw new Win32Exception(error, "Failed to create remote thread");
|
|
199
|
-
}
|
|
200
|
-
|
|
201
|
-
CloseHandle(hThread);
|
|
202
|
-
return new { success = true, remoteThreadId = threadId };
|
|
203
|
-
} finally {
|
|
204
|
-
// Note: Memory is not freed to allow shellcode to execute
|
|
205
|
-
}
|
|
206
|
-
} finally {
|
|
207
|
-
CloseHandle(hProcess);
|
|
208
|
-
}
|
|
209
|
-
}
|
|
210
|
-
}
|
|
211
|
-
"@
|
|
212
|
-
|
|
213
|
-
try {
|
|
214
|
-
$shellcode = @(${Array.from(shellcode).join(',')})
|
|
215
|
-
$result = [ShellcodeInjector]::Inject(${pid}, $shellcode)
|
|
216
|
-
$result | ConvertTo-Json -Compress
|
|
217
|
-
} catch {
|
|
218
|
-
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
219
|
-
}
|
|
133
|
+
return `
|
|
134
|
+
Add-Type @"
|
|
135
|
+
using System;
|
|
136
|
+
using System.Runtime.InteropServices;
|
|
137
|
+
using System.ComponentModel;
|
|
138
|
+
|
|
139
|
+
public class ShellcodeInjector {
|
|
140
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
141
|
+
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
142
|
+
|
|
143
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
144
|
+
public static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr addr, int size, int allocType, int protect);
|
|
145
|
+
|
|
146
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
147
|
+
public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
|
|
148
|
+
|
|
149
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
150
|
+
public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr attr, int stackSize, IntPtr startAddr, IntPtr param, int flags, out int threadId);
|
|
151
|
+
|
|
152
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
153
|
+
public static extern bool CloseHandle(IntPtr handle);
|
|
154
|
+
|
|
155
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
156
|
+
public static extern bool VirtualProtectEx(IntPtr hProcess, IntPtr addr, int size, int newProtect, out int oldProtect);
|
|
157
|
+
|
|
158
|
+
const int PROCESS_CREATE_THREAD = 0x0002;
|
|
159
|
+
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
160
|
+
const int PROCESS_VM_OPERATION = 0x0008;
|
|
161
|
+
const int PROCESS_VM_WRITE = 0x0020;
|
|
162
|
+
const int MEM_COMMIT = 0x1000;
|
|
163
|
+
const int MEM_RESERVE = 0x2000;
|
|
164
|
+
const int PAGE_READWRITE = 0x04;
|
|
165
|
+
const int PAGE_EXECUTE_READWRITE = 0x40;
|
|
166
|
+
|
|
167
|
+
public static object Inject(int pid, byte[] shellcode) {
|
|
168
|
+
IntPtr hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE, false, pid);
|
|
169
|
+
if (hProcess == IntPtr.Zero) {
|
|
170
|
+
int error = Marshal.GetLastWin32Error();
|
|
171
|
+
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
172
|
+
}
|
|
173
|
+
|
|
174
|
+
try {
|
|
175
|
+
IntPtr remoteMem = VirtualAllocEx(hProcess, IntPtr.Zero, shellcode.Length, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
|
|
176
|
+
if (remoteMem == IntPtr.Zero) {
|
|
177
|
+
int error = Marshal.GetLastWin32Error();
|
|
178
|
+
throw new Win32Exception(error, "Failed to allocate memory in target");
|
|
179
|
+
}
|
|
180
|
+
|
|
181
|
+
try {
|
|
182
|
+
int written;
|
|
183
|
+
if (!WriteProcessMemory(hProcess, remoteMem, shellcode, shellcode.Length, out written)) {
|
|
184
|
+
int error = Marshal.GetLastWin32Error();
|
|
185
|
+
throw new Win32Exception(error, "Failed to write shellcode to target");
