@jshookmcp/jshook 0.2.3 → 0.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +14 -5
- package/README.zh.md +18 -3
- package/dist/packages/extension-sdk/src/bridges/shared.js +2 -2
- package/dist/packages/extension-sdk/src/plugin.d.ts +5 -0
- package/dist/packages/extension-sdk/src/plugin.js +119 -33
- package/dist/packages/extension-sdk/src/workflow.d.ts +156 -0
- package/dist/packages/extension-sdk/src/workflow.js +236 -0
- package/dist/src/config/search-defaults.js +161 -0
- package/dist/src/constants.d.ts +3 -0
- package/dist/src/constants.js +4 -1
- package/dist/src/index.d.ts +1 -1
- package/dist/src/index.js +13 -17
- package/dist/src/modules/analyzer/CodeAnalyzer.d.ts +1 -3
- package/dist/src/modules/analyzer/CodeAnalyzer.js +16 -28
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.d.ts +1 -2
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.js +1 -45
- package/dist/src/modules/analyzer/IntelligentAnalyzer.d.ts +1 -37
- package/dist/src/modules/analyzer/IntelligentAnalyzer.js +9 -142
- package/dist/src/modules/analyzer/PatternDetector.js +3 -3
- package/dist/src/modules/analyzer/PatternDetectorAuthPatterns.js +1 -1
- package/dist/src/modules/browser/BrowserDiscovery.js +2 -2
- package/dist/src/modules/browser/BrowserModeManager.js +11 -10
- package/dist/src/modules/browser/TabRegistry.js +2 -2
- package/dist/src/modules/browser/UnifiedBrowserManager.d.ts +1 -0
- package/dist/src/modules/browser/UnifiedBrowserManager.js +18 -3
- package/dist/src/modules/captcha/AICaptchaDetector.d.ts +1 -10
- package/dist/src/modules/captcha/AICaptchaDetector.js +7 -201
- package/dist/src/modules/collector/CodeCollector.js +4 -5
- package/dist/src/modules/collector/DOMInspector.js +48 -58
- package/dist/src/modules/collector/PageController.d.ts +17 -4
- package/dist/src/modules/collector/PageController.js +2 -5
- package/dist/src/modules/collector/PageScriptCollectors.js +3 -3
- package/dist/src/modules/crypto/CryptoDetector.d.ts +1 -4
- package/dist/src/modules/crypto/CryptoDetector.js +2 -42
- package/dist/src/modules/crypto/CryptoRules.js +1 -1
- package/dist/src/modules/debugger/BlackboxManager.js +1 -1
- package/dist/src/modules/debugger/DebuggerManager.impl.core.scope.js +1 -1
- package/dist/src/modules/debugger/ScriptManager.impl.extract-function-tree.js +4 -2
- package/dist/src/modules/debugger/WatchExpressionManager.js +1 -1
- package/dist/src/modules/deobfuscator/Deobfuscator.d.ts +1 -4
- package/dist/src/modules/deobfuscator/Deobfuscator.js +4 -39
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.d.ts +0 -3
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.js +2 -8
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.d.ts +1 -2
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.js +3 -55
- package/dist/src/modules/deobfuscator/JScramblerDeobfuscator.js +3 -4
- package/dist/src/modules/deobfuscator/VMDeobfuscator.d.ts +2 -10
- package/dist/src/modules/deobfuscator/VMDeobfuscator.js +3 -128
- package/dist/src/modules/deobfuscator/webcrack.js +15 -2
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.d.ts +5 -8
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.js +10 -102
- package/dist/src/modules/emulator/EnvironmentEmulator.d.ts +1 -5
- package/dist/src/modules/emulator/EnvironmentEmulator.js +7 -91
- package/dist/src/modules/emulator/EnvironmentEmulatorFetch.js +58 -61
- package/dist/src/modules/emulator/templates/chrome-env.d.ts +17 -7
- package/dist/src/modules/emulator/templates/chrome-env.js +14 -7
- package/dist/src/modules/external/ExternalToolRunner.js +25 -22
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.compose.js +5 -5
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.network.js +311 -311
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.runtime.js +410 -410
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.storage.js +122 -122
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.d.ts +13 -0
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.js +42 -0
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.dynamic.js +194 -194
- package/dist/src/modules/monitor/FetchInterceptor.d.ts +46 -0
- package/dist/src/modules/monitor/FetchInterceptor.js +191 -0
- package/dist/src/modules/monitor/PerformanceMonitor.js +8 -7
- package/dist/src/modules/monitor/PlaywrightNetworkMonitor.js +62 -62
- package/dist/src/modules/process/BaseMemoryManager.d.ts +1 -1
- package/dist/src/modules/process/LinuxProcessManager.js +2 -0
- package/dist/src/modules/process/MacProcessManager.js +25 -25
- package/dist/src/modules/process/MemoryManager.d.ts +1 -1
- package/dist/src/modules/process/MemoryManager.js +2 -2
- package/dist/src/modules/process/memory/AuditTrail.js +1 -1
- package/dist/src/modules/process/memory/availability.js +49 -49
- package/dist/src/modules/process/memory/injector.js +185 -185
- package/dist/src/modules/process/memory/reader.js +85 -53
- package/dist/src/modules/process/memory/regions.dump.js +51 -51
- package/dist/src/modules/process/memory/regions.enumerate.js +108 -108
- package/dist/src/modules/process/memory/regions.modules.js +80 -80
- package/dist/src/modules/process/memory/regions.protection.js +148 -115
- package/dist/src/modules/process/memory/scanner.d.ts +5 -1
- package/dist/src/modules/process/memory/scanner.darwin.js +98 -41
- package/dist/src/modules/process/memory/scanner.js +88 -4
- package/dist/src/modules/process/memory/scanner.windows.js +124 -124
- package/dist/src/modules/process/memory/writer.js +98 -58
- package/dist/src/modules/security/ExecutionSandbox.js +51 -52
- package/dist/src/modules/stealth/FingerprintManager.js +1 -1
- package/dist/src/modules/stealth/StealthScripts.d.ts +1 -0
- package/dist/src/modules/stealth/StealthScripts.js +18 -13
- package/dist/src/modules/stealth/StealthVerifier.js +1 -3
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.d.ts +14 -0
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.js +181 -2
- package/dist/src/modules/trace/TraceDB.js +75 -69
- package/dist/src/modules/trace/TraceRecorder.js +1 -5
- package/dist/src/native/AntiCheatDetector.js +67 -16
- package/dist/src/native/CodeInjector.js +3 -3
- package/dist/src/native/HardwareBreakpoint.js +24 -15
- package/dist/src/native/HeapAnalyzer.js +2 -2
- package/dist/src/native/MemoryController.js +1 -1
- package/dist/src/native/MemoryScanSession.js +2 -2
- package/dist/src/native/MemoryScanner.js +4 -8
- package/dist/src/native/NativeMemoryManager.impl.js +2 -2
- package/dist/src/native/PEAnalyzer.js +14 -15
