@jshookmcp/jshook 0.2.7 → 0.2.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +36 -5
- package/README.zh.md +36 -5
- package/dist/{AntiCheatDetector-S8VRj-dD.mjs → AntiCheatDetector-BNk-EoBt.mjs} +3 -3
- package/dist/{CodeInjector-4Z3ngPoX.mjs → CodeInjector-Cq8q01kp.mjs} +5 -5
- package/dist/ConsoleMonitor-CPVQW1Y-.mjs +2201 -0
- package/dist/{DarwinAPI-B8hg_yhz.mjs → DarwinAPI-BNPxu0RH.mjs} +1 -1
- package/dist/DetailedDataManager-BQQcxh64.mjs +217 -0
- package/dist/EventBus-DgPmwpeu.mjs +141 -0
- package/dist/EvidenceGraphBridge-SFesNera.mjs +153 -0
- package/dist/{ExtensionManager-CZ6IveoV.mjs → ExtensionManager-CWYgw0YW.mjs} +13 -6
- package/dist/{FingerprintManager-BVxFJL2-.mjs → FingerprintManager-gzWtkKuf.mjs} +1 -1
- package/dist/{HardwareBreakpoint-DK1yjWkV.mjs → HardwareBreakpoint-B9gZCdFP.mjs} +3 -3
- package/dist/{HeapAnalyzer-CEbo10xU.mjs → HeapAnalyzer-BLDH0dCv.mjs} +4 -4
- package/dist/HookGeneratorBuilders.core.generators.storage-CtcdK78Q.mjs +639 -0
- package/dist/InstrumentationSession-CvPC7Jwy.mjs +244 -0
- package/dist/{MemoryController-DdtnBdD4.mjs → MemoryController-CbVdCIJF.mjs} +3 -3
- package/dist/{MemoryScanSession-RMixN3bX.mjs → MemoryScanSession-BsDZbLYm.mjs} +81 -78
- package/dist/{MemoryScanner-QjK4ld0B.mjs → MemoryScanner-Bcpml6II.mjs} +44 -18
- package/dist/{NativeMemoryManager.impl-CB6gJ0NM.mjs → NativeMemoryManager.impl-dZtA1ZGn.mjs} +14 -53
- package/dist/{NativeMemoryManager.utils-BML4q1ry.mjs → NativeMemoryManager.utils-B-FjA2mJ.mjs} +1 -1
- package/dist/{PEAnalyzer-CK0xe0Fs.mjs → PEAnalyzer-D1lzJ_VG.mjs} +2 -2
- package/dist/PageController-Bqm2kZ_X.mjs +417 -0
- package/dist/{PointerChainEngine-Cd73qu5b.mjs → PointerChainEngine-BOhyVsjx.mjs} +4 -4
- package/dist/PrerequisiteError-Dl33Svkz.mjs +20 -0
- package/dist/ResponseBuilder-D3iFYx2N.mjs +143 -0
- package/dist/ReverseEvidenceGraph-Dlsk94LC.mjs +269 -0
- package/dist/ScriptManager-aHHq0X7U.mjs +3000 -0
- package/dist/{Speedhack-CeF0XmEz.mjs → Speedhack-CqdIFlQl.mjs} +2 -2
- package/dist/{StructureAnalyzer-D4GkMduU.mjs → StructureAnalyzer-DhFaPvRO.mjs} +3 -3
- package/dist/ToolCatalog-C0JGZoOm.mjs +582 -0
- package/dist/ToolError-jh9whhMd.mjs +15 -0
- package/dist/ToolProbe-oC7aPrkv.mjs +45 -0
- package/dist/ToolRegistry-BjaF4oNz.mjs +131 -0
- package/dist/ToolRouter.policy-BWV67ZK-.mjs +304 -0
- package/dist/TraceRecorder-DgxyVbdQ.mjs +519 -0
- package/dist/{Win32API-Bc0QnQsN.mjs → Win32API-CePkipZY.mjs} +1 -1
- package/dist/{Win32Debug-DUHt9XUn.mjs → Win32Debug-BvKs-gxc.mjs} +2 -2
- package/dist/WorkflowEngine-CuvkZtWu.mjs +598 -0
- package/dist/analysis-CL9uACt9.mjs +463 -0
- package/dist/antidebug-CqDTB_uk.mjs +1081 -0
- package/dist/artifactRetention-CFEprwPw.mjs +591 -0
- package/dist/artifacts-Bk2-_uPq.mjs +59 -0
- package/dist/betterSqlite3-0pqusHHH.mjs +74 -0
- package/dist/binary-instrument-CXfpx6fT.mjs +979 -0
- package/dist/bind-helpers-xFfRF-qm.mjs +22 -0
- package/dist/boringssl-inspector-BH2D3VKc.mjs +180 -0
- package/dist/browser-BpOr5PEx.mjs +4082 -0
- package/dist/concurrency-Bt0yv1kJ.mjs +41 -0
- package/dist/{constants-CCvsN80K.mjs → constants-B0OANIBL.mjs} +88 -46
- package/dist/coordination-qUbyF8KU.mjs +259 -0
- package/dist/debugger-gnKxRSN0.mjs +1271 -0
- package/dist/definitions-6M-eejaT.mjs +53 -0
- package/dist/definitions-B18eyf0B.mjs +18 -0
- package/dist/definitions-B3QdlrHv.mjs +34 -0
- package/dist/definitions-B4rAvHNZ.mjs +63 -0
- package/dist/definitions-BB_4jnmy.mjs +37 -0
- package/dist/definitions-BMfYXoNC.mjs +43 -0
- package/dist/definitions-Beid2EB3.mjs +27 -0
- package/dist/definitions-C1UvM5Iy.mjs +126 -0
- package/dist/definitions-CXEI7QC72.mjs +216 -0
- package/dist/definitions-C_4r7Fo-2.mjs +14 -0
- package/dist/definitions-CkFDALoa.mjs +26 -0
- package/dist/definitions-Cke7zEb8.mjs +94 -0
- package/dist/definitions-ClJLzsJQ.mjs +25 -0
- package/dist/definitions-Cq-zroAU.mjs +28 -0
- package/dist/definitions-Cy3Sl6gV.mjs +34 -0
- package/dist/definitions-D3VsGcvz.mjs +47 -0
- package/dist/definitions-DVGfrn7y.mjs +96 -0
- package/dist/definitions-LKpC3-nL.mjs +9 -0
- package/dist/definitions-bAhHQJq9.mjs +359 -0
- package/dist/encoding-Bvz5jLRv.mjs +1065 -0
- package/dist/evidence-graph-bridge-C_fv9PuC.mjs +135 -0
- package/dist/{factory-CibqTNC8.mjs → factory-DxlGh9Xf.mjs} +37 -52
- package/dist/graphql-DYWzJ29s.mjs +1026 -0
- package/dist/handlers-9sAbfIg-.mjs +2552 -0
- package/dist/handlers-Bl8zkwz1.mjs +2716 -0
- package/dist/handlers-C67ktuRN.mjs +710 -0
- package/dist/handlers-C87g8oCe.mjs +276 -0
- package/dist/handlers-CTsDAO6p.mjs +681 -0
- package/dist/handlers-Cgyg6c0U.mjs +645 -0
- package/dist/handlers-D6j6yka7.mjs +2124 -0
- package/dist/handlers-DdFzXLvF.mjs +446 -0
- package/dist/handlers-DeLOCd5m.mjs +799 -0
- package/dist/handlers-DlCJN4Td.mjs +757 -0
- package/dist/handlers-DxGIq15_2.mjs +917 -0
- package/dist/handlers-U6L4xhuF.mjs +585 -0
- package/dist/handlers-tB9Mp9ZK.mjs +84 -0
- package/dist/handlers-tiy7EIBp.mjs +572 -0
- package/dist/handlers.impl-DS0d9fUw.mjs +761 -0
- package/dist/hooks-CzCWByww.mjs +898 -0
- package/dist/index.mjs +384 -155
- package/dist/{logger-BmWzC2lM.mjs → logger-Dh_xb7_2.mjs} +14 -6
- package/dist/maintenance-P7ePRXQC.mjs +830 -0
- package/dist/manifest-2ToTpjv8.mjs +106 -0
- package/dist/manifest-3g71z6Bg.mjs +79 -0
- package/dist/manifest-82baTv4U.mjs +45 -0
- package/dist/manifest-B3QVVeBS.mjs +82 -0