|
|
186
|
+
}
|
|
187
|
+
|
|
188
|
+
int oldProtect;
|
|
189
|
+
if (!VirtualProtectEx(hProcess, remoteMem, shellcode.Length, PAGE_EXECUTE_READWRITE, out oldProtect)) {
|
|
190
|
+
int error = Marshal.GetLastWin32Error();
|
|
191
|
+
throw new Win32Exception(error, "Failed to change memory protection to executable");
|
|
192
|
+
}
|
|
193
|
+
|
|
194
|
+
int threadId;
|
|
195
|
+
IntPtr hThread = CreateRemoteThread(hProcess, IntPtr.Zero, 0, remoteMem, IntPtr.Zero, 0, out threadId);
|
|
196
|
+
if (hThread == IntPtr.Zero) {
|
|
197
|
+
int error = Marshal.GetLastWin32Error();
|
|
198
|
+
throw new Win32Exception(error, "Failed to create remote thread");
|
|
199
|
+
}
|
|
200
|
+
|
|
201
|
+
CloseHandle(hThread);
|
|
202
|
+
return new { success = true, remoteThreadId = threadId };
|
|
203
|
+
} finally {
|
|
204
|
+
// Note: Memory is not freed to allow shellcode to execute
|
|
205
|
+
}
|
|
206
|
+
} finally {
|
|
207
|
+
CloseHandle(hProcess);
|
|
208
|
+
}
|
|
209
|
+
}
|
|
210
|
+
}
|
|
211
|
+
"@
|
|
212
|
+
|
|
213
|
+
try {
|
|
214
|
+
$shellcode = @(${Array.from(shellcode).join(',')})
|
|
215
|
+
$result = [ShellcodeInjector]::Inject(${pid}, $shellcode)
|
|
216
|
+
$result | ConvertTo-Json -Compress
|
|
217
|
+
} catch {
|
|
218
|
+
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
219
|
+
}
|
|
220
220
|
`.trim();
|
|
221
221
|
}
|
|
222
222
|
export async function injectShellcode(platform, pid, shellcode, encoding = 'hex') {
|
|
@@ -2,59 +2,61 @@ import { promises as fs } from 'node:fs';
|
|
|
2
2
|
import { logger } from '../../../utils/logger.js';
|
|
3
3
|
import { nativeMemoryManager } from '../../../native/NativeMemoryManager.js';
|
|
4
4
|
import { isKoffiAvailable } from '../../../native/Win32API.js';
|
|
5
|
+
import { MEMORY_MAX_READ_BYTES } from '../../../constants.js';
|
|
5
6
|
import { execAsync, executePowerShellScript, } from '../../process/memory/types.js';
|
|
7
|
+
const HEX_ADDR = /^(?:0x)?[0-9a-fA-F]{1,16}$/;
|
|
6
8
|
async function readMemoryWindows(pid, address, size) {
|
|
7
9
|
try {
|
|
8
|
-
const psScript = `
|
|
9
|
-
Add-Type @"
|
|
10
|
-
using System;
|
|
11
|
-
using System.Runtime.InteropServices;
|
|
12
|
-
using System.ComponentModel;
|
|
13
|
-
|
|
14
|
-
public class MemoryReader {
|
|
15
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
16
|
-
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
17
|
-
|
|
18
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
19
|
-
public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int read);
|
|
20
|
-
|
|
21
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
22
|
-
public static extern bool CloseHandle(IntPtr handle);
|
|
23
|
-
|
|
24
|
-
const int PROCESS_VM_READ = 0x0010;
|
|
25
|
-
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
26
|
-
|
|
27
|
-
public static string ReadMemory(int pid, long address, int size) {
|
|
28
|
-
IntPtr hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, pid);
|
|
29
|
-
if (hProcess == IntPtr.Zero) {
|
|
30
|
-
int error = Marshal.GetLastWin32Error();
|
|
31
|
-
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
32
|
-
}
|
|
33
|
-
|
|
34
|
-
try {
|
|
35
|
-
byte[] buffer = new byte[size];
|
|
36
|
-
int bytesRead;
|
|
37
|
-
bool success = ReadProcessMemory(hProcess, (IntPtr)address, buffer, size, out bytesRead);