- package/dist/src/native/PointerChainEngine.js +2 -4
- package/dist/src/native/ScriptLoader.js +4 -9
- package/dist/src/native/Speedhack.js +1 -1
- package/dist/src/native/StructureAnalyzer.js +52 -33
- package/dist/src/native/Win32API.d.ts +1 -0
- package/dist/src/native/Win32API.js +13 -0
- package/dist/src/native/Win32Debug.js +19 -19
- package/dist/src/native/platform/darwin/DarwinAPI.d.ts +2 -0
- package/dist/src/native/platform/darwin/DarwinAPI.js +8 -0
- package/dist/src/native/platform/darwin/DarwinMemoryProvider.js +6 -1
- package/dist/src/server/MCPServer.context.d.ts +2 -1
- package/dist/src/server/MCPServer.d.ts +2 -1
- package/dist/src/server/MCPServer.domain.d.ts +1 -1
- package/dist/src/server/MCPServer.domain.js +81 -16
- package/dist/src/server/MCPServer.js +41 -14
- package/dist/src/server/MCPServer.resources.d.ts +2 -0
- package/dist/src/server/MCPServer.resources.js +91 -0
- package/dist/src/server/MCPServer.search.handlers.call.js +2 -1
- package/dist/src/server/MCPServer.search.helpers.js +1 -1
- package/dist/src/server/MCPServer.transport.js +12 -0
- package/dist/src/server/ToolCallContextGuard.js +8 -0
- package/dist/src/server/ToolRouter.d.ts +25 -9
- package/dist/src/server/ToolRouter.intent.d.ts +26 -0
- package/dist/src/server/ToolRouter.intent.js +77 -0
- package/dist/src/server/ToolRouter.js +103 -284
- package/dist/src/server/ToolRouter.policy.d.ts +22 -0
- package/dist/src/server/ToolRouter.policy.js +163 -0
- package/dist/src/server/ToolRouter.probe.d.ts +17 -0
- package/dist/src/server/ToolRouter.probe.js +103 -0
- package/dist/src/server/ToolRouter.renderer.d.ts +9 -0
- package/dist/src/server/ToolRouter.renderer.js +52 -0
- package/dist/src/server/activation/ActivationController.js +15 -12
- package/dist/src/server/activation/CompoundConditionEngine.js +1 -1
- package/dist/src/server/activation/PredictiveBooster.js +1 -3
- package/dist/src/server/domains/analysis/definitions.js +155 -655
- package/dist/src/server/domains/analysis/handlers.impl.js +26 -20
- package/dist/src/server/domains/analysis/handlers.web-tools.js +2 -1
- package/dist/src/server/domains/analysis/manifest.js +6 -4
- package/dist/src/server/domains/antidebug/definitions.js +25 -111
- package/dist/src/server/domains/browser/definitions.tools.advanced.js +59 -88
- package/dist/src/server/domains/browser/definitions.tools.behavior.js +120 -227
- package/dist/src/server/domains/browser/definitions.tools.page-core.js +210 -439
- package/dist/src/server/domains/browser/definitions.tools.page-system.js +108 -250
- package/dist/src/server/domains/browser/definitions.tools.runtime.js +98 -211
- package/dist/src/server/domains/browser/definitions.tools.security.js +194 -339
- package/dist/src/server/domains/browser/handlers/camoufox-browser.js +3 -2
- package/dist/src/server/domains/browser/handlers/captcha-solver.js +3 -3
- package/dist/src/server/domains/browser/handlers/dom-query.js +2 -1
- package/dist/src/server/domains/browser/handlers/framework-state.js +27 -9
- package/dist/src/server/domains/browser/handlers/indexeddb-dump.js +21 -20
- package/dist/src/server/domains/browser/handlers/script-management.js +1 -1
- package/dist/src/server/domains/browser/handlers.impl.d.ts +1 -2
- package/dist/src/server/domains/browser/handlers.impl.js +2 -3
- package/dist/src/server/domains/browser/manifest.js +37 -13
- package/dist/src/server/domains/coordination/definitions.js +50 -216
- package/dist/src/server/domains/coordination/index.d.ts +2 -1
- package/dist/src/server/domains/coordination/index.js +1 -0
- package/dist/src/server/domains/debugger/definitions.tools.advanced.js +72 -189
- package/dist/src/server/domains/debugger/definitions.tools.core.js +114 -288
- package/dist/src/server/domains/debugger/manifest.js +9 -2
- package/dist/src/server/domains/encoding/definitions.js +43 -153
- package/dist/src/server/domains/encoding/handlers.base.js +2 -2
- package/dist/src/server/domains/evidence/definitions.d.ts +2 -0
- package/dist/src/server/domains/evidence/definitions.js +42 -0
- package/dist/src/server/domains/evidence/handlers.d.ts +582 -0
- package/dist/src/server/domains/evidence/handlers.js +60 -0
- package/dist/src/server/domains/evidence/index.d.ts +2 -0
- package/dist/src/server/domains/evidence/index.js +2 -0
- package/dist/src/server/domains/evidence/manifest.d.ts +63 -0
- package/dist/src/server/domains/evidence/manifest.js +78 -0
- package/dist/src/server/domains/graphql/definitions.js +53 -141
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.replay.js +92 -114
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.shared.js +77 -77
- package/dist/src/server/domains/hooks/ai-handlers.d.ts +0 -7
- package/dist/src/server/domains/hooks/ai-handlers.js +1 -67
- package/dist/src/server/domains/hooks/definitions.js +69 -335
- package/dist/src/server/domains/hooks/manifest.d.ts +1 -1
- package/dist/src/server/domains/hooks/manifest.js +1 -2
- package/dist/src/server/domains/instrumentation/definitions.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/definitions.js +99 -0
- package/dist/src/server/domains/instrumentation/handlers.d.ts +78 -0
- package/dist/src/server/domains/instrumentation/handlers.js +206 -0
- package/dist/src/server/domains/instrumentation/index.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/index.js +2 -0
- package/dist/src/server/domains/instrumentation/manifest.d.ts +63 -0
- package/dist/src/server/domains/instrumentation/manifest.js +114 -0
- package/dist/src/server/domains/macro/definitions.js +16 -43
- package/dist/src/server/domains/maintenance/definitions.js +60 -219
- package/dist/src/server/domains/maintenance/handlers.extensions.js +78 -20
- package/dist/src/server/domains/memory/definitions.js +387 -559
- package/dist/src/server/domains/memory/handlers/hooks.d.ts +55 -0
- package/dist/src/server/domains/memory/handlers/hooks.js +115 -0
- package/dist/src/server/domains/memory/handlers/integrity.d.ts +77 -0
- package/dist/src/server/domains/memory/handlers/integrity.js +180 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.js +82 -0
- package/dist/src/server/domains/memory/handlers/readwrite.d.ts +41 -0
- package/dist/src/server/domains/memory/handlers/readwrite.js +78 -0
- package/dist/src/server/domains/memory/handlers/scan.d.ts +35 -0
- package/dist/src/server/domains/memory/handlers/scan.js +97 -0
- package/dist/src/server/domains/memory/handlers/session.d.ts +23 -0
