@jshookmcp/jshook 0.2.3 → 0.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +14 -5
- package/README.zh.md +18 -3
- package/dist/packages/extension-sdk/src/bridges/shared.js +2 -2
- package/dist/packages/extension-sdk/src/plugin.d.ts +5 -0
- package/dist/packages/extension-sdk/src/plugin.js +119 -33
- package/dist/packages/extension-sdk/src/workflow.d.ts +171 -0
- package/dist/packages/extension-sdk/src/workflow.js +272 -0
- package/dist/src/config/search-defaults.js +161 -0
- package/dist/src/constants.d.ts +3 -0
- package/dist/src/constants.js +4 -1
- package/dist/src/index.d.ts +1 -1
- package/dist/src/index.js +13 -17
- package/dist/src/modules/analyzer/CodeAnalyzer.d.ts +1 -3
- package/dist/src/modules/analyzer/CodeAnalyzer.js +16 -28
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.d.ts +1 -2
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.js +1 -45
- package/dist/src/modules/analyzer/IntelligentAnalyzer.d.ts +1 -37
- package/dist/src/modules/analyzer/IntelligentAnalyzer.js +9 -142
- package/dist/src/modules/analyzer/PatternDetector.js +3 -3
- package/dist/src/modules/analyzer/PatternDetectorAuthPatterns.js +1 -1
- package/dist/src/modules/browser/BrowserDiscovery.js +2 -2
- package/dist/src/modules/browser/BrowserModeManager.js +11 -10
- package/dist/src/modules/browser/BrowserPool.d.ts +49 -0
- package/dist/src/modules/browser/BrowserPool.js +288 -0
- package/dist/src/modules/browser/TabRegistry.js +2 -2
- package/dist/src/modules/browser/UnifiedBrowserManager.d.ts +1 -0
- package/dist/src/modules/browser/UnifiedBrowserManager.js +18 -3
- package/dist/src/modules/captcha/AICaptchaDetector.d.ts +1 -10
- package/dist/src/modules/captcha/AICaptchaDetector.js +7 -201
- package/dist/src/modules/collector/CodeCollector.js +4 -5
- package/dist/src/modules/collector/DOMInspector.js +48 -58
- package/dist/src/modules/collector/PageController.d.ts +17 -4
- package/dist/src/modules/collector/PageController.js +2 -5
- package/dist/src/modules/collector/PageScriptCollectors.js +3 -3
- package/dist/src/modules/crypto/CryptoDetector.d.ts +1 -4
- package/dist/src/modules/crypto/CryptoDetector.js +2 -42
- package/dist/src/modules/crypto/CryptoRules.js +1 -1
- package/dist/src/modules/debugger/BlackboxManager.js +1 -1
- package/dist/src/modules/debugger/DebuggerManager.impl.core.scope.js +1 -1
- package/dist/src/modules/debugger/ScriptManager.impl.extract-function-tree.js +4 -2
- package/dist/src/modules/debugger/WatchExpressionManager.js +1 -1
- package/dist/src/modules/deobfuscator/AdvancedDeobfuscator.d.ts +5 -0
- package/dist/src/modules/deobfuscator/AdvancedDeobfuscator.js +43 -2
- package/dist/src/modules/deobfuscator/Deobfuscator.d.ts +1 -4
- package/dist/src/modules/deobfuscator/Deobfuscator.js +9 -39
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.d.ts +0 -3
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.js +2 -8
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.d.ts +1 -2
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.js +3 -55
- package/dist/src/modules/deobfuscator/JScramblerDeobfuscator.js +3 -4
- package/dist/src/modules/deobfuscator/VMDeobfuscator.d.ts +2 -10
- package/dist/src/modules/deobfuscator/VMDeobfuscator.js +3 -128
- package/dist/src/modules/deobfuscator/webcrack.js +15 -2
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.d.ts +5 -8
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.js +10 -102
- package/dist/src/modules/emulator/EnvironmentEmulator.d.ts +1 -5
- package/dist/src/modules/emulator/EnvironmentEmulator.js +7 -91
- package/dist/src/modules/emulator/EnvironmentEmulatorFetch.js +58 -61
- package/dist/src/modules/emulator/templates/chrome-env.d.ts +17 -7
- package/dist/src/modules/emulator/templates/chrome-env.js +14 -7
- package/dist/src/modules/external/ExternalToolRunner.js +25 -22
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.compose.js +5 -5
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.network.js +311 -311
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.runtime.js +410 -410
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.storage.js +122 -122
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.d.ts +13 -0
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.js +42 -0
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.dynamic.js +194 -194
- package/dist/src/modules/monitor/FetchInterceptor.d.ts +46 -0
- package/dist/src/modules/monitor/FetchInterceptor.js +191 -0
- package/dist/src/modules/monitor/PerformanceMonitor.js +8 -7
- package/dist/src/modules/monitor/PlaywrightNetworkMonitor.js +62 -62
- package/dist/src/modules/process/BaseMemoryManager.d.ts +1 -1
- package/dist/src/modules/process/LinuxProcessManager.js +2 -0
- package/dist/src/modules/process/MacProcessManager.js +25 -25
- package/dist/src/modules/process/MemoryManager.d.ts +1 -1
- package/dist/src/modules/process/MemoryManager.js +2 -2
- package/dist/src/modules/process/memory/AuditTrail.js +1 -1
- package/dist/src/modules/process/memory/availability.js +49 -49
- package/dist/src/modules/process/memory/injector.js +185 -185
- package/dist/src/modules/process/memory/reader.js +85 -53
- package/dist/src/modules/process/memory/regions.dump.js +51 -51
- package/dist/src/modules/process/memory/regions.enumerate.js +108 -108
- package/dist/src/modules/process/memory/regions.modules.js +80 -80
- package/dist/src/modules/process/memory/regions.protection.js +148 -115
- package/dist/src/modules/process/memory/scanner.d.ts +5 -1
- package/dist/src/modules/process/memory/scanner.darwin.js +98 -41
- package/dist/src/modules/process/memory/scanner.js +88 -4
- package/dist/src/modules/process/memory/scanner.windows.js +124 -124
- package/dist/src/modules/process/memory/writer.js +98 -58
- package/dist/src/modules/security/ExecutionSandbox.js +51 -52
- package/dist/src/modules/stealth/FingerprintManager.js +1 -1
- package/dist/src/modules/stealth/StealthScripts.d.ts +1 -0
- package/dist/src/modules/stealth/StealthScripts.js +18 -13
- package/dist/src/modules/stealth/StealthVerifier.js +1 -3
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.d.ts +14 -0
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.js +181 -2
- package/dist/src/modules/trace/TraceDB.js +75 -69
- package/dist/src/modules/trace/TraceRecorder.js +1 -5
- package/dist/src/native/AntiCheatDetector.js +67 -16
- package/dist/src/native/CodeInjector.js +3 -3
- package/dist/src/native/HardwareBreakpoint.js +24 -15
- package/dist/src/native/HeapAnalyzer.js +2 -2
- package/dist/src/native/MemoryController.js +1 -1