- package/dist/manifest-BB2J8IMJ.mjs +149 -0
- package/dist/manifest-BKbgbSiY.mjs +60 -0
- package/dist/manifest-Bcf-TJzH.mjs +848 -0
- package/dist/manifest-BmtZzQiQ2.mjs +45 -0
- package/dist/manifest-Bnd7kqEY.mjs +55 -0
- package/dist/manifest-BqQX6OQC2.mjs +65 -0
- package/dist/manifest-BqrQ4Tpj.mjs +81 -0
- package/dist/manifest-Br4RPFt5.mjs +370 -0
- package/dist/manifest-C5qDjysN.mjs +107 -0
- package/dist/manifest-C9RT5nk32.mjs +34 -0
- package/dist/manifest-CAhOuvSl.mjs +204 -0
- package/dist/manifest-CBYWCUBJ.mjs +51 -0
- package/dist/manifest-CFADCRa1.mjs +37 -0
- package/dist/manifest-CQVhavRF.mjs +114 -0
- package/dist/manifest-CT7zZBV1.mjs +48 -0
- package/dist/manifest-CV12bcrF.mjs +121 -0
- package/dist/manifest-CXsRWjjI.mjs +224 -0
- package/dist/manifest-CZLUCfG02.mjs +95 -0
- package/dist/manifest-D6phHKFd.mjs +131 -0
- package/dist/manifest-DCyjf4n2.mjs +294 -0
- package/dist/manifest-DHsnKgP6.mjs +60 -0
- package/dist/manifest-Df_dliIe.mjs +55 -0
- package/dist/manifest-Dh8WBmEW.mjs +129 -0
- package/dist/manifest-DhKRAT8_.mjs +92 -0
- package/dist/manifest-DlpTj4ic2.mjs +193 -0
- package/dist/manifest-DrbmZcFl2.mjs +253 -0
- package/dist/manifest-DuwHjUa5.mjs +70 -0
- package/dist/manifest-DzwvxPJX.mjs +38 -0
- package/dist/manifest-NXctwWQq.mjs +68 -0
- package/dist/manifest-Sc_0JQ13.mjs +418 -0
- package/dist/manifest-gZ4s_UtG.mjs +96 -0
- package/dist/manifest-qSleDqdO.mjs +1023 -0
- package/dist/modules-C184v-S9.mjs +11365 -0
- package/dist/mojo-ipc-B_H61Afw.mjs +525 -0
- package/dist/network-671Cw6hV.mjs +3346 -0
- package/dist/{artifacts-BbdOMET5.mjs → outputPaths-B1uGmrWZ.mjs} +219 -212
- package/dist/parse-args-BlRjqlkL.mjs +39 -0
- package/dist/platform-WmNn8Sxb.mjs +2070 -0
- package/dist/process-QcbIy5Zq.mjs +1401 -0
- package/dist/proxy-DqNs0bAd.mjs +170 -0
- package/dist/registry-D-6e18lB.mjs +34 -0
- package/dist/response-BQVP-xUn.mjs +28 -0
- package/dist/server/plugin-api.mjs +2 -2
- package/dist/shared-state-board-DV-dpHFJ.mjs +586 -0
- package/dist/sourcemap-Dq8ez8vS.mjs +650 -0
- package/dist/ssrf-policy-ZaUfvhq7.mjs +166 -0
- package/dist/streaming-BUQ0VJsg.mjs +725 -0
- package/dist/tool-builder-DCbIC5Eo.mjs +186 -0
- package/dist/transform-CiYJfNX0.mjs +1007 -0
- package/dist/types-Bx92KJfT.mjs +4 -0
- package/dist/wasm-DQTnHDs4.mjs +531 -0
- package/dist/workflow-f3xJOcjx.mjs +725 -0
- package/package.json +48 -78
- package/dist/ExtensionManager-DqUSOamB.mjs +0 -2
- package/dist/ToolCatalog-CnwmMIw3.mjs +0 -61483
- package/dist/{CacheAdapters-CzFNpD9a.mjs → CacheAdapters-CDe5WPSV.mjs} +0 -0
- package/dist/{StealthVerifier-BzBCFiwx.mjs → StealthVerifier-Bo4T3bz8.mjs} +0 -0
- package/dist/{VersionDetector-CNXcvD46.mjs → VersionDetector-CwVLVdDM.mjs} +0 -0
- package/dist/{formatAddress-ChCSIRWT.mjs → formatAddress-DVkj9kpI.mjs} +0 -0
- package/dist/{types-BBjOqye-.mjs → types-CPhOReNX.mjs} +1 -1
|
@@ -0,0 +1,1023 @@
|
|
|
1
|
+
import { n as asJsonResponse } from "./response-BQVP-xUn.mjs";
|
|
2
|
+
import { n as toolLookup } from "./registry-D-6e18lB.mjs";
|
|
3
|
+
import { t as bindByDepKey } from "./bind-helpers-xFfRF-qm.mjs";
|
|
4
|
+
//#region src/server/domains/boringssl-inspector/definitions.ts
|
|
5
|
+
const boringsslInspectorTools = [
|
|
6
|
+
{
|
|
7
|
+
name: "tls_keylog_enable",
|
|
8
|
+
description: "Enable SSLKEYLOGFILE output for BoringSSL-compatible clients.",
|
|
9
|
+
inputSchema: {
|
|
10
|
+
type: "object",
|
|
11
|
+
properties: {},
|
|
12
|
+
required: []
|
|
13
|
+
}
|
|
14
|
+
},
|
|
15
|
+
{
|
|
16
|
+
name: "tls_keylog_parse",
|
|
17
|
+
description: "Parse an SSLKEYLOGFILE and summarize available key material.",
|
|
18
|
+
inputSchema: {
|
|
19
|
+
type: "object",
|
|
20
|
+
properties: { path: {
|
|
21
|
+
type: "string",
|
|
22
|
+
description: "Path to SSLKEYLOGFILE (uses default if omitted)"
|
|
23
|
+
} },
|
|
24
|
+
required: []
|
|
25
|
+
}
|
|
26
|
+
},
|
|
27
|
+
{
|
|
28
|
+
name: "tls_keylog_disable",
|
|
29
|
+
description: "Disable SSLKEYLOGFILE capture and unset the environment variable.",
|
|
30
|
+
inputSchema: {
|
|
31
|
+
type: "object",
|
|
32
|
+
properties: { path: {
|
|
33
|
+
type: "string",
|
|
34
|
+
description: "Specific path to disable (uses current path if omitted)"
|
|
35
|
+
} },
|
|
36
|
+
required: []
|
|
37
|
+
}
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
name: "tls_decrypt_payload",
|
|
41
|
+
description: "Decrypt a TLS payload using a provided key, nonce, and algorithm.",
|
|
42
|
+
inputSchema: {
|
|
43
|
+
type: "object",
|
|
44
|
+
properties: {
|
|
45
|
+
encryptedHex: {
|
|
46
|
+
type: "string",
|
|
47
|
+
description: "Hex-encoded encrypted payload"
|
|
48
|
+
},
|
|
49
|
+
keyHex: {
|
|
50
|
+
type: "string",
|
|
51
|
+
description: "Hex-encoded decryption key"
|
|
52
|
+
},
|
|
53
|
+
nonceHex: {
|
|
54
|
+
type: "string",
|
|
55
|
+
description: "Hex-encoded nonce/IV"
|
|
56
|
+
},
|
|
57
|
+
algorithm: {
|
|
58
|
+
type: "string",
|
|
59
|
+
description: "Cipher algorithm (default: aes-256-gcm)",
|
|
60
|
+
default: "aes-256-gcm"
|
|
61
|
+
},
|
|
62
|
+
authTagHex: {
|
|
63
|
+
type: "string",
|
|
64
|
+
description: "Hex-encoded authentication tag (for AEAD ciphers)"
|
|
65
|
+
}
|
|
66
|
+
},
|
|
67
|
+
required: [
|
|
68
|
+
"encryptedHex",
|
|
69
|
+
"keyHex",
|
|
70
|
+
"nonceHex"
|
|
71
|
+
]
|
|
72
|
+
}
|
|
73
|
+
},
|
|
74
|
+
{
|
|
75
|
+
name: "tls_keylog_summarize",
|
|
76
|
+
