@jshookmcp/jshook 0.2.7 → 0.2.9

package/dist/analysis-CL9uACt9.mjs

@@ -0,0 +1,463 @@
+import { t as logger } from "./logger-Dh_xb7_2.mjs";
+import { d as ANALYSIS_MAX_SAFE_RESPONSE_BYTES, f as ANALYSIS_MAX_SUMMARY_FILES, u as ANALYSIS_MAX_SAFE_COLLECTED_BYTES } from "./constants-B0OANIBL.mjs";
+import { i as serializeError, n as asJsonResponse, r as asTextResponse, t as asErrorResponse } from "./response-BQVP-xUn.mjs";
+import { s as runWebcrack } from "./modules-C184v-S9.mjs";
+import { a as argString, i as argObject, n as argEnum, r as argNumber, s as argStringRequired, t as argBool } from "./parse-args-BlRjqlkL.mjs";
+import { s as evaluateWithTimeout } from "./PageController-Bqm2kZ_X.mjs";
+import "./definitions-C1UvM5Iy.mjs";
+//#region src/server/domains/analysis/handlers.web-tools.ts
+const MAX_WEBPACK_MODULES = 100;
+async function runWebpackEnumerate(collector, args) {
+	const searchKeyword = argString(args, "searchKeyword", "");
+	const forceRequireAll = argBool(args, "forceRequireAll", !!searchKeyword);
+	const maxResults = Math.min(argNumber(args, "maxResults", 20), MAX_WEBPACK_MODULES);
+	try {
+		const result = await evaluateWithTimeout(await collector.getActivePage(), async (opts) => {
+			const w = window;
+			let requireFn = null;
+			if (typeof w["__webpack_require__"] === "function") requireFn = w["__webpack_require__"];
+			const chunkKeys = Object.keys(w).filter((k) => k.startsWith("webpackChunk") || k.startsWith("webpackJsonp"));
+			const moduleIdSet = /* @__PURE__ */ new Set();
+			for (const key of chunkKeys) {
+				const arr = w[key];
+				if (!Array.isArray(arr)) continue;
+				const arrWithM = arr;
+				if (arrWithM.m && typeof arrWithM.m === "object") for (const id of Object.keys(arrWithM.m)) moduleIdSet.add(id);
+				for (const chunk of arr) if (Array.isArray(chunk) && chunk[1] && typeof chunk[1] === "object") for (const id of Object.keys(chunk[1])) moduleIdSet.add(id);
+			}
+			if (typeof w["__webpack_modules__"] === "object" && w["__webpack_modules__"]) for (const id of Object.keys(w["__webpack_modules__"])) moduleIdSet.add(id);
+			if (!requireFn) for (const key of chunkKeys) {
+				const arr = w[key];
+				if (arr?.m && typeof arr.m === "object") {
+					const mods = arr.m;
+					requireFn = (id) => {
+						try {
+							const fn = mods[id];
+							return typeof fn === "function" ? fn() : fn;
+						} catch {
+							return;
+						}
+					};
+					break;
+				}
+			}
+			const allIds = Array.from(moduleIdSet);
+			if (!opts.forceRequireAll || !requireFn) return {
+				total: allIds.length,
+				requireFound: !!requireFn,
+				chunkKeys,
+				moduleIds: allIds.slice(0, 200),
+				matches: []
+			};
+			const fn = requireFn;
+			const matches = [];
+			for (const id of allIds) {
+				if (matches.length >= opts.maxResults) break;
+				try {
+					const mod = fn(id);
+					if (mod === void 0 || mod === null) continue;
+					let str;
+					try {
+						str = JSON.stringify(mod);
+					} catch {
+						str = String(mod);
+					}
+					if (!opts.searchKeyword || str.toLowerCase().includes(opts.searchKeyword.toLowerCase())) matches.push({
+						id,
+						preview: str.slice(0, 600)
+					});
+				} catch {}
+			}
+			return {
+				total: allIds.length,
+				requireFound: true,
+				chunkKeys,
+				moduleIds: allIds.slice(0, 200),
+				matches
+			};
+		}, {
+			searchKeyword,
+			forceRequireAll,
+			maxResults
+		});
+		logger.info(`webpack_enumerate: found ${result.total} modules, ${result.matches.length} matches`);
+		return asJsonResponse(result);
+	} catch (error) {
+		return asErrorResponse(error);
+	}
+}
+//#endregion
+//#region src/server/domains/analysis/handlers.impl.ts
+const SMART_MODES = new Set([
+	"summary",
+	"priority",
+	"incremental",
+	"full"
+]);