- package/dist/src/native/MemoryScanSession.js +2 -2
- package/dist/src/native/MemoryScanner.js +4 -8
- package/dist/src/native/NativeMemoryManager.impl.js +2 -2
- package/dist/src/native/PEAnalyzer.js +14 -15
- package/dist/src/native/PointerChainEngine.js +2 -4
- package/dist/src/native/ScriptLoader.js +4 -9
- package/dist/src/native/Speedhack.js +1 -1
- package/dist/src/native/StructureAnalyzer.js +52 -33
- package/dist/src/native/Win32API.d.ts +1 -0
- package/dist/src/native/Win32API.js +13 -0
- package/dist/src/native/Win32Debug.js +19 -19
- package/dist/src/native/platform/darwin/DarwinAPI.d.ts +2 -0
- package/dist/src/native/platform/darwin/DarwinAPI.js +8 -0
- package/dist/src/native/platform/darwin/DarwinMemoryProvider.js +6 -1
- package/dist/src/server/MCPServer.context.d.ts +3 -1
- package/dist/src/server/MCPServer.d.ts +2 -1
- package/dist/src/server/MCPServer.domain.d.ts +1 -1
- package/dist/src/server/MCPServer.domain.js +81 -16
- package/dist/src/server/MCPServer.js +41 -14
- package/dist/src/server/MCPServer.resources.d.ts +2 -0
- package/dist/src/server/MCPServer.resources.js +91 -0
- package/dist/src/server/MCPServer.search.handlers.call.js +2 -1
- package/dist/src/server/MCPServer.search.helpers.js +1 -1
- package/dist/src/server/MCPServer.transport.js +12 -0
- package/dist/src/server/ToolCallContextGuard.js +8 -0
- package/dist/src/server/ToolRouter.d.ts +25 -9
- package/dist/src/server/ToolRouter.intent.d.ts +26 -0
- package/dist/src/server/ToolRouter.intent.js +77 -0
- package/dist/src/server/ToolRouter.js +103 -284
- package/dist/src/server/ToolRouter.policy.d.ts +22 -0
- package/dist/src/server/ToolRouter.policy.js +163 -0
- package/dist/src/server/ToolRouter.probe.d.ts +17 -0
- package/dist/src/server/ToolRouter.probe.js +103 -0
- package/dist/src/server/ToolRouter.renderer.d.ts +9 -0
- package/dist/src/server/ToolRouter.renderer.js +52 -0
- package/dist/src/server/activation/ActivationController.js +15 -12
- package/dist/src/server/activation/CompoundConditionEngine.js +1 -1
- package/dist/src/server/activation/PredictiveBooster.js +1 -3
- package/dist/src/server/domains/analysis/definitions.js +155 -655
- package/dist/src/server/domains/analysis/handlers.impl.js +26 -20
- package/dist/src/server/domains/analysis/handlers.web-tools.js +2 -1
- package/dist/src/server/domains/analysis/manifest.js +6 -4
- package/dist/src/server/domains/antidebug/definitions.js +25 -111
- package/dist/src/server/domains/browser/definitions.tools.advanced.js +59 -88
- package/dist/src/server/domains/browser/definitions.tools.behavior.js +120 -227
- package/dist/src/server/domains/browser/definitions.tools.page-core.js +210 -439
- package/dist/src/server/domains/browser/definitions.tools.page-system.js +108 -250
- package/dist/src/server/domains/browser/definitions.tools.runtime.js +98 -211
- package/dist/src/server/domains/browser/definitions.tools.security.js +194 -339
- package/dist/src/server/domains/browser/handlers/camoufox-browser.js +3 -2
- package/dist/src/server/domains/browser/handlers/captcha-solver.js +3 -3
- package/dist/src/server/domains/browser/handlers/dom-query.js +2 -1
- package/dist/src/server/domains/browser/handlers/framework-state.js +27 -9
- package/dist/src/server/domains/browser/handlers/indexeddb-dump.js +21 -20
- package/dist/src/server/domains/browser/handlers/script-management.js +1 -1
- package/dist/src/server/domains/browser/handlers/stealth-injection.d.ts +1 -0
- package/dist/src/server/domains/browser/handlers/stealth-injection.js +3 -0
- package/dist/src/server/domains/browser/handlers.impl.d.ts +1 -2
- package/dist/src/server/domains/browser/handlers.impl.js +2 -3
- package/dist/src/server/domains/browser/manifest.js +37 -13
- package/dist/src/server/domains/coordination/definitions.js +50 -216
- package/dist/src/server/domains/coordination/index.d.ts +2 -1
- package/dist/src/server/domains/coordination/index.js +1 -0
- package/dist/src/server/domains/debugger/definitions.tools.advanced.js +72 -189
- package/dist/src/server/domains/debugger/definitions.tools.core.js +114 -288
- package/dist/src/server/domains/debugger/manifest.js +9 -2
- package/dist/src/server/domains/encoding/definitions.js +43 -153
- package/dist/src/server/domains/encoding/handlers.base.js +2 -2
- package/dist/src/server/domains/evidence/definitions.d.ts +2 -0
- package/dist/src/server/domains/evidence/definitions.js +42 -0
- package/dist/src/server/domains/evidence/handlers.d.ts +582 -0
- package/dist/src/server/domains/evidence/handlers.js +60 -0
- package/dist/src/server/domains/evidence/index.d.ts +2 -0
- package/dist/src/server/domains/evidence/index.js +2 -0
- package/dist/src/server/domains/evidence/manifest.d.ts +63 -0
- package/dist/src/server/domains/evidence/manifest.js +78 -0
- package/dist/src/server/domains/graphql/definitions.js +53 -141
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.replay.js +92 -114
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.shared.js +77 -77
- package/dist/src/server/domains/hooks/ai-handlers.d.ts +0 -7
- package/dist/src/server/domains/hooks/ai-handlers.js +1 -67
- package/dist/src/server/domains/hooks/definitions.js +69 -335
- package/dist/src/server/domains/hooks/manifest.d.ts +1 -1
- package/dist/src/server/domains/hooks/manifest.js +1 -2
- package/dist/src/server/domains/instrumentation/definitions.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/definitions.js +99 -0
- package/dist/src/server/domains/instrumentation/handlers.d.ts +78 -0
- package/dist/src/server/domains/instrumentation/handlers.js +206 -0
- package/dist/src/server/domains/instrumentation/index.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/index.js +2 -0
- package/dist/src/server/domains/instrumentation/manifest.d.ts +63 -0
- package/dist/src/server/domains/instrumentation/manifest.js +114 -0
- package/dist/src/server/domains/macro/definitions.js +16 -43
- package/dist/src/server/domains/maintenance/definitions.js +60 -219
- package/dist/src/server/domains/maintenance/handlers.extensions.js +78 -20
- package/dist/src/server/domains/memory/definitions.js +387 -559
- package/dist/src/server/domains/memory/handlers/hooks.d.ts +55 -0
- package/dist/src/server/domains/memory/handlers/hooks.js +115 -0
- package/dist/src/server/domains/memory/handlers/integrity.d.ts +77 -0
- package/dist/src/server/domains/memory/handlers/integrity.js +180 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.js +82 -0
- package/dist/src/server/domains/memory/handlers/readwrite.d.ts +41 -0
- package/dist/src/server/domains/memory/handlers/readwrite.js +78 -0