- package/dist/src/server/domains/memory/handlers/session.js +49 -0
- package/dist/src/server/domains/memory/handlers/structure.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/structure.js +74 -0
- package/dist/src/server/domains/memory/handlers.impl.d.ts +49 -54
- package/dist/src/server/domains/memory/handlers.impl.js +63 -494
- package/dist/src/server/domains/memory/manifest.js +236 -64
- package/dist/src/server/domains/native-bridge/definitions.js +54 -192
- package/dist/src/server/domains/native-bridge/index.d.ts +1 -0
- package/dist/src/server/domains/native-bridge/index.js +2 -1
- package/dist/src/server/domains/network/auth-extractor.js +1 -1
- package/dist/src/server/domains/network/definitions.js +175 -578
- package/dist/src/server/domains/network/handlers.base.core.d.ts +64 -0
- package/dist/src/server/domains/network/handlers.base.core.js +623 -0
- package/dist/src/server/domains/network/handlers.base.d.ts +2 -124
- package/dist/src/server/domains/network/handlers.base.js +3 -878
- package/dist/src/server/domains/network/handlers.base.performance.d.ts +63 -0
- package/dist/src/server/domains/network/handlers.base.performance.js +193 -0
- package/dist/src/server/domains/network/handlers.base.types.d.ts +42 -0
- package/dist/src/server/domains/network/handlers.base.types.js +89 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.d.ts +1 -1
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.d.ts +21 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.js +186 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.js +1 -1
- package/dist/src/server/domains/network/manifest.js +15 -0
- package/dist/src/server/domains/network/replay.js +1 -4
- package/dist/src/server/domains/platform/definitions.js +121 -112
- package/dist/src/server/domains/platform/handlers/bridge-handlers.d.ts +4 -0
- package/dist/src/server/domains/platform/handlers/bridge-handlers.js +193 -4
- package/dist/src/server/domains/platform/handlers/electron-asar-helpers.js +26 -6
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.js +170 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.js +193 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.d.ts +6 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.js +95 -2
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.js +370 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.js +78 -0
- package/dist/src/server/domains/platform/handlers/miniapp-handlers.js +3 -3
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.js +207 -0
- package/dist/src/server/domains/platform/handlers.d.ts +48 -0
- package/dist/src/server/domains/platform/handlers.js +29 -0
- package/dist/src/server/domains/platform/manifest.js +38 -0
- package/dist/src/server/domains/process/definitions.js +163 -647
- package/dist/src/server/domains/process/handlers.base.d.ts +3 -95
- package/dist/src/server/domains/process/handlers.base.js +7 -462
- package/dist/src/server/domains/process/handlers.base.process.d.ts +61 -0
- package/dist/src/server/domains/process/handlers.base.process.js +417 -0
- package/dist/src/server/domains/process/handlers.base.types.d.ts +57 -0
- package/dist/src/server/domains/process/handlers.base.types.js +50 -0
- package/dist/src/server/domains/process/handlers.impl.core.runtime.inject.js +18 -16
- package/dist/src/server/domains/process/manifest.js +6 -1
- package/dist/src/server/domains/sandbox/definitions.js +11 -33
- package/dist/src/server/domains/sandbox/handlers.js +8 -3
- package/dist/src/server/domains/shared/ResponseBuilder.d.ts +209 -0
- package/dist/src/server/domains/shared/ResponseBuilder.js +48 -0
- package/dist/src/server/domains/shared/modules.d.ts +0 -2
- package/dist/src/server/domains/shared/modules.js +0 -1
- package/dist/src/server/domains/sourcemap/definitions.js +27 -111
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-common.js +7 -2
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-main.js +1 -1
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-parse-base.js +1 -1
- package/dist/src/server/domains/sourcemap/manifest.d.ts +1 -1
- package/dist/src/server/domains/sourcemap/manifest.js +1 -1
- package/dist/src/server/domains/streaming/definitions.js +36 -148
- package/dist/src/server/domains/streaming/handlers.impl.streaming-sse.js +163 -164
- package/dist/src/server/domains/streaming/handlers.impl.streaming-ws.js +1 -1
- package/dist/src/server/domains/trace/TraceSummarizer.js +8 -5
- package/dist/src/server/domains/trace/definitions.tools.js +51 -206
- package/dist/src/server/domains/trace/handlers.js +10 -12
- package/dist/src/server/domains/trace/index.d.ts +2 -1
- package/dist/src/server/domains/trace/index.js +2 -1
- package/dist/src/server/domains/trace/manifest.js +15 -3
- package/dist/src/server/domains/transform/definitions.js +50 -210
- package/dist/src/server/domains/transform/handlers.impl.transform-base.js +108 -108
- package/dist/src/server/domains/transform/handlers.impl.transform-crypto.js +18 -19
- package/dist/src/server/domains/transform/manifest.d.ts +1 -1
- package/dist/src/server/domains/transform/manifest.js +1 -1
- package/dist/src/server/domains/wasm/definitions.js +55 -232
- package/dist/src/server/domains/wasm/handlers.js +1 -1
- package/dist/src/server/domains/workflow/definitions.js +144 -414
- package/dist/src/server/domains/workflow/handlers.impl.workflow-account-bundle.js +1 -1
- package/dist/src/server/domains/workflow/handlers.impl.workflow-api.js +51 -51
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.d.ts +2 -0
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.js +126 -87
- package/dist/src/server/domains/workflow/handlers.impl.workflow-batch.js +5 -5
- package/dist/src/server/evidence/ReverseEvidenceGraph.d.ts +20 -0
- package/dist/src/server/evidence/ReverseEvidenceGraph.js +208 -0
- package/dist/src/server/evidence/index.d.ts +2 -0
- package/dist/src/server/evidence/index.js +1 -0
- package/dist/src/server/evidence/types.d.ts +22 -0
- package/dist/src/server/evidence/types.js +1 -0
- package/dist/src/server/extensions/ExtensionManager.d.ts +1 -0
- package/dist/src/server/extensions/ExtensionManager.discovery.js +72 -9
- package/dist/src/server/extensions/ExtensionManager.integrity.js +1 -1
- package/dist/src/server/extensions/ExtensionManager.js +193 -40
- package/dist/src/server/extensions/ExtensionManager.roots.d.ts +1 -1
- package/dist/src/server/extensions/ExtensionManager.roots.js +4 -4
- package/dist/src/server/extensions/plugin-config.js +1 -1