description: "Summarize the contents of an SSLKEYLOGFILE by label distribution.",
|
|
77
|
+
inputSchema: {
|
|
78
|
+
type: "object",
|
|
79
|
+
properties: { content: {
|
|
80
|
+
type: "string",
|
|
81
|
+
description: "Inline keylog content to summarize (uses file if omitted)"
|
|
82
|
+
} },
|
|
83
|
+
required: []
|
|
84
|
+
}
|
|
85
|
+
},
|
|
86
|
+
{
|
|
87
|
+
name: "tls_keylog_lookup_secret",
|
|
88
|
+
description: "Look up a TLS secret by client random hex from the parsed keylog.",
|
|
89
|
+
inputSchema: {
|
|
90
|
+
type: "object",
|
|
91
|
+
properties: {
|
|
92
|
+
clientRandom: {
|
|
93
|
+
type: "string",
|
|
94
|
+
description: "Hex-encoded client random"
|
|
95
|
+
},
|
|
96
|
+
label: {
|
|
97
|
+
type: "string",
|
|
98
|
+
description: "Optional label filter (e.g. CLIENT_RANDOM)"
|
|
99
|
+
}
|
|
100
|
+
},
|
|
101
|
+
required: ["clientRandom"]
|
|
102
|
+
}
|
|
103
|
+
},
|
|
104
|
+
{
|
|
105
|
+
name: "tls_cert_pin_bypass",
|
|
106
|
+
description: "Return a certificate pinning bypass strategy for the selected platform.",
|
|
107
|
+
inputSchema: {
|
|
108
|
+
type: "object",
|
|
109
|
+
properties: { target: {
|
|
110
|
+
type: "string",
|
|
111
|
+
enum: [
|
|
112
|
+
"android",
|
|
113
|
+
"ios",
|
|
114
|
+
"desktop"
|
|
115
|
+
],
|
|
116
|
+
description: "Target platform for bypass strategy"
|
|
117
|
+
} },
|
|
118
|
+
required: ["target"]
|
|
119
|
+
}
|
|
120
|
+
},
|
|
121
|
+
{
|
|
122
|
+
name: "tls_parse_handshake",
|
|
123
|
+
description: "Parse TLS record header and handshake metadata (version, cipher suites, SNI, extensions) from raw hex. Optionally decrypts payload preview when keylog is available.",
|
|
124
|
+
inputSchema: {
|
|
125
|
+
type: "object",
|
|
126
|
+
properties: {
|
|
127
|
+
rawHex: {
|
|
128
|
+
type: "string",
|
|
129
|
+
description: "Hex-encoded TLS handshake record"
|
|
130
|
+
},
|
|
131
|
+
decrypt: {
|
|
132
|
+
type: "boolean",
|
|
133
|
+
description: "If true, attempt payload decryption using loaded keylog (default: false)"
|
|
134
|
+
}
|
|
135
|
+
},
|
|
136
|
+
required: ["rawHex"]
|
|
137
|
+
}
|
|
138
|
+
},
|
|
139
|
+
{
|
|
140
|
+
name: "tls_cipher_suites",
|
|
141
|
+
description: "List IANA TLS cipher suites, optionally filtered by keyword.",
|
|
142
|
+
inputSchema: {
|
|
143
|
+
type: "object",
|
|
144
|
+
properties: { filter: {
|
|
145
|
+
type: "string",
|
|
146
|
+
description: "Keyword filter for cipher suite names"
|
|
147
|
+
} },
|
|
148
|
+
required: []
|
|
149
|
+
}
|
|
150
|
+
},
|
|
151
|
+
{
|
|
152
|
+
name: "tls_parse_certificate",
|
|
153
|
+
description: "Parse a TLS Certificate message from raw hex and extract fingerprints.",
|
|
154
|
+
inputSchema: {
|
|
155
|
+
type: "object",
|
|
156
|
+
properties: { rawHex: {
|
|
157
|
+
type: "string",
|
|
158
|
+
description: "Hex-encoded certificate data"
|
|
159
|
+
} },
|
|
160
|
+
required: ["rawHex"]
|
|
161
|
+
}
|
|
162
|
+
},
|
|
163
|
+
{
|
|
164
|
+
name: "tls_probe_endpoint",
|
|
165
|
+
description: "Connect to a TLS endpoint and report certificate chain basics, trust result, ALPN, protocol, cipher, and SNI/hostname validation details for authorized target testing.",
|
|
166
|
+
inputSchema: {
|
|
167
|
+
type: "object",
|
|
168
|
+
properties: {
|
|
169
|
+
host: {
|
|
170
|
+
type: "string",
|
|
171
|
+
description: "Target host name or IP address"
|
|
172
|
+
},
|
|
173
|
+
port: {
|
|
174
|
+
type: "number",
|
|
175
|
+
default: 443,
|
|
176
|
+
description: "Target TLS port (default: 443)"
|
|
177
|
+
},
|
|
178
|
+
servername: {
|
|
179
|
+
type: "string",
|
|
180
|
+
description: "Optional SNI and hostname validation override"
|
|
181
|
+
},
|
|
182
|
+
alpnProtocols: {
|
|
183
|
+
type: "array",
|
|
184
|
+
items: { type: "string" },
|
|
185
|
+
description: "Optional ALPN protocols to offer, in preference order"
|
|
186
|
+
},
|
|
187
|
+
timeoutMs: {
|
|
188
|
+
type: "number",
|
|
189
|
+
default: 5e3,
|
|
190
|
+
description: "Probe timeout in milliseconds"
|
|
191
|
+
},
|
|
192
|
+
minVersion: {
|
|
193
|
+
type: "string",
|
|
194
|
+
enum: [
|
|
195
|
+
"TLSv1",
|
|
196
|
+
"TLSv1.1",
|
|
197
|
+
"TLSv1.2",
|
|
198
|
+
"TLSv1.3"
|
|
199
|
+
],
|
|
200
|
+
description: "Optional minimum TLS version"
|
|
201
|
+
},
|
|
202
|
+
maxVersion: {
|
|
203
|
+
type: "string",
|
|
204
|
+
enum: [
|
|
205
|
+
"TLSv1",
|
|
206
|
+
"TLSv1.1",
|
|
207
|
+
"TLSv1.2",
|
|
208
|
+
"TLSv1.3"
|
|
209
|
+
],
|
|
210
|
+
description: "Optional maximum TLS version"
|
|
211
|
+
},
|
|
212
|
+
caPem: {
|
|
213
|
+
type: "string",
|
|
214
|
+
description: "Optional PEM-encoded CA bundle used for trust evaluation"
|
|
215
|
+
},
|
|
216
|
+
caPath: {
|
|
217
|
+
type: "string",
|
|
218
|
+
description: "Optional path to a PEM-encoded CA bundle used for trust evaluation"
|
|
219
|
+
},
|
|
220
|
+
allowInvalidCertificates: {
|
|
221
|
+
type: "boolean",
|
|
222
|
+
default: false,
|
|
223
|
+
description: "Allow untrusted certificate chains while still reporting the failure"
|
|
224
|
+
},
|
|
225
|
+
skipHostnameCheck: {
|
|
226
|
+
type: "boolean",
|
|
227
|
+
default: false,
|
|
228
|
+
description: "Skip hostname verification while still reporting the requested target"
|
|
229
|
+
}
|
|
230
|
+
},
|
|
231
|
+
required: ["host"]
|
|
232
|
+
}
|
|
233
|
+
},
|
|
234
|
+
{
|
|
235
|
+
name: "tcp_open",
|
|
236
|
+
description: "Open a stateful TCP session and return a sessionId for follow-up read/write calls.",