- package/dist/src/server/domains/memory/handlers/scan.d.ts +35 -0
- package/dist/src/server/domains/memory/handlers/scan.js +97 -0
- package/dist/src/server/domains/memory/handlers/session.d.ts +23 -0
- package/dist/src/server/domains/memory/handlers/session.js +49 -0
- package/dist/src/server/domains/memory/handlers/structure.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/structure.js +74 -0
- package/dist/src/server/domains/memory/handlers.impl.d.ts +49 -54
- package/dist/src/server/domains/memory/handlers.impl.js +63 -494
- package/dist/src/server/domains/memory/manifest.js +236 -64
- package/dist/src/server/domains/native-bridge/definitions.js +54 -192
- package/dist/src/server/domains/native-bridge/index.d.ts +1 -0
- package/dist/src/server/domains/native-bridge/index.js +2 -1
- package/dist/src/server/domains/network/auth-extractor.js +1 -1
- package/dist/src/server/domains/network/definitions.js +175 -578
- package/dist/src/server/domains/network/handlers.base.core.d.ts +64 -0
- package/dist/src/server/domains/network/handlers.base.core.js +623 -0
- package/dist/src/server/domains/network/handlers.base.d.ts +2 -124
- package/dist/src/server/domains/network/handlers.base.js +3 -878
- package/dist/src/server/domains/network/handlers.base.performance.d.ts +63 -0
- package/dist/src/server/domains/network/handlers.base.performance.js +193 -0
- package/dist/src/server/domains/network/handlers.base.types.d.ts +42 -0
- package/dist/src/server/domains/network/handlers.base.types.js +89 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.d.ts +1 -1
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.d.ts +21 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.js +186 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.js +1 -1
- package/dist/src/server/domains/network/manifest.js +15 -0
- package/dist/src/server/domains/network/replay.js +1 -4
- package/dist/src/server/domains/platform/definitions.js +121 -112
- package/dist/src/server/domains/platform/handlers/bridge-handlers.d.ts +4 -0
- package/dist/src/server/domains/platform/handlers/bridge-handlers.js +193 -4
- package/dist/src/server/domains/platform/handlers/electron-asar-helpers.js +26 -6
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.js +170 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.js +193 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.d.ts +6 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.js +95 -2
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.js +370 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.js +78 -0
- package/dist/src/server/domains/platform/handlers/miniapp-handlers.js +3 -3
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.js +207 -0
- package/dist/src/server/domains/platform/handlers.d.ts +48 -0
- package/dist/src/server/domains/platform/handlers.js +29 -0
- package/dist/src/server/domains/platform/manifest.js +38 -0
- package/dist/src/server/domains/process/definitions.js +163 -647
- package/dist/src/server/domains/process/handlers.base.d.ts +3 -95
- package/dist/src/server/domains/process/handlers.base.js +7 -462
- package/dist/src/server/domains/process/handlers.base.process.d.ts +61 -0
- package/dist/src/server/domains/process/handlers.base.process.js +417 -0
- package/dist/src/server/domains/process/handlers.base.types.d.ts +57 -0
- package/dist/src/server/domains/process/handlers.base.types.js +50 -0
- package/dist/src/server/domains/process/handlers.impl.core.runtime.inject.js +18 -16
- package/dist/src/server/domains/process/manifest.js +6 -1
- package/dist/src/server/domains/sandbox/definitions.js +11 -33
- package/dist/src/server/domains/sandbox/handlers.js +8 -3
- package/dist/src/server/domains/shared/ResponseBuilder.d.ts +209 -0
- package/dist/src/server/domains/shared/ResponseBuilder.js +48 -0
- package/dist/src/server/domains/shared/modules.d.ts +0 -2
- package/dist/src/server/domains/shared/modules.js +0 -1
- package/dist/src/server/domains/shared-state-board/definitions.d.ts +2 -0
- package/dist/src/server/domains/shared-state-board/definitions.js +78 -0
- package/dist/src/server/domains/shared-state-board/handlers.impl.d.ts +58 -0
- package/dist/src/server/domains/shared-state-board/handlers.impl.js +419 -0
- package/dist/src/server/domains/shared-state-board/index.d.ts +2 -0
- package/dist/src/server/domains/shared-state-board/index.js +2 -0
- package/dist/src/server/domains/shared-state-board/manifest.d.ts +57 -0
- package/dist/src/server/domains/shared-state-board/manifest.js +74 -0
- package/dist/src/server/domains/sourcemap/definitions.js +27 -111
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-common.js +7 -2
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-main.js +1 -1
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-parse-base.js +1 -1
- package/dist/src/server/domains/sourcemap/manifest.d.ts +1 -1
- package/dist/src/server/domains/sourcemap/manifest.js +1 -1
- package/dist/src/server/domains/streaming/definitions.js +36 -148
- package/dist/src/server/domains/streaming/handlers.impl.streaming-sse.js +163 -164
- package/dist/src/server/domains/streaming/handlers.impl.streaming-ws.js +1 -1
- package/dist/src/server/domains/trace/TraceSummarizer.js +8 -5
- package/dist/src/server/domains/trace/definitions.tools.js +51 -206
- package/dist/src/server/domains/trace/handlers.js +10 -12
- package/dist/src/server/domains/trace/index.d.ts +2 -1
- package/dist/src/server/domains/trace/index.js +2 -1
- package/dist/src/server/domains/trace/manifest.js +15 -3
- package/dist/src/server/domains/transform/definitions.js +50 -210
- package/dist/src/server/domains/transform/handlers.impl.transform-base.js +108 -108
- package/dist/src/server/domains/transform/handlers.impl.transform-crypto.js +18 -19
- package/dist/src/server/domains/transform/manifest.d.ts +1 -1
- package/dist/src/server/domains/transform/manifest.js +1 -1
- package/dist/src/server/domains/wasm/definitions.js +55 -232
- package/dist/src/server/domains/wasm/handlers.js +1 -1
- package/dist/src/server/domains/workflow/definitions.js +144 -414
- package/dist/src/server/domains/workflow/handlers.impl.workflow-account-bundle.js +1 -1
- package/dist/src/server/domains/workflow/handlers.impl.workflow-api.js +51 -51
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.d.ts +2 -0
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.js +126 -87
- package/dist/src/server/domains/workflow/handlers.impl.workflow-batch.js +5 -5
- package/dist/src/server/evidence/ReverseEvidenceGraph.d.ts +20 -0
- package/dist/src/server/evidence/ReverseEvidenceGraph.js +208 -0