- package/dist/src/server/extensions/plugin-env.d.ts +1 -1
- package/dist/src/server/extensions/plugin-env.js +10 -4
- package/dist/src/server/extensions/types.d.ts +17 -0
- package/dist/src/server/extensions/types.js +1 -1
- package/dist/src/server/instrumentation/EvidenceGraphBridge.d.ts +13 -0
- package/dist/src/server/instrumentation/EvidenceGraphBridge.js +150 -0
- package/dist/src/server/instrumentation/InstrumentationSession.d.ts +60 -0
- package/dist/src/server/instrumentation/InstrumentationSession.js +269 -0
- package/dist/src/server/instrumentation/index.d.ts +2 -0
- package/dist/src/server/instrumentation/index.js +2 -0
- package/dist/src/server/instrumentation/types.d.ts +62 -0
- package/dist/src/server/instrumentation/types.js +7 -0
- package/dist/src/server/macros/MacroConfigLoader.d.ts +6 -5
- package/dist/src/server/macros/MacroConfigLoader.js +61 -59
- package/dist/src/server/macros/MacroRunner.js +6 -2
- package/dist/src/server/macros/builtins/index.d.ts +2 -3
- package/dist/src/server/macros/builtins/index.js +51 -7
- package/dist/src/server/plugins/PluginContract.d.ts +1 -1
- package/dist/src/server/registry/contracts.d.ts +1 -1
- package/dist/src/server/registry/discovery.js +5 -4
- package/dist/src/server/registry/ensure-browser-core.js +0 -3
- package/dist/src/server/registry/index.js +4 -4
- package/dist/src/server/registry/tool-builder.d.ts +46 -0
- package/dist/src/server/registry/tool-builder.js +105 -0
- package/dist/src/server/sandbox/QuickJSSandbox.js +16 -5
- package/dist/src/server/sandbox/SandboxHelpers.js +250 -250
- package/dist/src/server/search/EmbeddingWorker.js +5 -3
- package/dist/src/server/search/FeedbackTracker.d.ts +9 -0
- package/dist/src/server/search/FeedbackTracker.js +26 -0
- package/dist/src/server/search/QueryNormalizer.d.ts +6 -0
- package/dist/src/server/search/QueryNormalizer.js +94 -0
- package/dist/src/server/search/ToolSearchEngineImpl.d.ts +2 -3
- package/dist/src/server/search/ToolSearchEngineImpl.js +38 -88
- package/dist/src/server/workflows/WorkflowContract.d.ts +24 -0
- package/dist/src/server/workflows/WorkflowContract.js +12 -0
- package/dist/src/server/workflows/WorkflowEngine.d.ts +1 -0
- package/dist/src/server/workflows/WorkflowEngine.js +136 -3
- package/dist/src/types/config.d.ts +0 -14
- package/dist/src/types/deobfuscator.d.ts +0 -1
- package/dist/src/types/index.d.ts +1 -1
- package/dist/src/utils/DetailedDataManager.js +2 -0
- package/dist/src/utils/RingBuffer.js +5 -5
- package/dist/src/utils/TokenBudgetManager.js +1 -1
- package/dist/src/utils/UnifiedCacheManager.js +1 -1
- package/dist/src/utils/artifactRetention.js +2 -2
- package/dist/src/utils/betterSqlite3.d.ts +11 -0
- package/dist/src/utils/betterSqlite3.js +88 -0
- package/dist/src/utils/browserExecutable.js +2 -2
- package/dist/src/utils/cliFastPath.js +5 -8
- package/dist/src/utils/config.js +4 -26
- package/dist/src/utils/environmentDoctor.js +138 -11
- package/dist/src/utils/outputPaths.js +16 -9
- package/dist/src/utils/parallel.js +1 -3
- package/package.json +74 -72
- package/workflows/.gitkeep +0 -0
- package/dist/src/modules/analyzer/AISummarizer.d.ts +0 -39
- package/dist/src/modules/analyzer/AISummarizer.js +0 -122
- package/dist/src/modules/hook/AIHookGenerator.d.ts +0 -52
- package/dist/src/modules/hook/AIHookGenerator.js +0 -360
- package/dist/src/modules/hook/AIHookGeneratorTemplates.d.ts +0 -9
- package/dist/src/modules/hook/AIHookGeneratorTemplates.js +0 -157
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.js +0 -25
- package/dist/src/server/macros/builtins/unpacker-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/unpacker-flow.js +0 -25
- package/dist/src/services/LLMService.d.ts +0 -37
- package/dist/src/services/LLMService.js +0 -233
- package/dist/src/services/prompts/analysis.d.ts +0 -9
- package/dist/src/services/prompts/analysis.js +0 -158
- package/dist/src/services/prompts/crypto.d.ts +0 -2
- package/dist/src/services/prompts/crypto.js +0 -108
- package/dist/src/services/prompts/deobfuscation.d.ts +0 -6
- package/dist/src/services/prompts/deobfuscation.js +0 -300
- package/dist/src/services/prompts/environment.d.ts +0 -16
- package/dist/src/services/prompts/environment.js +0 -372
- package/dist/src/services/prompts/intelligence.d.ts +0 -4
- package/dist/src/services/prompts/intelligence.js +0 -250
- package/dist/src/services/prompts/taint.d.ts +0 -2
- package/dist/src/services/prompts/taint.js +0 -54
|
@@ -7,130 +7,130 @@ function buildMemoryScanScript(pid, pattern, patternType) {
|
|
|
7
7
|
const { patternBytes, mask } = buildPatternBytesAndMask(pattern, patternType);
|
|
8
8
|
const patternArray = patternBytes.join(',');
|
|
9
9
|
const maskArray = mask.join(',');
|
|
10
|
-
return `
|
|
11
|
-
Add-Type @"
|
|
12
|
-
using System;
|
|
13
|
-
using System.Runtime.InteropServices;
|
|
14
|
-
using System.Collections.Generic;
|
|
15
|
-
using System.ComponentModel;
|
|
16
|
-
|
|
17
|
-
public class MemoryScanner {
|
|
18
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
19
|
-
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
20
|
-
|
|
21
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
22
|
-
public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int read);
|
|
23
|
-
|
|
24
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
25
|
-
public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr addr, out MEMORY_BASIC_INFORMATION info, int size);
|
|
26
|
-
|
|
27
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
28
|
-
public static extern bool CloseHandle(IntPtr handle);
|
|
29
|
-
|
|
30
|
-
const int PROCESS_VM_READ = 0x0010;
|
|
31
|
-
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
32
|
-
|
|
33
|
-
[StructLayout(LayoutKind.Sequential)]
|
|
34
|
-
public struct MEMORY_BASIC_INFORMATION {
|
|
35
|
-
public IntPtr BaseAddress;
|
|
36
|
-
public IntPtr AllocationBase;
|
|
37
|
-
public uint AllocationProtect;
|
|
38
|
-
public IntPtr RegionSize;
|
|
39
|
-
public uint State;
|
|
40
|
-
public uint Protect;
|
|
41
|
-
public uint Type;
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
const uint MEM_COMMIT = 0x1000;
|
|
45
|
-
const uint PAGE_READONLY = 0x02;
|
|
46
|
-
const uint PAGE_READWRITE = 0x04;
|
|
47
|
-
const uint PAGE_WRITECOPY = 0x08;
|
|
48
|
-
const uint PAGE_EXECUTE_READ = 0x20;
|
|
49
|
-
const uint PAGE_EXECUTE_READWRITE = 0x40;
|
|
50
|
-
|
|
51
|
-
public static List<string> ScanMemory(int pid, byte[] pattern, byte[] mask, int maxResults = 10000) {
|
|
52