+const FOCUS_MODES = new Set([
+	"structure",
+	"business",
+	"security",
+	"all"
+]);
+const HOOK_TYPES = new Set([
+	"function",
+	"xhr",
+	"fetch",
+	"websocket",
+	"localstorage",
+	"cookie"
+]);
+const HOOK_ACTIONS = new Set([
+	"log",
+	"block",
+	"modify"
+]);
+var CoreAnalysisHandlers = class {
+	collector;
+	scriptManager;
+	deobfuscator;
+	advancedDeobfuscator;
+	obfuscationDetector;
+	analyzer;
+	cryptoDetector;
+	hookManager;
+	constructor(deps) {
+		this.collector = deps.collector;
+		this.scriptManager = deps.scriptManager;
+		this.deobfuscator = deps.deobfuscator;
+		this.advancedDeobfuscator = deps.advancedDeobfuscator;
+		this.obfuscationDetector = deps.obfuscationDetector;
+		this.analyzer = deps.analyzer;
+		this.cryptoDetector = deps.cryptoDetector;
+		this.hookManager = deps.hookManager;
+	}
+	requireCodeArg(args, toolName) {
+		const code = args.code;
+		if (typeof code !== "string" || code.trim().length === 0) {
+			logger.warn(`${toolName} called without valid code argument`);
+			return null;
+		}
+		return code;
+	}
+	extractWebcrackArgs(args) {
+		const extracted = {};
+		const unpack = argBool(args, "unpack");
+		const unminify = argBool(args, "unminify");
+		const jsx = argBool(args, "jsx");
+		const mangle = argBool(args, "mangle");
+		const forceOutput = argBool(args, "forceOutput");
+		const includeModuleCode = argBool(args, "includeModuleCode");
+		const outputDir = argString(args, "outputDir");
+		const maxBundleModules = argNumber(args, "maxBundleModules");
+		if (unpack !== void 0) extracted.unpack = unpack;
+		if (unminify !== void 0) extracted.unminify = unminify;
+		if (jsx !== void 0) extracted.jsx = jsx;
+		if (mangle !== void 0) extracted.mangle = mangle;
+		if (forceOutput !== void 0) extracted.forceOutput = forceOutput;
+		if (includeModuleCode !== void 0) extracted.includeModuleCode = includeModuleCode;
+		if (outputDir?.trim()) extracted.outputDir = outputDir;
+		if (maxBundleModules !== void 0) extracted.maxBundleModules = maxBundleModules;
+		if (Array.isArray(args.mappings)) extracted.mappings = args.mappings.filter((item) => typeof item === "object" && item !== null && typeof item.path === "string" && typeof item.pattern === "string");
+		return extracted;
+	}
+	async handleCollectCode(args) {
+		const returnSummaryOnly = argBool(args, "returnSummaryOnly", false);
+		let smartMode = argEnum(args, "smartMode", SMART_MODES);
+		const maxSummaryFiles = ANALYSIS_MAX_SUMMARY_FILES;
+		const summarizeFiles = (files) => files.slice(0, maxSummaryFiles).map((file) => ({
+			url: file.url,
+			type: file.type,
+			size: file.size,
+			sizeKB: (file.size / 1024).toFixed(2),
+			truncated: file.metadata?.truncated || false,
+			preview: `${file.content.substring(0, 200)}...`
+		}));
+		if (!smartMode) smartMode = returnSummaryOnly ? "summary" : "summary";
+		const result = await this.collector.collect({
+			url: argStringRequired(args, "url"),
+			includeInline: argBool(args, "includeInline"),
+			includeExternal: argBool(args, "includeExternal"),
+			includeDynamic: argBool(args, "includeDynamic"),
+			smartMode,
+			compress: argBool(args, "compress"),
+			maxTotalSize: argNumber(args, "maxTotalSize"),
+			maxFileSize: args.maxFileSize ? argNumber(args, "maxFileSize", 0) * 1024 : void 0,
+			priorities: args.priorities
+		});
+		if (returnSummaryOnly) return asJsonResponse({
+			mode: "summary",
+			totalSize: result.totalSize,
+			totalSizeKB: (result.totalSize / 1024).toFixed(2),
+			filesCount: result.files.length,
+			summarizedFiles: Math.min(result.files.length, maxSummaryFiles),
+			omittedFiles: Math.max(0, result.files.length - maxSummaryFiles),
+			collectTime: result.collectTime,
+			summary: summarizeFiles(result.files),
+			hint: "Use get_script_source for specific files."