- package/dist/src/server/evidence/index.d.ts +2 -0
- package/dist/src/server/evidence/index.js +1 -0
- package/dist/src/server/evidence/types.d.ts +22 -0
- package/dist/src/server/evidence/types.js +1 -0
- package/dist/src/server/extensions/ExtensionManager.d.ts +1 -0
- package/dist/src/server/extensions/ExtensionManager.discovery.js +72 -9
- package/dist/src/server/extensions/ExtensionManager.integrity.js +1 -1
- package/dist/src/server/extensions/ExtensionManager.js +193 -40
- package/dist/src/server/extensions/ExtensionManager.roots.d.ts +1 -1
- package/dist/src/server/extensions/ExtensionManager.roots.js +4 -4
- package/dist/src/server/extensions/plugin-config.js +1 -1
- package/dist/src/server/extensions/plugin-env.d.ts +1 -1
- package/dist/src/server/extensions/plugin-env.js +10 -4
- package/dist/src/server/extensions/types.d.ts +17 -0
- package/dist/src/server/extensions/types.js +1 -1
- package/dist/src/server/http/SseStream.d.ts +21 -0
- package/dist/src/server/http/SseStream.js +129 -0
- package/dist/src/server/instrumentation/EvidenceGraphBridge.d.ts +13 -0
- package/dist/src/server/instrumentation/EvidenceGraphBridge.js +150 -0
- package/dist/src/server/instrumentation/InstrumentationSession.d.ts +60 -0
- package/dist/src/server/instrumentation/InstrumentationSession.js +269 -0
- package/dist/src/server/instrumentation/index.d.ts +2 -0
- package/dist/src/server/instrumentation/index.js +2 -0
- package/dist/src/server/instrumentation/types.d.ts +62 -0
- package/dist/src/server/instrumentation/types.js +7 -0
- package/dist/src/server/macros/MacroConfigLoader.d.ts +6 -5
- package/dist/src/server/macros/MacroConfigLoader.js +61 -59
- package/dist/src/server/macros/MacroRunner.js +6 -2
- package/dist/src/server/macros/builtins/index.d.ts +2 -3
- package/dist/src/server/macros/builtins/index.js +51 -7
- package/dist/src/server/plugins/PluginContract.d.ts +1 -1
- package/dist/src/server/registry/contracts.d.ts +1 -1
- package/dist/src/server/registry/discovery.js +5 -4
- package/dist/src/server/registry/ensure-browser-core.js +0 -3
- package/dist/src/server/registry/index.js +4 -4
- package/dist/src/server/registry/tool-builder.d.ts +46 -0
- package/dist/src/server/registry/tool-builder.js +105 -0
- package/dist/src/server/sandbox/QuickJSSandbox.js +16 -5
- package/dist/src/server/sandbox/SandboxHelpers.js +250 -250
- package/dist/src/server/search/EmbeddingWorker.js +5 -3
- package/dist/src/server/search/FeedbackTracker.d.ts +9 -0
- package/dist/src/server/search/FeedbackTracker.js +26 -0
- package/dist/src/server/search/QueryNormalizer.d.ts +6 -0
- package/dist/src/server/search/QueryNormalizer.js +94 -0
- package/dist/src/server/search/ToolSearchEngineImpl.d.ts +2 -3
- package/dist/src/server/search/ToolSearchEngineImpl.js +38 -88
- package/dist/src/server/teams/TeamManager.d.ts +43 -0
- package/dist/src/server/teams/TeamManager.js +238 -0
- package/dist/src/server/teams/index.d.ts +1 -0
- package/dist/src/server/teams/index.js +1 -0
- package/dist/src/server/workflows/WorkflowContract.d.ts +44 -4
- package/dist/src/server/workflows/WorkflowContract.js +52 -0
- package/dist/src/server/workflows/WorkflowEngine.d.ts +1 -0
- package/dist/src/server/workflows/WorkflowEngine.js +314 -4
- package/dist/src/types/config.d.ts +0 -14
- package/dist/src/types/deobfuscator.d.ts +1 -1
- package/dist/src/types/index.d.ts +1 -1
- package/dist/src/utils/DetailedDataManager.js +2 -0
- package/dist/src/utils/RingBuffer.js +5 -5
- package/dist/src/utils/TokenBudgetManager.js +1 -1
- package/dist/src/utils/UnifiedCacheManager.js +1 -1
- package/dist/src/utils/artifactRetention.js +2 -2
- package/dist/src/utils/betterSqlite3.d.ts +11 -0
- package/dist/src/utils/betterSqlite3.js +88 -0
- package/dist/src/utils/browserExecutable.js +2 -2
- package/dist/src/utils/cache/CachedDecorator.d.ts +8 -0
- package/dist/src/utils/cache/CachedDecorator.js +55 -0
- package/dist/src/utils/cache/PersistentCache.d.ts +33 -0
- package/dist/src/utils/cache/PersistentCache.js +246 -0
- package/dist/src/utils/cache/index.d.ts +2 -0
- package/dist/src/utils/cache/index.js +2 -0
- package/dist/src/utils/cliFastPath.js +5 -8
- package/dist/src/utils/config.js +4 -26
- package/dist/src/utils/environmentDoctor.js +138 -11
- package/dist/src/utils/outputPaths.js +16 -9
- package/dist/src/utils/parallel.js +1 -3
- package/package.json +82 -81
- package/scripts/postinstall.cjs +54 -27
- package/workflows/.gitkeep +0 -0
- package/workflows/anti-bot-diagnoser/.jshook-install.json +14 -0
- package/workflows/anti-bot-diagnoser/LICENSE +21 -0
- package/workflows/anti-bot-diagnoser/README.md +105 -0
- package/workflows/anti-bot-diagnoser/docs/agent-recipes.md +44 -0
- package/workflows/anti-bot-diagnoser/meta.yaml +6 -0
- package/workflows/anti-bot-diagnoser/package.json +22 -0
- package/workflows/anti-bot-diagnoser/tsconfig.json +15 -0
- package/workflows/anti-bot-diagnoser/workflow.ts +224 -0
- package/workflows/api-openapi-probe/.jshook-install.json +14 -0
- package/workflows/api-openapi-probe/meta.yaml +6 -0
- package/workflows/api-openapi-probe/package.json +22 -0
- package/workflows/api-openapi-probe/pnpm-lock.yaml +819 -0
- package/workflows/api-openapi-probe/tsconfig.json +15 -0
- package/workflows/api-openapi-probe/workflow.ts +40 -0
- package/workflows/api-probe-batch/.jshook-install.json +14 -0
- package/workflows/api-probe-batch/LICENSE +21 -0
- package/workflows/api-probe-batch/README.md +45 -0
- package/workflows/api-probe-batch/meta.yaml +4 -0
- package/workflows/api-probe-batch/package.json +23 -0
- package/workflows/api-probe-batch/tsconfig.json +16 -0
- package/workflows/api-probe-batch/workflow.ts +111 -0
- package/workflows/auth-bootstrap/.jshook-install.json +14 -0
- package/workflows/auth-bootstrap/LICENSE +21 -0
- package/workflows/auth-bootstrap/README.md +74 -0
- package/workflows/auth-bootstrap/meta.yaml +4 -0
- package/workflows/auth-bootstrap/package.json +23 -0
- package/workflows/auth-bootstrap/tsconfig.json +16 -0
- package/workflows/auth-bootstrap/workflow.ts +141 -0
- package/workflows/auth-extract/.jshook-install.json +14 -0
- package/workflows/auth-extract/meta.yaml +6 -0
- package/workflows/auth-extract/package.json +22 -0
- package/workflows/auth-extract/pnpm-lock.yaml +819 -0
- package/workflows/auth-extract/tsconfig.json +15 -0
- package/workflows/auth-extract/workflow.ts +36 -0
- package/workflows/auth-surface-mapper/.jshook-install.json +14 -0
- package/workflows/auth-surface-mapper/meta.yaml +6 -0
- package/workflows/auth-surface-mapper/package.json +22 -0