|
-
var results = new List<string>();
|
|
53
|
-
IntPtr hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, pid);
|
|
54
|
-
if (hProcess == IntPtr.Zero) {
|
|
55
|
-
int error = Marshal.GetLastWin32Error();
|
|
56
|
-
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
57
|
-
}
|
|
58
|
-
|
|
59
|
-
try {
|
|
60
|
-
IntPtr addr = IntPtr.Zero;
|
|
61
|
-
MEMORY_BASIC_INFORMATION info;
|
|
62
|
-
int infoSize = Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION));
|
|
63
|
-
int scannedRegions = 0;
|
|
64
|
-
|
|
65
|
-
while (VirtualQueryEx(hProcess, addr, out info, infoSize) == infoSize) {
|
|
66
|
-
scannedRegions++;
|
|
67
|
-
bool isReadable = (info.State == MEM_COMMIT) &&
|
|
68
|
-
((info.Protect & PAGE_READONLY) != 0 ||
|
|
69
|
-
(info.Protect & PAGE_READWRITE) != 0 ||
|
|
70
|
-
(info.Protect & PAGE_WRITECOPY) != 0 ||
|
|
71
|
-
(info.Protect & PAGE_EXECUTE_READ) != 0 ||
|
|
72
|
-
(info.Protect & PAGE_EXECUTE_READWRITE) != 0);
|
|
73
|
-
|
|
74
|
-
if (isReadable && info.RegionSize.ToInt64() > 0 && info.RegionSize.ToInt64() < 1073741824) {
|
|
75
|
-
long regionSize = info.RegionSize.ToInt64();
|
|
76
|
-
if (regionSize > 16777216) regionSize = 16777216; // bound scan window per region (16MB)
|
|
77
|
-
byte[] buffer = new byte[(int)regionSize];
|
|
78
|
-
int bytesRead;
|
|
79
|
-
|
|
80
|
-
if (ReadProcessMemory(hProcess, info.BaseAddress, buffer, buffer.Length, out bytesRead)) {
|
|
81
|
-
for (int i = 0; i <= bytesRead - pattern.Length; i++) {
|
|
82
|
-
if (PatternMatch(buffer, i, pattern, mask)) {
|
|
83
|
-
long foundAddr = info.BaseAddress.ToInt64() + i;
|
|
84
|
-
results.Add("0x" + foundAddr.ToString("X"));
|
|
85
|
-
if (results.Count >= maxResults) break;
|
|
86
|
-
}
|
|
87
|
-
}
|
|
88
|
-
}
|
|
89
|
-
}
|
|
90
|
-
|
|
91
|
-
if (results.Count >= maxResults) break;
|
|
92
|
-
if (scannedRegions >= 50000) break;
|
|
93
|
-
long baseAddr = info.BaseAddress.ToInt64();
|
|
94
|
-
long regionSizeRaw = info.RegionSize.ToInt64();
|
|
95
|
-
if (regionSizeRaw <= 0) break;
|
|
96
|
-
long nextAddr = baseAddr + regionSizeRaw;
|
|
97
|
-
if (nextAddr <= baseAddr) break;
|
|
98
|
-
addr = new IntPtr(nextAddr);
|
|
99
|
-
if (addr.ToInt64() >= 0x7FFFFFFF0000) break;
|
|
100
|
-
}
|
|
101
|
-
|
|
102
|
-
return results;
|
|
103
|
-
} finally {
|
|
104
|
-
CloseHandle(hProcess);
|
|
105
|
-
}
|
|
106
|
-
}
|
|
107
|
-
|
|
108
|
-
private static bool PatternMatch(byte[] buffer, int offset, byte[] pattern, byte[] mask) {
|
|
109
|
-
for (int i = 0; i < pattern.Length; i++) {
|
|
110
|
-
if (mask[i] == 1 && buffer[offset + i] != pattern[i]) {
|
|
111
|
-
return false;
|
|
112
|
-
}
|
|
113
|
-
}
|
|
114
|
-
return true;
|
|
115
|
-
}
|
|
116
|
-
}
|
|
117
|
-
"@
|
|
118
|
-
|
|
119
|
-
try {
|
|
120
|
-
$patternBytes = @(${patternArray})
|
|
121
|
-
$maskBytes = @(${maskArray})
|
|
122
|
-
$results = [MemoryScanner]::ScanMemory(${pid}, $patternBytes, $maskBytes, 1000)
|
|
123
|
-
@{
|
|
124
|
-
success = $true;
|
|
125
|
-
addresses = $results;
|
|
126
|
-
stats = @{
|
|
127
|
-
patternLength = $patternBytes.Length;
|
|
128
|
-
resultsFound = $results.Count
|
|
129
|
-
}
|
|
130
|
-
} | ConvertTo-Json -Compress
|
|
131
|
-
} catch {
|
|
132
|
-
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
133
|
-
}
|
|
10
|
+
return `
|
|
11
|
+
Add-Type @"
|
|
12
|
+
using System;
|
|
13
|
+
using System.Runtime.InteropServices;
|
|
14
|
+
using System.Collections.Generic;
|
|
15
|
+
using System.ComponentModel;
|
|
16
|
+
|
|
17
|
+
public class MemoryScanner {
|
|
18
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
19
|
+
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
20
|
+
|
|
21
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
22
|
+
public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int read);
|
|
23
|
+
|
|
24
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
25
|
+
public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr addr, out MEMORY_BASIC_INFORMATION info, int size);
|
|
26
|
+
|
|
27
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
28
|
+
public static extern bool CloseHandle(IntPtr handle);
|
|
29
|
+
|
|
30
|
+
const int PROCESS_VM_READ = 0x0010;
|
|
31
|
+
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
32
|
+
|
|
33
|
+
[StructLayout(LayoutKind.Sequential)]
|
|
34
|
+
public struct MEMORY_BASIC_INFORMATION {
|
|
35
|
+
public IntPtr BaseAddress;
|
|
36
|
+
public IntPtr AllocationBase;
|
|
37
|
+
public uint AllocationProtect;
|
|
38
|
+
public IntPtr RegionSize;
|
|
39
|
+
public uint State;
|
|
40
|
+
public uint Protect;
|
|
41
|
+
public uint Type;
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
const uint MEM_COMMIT = 0x1000;
|
|
45
|
+
const uint PAGE_READONLY = 0x02;
|
|
46
|
+
const uint PAGE_READWRITE = 0x04;
|
|
47
|
+
const uint PAGE_WRITECOPY = 0x08;
|
|
48
|
+
const uint PAGE_EXECUTE_READ = 0x20;
|
|
49
|
+
const uint PAGE_EXECUTE_READWRITE = 0x40;
|
|
50
|
+
|
|
51
|
+
public static List<string> ScanMemory(int pid, byte[] pattern, byte[] mask, int maxResults = 10000) {
|
|
52
|
+
var results = new List<string>();
|
|
53
|
+
IntPtr hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, pid);
|
|
54
|
+
if (hProcess == IntPtr.Zero) {
|
|
55
|
+
int error = Marshal.GetLastWin32Error();
|
|
56
|
+
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
try {
|
|
60
|
+
IntPtr addr = IntPtr.Zero;
|
|
61
|
+
MEMORY_BASIC_INFORMATION info;
|
|
62
|
+
int infoSize = Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION));
|
|
63
|
+
int scannedRegions = 0;
|
|
64
|
+
|
|
65
|
+
while (VirtualQueryEx(hProcess, addr, out info, infoSize) == infoSize) {
|
|
66
|
+
scannedRegions++;
|
|
67
|
+
bool isReadable = (info.State == MEM_COMMIT) &&
|
|
68
|
+
((info.Protect & PAGE_READONLY) != 0 ||
|
|
69
|
+
(info.Protect & PAGE_READWRITE) != 0 ||
|
|
70
|
+
(info.Protect & PAGE_WRITECOPY) != 0 ||
|
|
71
|
+
(info.Protect & PAGE_EXECUTE_READ) != 0 ||
|
|
72
|
+
(info.Protect & PAGE_EXECUTE_READWRITE) != 0);
|
|
73
|
+
|
|
74
|
+
if (isReadable && info.RegionSize.ToInt64() > 0 && info.RegionSize.ToInt64() < 1073741824) {
|
|
75
|
+
long regionSize = info.RegionSize.ToInt64();
|
|
76
|
+
if (regionSize > 16777216) regionSize = 16777216; // bound scan window per region (16MB)
|
|
77
|
+
byte[] buffer = new byte[(int)regionSize];
|
|
78
|
+
int bytesRead;
|
|
79
|
+
|
|
80
|
+
if (ReadProcessMemory(hProcess, info.BaseAddress, buffer, buffer.Length, out bytesRead)) {
|
|
81
|
+