|
|
38
|
-
|
|
39
|
-
if (!success) {
|
|
40
|
-
int error = Marshal.GetLastWin32Error();
|
|
41
|
-
throw new Win32Exception(error, "Failed to read memory");
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
return BitConverter.ToString(buffer, 0, bytesRead).Replace("-", " ");
|
|
45
|
-
} finally {
|
|
46
|
-
CloseHandle(hProcess);
|
|
47
|
-
}
|
|
48
|
-
}
|
|
49
|
-
}
|
|
50
|
-
"@
|
|
51
|
-
|
|
52
|
-
try {
|
|
53
|
-
$result = [MemoryReader]::ReadMemory(${pid}, ${address}, ${size})
|
|
54
|
-
@{ success = $true; data = $result } | ConvertTo-Json -Compress
|
|
55
|
-
} catch {
|
|
56
|
-
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
57
|
-
}
|
|
10
|
+
const psScript = `
|
|
11
|
+
Add-Type @"
|
|
12
|
+
using System;
|
|
13
|
+
using System.Runtime.InteropServices;
|
|
14
|
+
using System.ComponentModel;
|
|
15
|
+
|
|
16
|
+
public class MemoryReader {
|
|
17
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
18
|
+
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
19
|
+
|
|
20
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
21
|
+
public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int read);
|
|
22
|
+
|
|
23
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
24
|
+
public static extern bool CloseHandle(IntPtr handle);
|
|
25
|
+
|
|
26
|
+
const int PROCESS_VM_READ = 0x0010;
|
|
27
|
+
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
28
|
+
|
|
29
|
+
public static string ReadMemory(int pid, long address, int size) {
|
|
30
|
+
IntPtr hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, pid);
|
|
31
|
+
if (hProcess == IntPtr.Zero) {
|
|
32
|
+
int error = Marshal.GetLastWin32Error();
|
|
33
|
+
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
34
|
+
}
|
|
35
|
+
|
|
36
|
+
try {
|
|
37
|
+
byte[] buffer = new byte[size];
|
|
38
|
+
int bytesRead;
|
|
39
|
+
bool success = ReadProcessMemory(hProcess, (IntPtr)address, buffer, size, out bytesRead);
|
|
40
|
+
|
|
41
|
+
if (!success) {
|
|
42
|
+
int error = Marshal.GetLastWin32Error();
|
|
43
|
+
throw new Win32Exception(error, "Failed to read memory");
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
return BitConverter.ToString(buffer, 0, bytesRead).Replace("-", " ");
|
|
47
|
+
} finally {
|
|
48
|
+
CloseHandle(hProcess);
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
"@
|
|
53
|
+
|
|
54
|
+
try {
|
|
55
|
+
$result = [MemoryReader]::ReadMemory(${pid}, ${address}, ${size})
|
|
56
|
+
@{ success = $true; data = $result } | ConvertTo-Json -Compress
|
|
57
|
+
} catch {
|
|
58
|
+
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
59
|
+
}
|
|
58
60
|
`;
|
|
59
61
|
const { stdout } = await executePowerShellScript(psScript, { maxBuffer: 1024 * 1024 * 10 });
|
|
60
62
|
const _trimmed = stdout.trim();
|
|
@@ -107,11 +109,32 @@ async function readMemoryMac(pid, address, size, checkProtectionFn) {
|
|
|
107
109
|
if (address === 0) {
|
|
108
110
|
return { success: false, error: 'Invalid address: null pointer (0x0)' };
|
|
109
111
|
}
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
return { success: false, error: `Invalid size: must be 1–${MAX_READ_SIZE} bytes` };
|
|
112
|
+
if (size <= 0 || size > MEMORY_MAX_READ_BYTES) {
|
|
113
|
+
return { success: false, error: `Invalid size: must be 1–${MEMORY_MAX_READ_BYTES} bytes` };
|
|
113
114
|
}
|
|
114