- package/workflows/auth-surface-mapper/pnpm-lock.yaml +819 -0
- package/workflows/auth-surface-mapper/tsconfig.json +15 -0
- package/workflows/auth-surface-mapper/workflow.ts +104 -0
- package/workflows/batch-register/.jshook-install.json +14 -0
- package/workflows/batch-register/LICENSE +21 -0
- package/workflows/batch-register/README.md +39 -0
- package/workflows/batch-register/meta.yaml +4 -0
- package/workflows/batch-register/package.json +23 -0
- package/workflows/batch-register/tsconfig.json +16 -0
- package/workflows/batch-register/workflow.ts +67 -0
- package/workflows/bundle-recovery/.jshook-install.json +14 -0
- package/workflows/bundle-recovery/LICENSE +21 -0
- package/workflows/bundle-recovery/README.md +105 -0
- package/workflows/bundle-recovery/docs/agent-recipes.md +44 -0
- package/workflows/bundle-recovery/meta.yaml +6 -0
- package/workflows/bundle-recovery/package.json +22 -0
- package/workflows/bundle-recovery/tsconfig.json +15 -0
- package/workflows/bundle-recovery/workflow.ts +179 -0
- package/workflows/challenge-detector/.jshook-install.json +14 -0
- package/workflows/challenge-detector/meta.yaml +14 -0
- package/workflows/challenge-detector/package.json +22 -0
- package/workflows/challenge-detector/pnpm-lock.yaml +819 -0
- package/workflows/challenge-detector/tsconfig.json +15 -0
- package/workflows/challenge-detector/workflow.ts +298 -0
- package/workflows/deobfuscation-pipeline/.jshook-install.json +14 -0
- package/workflows/deobfuscation-pipeline/meta.yaml +6 -0
- package/workflows/deobfuscation-pipeline/package.json +22 -0
- package/workflows/deobfuscation-pipeline/pnpm-lock.yaml +819 -0
- package/workflows/deobfuscation-pipeline/tsconfig.json +15 -0
- package/workflows/deobfuscation-pipeline/workflow.ts +119 -0
- package/workflows/electron-bridge-mapper/.jshook-install.json +14 -0
- package/workflows/electron-bridge-mapper/meta.yaml +6 -0
- package/workflows/electron-bridge-mapper/package.json +22 -0
- package/workflows/electron-bridge-mapper/pnpm-lock.yaml +819 -0
- package/workflows/electron-bridge-mapper/tsconfig.json +15 -0
- package/workflows/electron-bridge-mapper/workflow.ts +125 -0
- package/workflows/evidence-pack/.jshook-install.json +14 -0
- package/workflows/evidence-pack/LICENSE +21 -0
- package/workflows/evidence-pack/README.md +105 -0
- package/workflows/evidence-pack/docs/agent-recipes.md +44 -0
- package/workflows/evidence-pack/meta.yaml +6 -0
- package/workflows/evidence-pack/package.json +22 -0
- package/workflows/evidence-pack/tsconfig.json +15 -0
- package/workflows/evidence-pack/workflow.ts +154 -0
- package/workflows/js-bundle-search/.jshook-install.json +14 -0
- package/workflows/js-bundle-search/LICENSE +21 -0
- package/workflows/js-bundle-search/README.md +46 -0
- package/workflows/js-bundle-search/meta.yaml +4 -0
- package/workflows/js-bundle-search/package.json +23 -0
- package/workflows/js-bundle-search/tsconfig.json +16 -0
- package/workflows/js-bundle-search/workflow.ts +118 -0
- package/workflows/protocol-registry/.jshook-install.json +14 -0
- package/workflows/protocol-registry/meta.yaml +6 -0
- package/workflows/protocol-registry/package.json +22 -0
- package/workflows/protocol-registry/pnpm-lock.yaml +819 -0
- package/workflows/protocol-registry/tsconfig.json +15 -0
- package/workflows/protocol-registry/workflow.ts +107 -0
- package/workflows/qwen-mail-open-latest/meta.yaml +7 -0
- package/workflows/qwen-mail-open-latest/package.json +22 -0
- package/workflows/qwen-mail-open-latest/pnpm-lock.yaml +819 -0
- package/workflows/qwen-mail-open-latest/tsconfig.json +15 -0
- package/workflows/qwen-mail-open-latest/workflow.ts +77 -0
- package/workflows/register-account-flow/.jshook-install.json +14 -0
- package/workflows/register-account-flow/LICENSE +21 -0
- package/workflows/register-account-flow/README.md +64 -0
- package/workflows/register-account-flow/meta.yaml +4 -0
- package/workflows/register-account-flow/package.json +23 -0
- package/workflows/register-account-flow/tsconfig.json +16 -0
- package/workflows/register-account-flow/workflow.ts +127 -0
- package/workflows/replay-lab/.jshook-install.json +14 -0
- package/workflows/replay-lab/meta.yaml +6 -0
- package/workflows/replay-lab/package.json +22 -0
- package/workflows/replay-lab/pnpm-lock.yaml +819 -0
- package/workflows/replay-lab/tsconfig.json +15 -0
- package/workflows/replay-lab/workflow.ts +106 -0
- package/workflows/script-evidence-scan/.jshook-install.json +14 -0
- package/workflows/script-evidence-scan/LICENSE +21 -0
- package/workflows/script-evidence-scan/README.md +61 -0
- package/workflows/script-evidence-scan/meta.yaml +4 -0
- package/workflows/script-evidence-scan/package.json +23 -0
- package/workflows/script-evidence-scan/tsconfig.json +16 -0
- package/workflows/script-evidence-scan/workflow.ts +89 -0
- package/workflows/signature-hunter/.jshook-install.json +14 -0
- package/workflows/signature-hunter/LICENSE +21 -0
- package/workflows/signature-hunter/README.md +105 -0
- package/workflows/signature-hunter/docs/agent-recipes.md +44 -0
- package/workflows/signature-hunter/meta.yaml +6 -0
- package/workflows/signature-hunter/package.json +22 -0
- package/workflows/signature-hunter/tsconfig.json +15 -0
- package/workflows/signature-hunter/workflow.ts +170 -0
- package/workflows/signing-lineage/.jshook-install.json +14 -0
- package/workflows/signing-lineage/meta.yaml +6 -0
- package/workflows/signing-lineage/package.json +22 -0
- package/workflows/signing-lineage/pnpm-lock.yaml +819 -0
- package/workflows/signing-lineage/tsconfig.json +15 -0
- package/workflows/signing-lineage/workflow.ts +120 -0
- package/workflows/temp-mail-extract-link/.jshook-install.json +14 -0
- package/workflows/temp-mail-extract-link/LICENSE +21 -0
- package/workflows/temp-mail-extract-link/README.md +71 -0
- package/workflows/temp-mail-extract-link/meta.yaml +4 -0
- package/workflows/temp-mail-extract-link/package.json +23 -0
- package/workflows/temp-mail-extract-link/tsconfig.json +16 -0
- package/workflows/temp-mail-extract-link/workflow.ts +221 -0
- package/workflows/temp-mail-open-latest/.jshook-install.json +14 -0
- package/workflows/temp-mail-open-latest/LICENSE +21 -0
- package/workflows/temp-mail-open-latest/README.md +61 -0
- package/workflows/temp-mail-open-latest/meta.yaml +4 -0
- package/workflows/temp-mail-open-latest/package.json +23 -0
- package/workflows/temp-mail-open-latest/tsconfig.json +16 -0
- package/workflows/temp-mail-open-latest/workflow.ts +136 -0
- package/workflows/template/.jshook-install.json +14 -0