|
|
237
|
+
inputSchema: {
|
|
238
|
+
type: "object",
|
|
239
|
+
properties: {
|
|
240
|
+
host: {
|
|
241
|
+
type: "string",
|
|
242
|
+
default: "127.0.0.1",
|
|
243
|
+
description: "Target host name or IP address"
|
|
244
|
+
},
|
|
245
|
+
port: {
|
|
246
|
+
type: "number",
|
|
247
|
+
description: "Target TCP port (1-65535)"
|
|
248
|
+
},
|
|
249
|
+
timeoutMs: {
|
|
250
|
+
type: "number",
|
|
251
|
+
default: 5e3,
|
|
252
|
+
description: "Connection timeout in milliseconds"
|
|
253
|
+
},
|
|
254
|
+
noDelay: {
|
|
255
|
+
type: "boolean",
|
|
256
|
+
default: true,
|
|
257
|
+
description: "Enable TCP_NODELAY on the socket after connect"
|
|
258
|
+
}
|
|
259
|
+
},
|
|
260
|
+
required: ["port"]
|
|
261
|
+
}
|
|
262
|
+
},
|
|
263
|
+
{
|
|
264
|
+
name: "tcp_write",
|
|
265
|
+
description: "Write raw bytes to an open TCP session; accepts hex or UTF-8 text input.",
|
|
266
|
+
inputSchema: {
|
|
267
|
+
type: "object",
|
|
268
|
+
properties: {
|
|
269
|
+
sessionId: {
|
|
270
|
+
type: "string",
|
|
271
|
+
description: "Session id returned by tcp_open"
|
|
272
|
+
},
|
|
273
|
+
dataHex: {
|
|
274
|
+
type: "string",
|
|
275
|
+
description: "Hex-encoded payload to write"
|
|
276
|
+
},
|
|
277
|
+
dataText: {
|
|
278
|
+
type: "string",
|
|
279
|
+
description: "UTF-8 text payload to write (alternative to dataHex)"
|
|
280
|
+
},
|
|
281
|
+
timeoutMs: {
|
|
282
|
+
type: "number",
|
|
283
|
+
default: 5e3,
|
|
284
|
+
description: "Write timeout in milliseconds"
|
|
285
|
+
}
|
|
286
|
+
},
|
|
287
|
+
required: ["sessionId"]
|
|
288
|
+
}
|
|
289
|
+
},
|
|
290
|
+
{
|
|
291
|
+
name: "tcp_read_until",
|
|
292
|
+
description: "Read from an open TCP session until a delimiter is observed or a byte limit is reached.",
|
|
293
|
+
inputSchema: {
|
|
294
|
+
type: "object",
|
|
295
|
+
properties: {
|
|
296
|
+
sessionId: {
|
|
297
|
+
type: "string",
|
|
298
|
+
description: "Session id returned by tcp_open"
|
|
299
|
+
},
|
|
300
|
+
delimiterHex: {
|
|
301
|
+
type: "string",
|
|
302
|
+
description: "Hex-encoded delimiter to stop at"
|
|
303
|
+
},
|
|
304
|
+
delimiterText: {
|
|
305
|
+
type: "string",
|
|
306
|
+
description: "UTF-8 delimiter to stop at (alternative to delimiterHex)"
|
|
307
|
+
},
|
|
308
|
+
includeDelimiter: {
|
|
309
|
+
type: "boolean",
|
|
310
|
+
default: true,
|
|
311
|
+
description: "Include the delimiter bytes in the returned payload"
|
|
312
|
+
},
|
|
313
|
+
maxBytes: {
|
|
314
|
+
type: "number",
|
|
315
|
+
description: "Optional maximum number of bytes to return even if no delimiter matches"
|
|
316
|
+
},
|
|
317
|
+
timeoutMs: {
|
|
318
|
+
type: "number",
|
|
319
|
+
default: 5e3,
|
|
320
|
+
description: "Read timeout in milliseconds"
|
|
321
|
+
}
|
|
322
|
+
},
|
|
323
|
+
required: ["sessionId"]
|
|
324
|
+
}
|
|
325
|
+
},
|
|
326
|
+
{
|
|
327
|
+
name: "tcp_close",
|
|
328
|
+
description: "Close an open TCP session and release its buffered state.",
|
|
329
|
+
inputSchema: {
|
|
330
|
+
type: "object",
|
|
331
|
+
properties: {
|
|
332
|
+
sessionId: {
|
|
333
|
+
type: "string",
|
|
334
|
+
description: "Session id returned by tcp_open"
|
|
335
|
+
},
|
|
336
|
+
force: {
|
|
337
|
+
type: "boolean",
|
|
338
|
+
default: false,
|
|
339
|
+
description: "Destroy the socket immediately instead of sending FIN first"
|
|
340
|
+
},
|
|
341
|
+
timeoutMs: {
|
|
342
|
+
type: "number",
|
|
343
|
+
default: 1e3,
|
|
344
|
+
description: "Close wait timeout in milliseconds before forcing socket destruction"
|
|
345
|
+
}
|
|
346
|
+
},
|
|
347
|
+
required: ["sessionId"]
|
|
348
|
+
}
|
|
349
|
+
},
|
|
350
|
+
{
|
|
351
|
+
name: "tls_open",
|
|
352
|
+
description: "Open a stateful TLS session with explicit trust and hostname policy controls, then return a sessionId.",
|
|
353
|
+
inputSchema: {
|
|
354
|
+
type: "object",
|
|
355
|
+
properties: {
|
|
356
|
+
host: {
|
|
357
|
+
type: "string",
|
|
358
|
+
description: "Target host name or IP address"
|
|
359
|
+
},
|
|
360
|
+
port: {
|
|
361
|
+
type: "number",
|
|
362
|
+
default: 443,
|
|
363
|
+
description: "Target TLS port (default: 443)"
|
|
364
|
+
},
|
|
365
|
+
servername: {
|
|
366
|
+
type: "string",
|
|
367
|
+
description: "Optional SNI and hostname validation override"
|
|
368
|
+
},
|
|
369
|
+
alpnProtocols: {
|
|
370
|
+
type: "array",
|
|
371
|
+
items: { type: "string" },
|
|
372
|
+
description: "Optional ALPN protocols to offer, in preference order"
|
|
373
|
+
},
|
|
374
|
+
timeoutMs: {
|
|
375
|
+
type: "number",
|
|
376
|
+
default: 5e3,
|
|
377
|
+
description: "Connection timeout in milliseconds"
|
|
378
|
+
},
|
|
379
|
+
minVersion: {
|
|
380
|
+
type: "string",
|
|
381
|
+
enum: [
|
|
382
|
+
"TLSv1",
|
|
383
|
+
"TLSv1.1",
|
|
384
|
+
"TLSv1.2",
|
|
385
|
+
"TLSv1.3"
|
|
386
|
+
],
|
|
387
|
+
description: "Optional minimum TLS version"
|
|
388
|
+
},
|
|
389
|
+
maxVersion: {
|
|
390
|
+
type: "string",
|
|
391
|
+
enum: [
|
|
392
|
+
"TLSv1",
|
|
393
|
+
"TLSv1.1",
|
|
394
|
+
"TLSv1.2",
|
|
395
|
+
"TLSv1.3"
|
|
396
|
+
],
|
|
397
|
+
description: "Optional maximum TLS version"
|
|
398
|
+
},
|
|
399
|
+
caPem: {
|
|
400
|
+
type: "string",
|
|
401
|
+
description: "Optional PEM-encoded CA bundle used for trust evaluation"
|
|
402
|
+
},
|
|
403
|
+
caPath: {
|
|
404
|
+
type: "string",
|
|
405
|
+