+		});
+		const maxSafeCollectedSize = ANALYSIS_MAX_SAFE_COLLECTED_BYTES;
+		const maxSafeResponseSize = ANALYSIS_MAX_SAFE_RESPONSE_BYTES;
+		const estimatedResponseSize = Buffer.byteLength(JSON.stringify(result), "utf8");
+		if (result.totalSize > maxSafeCollectedSize || estimatedResponseSize > maxSafeResponseSize) {
+			logger.warn(`Collected code is too large (collected=${(result.totalSize / 1024).toFixed(2)}KB, response=${(estimatedResponseSize / 1024).toFixed(2)}KB), returning summary mode.`);
+			return asJsonResponse({
+				warning: "Code size exceeds safe response threshold; summary returned.",
+				totalSize: result.totalSize,
+				totalSizeKB: (result.totalSize / 1024).toFixed(2),
+				estimatedResponseSize,
+				estimatedResponseSizeKB: (estimatedResponseSize / 1024).toFixed(2),
+				filesCount: result.files.length,
+				summarizedFiles: Math.min(result.files.length, maxSummaryFiles),
+				omittedFiles: Math.max(0, result.files.length - maxSummaryFiles),
+				collectTime: result.collectTime,
+				summary: summarizeFiles(result.files),
+				recommendations: [
+					"Use get_script_source for targeted files.",
+					"Use more specific priority filters.",
+					"Use smartMode=summary for initial reconnaissance."
+				]
+			});
+		}
+		return asJsonResponse(result);
+	}
+	async handleSearchInScripts(args) {
+		await this.scriptManager.init();
+		const keyword = argString(args, "keyword");
+		if (!keyword) return asJsonResponse({
+			success: false,
+			error: "keyword is required"
+		});
+		const maxMatches = argNumber(args, "maxMatches", 100);
+		const returnSummary = argBool(args, "returnSummary", false);
+		const maxContextSize = argNumber(args, "maxContextSize", 5e4);
+		const result = await this.scriptManager.searchInScripts(keyword, {
+			isRegex: argBool(args, "isRegex"),
+			caseSensitive: argBool(args, "caseSensitive"),
+			contextLines: argNumber(args, "contextLines"),
+			maxMatches
+		});
+		const resultSize = JSON.stringify(result).length;
+		if (returnSummary || resultSize > maxContextSize) {
+			const matches = result.matches ?? [];
+			return asJsonResponse({
+				success: true,
+				keyword: args.keyword,
+				totalMatches: matches.length,
+				resultSize,
+				resultSizeKB: (resultSize / 1024).toFixed(2),
+				truncated: resultSize > maxContextSize,
+				reason: resultSize > maxContextSize ? `Result too large (${(resultSize / 1024).toFixed(2)}KB > ${(maxContextSize / 1024).toFixed(2)}KB)` : "Summary mode enabled",
+				matchesSummary: matches.slice(0, 10).map((match) => ({
+					scriptId: match.scriptId,
+					url: match.url,
+					line: match.line,
+					preview: `${(match.context ?? "").substring(0, 100)}...`
+				})),
+				recommendations: [
+					"Use more specific keywords.",
+					`Reduce maxMatches (current: ${maxMatches}).`,
+					"Use get_script_source for targeted file retrieval."