- package/workflows/template/LICENSE +21 -0
- package/workflows/template/README.md +45 -0
- package/workflows/template/docs/SKILL.md +111 -0
- package/workflows/template/meta.yaml +6 -0
- package/workflows/template/package.json +22 -0
- package/workflows/template/pnpm-lock.yaml +819 -0
- package/workflows/template/tsconfig.json +15 -0
- package/workflows/template/workflow.ts +73 -0
- package/workflows/web-api-capture-session/.jshook-install.json +14 -0
- package/workflows/web-api-capture-session/LICENSE +21 -0
- package/workflows/web-api-capture-session/README.md +64 -0
- package/workflows/web-api-capture-session/meta.yaml +4 -0
- package/workflows/web-api-capture-session/package.json +23 -0
- package/workflows/web-api-capture-session/tsconfig.json +16 -0
- package/workflows/web-api-capture-session/workflow.ts +124 -0
- package/workflows/ws-protocol-lifter/.jshook-install.json +14 -0
- package/workflows/ws-protocol-lifter/LICENSE +21 -0
- package/workflows/ws-protocol-lifter/README.md +105 -0
- package/workflows/ws-protocol-lifter/docs/agent-recipes.md +44 -0
- package/workflows/ws-protocol-lifter/meta.yaml +6 -0
- package/workflows/ws-protocol-lifter/package.json +22 -0
- package/workflows/ws-protocol-lifter/tsconfig.json +15 -0
- package/workflows/ws-protocol-lifter/workflow.ts +163 -0
- package/dist/src/modules/analyzer/AISummarizer.d.ts +0 -39
- package/dist/src/modules/analyzer/AISummarizer.js +0 -122
- package/dist/src/modules/hook/AIHookGenerator.d.ts +0 -52
- package/dist/src/modules/hook/AIHookGenerator.js +0 -360
- package/dist/src/modules/hook/AIHookGeneratorTemplates.d.ts +0 -9
- package/dist/src/modules/hook/AIHookGeneratorTemplates.js +0 -157
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.js +0 -25
- package/dist/src/server/macros/builtins/unpacker-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/unpacker-flow.js +0 -25
- package/dist/src/services/LLMService.d.ts +0 -37
- package/dist/src/services/LLMService.js +0 -233
- package/dist/src/services/prompts/analysis.d.ts +0 -9
- package/dist/src/services/prompts/analysis.js +0 -158
- package/dist/src/services/prompts/crypto.d.ts +0 -2
- package/dist/src/services/prompts/crypto.js +0 -108
- package/dist/src/services/prompts/deobfuscation.d.ts +0 -6
- package/dist/src/services/prompts/deobfuscation.js +0 -300
- package/dist/src/services/prompts/environment.d.ts +0 -16
- package/dist/src/services/prompts/environment.js +0 -372
- package/dist/src/services/prompts/intelligence.d.ts +0 -4
- package/dist/src/services/prompts/intelligence.js +0 -250
- package/dist/src/services/prompts/taint.d.ts +0 -2
- package/dist/src/services/prompts/taint.js +0 -54
|
@@ -1,117 +1,117 @@
|
|
|
1
1
|
import { readFileSync } from 'fs';
|
|
2
2
|
import { logger } from '../../../utils/logger.js';
|
|
3
3
|
import { execAsync, executePowerShellScript, } from '../../process/memory/types.js';
|
|
4
|
-
import { parseProcMaps, formatLinuxProtection } from './linux/mapsParser.js';
|
|
5
4
|
import { nativeMemoryManager } from '../../../native/NativeMemoryManager.js';
|
|
6
5
|
import { isKoffiAvailable } from '../../../native/NativeMemoryManager.utils.js';
|
|
6
|
+
import { parseProcMaps, formatLinuxProtection } from './linux/mapsParser.js';
|
|
7
7
|
function buildEnumerateRegionsScript(pid) {
|
|
8
|
-
return `
|
|
9
|
-
Add-Type @"
|
|
10
|
-
using System;
|
|
11
|
-
using System.Runtime.InteropServices;
|
|
12
|
-
using System.Collections.Generic;
|
|
13
|
-
using System.ComponentModel;
|
|
14
|
-
|
|
15
|
-
public class RegionEnumerator {
|
|
16
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
17
|
-
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
18
|
-
|
|
19
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
20
|
-
public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr addr, out MEMORY_BASIC_INFORMATION info, int size);
|
|
21
|
-
|
|
22
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
23
|
-
public static extern bool CloseHandle(IntPtr handle);
|
|
24
|
-
|
|
25
|
-
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
26
|
-
|
|
27
|
-
[StructLayout(LayoutKind.Sequential)]
|
|
28
|
-
public struct MEMORY_BASIC_INFORMATION {
|
|
29
|
-
public IntPtr BaseAddress;
|
|
30
|
-
public IntPtr AllocationBase;
|
|
31
|
-
public uint AllocationProtect;
|
|
32
|
-
public IntPtr RegionSize;
|
|
33
|
-
public uint State;
|
|
34
|
-
public uint Protect;
|
|
35
|
-
public uint Type;
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
const uint MEM_COMMIT = 0x1000;
|
|
39
|
-
const uint MEM_FREE = 0x10000;
|
|
40
|
-
const uint MEM_RESERVE = 0x2000;
|
|
41
|
-
const uint PAGE_READONLY = 0x02;
|
|
42
|
-
const uint PAGE_READWRITE = 0x04;
|
|
43
|
-
const uint PAGE_WRITECOPY = 0x08;
|
|
44
|
-
const uint PAGE_EXECUTE = 0x10;
|
|
45
|
-
const uint PAGE_EXECUTE_READ = 0x20;
|
|
46
|
-
const uint PAGE_EXECUTE_READWRITE = 0x40;
|
|
47
|
-
|
|
48
|
-
public static List<object> EnumerateRegions(int pid) {
|
|
49
|
-
var regions = new List<object>();
|
|
50
|
-
IntPtr hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, false, pid);
|
|
51
|
-
if (hProcess == IntPtr.Zero) {
|
|
52
|
-
int error = Marshal.GetLastWin32Error();
|
|
53
|
-
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
try {
|
|
57
|
-
IntPtr addr = IntPtr.Zero;
|
|
58
|
-
MEMORY_BASIC_INFORMATION info;
|
|
59
|
-
int infoSize = Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION));
|
|
60
|
-
int scannedRegions = 0;
|
|
61
|
-
|
|
62
|
-
while (VirtualQueryEx(hProcess, addr, out info, infoSize) == infoSize) {
|
|
63
|
-
scannedRegions++;
|
|
64
|
-
string state = info.State == MEM_COMMIT ? "COMMIT" : (info.State == MEM_RESERVE ? "RESERVE" : (info.State == MEM_FREE ? "FREE" : "UNKNOWN"));
|
|
65
|
-
string protect = GetProtectionString(info.Protect);
|
|
66
|
-
bool isReadable = (info.State == MEM_COMMIT) && ((info.Protect & (PAGE_READONLY | PAGE_READWRITE | PAGE_EXECUTE_READ | PAGE_EXECUTE_READWRITE)) != 0);
|
|
67
|
-
|
|
68
|
-
regions.Add(new {
|
|
69
|
-
baseAddress = "0x" + info.BaseAddress.ToInt64().ToString("X"),
|
|
70
|
-
size = info.RegionSize.ToInt64(),
|
|
71
|
-
state = state,
|
|
72
|
-
protection = protect,
|
|
73
|
-
isReadable = isReadable,
|
|
74
|
-
type = info.Type == 0x1000000 ? "IMAGE" : (info.Type == 0x40000 ? "MAPPED" : "PRIVATE")
|
|
75
|
-
});
|
|
76
|
-
|
|
77
|
-
if (regions.Count >= 10000 || scannedRegions >= 50000) break;
|
|
78
|
-
long baseAddr = info.BaseAddress.ToInt64();
|
|
79
|
-
long regionSize = info.RegionSize.ToInt64();
|
|
80
|
-
if (regionSize <= 0) break;
|
|
81
|
-
long nextAddr = baseAddr + regionSize;