description: "Optional path to a PEM-encoded CA bundle used for trust evaluation"
|
|
406
|
+
},
|
|
407
|
+
allowInvalidCertificates: {
|
|
408
|
+
type: "boolean",
|
|
409
|
+
default: false,
|
|
410
|
+
description: "Allow untrusted certificate chains while still reporting the failure"
|
|
411
|
+
},
|
|
412
|
+
skipHostnameCheck: {
|
|
413
|
+
type: "boolean",
|
|
414
|
+
default: false,
|
|
415
|
+
description: "Skip hostname verification while still reporting the requested target"
|
|
416
|
+
}
|
|
417
|
+
},
|
|
418
|
+
required: ["host"]
|
|
419
|
+
}
|
|
420
|
+
},
|
|
421
|
+
{
|
|
422
|
+
name: "tls_write",
|
|
423
|
+
description: "Write raw bytes to an open TLS session; accepts hex or UTF-8 text input.",
|
|
424
|
+
inputSchema: {
|
|
425
|
+
type: "object",
|
|
426
|
+
properties: {
|
|
427
|
+
sessionId: {
|
|
428
|
+
type: "string",
|
|
429
|
+
description: "Session id returned by tls_open"
|
|
430
|
+
},
|
|
431
|
+
dataHex: {
|
|
432
|
+
type: "string",
|
|
433
|
+
description: "Hex-encoded payload to write"
|
|
434
|
+
},
|
|
435
|
+
dataText: {
|
|
436
|
+
type: "string",
|
|
437
|
+
description: "UTF-8 text payload to write (alternative to dataHex)"
|
|
438
|
+
},
|
|
439
|
+
timeoutMs: {
|
|
440
|
+
type: "number",
|
|
441
|
+
default: 5e3,
|
|
442
|
+
description: "Write timeout in milliseconds"
|
|
443
|
+
}
|
|
444
|
+
},
|
|
445
|
+
required: ["sessionId"]
|
|
446
|
+
}
|
|
447
|
+
},
|
|
448
|
+
{
|
|
449
|
+
name: "tls_read_until",
|
|
450
|
+
description: "Read from an open TLS session until a delimiter is observed or a byte limit is reached.",
|
|
451
|
+
inputSchema: {
|
|
452
|
+
type: "object",
|
|
453
|
+
properties: {
|
|
454
|
+
sessionId: {
|
|
455
|
+
type: "string",
|
|
456
|
+
description: "Session id returned by tls_open"
|
|
457
|
+
},
|
|
458
|
+
delimiterHex: {
|
|
459
|
+
type: "string",
|
|
460
|
+
description: "Hex-encoded delimiter to stop at"
|
|
461
|
+
},
|
|
462
|
+
delimiterText: {
|
|
463
|
+
type: "string",
|
|
464
|
+
description: "UTF-8 delimiter to stop at (alternative to delimiterHex)"
|
|
465
|
+
},
|
|
466
|
+
includeDelimiter: {
|
|
467
|
+
type: "boolean",
|
|
468
|
+
default: true,
|
|
469
|
+
description: "Include the delimiter bytes in the returned payload"
|
|
470
|
+
},
|
|
471
|
+
maxBytes: {
|
|
472
|
+
type: "number",
|
|
473
|
+
description: "Optional maximum number of bytes to return even if no delimiter matches"
|
|
474
|
+
},
|
|
475
|
+
timeoutMs: {
|
|
476
|
+
type: "number",
|
|
477
|
+
default: 5e3,
|
|
478
|
+
description: "Read timeout in milliseconds"
|
|
479
|
+
}
|
|
480
|
+
},
|
|
481
|
+
required: ["sessionId"]
|
|
482
|
+
}
|
|
483
|
+
},
|
|
484
|
+
{
|
|
485
|
+
name: "tls_close",
|
|
486
|
+
description: "Close an open TLS session and release its buffered state.",
|
|
487
|
+
inputSchema: {
|
|
488
|
+
type: "object",
|
|
489
|
+
properties: {
|
|
490
|
+
sessionId: {
|
|
491
|
+
type: "string",
|
|
492
|
+
description: "Session id returned by tls_open"
|
|
493
|
+
},
|
|
494
|
+
force: {
|
|
495
|
+
type: "boolean",
|
|
496
|
+
default: false,
|
|
497
|
+
description: "Destroy the TLS socket immediately instead of sending close_notify/FIN first"
|
|
498
|
+
},
|
|
499
|
+
timeoutMs: {
|
|
500
|
+
type: "number",
|
|
501
|
+
default: 1e3,
|
|
502
|
+
description: "Close wait timeout in milliseconds before forcing socket destruction"
|
|
503
|
+
}
|
|
504
|
+
},
|
|
505
|
+
required: ["sessionId"]
|
|
506
|
+
}
|
|
507
|
+
},
|
|
508
|
+
{
|
|
509
|
+
name: "websocket_open",
|
|
510
|
+
description: "Open a stateful WebSocket session over ws or wss, perform the client handshake, and return a sessionId.",
|
|
511
|
+
inputSchema: {
|
|
512
|
+
type: "object",
|
|
513
|
+
properties: {
|
|
514
|
+
url: {
|
|
515
|
+
type: "string",
|
|
516
|
+
description: "Full ws:// or wss:// URL (mutually exclusive with explicit host/path fields)"
|
|
517
|
+
},
|
|
518
|
+
scheme: {
|
|
519
|
+
type: "string",
|
|
520
|
+
enum: ["ws", "wss"],
|
|
521
|
+
default: "ws",
|
|
522
|
+
description: "WebSocket transport scheme when url is not provided"
|
|
523
|
+
},
|
|
524
|
+
host: {
|
|
525
|
+
type: "string",
|
|
526
|
+
description: "Target host name or IP address when url is not provided"
|
|
527
|
+
},
|
|
528
|
+
port: {
|
|
529
|
+
type: "number",
|
|
530
|
+
description: "Target port (defaults to 80 for ws, 443 for wss)"
|
|
531
|
+
},
|
|
532
|
+
path: {
|
|
533
|
+
type: "string",
|
|
534
|
+
default: "/",
|
|
535
|
+
description: "Request path including optional query string when url is not provided"
|
|
536
|
+
},
|
|
537
|
+
subprotocols: {
|
|
538
|
+
type: "array",
|
|
539
|
+
items: { type: "string" },
|
|
540
|
+
description: "Optional Sec-WebSocket-Protocol values to offer"
|
|
541
|
+
},
|
|
542
|
+
timeoutMs: {
|
|
543
|
+
type: "number",
|
|
544
|
+
default: 5e3,
|
|
545
|
+
description: "Handshake timeout in milliseconds"
|
|
546
|
+
},
|
|
547
|
+
servername: {
|
|
548
|
+
type: "string",
|
|
549
|
+
description: "Optional SNI and hostname validation override for wss sessions"
|
|
550
|
+
},
|
|
551
|
+
alpnProtocols: {
|
|
552
|
+
type: "array",
|
|
553
|
+
items: { type: "string" },
|
|
554
|
+
description: "Optional ALPN protocols to offer for wss sessions"
|
|
555
|
+
},
|
|
556
|
+
minVersion: {
|
|
557
|
+
type: "string",
|
|
558
|
+
enum: [
|
|
559
|
+
"TLSv1",
|
|
560
|
+
"TLSv1.1",
|
|
561
|
+
"TLSv1.2",
|
|
562
|
+
"TLSv1.3"
|
|
563
|
+
],
|
|