+				]
+			});
+		}
+		return asJsonResponse(result);
+	}
+	async handleExtractFunctionTree(args) {
+		const scriptId = argString(args, "scriptId");
+		const functionName = argString(args, "functionName");
+		if (!scriptId) return asJsonResponse({
+			success: false,
+			error: "scriptId is required",
+			hint: "Use get_all_scripts() to list available scripts and their scriptIds"
+		});
+		if (!functionName) return asJsonResponse({
+			success: false,
+			error: "functionName is required",
+			hint: "Specify the name of the function to extract"
+		});
+		await this.scriptManager.init();
+		const scripts = await this.scriptManager.getAllScripts();
+		if (!scripts.some((s) => String(s.scriptId) === String(scriptId))) {
+			const availableScripts = scripts.slice(0, 10).map((s) => ({
+				scriptId: s.scriptId,
+				url: s.url?.substring(0, 80)
+			}));
+			return asJsonResponse({
+				success: false,
+				error: `Script not found: ${scriptId}`,
+				hint: "The specified scriptId does not exist. Use get_all_scripts() to list available scripts.",
+				availableScripts: availableScripts.length > 0 ? availableScripts : "No scripts loaded. Navigate to a page first.",
+				totalScripts: scripts.length
+			});
+		}
+		try {
+			return asJsonResponse({
+				success: true,
+				...await this.scriptManager.extractFunctionTree(scriptId, functionName, {
+					maxDepth: argNumber(args, "maxDepth"),
+					maxSize: argNumber(args, "maxSize"),
+					includeComments: argBool(args, "includeComments")
+				})
+			});
+		} catch (error) {
+			return asJsonResponse({
+				success: false,
+				error: error instanceof Error ? error.message : String(error),
+				hint: "Make sure the function name exists in the specified script"
+			});
+		}
+	}
+	async handleDeobfuscate(args) {
+		const code = this.requireCodeArg(args, "deobfuscate");
+		if (!code) return asJsonResponse({
+			success: false,
+			error: "code is required and must be a non-empty string"
+		});
+		if (argEnum(args, "engine", new Set(["auto", "webcrack"]), "auto") === "webcrack") return asJsonResponse(await this.advancedDeobfuscator.deobfuscate({
+			code,
+			...this.extractWebcrackArgs(args),
+			...typeof args.detectOnly === "boolean" ? { detectOnly: args.detectOnly } : {},
+			...typeof args.aggressiveVM === "boolean" ? { aggressiveVM: args.aggressiveVM } : {},
+			...typeof args.useASTOptimization === "boolean" ? { useASTOptimization: args.useASTOptimization } : {},
+			...typeof args.timeout === "number" ? { timeout: args.timeout } : {}
+		}));
+		const result = await this.deobfuscator.deobfuscate({
+			code,
+			aggressive: argBool(args, "aggressive"),
+			...this.extractWebcrackArgs(args)
+		});
+		if (result && typeof result === "object" && "success" in result && result.success === false && !("error" in result)) return asJsonResponse({
+			...result,
+			error: result.reason || "deobfuscation failed"
+		});
+		return asJsonResponse(result);
+	}
+	async handleUnderstandCode(args) {
+		const code = this.requireCodeArg(args, "understand_code");
+		if (!code) return asJsonResponse({
+			success: false,
+			error: "code is required and must be a non-empty string"
+		});
+		return asJsonResponse(await this.analyzer.understand({
+			code,
+			context: argObject(args, "context"),
+			focus: argEnum(args, "focus", FOCUS_MODES, "all")
+		}));
+	}
+	async handleDetectCrypto(args) {
+		const code = this.requireCodeArg(args, "detect_crypto");
+		if (!code) return asJsonResponse({
+			success: false,
+			error: "code is required and must be a non-empty string"
+		});
+		return asJsonResponse(await this.cryptoDetector.detect({ code }));
+	}
+	async handleManageHooks(args) {
+		const action = argStringRequired(args, "action");
+		switch (action) {