|
|
82
|
-
if (nextAddr <= baseAddr) break;
|
|
83
|
-
addr = new IntPtr(nextAddr);
|
|
84
|
-
if (addr.ToInt64() >= 0x7FFFFFFF0000) break;
|
|
85
|
-
}
|
|
86
|
-
|
|
87
|
-
return regions;
|
|
88
|
-
} finally {
|
|
89
|
-
CloseHandle(hProcess);
|
|
90
|
-
}
|
|
91
|
-
}
|
|
92
|
-
|
|
93
|
-
private static string GetProtectionString(uint protect) {
|
|
94
|
-
if (protect == 0) return "NOACCESS";
|
|
95
|
-
string s = "";
|
|
96
|
-
if ((protect & 0x100) != 0) s += "NOACCESS ";
|
|
97
|
-
if ((protect & PAGE_READONLY) != 0) s += "R ";
|
|
98
|
-
if ((protect & PAGE_READWRITE) != 0) s += "RW ";
|
|
99
|
-
if ((protect & PAGE_WRITECOPY) != 0) s += "W ";
|
|
100
|
-
if ((protect & PAGE_EXECUTE) != 0) s += "X ";
|
|
101
|
-
if ((protect & PAGE_EXECUTE_READ) != 0) s += "RX ";
|
|
102
|
-
if ((protect & PAGE_EXECUTE_READWRITE) != 0) s += "RWX ";
|
|
103
|
-
if ((protect & 0x100) != 0) s += "GUARD ";
|
|
104
|
-
return s.Trim();
|
|
105
|
-
}
|
|
106
|
-
}
|
|
107
|
-
"@
|
|
108
|
-
|
|
109
|
-
try {
|
|
110
|
-
$regions = [RegionEnumerator]::EnumerateRegions(${pid})
|
|
111
|
-
@{ success = $true; regions = $regions; count = $regions.Count } | ConvertTo-Json -Compress -Depth 10
|
|
112
|
-
} catch {
|
|
113
|
-
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
114
|
-
}
|
|
8
|
+
return `
|
|
9
|
+
Add-Type @"
|
|
10
|
+
using System;
|
|
11
|
+
using System.Runtime.InteropServices;
|
|
12
|
+
using System.Collections.Generic;
|
|
13
|
+
using System.ComponentModel;
|
|
14
|
+
|
|
15
|
+
public class RegionEnumerator {
|
|
16
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
17
|
+
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
18
|
+
|
|
19
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
20
|
+
public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr addr, out MEMORY_BASIC_INFORMATION info, int size);
|
|
21
|
+
|
|
22
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
23
|
+
public static extern bool CloseHandle(IntPtr handle);
|
|
24
|
+
|
|
25
|
+
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
26
|
+
|
|
27
|
+
[StructLayout(LayoutKind.Sequential)]
|
|
28
|
+
public struct MEMORY_BASIC_INFORMATION {
|
|
29
|
+
public IntPtr BaseAddress;
|
|
30
|
+
public IntPtr AllocationBase;
|
|
31
|
+
public uint AllocationProtect;
|
|
32
|
+
public IntPtr RegionSize;
|
|
33
|
+
public uint State;
|
|
34
|
+
public uint Protect;
|
|
35
|
+
public uint Type;
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
const uint MEM_COMMIT = 0x1000;
|
|
39
|
+
const uint MEM_FREE = 0x10000;
|
|
40
|
+
const uint MEM_RESERVE = 0x2000;
|
|
41
|
+
const uint PAGE_READONLY = 0x02;
|
|
42
|
+
const uint PAGE_READWRITE = 0x04;
|
|
43
|
+
const uint PAGE_WRITECOPY = 0x08;
|
|
44
|
+
const uint PAGE_EXECUTE = 0x10;
|
|
45
|
+
const uint PAGE_EXECUTE_READ = 0x20;
|
|
46
|
+
const uint PAGE_EXECUTE_READWRITE = 0x40;
|
|
47
|
+
|
|
48
|
+
public static List<object> EnumerateRegions(int pid) {
|
|
49
|
+
var regions = new List<object>();
|
|
50
|
+
IntPtr hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, false, pid);
|
|
51
|
+
if (hProcess == IntPtr.Zero) {
|
|
52
|
+
int error = Marshal.GetLastWin32Error();
|
|
53
|
+
throw new Win32Exception(error, "Failed to open process. Run as Administrator.");
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
try {
|
|
57
|
+
IntPtr addr = IntPtr.Zero;
|
|
58
|
+
MEMORY_BASIC_INFORMATION info;
|
|
59
|
+
int infoSize = Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION));
|
|
60
|
+
int scannedRegions = 0;
|
|
61
|
+
|
|
62
|
+
while (VirtualQueryEx(hProcess, addr, out info, infoSize) == infoSize) {
|
|
63
|
+
scannedRegions++;
|
|
64
|
+
string state = info.State == MEM_COMMIT ? "COMMIT" : (info.State == MEM_RESERVE ? "RESERVE" : (info.State == MEM_FREE ? "FREE" : "UNKNOWN"));
|
|
65
|
+
string protect = GetProtectionString(info.Protect);
|
|
66
|
+
bool isReadable = (info.State == MEM_COMMIT) && ((info.Protect & (PAGE_READONLY | PAGE_READWRITE | PAGE_EXECUTE_READ | PAGE_EXECUTE_READWRITE)) != 0);
|
|
67
|
+
|
|
68
|
+
regions.Add(new {
|
|
69
|
+
baseAddress = "0x" + info.BaseAddress.ToInt64().ToString("X"),
|
|
70
|
+
size = info.RegionSize.ToInt64(),
|
|
71
|
+
state = state,
|
|
72
|
+
protection = protect,
|
|
73
|
+
isReadable = isReadable,
|
|
74
|
+
type = info.Type == 0x1000000 ? "IMAGE" : (info.Type == 0x40000 ? "MAPPED" : "PRIVATE")
|
|
75
|
+
});
|
|
76
|
+
|
|
77
|
+
if (regions.Count >= 10000 || scannedRegions >= 50000) break;
|
|
78
|
+
long baseAddr = info.BaseAddress.ToInt64();
|
|
79
|
+
long regionSize = info.RegionSize.ToInt64();
|
|
80
|
+
if (regionSize <= 0) break;
|
|
81
|
+
long nextAddr = baseAddr + regionSize;
|
|
82
|
+
if (nextAddr <= baseAddr) break;
|
|
83
|
+
addr = new IntPtr(nextAddr);
|
|
84
|
+
if (addr.ToInt64() >= 0x7FFFFFFF0000) break;
|
|
85
|
+
}
|
|
86
|
+
|
|
87
|
+
return regions;
|
|
88
|
+
} finally {
|
|
89
|
+
CloseHandle(hProcess);
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
private static string GetProtectionString(uint protect) {
|
|
94
|
+
if (protect == 0) return "NOACCESS";
|
|
95
|
+
string s = "";
|
|
96
|
+
if ((protect & 0x100) != 0) s += "NOACCESS ";
|
|
97
|
+
if ((protect & PAGE_READONLY) != 0) s += "R ";
|
|
98
|
+
if ((protect & PAGE_READWRITE) != 0) s += "RW ";
|
|
99
|
+
if ((protect & PAGE_WRITECOPY) != 0) s += "W ";
|
|
100
|
+
if ((protect & PAGE_EXECUTE) != 0) s += "X ";
|
|
101
|
+
if ((protect & PAGE_EXECUTE_READ) != 0) s += "RX ";
|
|
102
|
+
if ((protect & PAGE_EXECUTE_READWRITE) != 0) s += "RWX ";
|
|
103
|
+
if ((protect & 0x100) != 0) s += "GUARD ";
|
|
104
|
+
return s.Trim();
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
"@
|
|
108
|
+
|
|
109
|
+
try {
|
|
110
|
+
$regions = [RegionEnumerator]::EnumerateRegions(${pid})
|
|
111
|
+
@{ success = $true; regions = $regions; count = $regions.Count } | ConvertTo-Json -Compress -Depth 10
|
|
112
|
+
} catch {
|
|
113
|
+
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
114
|
+
}
|
|
115
115
|
`.trim();
|
|
116
116
|
}
|
|
117
117
|
export async function enumerateRegions(platform, pid) {
|
|
@@ -5,86 +5,86 @@ export async function enumerateModules(platform, pid) {
|
|
|
5
5
|
return { success: false, error: 'Module enumeration currently only implemented for Windows' };
|
|
6
6
|
}
|
|
7
7
|
try {
|
|
8
|
-
const psScript = `
|
|
9
|
-
Add-Type @"
|
|
10
|
-
using System;
|
|
11
|
-
using System.Runtime.InteropServices;
|
|
12
|
-
using System.Collections.Generic;
|
|
13
|
-
using System.ComponentModel;
|
|
14
|
-
|
|
15
|
-
public class ModuleEnumerator {