564
|
+
description: "Optional minimum TLS version for wss sessions"
|
|
565
|
+
},
|
|
566
|
+
maxVersion: {
|
|
567
|
+
type: "string",
|
|
568
|
+
enum: [
|
|
569
|
+
"TLSv1",
|
|
570
|
+
"TLSv1.1",
|
|
571
|
+
"TLSv1.2",
|
|
572
|
+
"TLSv1.3"
|
|
573
|
+
],
|
|
574
|
+
description: "Optional maximum TLS version for wss sessions"
|
|
575
|
+
},
|
|
576
|
+
caPem: {
|
|
577
|
+
type: "string",
|
|
578
|
+
description: "Optional PEM-encoded CA bundle for wss trust evaluation"
|
|
579
|
+
},
|
|
580
|
+
caPath: {
|
|
581
|
+
type: "string",
|
|
582
|
+
description: "Optional path to a PEM-encoded CA bundle for wss trust evaluation"
|
|
583
|
+
},
|
|
584
|
+
allowInvalidCertificates: {
|
|
585
|
+
type: "boolean",
|
|
586
|
+
default: false,
|
|
587
|
+
description: "Allow untrusted certificate chains for wss while still reporting the failure"
|
|
588
|
+
},
|
|
589
|
+
skipHostnameCheck: {
|
|
590
|
+
type: "boolean",
|
|
591
|
+
default: false,
|
|
592
|
+
description: "Skip hostname verification for wss while still reporting the requested target"
|
|
593
|
+
}
|
|
594
|
+
},
|
|
595
|
+
required: []
|
|
596
|
+
}
|
|
597
|
+
},
|
|
598
|
+
{
|
|
599
|
+
name: "websocket_send_frame",
|
|
600
|
+
description: "Send a single WebSocket frame on an open session using a minimal opcode set (text, binary, ping, pong, close).",
|
|
601
|
+
inputSchema: {
|
|
602
|
+
type: "object",
|
|
603
|
+
properties: {
|
|
604
|
+
sessionId: {
|
|
605
|
+
type: "string",
|
|
606
|
+
description: "Session id returned by websocket_open"
|
|
607
|
+
},
|
|
608
|
+
frameType: {
|
|
609
|
+
type: "string",
|
|
610
|
+
enum: [
|
|
611
|
+
"text",
|
|
612
|
+
"binary",
|
|
613
|
+
"ping",
|
|
614
|
+
"pong",
|
|
615
|
+
"close"
|
|
616
|
+
],
|
|
617
|
+
description: "Outgoing frame opcode"
|
|
618
|
+
},
|
|
619
|
+
dataText: {
|
|
620
|
+
type: "string",
|
|
621
|
+
description: "UTF-8 payload for text/ping/pong/close frames"
|
|
622
|
+
},
|
|
623
|
+
dataHex: {
|
|
624
|
+
type: "string",
|
|
625
|
+
description: "Hex-encoded payload for binary/ping/pong/close frames"
|
|
626
|
+
},
|
|
627
|
+
closeCode: {
|
|
628
|
+
type: "number",
|
|
629
|
+
description: "Optional close status code when frameType is close"
|
|
630
|
+
},
|
|
631
|
+
closeReason: {
|
|
632
|
+
type: "string",
|
|
633
|
+
description: "Optional UTF-8 close reason when frameType is close"
|
|
634
|
+
},
|
|
635
|
+
timeoutMs: {
|
|
636
|
+
type: "number",
|
|
637
|
+
default: 5e3,
|
|
638
|
+
description: "Write timeout in milliseconds"
|
|
639
|
+
}
|
|
640
|
+
},
|
|
641
|
+
required: ["sessionId", "frameType"]
|
|
642
|
+
}
|
|
643
|
+
},
|
|
644
|
+
{
|
|
645
|
+
name: "websocket_read_frame",
|
|
646
|
+
description: "Read the next queued WebSocket frame from an open session.",
|
|
647
|
+
inputSchema: {
|
|
648
|
+
type: "object",
|
|
649
|
+
properties: {
|
|
650
|
+
sessionId: {
|
|
651
|
+
type: "string",
|
|
652
|
+
description: "Session id returned by websocket_open"
|
|
653
|
+
},
|
|
654
|
+
timeoutMs: {
|
|
655
|
+
type: "number",
|
|
656
|
+
default: 5e3,
|
|
657
|
+
description: "Read timeout in milliseconds"
|
|
658
|
+
}
|
|
659
|
+
},
|
|
660
|
+
required: ["sessionId"]
|
|
661
|
+
}
|
|
662
|
+
},
|
|
663
|
+
{
|
|
664
|
+
name: "websocket_close",
|
|
665
|
+
description: "Close an open WebSocket session and release its queued frame state.",
|
|
666
|
+
inputSchema: {
|
|
667
|
+
type: "object",
|
|
668
|
+
properties: {
|
|
669
|
+
sessionId: {
|
|
670
|
+
type: "string",
|
|
671
|
+
description: "Session id returned by websocket_open"
|
|
672
|
+
},
|
|
673
|
+
force: {
|
|
674
|
+
type: "boolean",
|
|
675
|
+
default: false,
|
|
676
|
+
description: "Destroy the underlying socket immediately without sending a close frame first"
|
|
677
|
+
},
|
|
678
|
+
closeCode: {
|
|
679
|
+
type: "number",
|
|
680
|
+
description: "Optional close status code when force is false"
|
|
681
|
+
},
|
|
682
|
+
closeReason: {
|
|
683
|
+
type: "string",
|
|
684
|
+
description: "Optional UTF-8 close reason when force is false"
|
|
685
|
+
},
|
|
686
|
+
timeoutMs: {
|
|
687
|
+
type: "number",
|
|
688
|
+
default: 1e3,
|
|
689
|
+
description: "Close wait timeout in milliseconds before forcing socket destruction"
|
|
690
|
+
}
|
|
691
|
+
},
|
|
692
|
+
required: ["sessionId"]
|
|
693
|
+
}
|
|
694
|
+
},
|
|
695
|
+
{
|
|
696
|
+
name: "tls_cert_pin_bypass_frida",
|
|
697
|
+
description: "Bypass certificate pinning via Frida injection (supports BoringSSL, Chrome, OkHttp).",
|
|
698
|
+
inputSchema: {
|
|
699
|
+
type: "object",
|
|
700
|
+
properties: {},
|
|
701
|
+
required: []
|
|
702
|
+
}
|
|
703
|
+
},
|
|
704
|
+
{
|
|
705
|
+
name: "net_raw_tcp_send",
|
|
706
|
+
description: "Send raw TCP data to a remote host; accepts hex or text input.",
|
|
707
|
+
inputSchema: {
|
|
708
|
+
type: "object",
|
|
709
|
+
properties: {
|
|
710
|
+
host: {
|
|
711
|
+
type: "string",
|
|
712
|
+
default: "127.0.0.1",
|
|
713
|
+
description: "Target host address"
|
|
714
|
+
},
|
|
715
|
+
port: {
|
|
716
|
+
type: "number",
|
|
717
|
+
description: "Target port number (1-65535)"
|
|
718
|
+
},
|
|
719
|
+
dataHex: {
|
|
720
|
+
type: "string",
|
|
721
|
+
description: "Hex-encoded data to send"
|
|
722
|
+
},
|
|
723
|
+
dataText: {
|
|
724
|
+
type: "string",
|
|
725
|
+
description: "Text data to send (alternative to dataHex)"
|
|
726
|
+
},
|
|
727
|
+
timeout: {
|
|