+			case "create": return asJsonResponse(await this.hookManager.createHook({
+				target: argStringRequired(args, "target"),
+				type: argEnum(args, "type", HOOK_TYPES) ?? "function",
+				action: argEnum(args, "hookAction", HOOK_ACTIONS, "log"),
+				customCode: argString(args, "customCode")
+			}));
+			case "list": return asJsonResponse({ hooks: this.hookManager.getAllHooks() });
+			case "records": return asJsonResponse({ records: this.hookManager.getHookRecords(argStringRequired(args, "hookId")) });
+			case "clear":
+				this.hookManager.clearHookRecords(argString(args, "hookId"));
+				return asJsonResponse({
+					success: true,
+					message: "Hook records cleared"
+				});
+			default: return asJsonResponse({
+				success: false,
+				message: `Unknown hook action: ${action}. Valid actions: create, list, records, clear`
+			});
+		}
+	}
+	async handleDetectObfuscation(args) {
+		const code = this.requireCodeArg(args, "detect_obfuscation");
+		if (!code) return asJsonResponse({
+			success: false,
+			error: "code is required and must be a non-empty string"
+		});
+		const generateReport = argBool(args, "generateReport", true);
+		const result = this.obfuscationDetector.detect(code);
+		if (!generateReport) return asJsonResponse(result);
+		const report = this.obfuscationDetector.generateReport(result);
+		return asTextResponse(`${JSON.stringify(result, null, 2)}\n\n${report}`);
+	}
+	async handleWebcrackUnpack(args) {
+		const code = this.requireCodeArg(args, "webcrack_unpack");
+		if (!code) return asJsonResponse({
+			success: false,
+			error: "code is required and must be a non-empty string"
+		});
+		const result = await runWebcrack(code, {
+			unpack: argBool(args, "unpack", true),
+			unminify: argBool(args, "unminify", true),
+			jsx: argBool(args, "jsx", true),
+			mangle: argBool(args, "mangle", false),
+			...this.extractWebcrackArgs(args)
+		});
+		if (!result.applied) return asJsonResponse({
+			success: false,
+			error: result.reason || "webcrack execution failed",
+			optionsUsed: result.optionsUsed,
+			engine: "webcrack"
+		});
+		return asJsonResponse({
+			success: true,
+			code: result.code,
+			bundle: result.bundle,
+			savedTo: result.savedTo,
+			savedArtifacts: result.savedArtifacts,
+			optionsUsed: result.optionsUsed,
+			engine: "webcrack"
+		});
+	}
+	async handleWebpackEnumerate(args) {
+		return runWebpackEnumerate(this.collector, args);
+	}
+	async handleClearCollectedData() {
+		try {
+			await this.collector.clearAllData();
+			this.scriptManager.clear();
+			return asJsonResponse({
+				success: true,
+				message: "All collected data cleared.",
+				cleared: {
+					fileCache: true,
+					compressionCache: true,
+					collectedUrls: true,
+					scriptManager: true
+				}
+			});
+		} catch (error) {
+			logger.error("Failed to clear collected data:", error);
+			return asJsonResponse(serializeError(error));
+		}
+	}
+	async handleGetCollectionStats() {
+		try {
+			const stats = await this.collector.getAllStats();
+			return asJsonResponse({
+				success: true,
+				stats,
+				summary: {
+					totalCachedFiles: stats.cache.memoryEntries + stats.cache.diskEntries,
+					totalCacheSize: `${(stats.cache.totalSize / 1024).toFixed(2)} KB`,
+					compressionRatio: `${stats.compression.averageRatio.toFixed(1)}%`,
+					cacheHitRate: stats.compression.cacheHits > 0 ? `${(stats.compression.cacheHits / (stats.compression.cacheHits + stats.compression.cacheMisses) * 100).toFixed(1)}%` : "0%",
+					collectedUrls: stats.collector.collectedUrls
+				}
+			});
+		} catch (error) {
+			logger.error("Failed to get collection stats:", error);
+			return asJsonResponse(serializeError(error));
+		}
+	}
+};
+//#endregion
+export { CoreAnalysisHandlers };