for (int i = 0; i <= bytesRead - pattern.Length; i++) {
|
|
82
|
+
if (PatternMatch(buffer, i, pattern, mask)) {
|
|
83
|
+
long foundAddr = info.BaseAddress.ToInt64() + i;
|
|
84
|
+
results.Add("0x" + foundAddr.ToString("X"));
|
|
85
|
+
if (results.Count >= maxResults) break;
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
if (results.Count >= maxResults) break;
|
|
92
|
+
if (scannedRegions >= 50000) break;
|
|
93
|
+
long baseAddr = info.BaseAddress.ToInt64();
|
|
94
|
+
long regionSizeRaw = info.RegionSize.ToInt64();
|
|
95
|
+
if (regionSizeRaw <= 0) break;
|
|
96
|
+
long nextAddr = baseAddr + regionSizeRaw;
|
|
97
|
+
if (nextAddr <= baseAddr) break;
|
|
98
|
+
addr = new IntPtr(nextAddr);
|
|
99
|
+
if (addr.ToInt64() >= 0x7FFFFFFF0000) break;
|
|
100
|
+
}
|
|
101
|
+
|
|
102
|
+
return results;
|
|
103
|
+
} finally {
|
|
104
|
+
CloseHandle(hProcess);
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
private static bool PatternMatch(byte[] buffer, int offset, byte[] pattern, byte[] mask) {
|
|
109
|
+
for (int i = 0; i < pattern.Length; i++) {
|
|
110
|
+
if (mask[i] == 1 && buffer[offset + i] != pattern[i]) {
|
|
111
|
+
return false;
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
return true;
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
"@
|
|
118
|
+
|
|
119
|
+
try {
|
|
120
|
+
$patternBytes = @(${patternArray})
|
|
121
|
+
$maskBytes = @(${maskArray})
|
|
122
|
+
$results = [MemoryScanner]::ScanMemory(${pid}, $patternBytes, $maskBytes, 1000)
|
|
123
|
+
@{
|
|
124
|
+
success = $true;
|
|
125
|
+
addresses = $results;
|
|
126
|
+
stats = @{
|
|
127
|
+
patternLength = $patternBytes.Length;
|
|
128
|
+
resultsFound = $results.Count
|
|
129
|
+
}
|
|
130
|
+
} | ConvertTo-Json -Compress
|
|
131
|
+
} catch {
|
|
132
|
+
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
133
|
+
}
|
|
134
134
|
`.trim();
|
|
135
135
|
}
|
|
136
136
|
export async function scanMemoryWindows(pid, pattern, patternType) {
|
|
@@ -1,64 +1,65 @@
|
|
|
1
1
|
import { logger } from '../../../utils/logger.js';
|
|
2
2
|
import { nativeMemoryManager } from '../../../native/NativeMemoryManager.js';
|
|
3
3
|
import { isKoffiAvailable } from '../../../native/Win32API.js';
|
|
4
|
+
import { MEMORY_MAX_WRITE_BYTES } from '../../../constants.js';
|
|
4
5
|
import { execAsync, executePowerShellScript, } from '../../process/memory/types.js';
|
|
5
6
|
async function writeMemoryWindows(pid, address, data) {
|
|
6
7
|
try {
|
|
7
8
|
const hexData = data.toString('hex').toUpperCase();
|
|
8
|
-
const psScript = `
|
|
9
|
-
Add-Type @"
|
|
10
|
-
using System;
|
|
11
|
-
using System.Runtime.InteropServices;
|
|
12
|
-
using System.ComponentModel;
|
|
13
|
-
|
|
14
|
-
public class MemoryWriter {
|
|
15
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
16
|
-
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
17
|
-
|
|
18
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
19
|
-
public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
|
|
20
|
-
|
|
21
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
22
|
-
public static extern bool CloseHandle(IntPtr handle);
|
|
23
|
-
|
|
24
|
-
const int PROCESS_VM_WRITE = 0x0020;
|
|
25
|
-
const int PROCESS_VM_OPERATION = 0x0008;
|
|
26
|
-
|
|
27
|
-
public static int WriteMemory(int pid, long address, string hexData) {
|
|
28
|
-
IntPtr hProcess = OpenProcess(PROCESS_VM_WRITE | PROCESS_VM_OPERATION, false, pid);
|
|
29
|
-
if (hProcess == IntPtr.Zero) {
|
|
30
|
-
int error = Marshal.GetLastWin32Error();
|
|
31
|
-
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
32
|
-
}
|
|
33
|
-
|
|
34
|
-
try {
|
|
35
|
-
byte[] buffer = new byte[hexData.Length / 2];
|
|
36
|
-
for (int i = 0; i < hexData.Length; i += 2) {
|
|
37
|
-
buffer[i / 2] = Convert.ToByte(hexData.Substring(i, 2), 16);
|
|
38
|
-
}
|
|
39
|
-
|
|
40
|
-
int bytesWritten;
|
|
41
|
-
bool success = WriteProcessMemory(hProcess, (IntPtr)address, buffer, buffer.Length, out bytesWritten);
|
|
42
|
-
|
|
43
|
-
if (!success) {
|
|
44
|
-
int error = Marshal.GetLastWin32Error();
|
|
45
|
-
throw new Win32Exception(error, "Failed to write memory");
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
return bytesWritten;
|
|
49
|
-
} finally {
|
|
50
|
-
CloseHandle(hProcess);
|
|
51
|
-
}
|
|
52
|
-
}
|
|
53
|
-
}
|
|
54
|
-
"@
|
|
55
|
-
|
|
56
|
-
try {
|
|
57
|
-
$bytesWritten = [MemoryWriter]::WriteMemory(${pid}, ${address}, "${hexData}")
|
|
58
|
-
@{ success = $true; bytesWritten = $bytesWritten } | ConvertTo-Json -Compress
|
|
59
|
-
} catch {
|
|
60
|
-
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
61
|
-
}
|
|
9
|
+
const psScript = `
|
|
10
|
+
Add-Type @"
|
|
11
|
+
using System;
|
|
12
|
+
using System.Runtime.InteropServices;
|
|
13
|
+
using System.ComponentModel;
|
|
14
|
+
|
|
15
|
+
public class MemoryWriter {
|
|
16
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
17
|
+
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
18
|
+
|
|
19
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
20
|
+
public static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr addr, byte[] buffer, int size, out int written);
|
|
21
|
+
|
|
22
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
23
|
+
public static extern bool CloseHandle(IntPtr handle);
|
|
24
|
+
|
|
25
|
+
const int PROCESS_VM_WRITE = 0x0020;
|
|
26
|
+
const int PROCESS_VM_OPERATION = 0x0008;
|
|
27
|
+
|
|
28
|
+
public static int WriteMemory(int pid, long address, string hexData) {
|
|
29
|
+
IntPtr hProcess = OpenProcess(PROCESS_VM_WRITE | PROCESS_VM_OPERATION, false, pid);
|
|
30
|
+
if (hProcess == IntPtr.Zero) {
|
|
31
|
+
int error = Marshal.GetLastWin32Error();
|
|
32
|
+
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
33
|
+
}
|
|
34
|
+
|
|
35
|
+
try {
|
|
36
|
+
byte[] buffer = new byte[hexData.Length / 2];
|
|
37
|
+
for (int i = 0; i < hexData.Length; i += 2) {
|
|
38
|
+
buffer[i / 2] = Convert.ToByte(hexData.Substring(i, 2), 16);
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
int bytesWritten;
|
|
42
|
+
bool success = WriteProcessMemory(hProcess, (IntPtr)address, buffer, buffer.Length, out bytesWritten);
|
|
43
|
+
|
|
44
|
+
if (!success) {
|
|
45
|
+
int error = Marshal.GetLastWin32Error();
|
|
46
|
+
throw new Win32Exception(error, "Failed to write memory");
|
|
47
|
+
}
|
|
48
|
+
|
|
49
|
+
return bytesWritten;
|
|
50
|
+
} finally {
|
|
51
|
+
CloseHandle(hProcess);
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
"@
|
|