|
|
16
|
-
[DllImport("psapi.dll", SetLastError = true)]
|
|
17
|
-
public static extern bool EnumProcessModules(IntPtr hProcess, [Out] IntPtr[] lphModule, int cb, out int lpcbNeeded);
|
|
18
|
-
|
|
19
|
-
[DllImport("psapi.dll", SetLastError = true)]
|
|
20
|
-
public static extern int GetModuleBaseName(IntPtr hProcess, IntPtr hModule, [Out] System.Text.StringBuilder lpBaseName, int nSize);
|
|
21
|
-
|
|
22
|
-
[DllImport("psapi.dll", SetLastError = true)]
|
|
23
|
-
public static extern bool GetModuleInformation(IntPtr hProcess, IntPtr hModule, out MODULEINFO lpmodinfo, int cb);
|
|
24
|
-
|
|
25
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
26
|
-
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
27
|
-
|
|
28
|
-
[DllImport("kernel32.dll", SetLastError = true)]
|
|
29
|
-
public static extern bool CloseHandle(IntPtr handle);
|
|
30
|
-
|
|
31
|
-
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
32
|
-
const int PROCESS_VM_READ = 0x0010;
|
|
33
|
-
|
|
34
|
-
[StructLayout(LayoutKind.Sequential)]
|
|
35
|
-
public struct MODULEINFO {
|
|
36
|
-
public IntPtr lpBaseOfDll;
|
|
37
|
-
public int SizeOfImage;
|
|
38
|
-
public IntPtr EntryPoint;
|
|
39
|
-
}
|
|
40
|
-
|
|
41
|
-
public static object Enumerate(int pid) {
|
|
42
|
-
IntPtr hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, false, pid);
|
|
43
|
-
if (hProcess == IntPtr.Zero) {
|
|
44
|
-
int error = Marshal.GetLastWin32Error();
|
|
45
|
-
throw new Win32Exception(error, "Failed to open process");
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
try {
|
|
49
|
-
IntPtr[] modules = new IntPtr[1024];
|
|
50
|
-
int cbNeeded;
|
|
51
|
-
|
|
52
|
-
if (!EnumProcessModules(hProcess, modules, modules.Length * IntPtr.Size, out cbNeeded)) {
|
|
53
|
-
int error = Marshal.GetLastWin32Error();
|
|
54
|
-
throw new Win32Exception(error, "EnumProcessModules failed");
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
int numModules = cbNeeded / IntPtr.Size;
|
|
58
|
-
var result = new List<object>();
|
|
59
|
-
|
|
60
|
-
for (int i = 0; i < numModules; i++) {
|
|
61
|
-
System.Text.StringBuilder baseName = new System.Text.StringBuilder(256);
|
|
62
|
-
if (GetModuleBaseName(hProcess, modules[i], baseName, baseName.Capacity) > 0) {
|
|
63
|
-
MODULEINFO modInfo;
|
|
64
|
-
if (GetModuleInformation(hProcess, modules[i], out modInfo, Marshal.SizeOf(typeof(MODULEINFO)))) {
|
|
65
|
-
result.Add(new {
|
|
66
|
-
name = baseName.ToString(),
|
|
67
|
-
baseAddress = "0x" + modInfo.lpBaseOfDll.ToInt64().ToString("X"),
|
|
68
|
-
size = modInfo.SizeOfImage
|
|
69
|
-
});
|
|
70
|
-
}
|
|
71
|
-
}
|
|
72
|
-
}
|
|
73
|
-
|
|
74
|
-
return new { success = true, modules = result };
|
|
75
|
-
} finally {
|
|
76
|
-
CloseHandle(hProcess);
|
|
77
|
-
}
|
|
78
|
-
}
|
|
79
|
-
}
|
|
80
|
-
"@
|
|
81
|
-
|
|
82
|
-
try {
|
|
83
|
-
$result = [ModuleEnumerator]::Enumerate(${pid})
|
|
84
|
-
$result | ConvertTo-Json -Compress -Depth 10
|
|
85
|
-
} catch {
|
|
86
|
-
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
87
|
-
}
|
|
8
|
+
const psScript = `
|
|
9
|
+
Add-Type @"
|
|
10
|
+
using System;
|
|
11
|
+
using System.Runtime.InteropServices;
|
|
12
|
+
using System.Collections.Generic;
|
|
13
|
+
using System.ComponentModel;
|
|
14
|
+
|
|
15
|
+
public class ModuleEnumerator {
|
|
16
|
+
[DllImport("psapi.dll", SetLastError = true)]
|
|
17
|
+
public static extern bool EnumProcessModules(IntPtr hProcess, [Out] IntPtr[] lphModule, int cb, out int lpcbNeeded);
|
|
18
|
+
|
|
19
|
+
[DllImport("psapi.dll", SetLastError = true)]
|
|
20
|
+
public static extern int GetModuleBaseName(IntPtr hProcess, IntPtr hModule, [Out] System.Text.StringBuilder lpBaseName, int nSize);
|
|
21
|
+
|
|
22
|
+
[DllImport("psapi.dll", SetLastError = true)]
|
|
23
|
+
public static extern bool GetModuleInformation(IntPtr hProcess, IntPtr hModule, out MODULEINFO lpmodinfo, int cb);
|
|
24
|
+
|
|
25
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
26
|
+
public static extern IntPtr OpenProcess(int access, bool inherit, int pid);
|
|
27
|
+
|
|
28
|
+
[DllImport("kernel32.dll", SetLastError = true)]
|
|
29
|
+
public static extern bool CloseHandle(IntPtr handle);
|
|
30
|
+
|
|
31
|
+
const int PROCESS_QUERY_INFORMATION = 0x0400;
|
|
32
|
+
const int PROCESS_VM_READ = 0x0010;
|
|
33
|
+
|
|
34
|
+
[StructLayout(LayoutKind.Sequential)]
|
|
35
|
+
public struct MODULEINFO {
|
|
36
|
+
public IntPtr lpBaseOfDll;
|
|
37
|
+
public int SizeOfImage;
|
|
38
|
+
public IntPtr EntryPoint;
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
public static object Enumerate(int pid) {
|
|
42
|
+
IntPtr hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, false, pid);
|
|
43
|
+
if (hProcess == IntPtr.Zero) {
|
|
44
|
+
int error = Marshal.GetLastWin32Error();
|
|
45
|
+
throw new Win32Exception(error, "Failed to open process");
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
try {
|
|
49
|
+
IntPtr[] modules = new IntPtr[1024];
|
|
50
|
+
int cbNeeded;
|
|
51
|
+
|
|
52
|
+
if (!EnumProcessModules(hProcess, modules, modules.Length * IntPtr.Size, out cbNeeded)) {
|
|
53
|
+
int error = Marshal.GetLastWin32Error();
|
|
54
|
+
throw new Win32Exception(error, "EnumProcessModules failed");
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
int numModules = cbNeeded / IntPtr.Size;
|
|
58
|
+
var result = new List<object>();
|
|
59
|
+
|
|
60
|
+
for (int i = 0; i < numModules; i++) {
|
|
61
|
+
System.Text.StringBuilder baseName = new System.Text.StringBuilder(256);
|
|
62
|
+
if (GetModuleBaseName(hProcess, modules[i], baseName, baseName.Capacity) > 0) {
|
|
63
|
+
MODULEINFO modInfo;
|
|
64
|
+
if (GetModuleInformation(hProcess, modules[i], out modInfo, Marshal.SizeOf(typeof(MODULEINFO)))) {
|
|
65
|
+
result.Add(new {
|
|
66
|
+
name = baseName.ToString(),
|
|
67
|
+
baseAddress = "0x" + modInfo.lpBaseOfDll.ToInt64().ToString("X"),
|
|
68
|
+
size = modInfo.SizeOfImage
|
|
69
|
+
});
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
|
|
74
|
+
return new { success = true, modules = result };
|
|
75
|
+
} finally {
|
|
76
|
+
CloseHandle(hProcess);
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
"@
|
|
81
|
+
|
|
82
|
+
try {
|
|
83
|
+
$result = [ModuleEnumerator]::Enumerate(${pid})
|
|
84
|
+
$result | ConvertTo-Json -Compress -Depth 10
|
|
85
|
+
} catch {
|
|
86
|
+
@{ success = $false; error = $_.Exception.Message } | ConvertTo-Json -Compress
|
|
87
|
+
}
|
|
88
88
|
`;
|
|
89
89
|
const { stdout } = await executePowerShellScript(psScript, {
|
|
90
90
|
maxBuffer: 1024 * 1024 * 10,
|