728
|
+
type: "number",
|
|
729
|
+
default: 5e3,
|
|
730
|
+
description: "Connection timeout in ms"
|
|
731
|
+
}
|
|
732
|
+
},
|
|
733
|
+
required: ["port"]
|
|
734
|
+
}
|
|
735
|
+
},
|
|
736
|
+
{
|
|
737
|
+
name: "net_raw_tcp_listen",
|
|
738
|
+
description: "Listen on a local TCP port for one incoming connection.",
|
|
739
|
+
inputSchema: {
|
|
740
|
+
type: "object",
|
|
741
|
+
properties: {
|
|
742
|
+
port: {
|
|
743
|
+
type: "number",
|
|
744
|
+
description: "Local port to listen on (1-65535)"
|
|
745
|
+
},
|
|
746
|
+
timeout: {
|
|
747
|
+
type: "number",
|
|
748
|
+
default: 1e4,
|
|
749
|
+
description: "Listen timeout in ms"
|
|
750
|
+
}
|
|
751
|
+
},
|
|
752
|
+
required: ["port"]
|
|
753
|
+
}
|
|
754
|
+
},
|
|
755
|
+
{
|
|
756
|
+
name: "net_raw_udp_send",
|
|
757
|
+
description: "Send a raw UDP datagram and wait for a response.",
|
|
758
|
+
inputSchema: {
|
|
759
|
+
type: "object",
|
|
760
|
+
properties: {
|
|
761
|
+
host: {
|
|
762
|
+
type: "string",
|
|
763
|
+
default: "127.0.0.1",
|
|
764
|
+
description: "Target host address"
|
|
765
|
+
},
|
|
766
|
+
port: {
|
|
767
|
+
type: "number",
|
|
768
|
+
description: "Target port number (1-65535)"
|
|
769
|
+
},
|
|
770
|
+
dataHex: {
|
|
771
|
+
type: "string",
|
|
772
|
+
description: "Hex-encoded data to send"
|
|
773
|
+
},
|
|
774
|
+
dataText: {
|
|
775
|
+
type: "string",
|
|
776
|
+
description: "Text data to send (alternative to dataHex)"
|
|
777
|
+
},
|
|
778
|
+
timeout: {
|
|
779
|
+
type: "number",
|
|
780
|
+
default: 5e3,
|
|
781
|
+
description: "Response timeout in ms"
|
|
782
|
+
}
|
|
783
|
+
},
|
|
784
|
+
required: ["port"]
|
|
785
|
+
}
|
|
786
|
+
},
|
|
787
|
+
{
|
|
788
|
+
name: "net_raw_udp_listen",
|
|
789
|
+
description: "Listen on a local UDP port for an incoming datagram.",
|
|
790
|
+
inputSchema: {
|
|
791
|
+
type: "object",
|
|
792
|
+
properties: {
|
|
793
|
+
port: {
|
|
794
|
+
type: "number",
|
|
795
|
+
description: "Local port to listen on (1-65535)"
|
|
796
|
+
},
|
|
797
|
+
timeout: {
|
|
798
|
+
type: "number",
|
|
799
|
+
default: 1e4,
|
|
800
|
+
description: "Listen timeout in ms"
|
|
801
|
+
}
|
|
802
|
+
},
|
|
803
|
+
required: ["port"]
|
|
804
|
+
}
|
|
805
|
+
}
|
|
806
|
+
];
|
|
807
|
+
//#endregion
|
|
808
|
+
//#region src/server/domains/boringssl-inspector/manifest.ts
|
|
809
|
+
const DOMAIN = "boringssl-inspector";
|
|
810
|
+
const DEP_KEY = "boringsslInspectorHandlers";
|
|
811
|
+
const PROFILES = ["workflow", "full"];
|
|
812
|
+
const lookup = toolLookup(boringsslInspectorTools);
|
|
813
|
+
const bind = (invoke) => bindByDepKey(DEP_KEY, async (handler, args) => {
|
|
814
|
+
return asJsonResponse(await invoke(handler, args));
|
|
815
|
+
});
|
|
816
|
+
async function ensure(ctx) {
|
|
817
|
+
const { BoringsslInspectorHandlers } = await import("./handlers-9sAbfIg-.mjs");
|
|
818
|
+
const { TLSKeyLogExtractor } = await import("./boringssl-inspector-BH2D3VKc.mjs").then((n) => n.t);
|
|
819
|
+
const existing = ctx.getDomainInstance(DEP_KEY);
|
|
820
|
+
if (existing) return existing;
|
|
821
|
+
const handlers = new BoringsslInspectorHandlers(new TLSKeyLogExtractor());
|
|
822
|
+
handlers.setExtensionInvoke(async (args) => {
|
|
823
|
+
try {
|
|
824
|
+
const binaryInstrument = ctx.getDomainInstance("binaryInstrumentHandlers");
|
|
825
|
+
if (binaryInstrument && typeof binaryInstrument.handleFridaRunScript === "function") return binaryInstrument.handleFridaRunScript(args);
|
|
826
|
+
} catch {}
|
|
827
|
+
return null;
|
|
828
|
+
});
|
|
829
|
+
handlers.setEventBus(ctx.eventBus);
|
|
830
|
+
ctx.setDomainInstance(DEP_KEY, handlers);
|
|
831
|
+
return handlers;
|
|
832
|
+
}
|
|
833
|
+
const manifest = {
|
|
834
|
+
kind: "domain-manifest",
|
|
835
|
+
version: 1,
|
|
836
|
+
domain: DOMAIN,
|
|
837
|
+
depKey: DEP_KEY,
|
|
838
|
+
profiles: PROFILES,
|
|
839
|
+
registrations: [
|
|
840
|
+
{
|
|
841
|
+
tool: lookup("tls_keylog_enable"),
|
|
842
|
+
domain: DOMAIN,
|
|
843
|
+
bind: bind((handler, args) => handler.handleTlsKeylogEnable(args))
|
|
844
|
+
},
|
|
845
|
+
{
|
|
846
|
+
tool: lookup("tls_keylog_parse"),
|
|
847
|
+
domain: DOMAIN,
|
|
848
|
+
bind: bind((handler, args) => handler.handleTlsKeylogParse(args))
|
|
849
|
+
},
|
|
850
|
+
{
|
|
851
|
+
tool: lookup("tls_keylog_disable"),
|
|
852
|
+
domain: DOMAIN,
|
|
853
|
+
bind: bind((handler, args) => handler.handleTlsKeylogDisable(args))
|
|
854
|
+
},
|
|
855
|
+
{
|
|
856
|
+
tool: lookup("tls_decrypt_payload"),
|
|
857
|
+
domain: DOMAIN,
|
|
858
|
+
bind: bind((handler, args) => handler.handleTlsDecryptPayload(args))
|
|
859
|
+
},
|
|
860
|
+
{
|
|
861
|
+
tool: lookup("tls_keylog_summarize"),
|
|
862
|
+
domain: DOMAIN,
|
|
863
|
+
bind: bind((handler, args) => handler.handleTlsKeylogSummarize(args))
|
|
864
|
+
},
|
|
865
|
+
{
|
|
866
|
+
tool: lookup("tls_keylog_lookup_secret"),
|
|
867
|
+
domain: DOMAIN,
|
|
868
|
+
bind: bind((handler, args) => handler.handleTlsKeylogLookupSecret(args))
|
|
869
|
+
},
|
|
870
|
+
{
|
|
871
|
+
tool: lookup("tls_cert_pin_bypass"),
|
|
872
|
+
domain: DOMAIN,
|
|
873
|
+
bind: bind((handler, args) => handler.handleTlsCertPinBypass(args))
|
|
874
|
+
},
|
|
875
|
+
{
|
|
876
|
+
tool: lookup("tls_parse_handshake"),
|
|
877
|
+
domain: DOMAIN,
|
|
878
|
+
bind: bind((handler, args) => handler.handleParseHandshake(args))
|
|
879
|
+
},
|
|
880