56
|
+
|
|
57
|
+
try {
|
|
58
|
+
$bytesWritten = [MemoryWriter]::WriteMemory(${pid}, ${address}, "${hexData}")
|
|
59
|
+
@{ success = $true; bytesWritten = $bytesWritten } | ConvertTo-Json -Compress
|
|
60
|
+
} catch {
|
|
61
|
+
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
62
|
+
}
|
|
62
63
|
`;
|
|
63
64
|
const { stdout } = await executePowerShellScript(psScript, { maxBuffer: 1024 * 1024 });
|
|
64
65
|
const _trimmed = stdout.trim();
|
|
@@ -108,11 +109,32 @@ async function writeMemoryMac(pid, address, data, checkProtectionFn) {
|
|
|
108
109
|
if (address === 0) {
|
|
109
110
|
return { success: false, error: 'Invalid address: null pointer (0x0)' };
|
|
110
111
|
}
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
112
|
+
if (data.length === 0 || data.length > MEMORY_MAX_WRITE_BYTES) {
|
|
113
|
+
return {
|
|
114
|
+
success: false,
|
|
115
|
+
error: `Invalid write size: must be 1–${MEMORY_MAX_WRITE_BYTES} bytes`,
|
|
116
|
+
};
|
|
114
117
|
}
|
|
115
118
|
const addrHex = `0x${address.toString(16)}`;
|
|
119
|
+
try {
|
|
120
|
+
const { createPlatformProvider } = await import('../../../native/platform/factory.js');
|
|
121
|
+
const provider = createPlatformProvider();
|
|
122
|
+
const avail = await provider.checkAvailability();
|
|
123
|
+
if (avail.available) {
|
|
124
|
+
const handle = provider.openProcess(pid, true);
|
|
125
|
+
try {
|
|
126
|
+
const result = provider.writeMemory(handle, BigInt(address), data);
|
|
127
|
+
logger.debug('Native Mach memory write succeeded (zero-pause)');
|
|
128
|
+
return { success: true, bytesWritten: result.bytesWritten };
|
|
129
|
+
}
|
|
130
|
+
finally {
|
|
131
|
+
provider.closeProcess(handle);
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
catch (nativeErr) {
|
|
136
|
+
logger.debug('Native Mach write failed, falling back to lldb:', nativeErr);
|
|
137
|
+
}
|
|
116
138
|
const prot = await checkProtectionFn(pid, addrHex);
|
|
117
139
|
if (!prot.success) {
|
|
118
140
|
return { success: false, error: `Cannot verify memory region: ${prot.error}` };
|
|
@@ -138,8 +160,12 @@ async function writeMemoryMac(pid, address, data, checkProtectionFn) {
|
|
|
138
160
|
return { success: false, error: error instanceof Error ? error.message : String(error) };
|
|
139
161
|
}
|
|
140
162
|
}
|
|
163
|
+
const HEX_ADDR = /^(?:0x)?[0-9a-fA-F]{1,16}$/;
|
|
141
164
|
export async function writeMemory(platform, pid, address, data, encoding = 'hex', checkProtectionFn) {
|
|
142
165
|
try {
|
|
166
|
+
if (!HEX_ADDR.test(address)) {
|
|
167
|
+
return { success: false, error: 'Invalid address format. Use hex like "0x12345678"' };
|
|
168
|
+
}
|
|
143
169
|
const addrNum = parseInt(address, 16);
|
|
144
170
|
if (isNaN(addrNum)) {
|
|
145
171
|
return { success: false, error: 'Invalid address format' };
|
|
@@ -154,9 +180,15 @@ export async function writeMemory(platform, pid, address, data, encoding = 'hex'
|
|
|
154
180
|
buffer = Buffer.from(cleanHex, 'hex');
|
|
155
181
|
}
|
|
156
182
|
}
|
|
157
|
-
catch
|
|
183
|
+
catch {
|
|
158
184
|
return { success: false, error: `Invalid ${encoding} data` };
|
|
159
185
|
}
|
|
186
|
+
if (buffer.length === 0 || buffer.length > MEMORY_MAX_WRITE_BYTES) {
|
|
187
|
+
return {
|
|
188
|
+
success: false,
|
|
189
|
+
error: `Write size must be 1–${MEMORY_MAX_WRITE_BYTES} bytes (${(MEMORY_MAX_WRITE_BYTES / 1024).toFixed(0)} KB)`,
|
|
190
|
+
};
|
|
191
|
+
}
|
|
160
192
|
if (platform === 'win32' && isKoffiAvailable()) {
|
|
161
193
|
try {
|
|
162
194
|
const result = await nativeMemoryManager.writeMemory(pid, address, data, encoding);
|
|
@@ -189,7 +221,15 @@ export async function writeMemory(platform, pid, address, data, encoding = 'hex'
|
|
|
189
221
|
return { success: false, error: error instanceof Error ? error.message : String(error) };
|
|
190
222
|
}
|
|
191
223
|
}
|
|
224
|
+
const MAX_BATCH_PATCHES = 1000;
|
|
192
225
|
export async function batchMemoryWrite(pid, patches, writeFn) {
|
|
226
|
+
if (patches.length > MAX_BATCH_PATCHES) {
|
|
227
|
+
return {
|
|
228
|
+
success: false,
|
|
229
|
+
results: [],
|
|
230
|
+
error: `Too many patches (${patches.length}), max ${MAX_BATCH_PATCHES}`,
|
|
231
|
+
};
|
|
232
|
+
}
|
|
193
233
|
const results = [];
|
|
194
234
|
for (const patch of patches) {
|
|
195
235
|
const result = await writeFn(pid, patch.address, patch.data, patch.encoding || 'hex');
|
|
@@ -2,50 +2,50 @@ import { Worker } from 'node:worker_threads';
|
|
|
2
2
|
import { logger } from '../../utils/logger.js';
|
|
3
3
|
import { cpuLimit } from '../../utils/concurrency.js';
|
|
4
4
|
import { SANDBOX_EXEC_TIMEOUT_MS, SANDBOX_MEMORY_LIMIT_MB, SANDBOX_STACK_SIZE_MB, SANDBOX_TERMINATE_GRACE_MS, } from '../../constants.js';
|
|
5
|
-
const WORKER_SCRIPT = `
|
|
6
|
-
import { workerData, parentPort } from 'node:worker_threads';
|
|
7
|
-
import * as vm from 'node:vm';
|
|
8
|
-
|
|
9
|
-
const { code, timeoutMs } = workerData;
|
|
10
|
-
|
|
11
|
-
try {
|
|
12
|
-
// Create an isolated context with minimal globals
|
|
13
|
-
const sandbox = {
|
|
14
|
-
// Safe built-ins only
|
|
15
|
-
parseInt, parseFloat, isNaN, isFinite,
|
|
16
|
-
encodeURIComponent, decodeURIComponent,
|
|
17
|
-
encodeURI, decodeURI,
|
|
18
|
-
JSON: { parse: JSON.parse, stringify: JSON.stringify },
|
|
19
|
-
Math,
|
|
20
|
-
String, Number, Boolean, Array, Object, Map, Set,
|
|
21
|
-
Date, RegExp, Error, TypeError, RangeError,
|
|
22
|
-
Promise,
|
|
23
|
-
Symbol,
|
|
24
|
-
undefined,
|
|
25
|
-
NaN,
|
|
26
|
-
Infinity,
|
|
27
|
-
// Explicitly denied: require, process, __filename, __dirname, Buffer, setTimeout, setInterval, fetch
|
|
28
|
-
};
|
|
29
|
-
|
|
30
|
-
const context = vm.createContext(sandbox, {
|
|
31
|
-
name: 'jshook-sandbox',
|
|
32
|
-
codeGeneration: { strings: false, wasm: false },
|
|
33
|
-
});
|
|
34
|
-
|
|
35
|
-
const script = new vm.Script(code, {
|
|
36
|
-
filename: 'sandbox-eval.js',
|
|
37
|
-
timeout: timeoutMs,
|
|
38
|
-
});
|
|
39
|
-
|
|
40
|
-
const result = script.runInContext(context, { timeout: timeoutMs });
|
|
41
|
-
parentPort.postMessage({ ok: true, output: result });
|
|
42
|
-
} catch (err) {
|
|
43
|
-
parentPort.postMessage({
|
|
44
|
-
ok: false,
|
|
45
|
-
error: err.message || String(err),
|
|
46
|
-
timedOut: err.code === 'ERR_SCRIPT_EXECUTION_TIMEOUT',
|
|
47
|
-
});
|
|
48
|
-
}
|
|
5
|
+
const WORKER_SCRIPT = `
|
|
6
|
+
import { workerData, parentPort } from 'node:worker_threads';
|
|
7
|
+