115
|
const addrHex = `0x${address.toString(16)}`;
|
|
116
|
+
try {
|
|
117
|
+
const { createPlatformProvider } = await import('../../../native/platform/factory.js');
|
|
118
|
+
const provider = createPlatformProvider();
|
|
119
|
+
const avail = await provider.checkAvailability();
|
|
120
|
+
if (avail.available) {
|
|
121
|
+
const handle = provider.openProcess(pid, false);
|
|
122
|
+
try {
|
|
123
|
+
const result = provider.readMemory(handle, BigInt(address), size);
|
|
124
|
+
const hex = Array.from(result.data.subarray(0, result.bytesRead))
|
|
125
|
+
.map((b) => b.toString(16).padStart(2, '0').toUpperCase())
|
|
126
|
+
.join(' ');
|
|
127
|
+
logger.debug('Native Mach memory read succeeded (zero-pause)');
|
|
128
|
+
return { success: true, data: hex };
|
|
129
|
+
}
|
|
130
|
+
finally {
|
|
131
|
+
provider.closeProcess(handle);
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
catch (nativeErr) {
|
|
136
|
+
logger.debug('Native Mach read failed, falling back to lldb:', nativeErr);
|
|
137
|
+
}
|
|
115
138
|
const prot = await checkProtectionFn(pid, addrHex);
|
|
116
139
|
if (!prot.success) {
|
|
117
140
|
return { success: false, error: `Cannot verify memory region: ${prot.error}` };
|
|
@@ -144,10 +167,19 @@ async function readMemoryMac(pid, address, size, checkProtectionFn) {
|
|
|
144
167
|
}
|
|
145
168
|
export async function readMemory(platform, pid, address, size, checkProtectionFn) {
|
|
146
169
|
try {
|
|
170
|
+
if (!HEX_ADDR.test(address)) {
|
|
171
|
+
return { success: false, error: 'Invalid address format. Use hex like "0x12345678"' };
|
|
172
|
+
}
|
|
147
173
|
const addrNum = parseInt(address, 16);
|
|
148
174
|
if (isNaN(addrNum)) {
|
|
149
175
|
return { success: false, error: 'Invalid address format. Use hex like "0x12345678"' };
|
|
150
176
|
}
|
|
177
|
+
if (size <= 0 || size > MEMORY_MAX_READ_BYTES) {
|
|
178
|
+
return {
|
|
179
|
+
success: false,
|
|
180
|
+
error: `Read size must be 1–${MEMORY_MAX_READ_BYTES} bytes (${(MEMORY_MAX_READ_BYTES / 1024 / 1024).toFixed(0)} MB)`,
|
|
181
|
+
};
|
|
182
|
+
}
|
|
151
183
|
if (platform === 'win32' && isKoffiAvailable()) {
|
|
152
184
|
try {
|
|
153
185
|
const result = await nativeMemoryManager.readMemory(pid, address, size);
|
|
@@ -1,57 +1,57 @@
|
|
|
1
1
|
import { logger } from '../../../utils/logger.js';
|
|
2
2
|
import { execFileAsync, executePowerShellScript, } from '../../process/memory/types.js';
|
|
3
3
|
function buildMemoryDumpScript(pid, address, size, outputPath) {
|
|
4
|
-
return `
|
|
5
|
-
Add-Type @"
|
|
6
|
-
using System;
|
|
7
|
-
using System.Runtime.InteropServices;
|
|
8
|
-
using System.IO;
|
|
9
|
-
using System.ComponentModel;
|
|
10
|
-
|
|
11
|
-
public class MemoryDumper {
|
|
12
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
13
|
-
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
14
|
-
|
|
15
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
16
|
-
public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int read);
|
|
17
|
-
|
|
18
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
19
|
-
public static extern bool CloseHandle(IntPtr handle);
|
|
20
|
-
|
|
21
|
-
const int PROCESS_VM_READ = 0x0010;
|
|
22
|
-
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
23
|
-
|
|
24
|
-
public static string DumpMemory(int pid, long address, int size, string outputPath) {