import * as vm from 'node:vm';
|
|
8
|
+
|
|
9
|
+
const { code, timeoutMs } = workerData;
|
|
10
|
+
|
|
11
|
+
try {
|
|
12
|
+
// Create an isolated context with minimal globals
|
|
13
|
+
const sandbox = {
|
|
14
|
+
// Safe built-ins only
|
|
15
|
+
parseInt, parseFloat, isNaN, isFinite,
|
|
16
|
+
encodeURIComponent, decodeURIComponent,
|
|
17
|
+
encodeURI, decodeURI,
|
|
18
|
+
JSON: { parse: JSON.parse, stringify: JSON.stringify },
|
|
19
|
+
Math,
|
|
20
|
+
String, Number, Boolean, Array, Object, Map, Set,
|
|
21
|
+
Date, RegExp, Error, TypeError, RangeError,
|
|
22
|
+
Promise,
|
|
23
|
+
Symbol,
|
|
24
|
+
undefined,
|
|
25
|
+
NaN,
|
|
26
|
+
Infinity,
|
|
27
|
+
// Explicitly denied: require, process, __filename, __dirname, Buffer, setTimeout, setInterval, fetch
|
|
28
|
+
};
|
|
29
|
+
|
|
30
|
+
const context = vm.createContext(sandbox, {
|
|
31
|
+
name: 'jshook-sandbox',
|
|
32
|
+
codeGeneration: { strings: false, wasm: false },
|
|
33
|
+
});
|
|
34
|
+
|
|
35
|
+
const script = new vm.Script(code, {
|
|
36
|
+
filename: 'sandbox-eval.js',
|
|
37
|
+
timeout: timeoutMs,
|
|
38
|
+
});
|
|
39
|
+
|
|
40
|
+
const result = script.runInContext(context, { timeout: timeoutMs });
|
|
41
|
+
parentPort.postMessage({ ok: true, output: result });
|
|
42
|
+
} catch (err) {
|
|
43
|
+
parentPort.postMessage({
|
|
44
|
+
ok: false,
|
|
45
|
+
error: err.message || String(err),
|
|
46
|
+
timedOut: err.code === 'ERR_SCRIPT_EXECUTION_TIMEOUT',
|
|
47
|
+
});
|
|
48
|
+
}
|
|
49
49
|
`;
|
|
50
50
|
export class ExecutionSandbox {
|
|
51
51
|
async execute(request) {
|
|
@@ -57,7 +57,13 @@ export class ExecutionSandbox {
|
|
|
57
57
|
const startTime = Date.now();
|
|
58
58
|
return new Promise((resolve) => {
|
|
59
59
|
let settled = false;
|
|
60
|
-
|
|
60
|
+
const terminationTimeout = setTimeout(() => {
|
|
61
|
+
if (!settled) {
|
|
62
|
+
void worker.terminate();
|
|
63
|
+
logger.warn(`[ExecutionSandbox] Worker terminated after ${timeoutMs + SANDBOX_TERMINATE_GRACE_MS}ms`);
|
|
64
|
+
finish({ ok: false, error: 'Execution timed out (worker terminated)', timedOut: true });
|
|
65
|
+
}
|
|
66
|
+
}, timeoutMs + SANDBOX_TERMINATE_GRACE_MS);
|
|
61
67
|
const workerOptions = {
|
|
62
68
|
eval: true,
|
|
63
69
|
workerData: {
|
|
@@ -80,13 +86,6 @@ export class ExecutionSandbox {
|
|
|
80
86
|
clearTimeout(terminationTimeout);
|
|
81
87
|
resolve({ ...result, durationMs: Date.now() - startTime });
|
|
82
88
|
};
|
|
83
|
-
terminationTimeout = setTimeout(() => {
|
|
84
|
-
if (!settled) {
|
|
85
|
-
void worker.terminate();
|
|
86
|
-
logger.warn(`[ExecutionSandbox] Worker terminated after ${timeoutMs + SANDBOX_TERMINATE_GRACE_MS}ms`);
|
|
87
|
-
finish({ ok: false, error: 'Execution timed out (worker terminated)', timedOut: true });
|
|
88
|
-
}
|
|
89
|
-
}, timeoutMs + SANDBOX_TERMINATE_GRACE_MS);
|
|
90
89
|
worker.on('message', (msg) => {
|
|
91
90
|
finish({
|
|
92
91
|
ok: msg.ok,
|
|
@@ -70,7 +70,7 @@ export class FingerprintManager {
|
|
|
70
70
|
throw new Error('fingerprint-injector not installed');
|
|
71
71
|
}
|
|
72
72
|
try {
|
|
73
|
-
const { newInjectedPage } = await import('fingerprint-injector');
|
|
73
|
+
const { newInjectedPage } = (await import('fingerprint-injector'));
|
|
74
74
|
const fp = 'fingerprint' in profile ? profile.fingerprint : profile;
|
|
75
75
|
await newInjectedPage(page, { fingerprint: fp });
|
|
76
76
|
logger.info('Fingerprint injected into page');
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { type Page } from 'rebrowser-puppeteer-core';
|
|
2
2
|
export declare class StealthScripts {
|
|
3
|
+
protected constructor();
|
|
3
4
|
protected static injectedPages: WeakSet<object>;
|
|
4
5
|
static injectAll(page: Page): Promise<void>;
|
|
5
6
|
static injectTimingDefense(page: Page): Promise<void>;
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import {} from 'rebrowser-puppeteer-core';
|
|
2
2
|
import { logger } from '../../utils/logger.js';
|
|
3
3
|
export class StealthScripts {
|
|
4
|
+
constructor() { }
|
|
4
5
|
static injectedPages = new WeakSet();
|
|
5
6
|
static async injectAll(page) {
|
|
6
7
|
if (this.injectedPages.has(page)) {
|
|
@@ -190,29 +191,33 @@ export class StealthScripts {
|
|
|
190
191
|
await page.evaluateOnNewDocument(() => {
|
|
191
192
|
const originalToDataURL = HTMLCanvasElement.prototype.toDataURL;
|
|
192
193
|
const originalGetImageData = CanvasRenderingContext2D.prototype.getImageData;
|
|
193
|
-
const addNoise = (imageData) => {
|
|
194
|
-
const data = imageData.data;
|
|
195
|
-
if (data) {
|
|
196
|
-
for (let i = 0; i < data.length; i += 4) {
|
|
197
|
-
data[i] = data[i] ^ 1;
|
|
198
|
-
data[i + 1] = data[i + 1] ^ 1;
|
|
199
|
-
data[i + 2] = data[i + 2] ^ 1;
|
|
200
|
-
}
|
|
201
|
-
}
|
|
202
|
-
return imageData;
|
|
203
|
-
};
|
|
204
194
|
HTMLCanvasElement.prototype.toDataURL = function (...args) {
|
|
205
195
|
const context = this.getContext('2d');
|
|
206
196
|
if (context) {
|
|
207
197
|
const imageData = context.getImageData(0, 0, this.width, this.height);
|
|
208
|
-
|
|
198
|
+
const data = imageData.data;
|
|
199
|
+
if (data) {
|
|
200
|
+
for (let i = 0; i < data.length; i += 4) {
|
|
201
|
+
data[i] = data[i] ^ 1;
|
|
202
|
+
data[i + 1] = data[i + 1] ^ 1;
|
|
203
|
+
data[i + 2] = data[i + 2] ^ 1;
|
|
204
|
+
}
|
|
205
|
+
}
|
|
209
206
|
context.putImageData(imageData, 0, 0);
|
|
210
207
|
}
|
|
211
208
|
return originalToDataURL.apply(this, args);
|
|
212
209
|
};
|
|
213
210
|
CanvasRenderingContext2D.prototype.getImageData = function (...args) {
|
|
214
211
|
const imageData = originalGetImageData.apply(this, args);
|
|
215
|
-
|
|
212
|
+
const data = imageData.data;
|
|
213
|
+
if (data) {
|
|
214
|
+
for (let i = 0; i < data.length; i += 4) {
|
|
215
|
+
data[i] = data[i] ^ 1;
|
|
216
|
+
data[i + 1] = data[i + 1] ^ 1;
|
|
217
|
+
data[i + 2] = data[i + 2] ^ 1;
|
|
218
|
+
}
|
|
219
|
+
}
|
|
220
|
+
return imageData;
|
|
216
221
|
};
|
|
217
222
|
});
|
|
218
223
|
}
|
|
@@ -18,9 +18,7 @@ export class StealthVerifier {
|
|
|
18
18
|
expected: 'object',
|
|
19
19
|
actual: typeof win.chrome,
|
|
20
20
|
});
|
|
21
|
-
const chromeApp = hasChrome
|
|
22
|
-
? win.chrome.app
|
|
23
|
-
: null;
|
|
21
|
+
const chromeApp = hasChrome ? win.chrome.app : null;
|
|
24
22
|
const hasAppIsInstalled = chromeApp && typeof chromeApp === 'object' && 'isInstalled' in chromeApp;
|
|
25
23
|
results.push({
|
|
26
24
|
name: 'chrome.app.isInstalled',
|