|
|
25
|
-
IntPtr hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, pid);
|
|
26
|
-
if (hProcess == IntPtr.Zero) {
|
|
27
|
-
int error = Marshal.GetLastWin32Error();
|
|
28
|
-
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
try {
|
|
32
|
-
byte[] buffer = new byte[size];
|
|
33
|
-
int bytesRead;
|
|
34
|
-
|
|
35
|
-
if (!ReadProcessMemory(hProcess, (IntPtr)address, buffer, size, out bytesRead)) {
|
|
36
|
-
int error = Marshal.GetLastWin32Error();
|
|
37
|
-
throw new Win32Exception(error, "Failed to read memory");
|
|
38
|
-
}
|
|
39
|
-
|
|
40
|
-
File.WriteAllBytes(outputPath, buffer);
|
|
41
|
-
return "Dumped " + bytesRead + " bytes to " + outputPath;
|
|
42
|
-
} finally {
|
|
43
|
-
CloseHandle(hProcess);
|
|
44
|
-
}
|
|
45
|
-
}
|
|
46
|
-
}
|
|
47
|
-
"@
|
|
48
|
-
|
|
49
|
-
try {
|
|
50
|
-
$result = [MemoryDumper]::DumpMemory(${pid}, ${address}, ${size}, "${outputPath.replace(/\\/g, '\\\\').replace(/"/g, '`"').replace(/\$/g, '`$')}")
|
|
51
|
-
@{ success = $true; message = $result } | ConvertTo-Json -Compress
|
|
52
|
-
} catch {
|
|
53
|
-
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
54
|
-
}
|
|
4
|
+
return `
|
|
5
|
+
Add-Type @"
|
|
6
|
+
using System;
|
|
7
|
+
using System.Runtime.InteropServices;
|
|
8
|
+
using System.IO;
|
|
9
|
+
using System.ComponentModel;
|
|
10
|
+
|
|
11
|
+
public class MemoryDumper {
|
|
12
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
13
|
+
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
14
|
+
|
|
15
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
16
|
+
public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int read);
|
|
17
|
+
|
|
18
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
19
|
+
public static extern bool CloseHandle(IntPtr handle);
|
|
20
|
+
|
|
21
|
+
const int PROCESS_VM_READ = 0x0010;
|
|
22
|
+
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
23
|
+
|
|
24
|
+
public static string DumpMemory(int pid, long address, int size, string outputPath) {
|
|
25
|
+
IntPtr hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, pid);
|
|
26
|
+
if (hProcess == IntPtr.Zero) {
|
|
27
|
+
int error = Marshal.GetLastWin32Error();
|
|
28
|
+
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
try {
|
|
32
|
+
byte[] buffer = new byte[size];
|
|
33
|
+
int bytesRead;
|
|
34
|
+
|
|
35
|
+
if (!ReadProcessMemory(hProcess, (IntPtr)address, buffer, size, out bytesRead)) {
|
|
36
|
+
int error = Marshal.GetLastWin32Error();
|
|
37
|
+
throw new Win32Exception(error, "Failed to read memory");
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
File.WriteAllBytes(outputPath, buffer);
|
|
41
|
+
return "Dumped " + bytesRead + " bytes to " + outputPath;
|
|
42
|
+
} finally {
|
|
43
|
+
CloseHandle(hProcess);
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
"@
|
|
48
|
+
|
|
49
|
+
try {
|
|
50
|
+
$result = [MemoryDumper]::DumpMemory(${pid}, ${address}, ${size}, "${outputPath.replace(/\\/g, '\\\\').replace(/"/g, '`"').replace(/\$/g, '`$')}")
|
|
51
|
+
@{ success = $true; message = $result } | ConvertTo-Json -Compress
|
|
52
|
+
} catch {
|
|
53
|
+
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
54
|
+
}
|
|
55
55
|
`.trim();
|
|
56
56
|
}
|
|
57
57
|
export async function dumpMemoryRegion(platform, pid, startAddress, size, outputPath) {
|