|
+
{
|
|
881
|
+
tool: lookup("tls_cipher_suites"),
|
|
882
|
+
domain: DOMAIN,
|
|
883
|
+
bind: bind((handler, args) => handler.handleCipherSuites(args))
|
|
884
|
+
},
|
|
885
|
+
{
|
|
886
|
+
tool: lookup("tls_parse_certificate"),
|
|
887
|
+
domain: DOMAIN,
|
|
888
|
+
bind: bind((handler, args) => handler.handleParseCertificate(args))
|
|
889
|
+
},
|
|
890
|
+
{
|
|
891
|
+
tool: lookup("tls_probe_endpoint"),
|
|
892
|
+
domain: DOMAIN,
|
|
893
|
+
bind: bind((handler, args) => handler.handleTlsProbeEndpoint(args))
|
|
894
|
+
},
|
|
895
|
+
{
|
|
896
|
+
tool: lookup("tcp_open"),
|
|
897
|
+
domain: DOMAIN,
|
|
898
|
+
bind: bind((handler, args) => handler.handleTcpOpen(args))
|
|
899
|
+
},
|
|
900
|
+
{
|
|
901
|
+
tool: lookup("tcp_write"),
|
|
902
|
+
domain: DOMAIN,
|
|
903
|
+
bind: bind((handler, args) => handler.handleTcpWrite(args))
|
|
904
|
+
},
|
|
905
|
+
{
|
|
906
|
+
tool: lookup("tcp_read_until"),
|
|
907
|
+
domain: DOMAIN,
|
|
908
|
+
bind: bind((handler, args) => handler.handleTcpReadUntil(args))
|
|
909
|
+
},
|
|
910
|
+
{
|
|
911
|
+
tool: lookup("tcp_close"),
|
|
912
|
+
domain: DOMAIN,
|
|
913
|
+
bind: bind((handler, args) => handler.handleTcpClose(args))
|
|
914
|
+
},
|
|
915
|
+
{
|
|
916
|
+
tool: lookup("tls_open"),
|
|
917
|
+
domain: DOMAIN,
|
|
918
|
+
bind: bind((handler, args) => handler.handleTlsOpen(args))
|
|
919
|
+
},
|
|
920
|
+
{
|
|
921
|
+
tool: lookup("tls_write"),
|
|
922
|
+
domain: DOMAIN,
|
|
923
|
+
bind: bind((handler, args) => handler.handleTlsWrite(args))
|
|
924
|
+
},
|
|
925
|
+
{
|
|
926
|
+
tool: lookup("tls_read_until"),
|
|
927
|
+
domain: DOMAIN,
|
|
928
|
+
bind: bind((handler, args) => handler.handleTlsReadUntil(args))
|
|
929
|
+
},
|
|
930
|
+
{
|
|
931
|
+
tool: lookup("tls_close"),
|
|
932
|
+
domain: DOMAIN,
|
|
933
|
+
bind: bind((handler, args) => handler.handleTlsClose(args))
|
|
934
|
+
},
|
|
935
|
+
{
|
|
936
|
+
tool: lookup("websocket_open"),
|
|
937
|
+
domain: DOMAIN,
|
|
938
|
+
bind: bind((handler, args) => handler.handleWebSocketOpen(args))
|
|
939
|
+
},
|
|
940
|
+
{
|
|
941
|
+
tool: lookup("websocket_send_frame"),
|
|
942
|
+
domain: DOMAIN,
|
|
943
|
+
bind: bind((handler, args) => handler.handleWebSocketSendFrame(args))
|
|
944
|
+
},
|
|
945
|
+
{
|
|
946
|
+
tool: lookup("websocket_read_frame"),
|
|
947
|
+
domain: DOMAIN,
|
|
948
|
+
bind: bind((handler, args) => handler.handleWebSocketReadFrame(args))
|
|
949
|
+
},
|
|
950
|
+
{
|
|
951
|
+
tool: lookup("websocket_close"),
|
|
952
|
+
domain: DOMAIN,
|
|
953
|
+
bind: bind((handler, args) => handler.handleWebSocketClose(args))
|
|
954
|
+
},
|
|
955
|
+
{
|
|
956
|
+
tool: lookup("tls_cert_pin_bypass_frida"),
|
|
957
|
+
domain: DOMAIN,
|
|
958
|
+
bind: bind((handler, args) => handler.handleBypassCertPinning(args))
|
|
959
|
+
},
|
|
960
|
+
{
|
|
961
|
+
tool: lookup("net_raw_tcp_send"),
|
|
962
|
+
domain: DOMAIN,
|
|
963
|
+
bind: bind((handler, args) => handler.handleRawTcpSend(args))
|
|
964
|
+
},
|
|
965
|
+
{
|
|
966
|
+
tool: lookup("net_raw_tcp_listen"),
|
|
967
|
+
domain: DOMAIN,
|
|
968
|
+
bind: bind((handler, args) => handler.handleRawTcpListen(args))
|
|
969
|
+
},
|
|
970
|
+
{
|
|
971
|
+
tool: lookup("net_raw_udp_send"),
|
|
972
|
+
domain: DOMAIN,
|
|
973
|
+
bind: bind((handler, args) => handler.handleRawUdpSend(args))
|
|
974
|
+
},
|
|
975
|
+
{
|
|
976
|
+
tool: lookup("net_raw_udp_listen"),
|
|
977
|
+
domain: DOMAIN,
|
|
978
|
+
bind: bind((handler, args) => handler.handleRawUdpListen(args))
|
|
979
|
+
}
|
|
980
|
+
],
|
|
981
|
+
ensure,
|
|
982
|
+
workflowRule: {
|
|
983
|
+
patterns: [/\b(tls|ssl|boringssl|cert(ificate)?|pinning|handshake|keylog|websocket)\b/i, /(tls|ssl|cert|pinning|websocket).*(hook|bypass|intercept|dump|log|frame|session)/i],
|
|
984
|
+
priority: 80,
|
|
985
|
+
tools: [
|
|
986
|
+
"tls_probe_endpoint",
|
|
987
|
+
"websocket_open",
|
|
988
|
+
"websocket_send_frame",
|
|
989
|
+
"websocket_read_frame",
|
|
990
|
+
"tls_keylog_enable",
|
|
991
|
+
"tls_keylog_parse",
|
|
992
|
+
"tls_decrypt_payload",
|
|
993
|
+
"tls_cert_pin_bypass"
|
|
994
|
+
],
|
|
995
|
+
hint: "TLS/WebSocket analysis: probe endpoint → open ws/wss session → exchange frames → inspect trust/cipher/ALPN → enable keylog or bypass pinning when needed."
|
|
996
|
+
},
|
|
997
|
+
prerequisites: {
|
|
998
|
+
tls_probe_endpoint: [{
|
|
999
|
+
condition: "Target scope must be explicitly authorized and routable from the MCP host",
|
|
1000
|
+
fix: "Verify target authorization, port reachability, and provide servername/custom CA options when needed"
|
|
1001
|
+
}],
|
|
1002
|
+
tls_keylog_enable: [{
|
|
1003
|
+
condition: "Target process must allow SSLKEYLOGFILE or be attachable by Frida",
|
|
1004
|
+
fix: "Launch the target with SSLKEYLOGFILE env set, or enable Frida-based hooking"
|
|
1005
|
+
}],
|
|
1006
|
+
tls_decrypt_payload: [{
|
|
1007
|
+
condition: "A keylog session must be active with captured secrets",
|
|
1008
|
+
fix: "Run tls_keylog_enable and reproduce TLS traffic before decrypting"
|
|
1009
|
+
}],
|
|
1010
|
+
tls_cert_pin_bypass_frida: [{
|
|
1011
|
+
condition: "Frida must be available on PATH and attached to the target",
|
|
1012
|
+
fix: "Install Frida and attach via binary-instrument:frida_attach before running the bypass"
|
|
1013
|
+
}]
|
|
1014
|
+
},
|
|
1015
|
+
toolDependencies: [{
|
|
1016
|
+
from: "network",
|
|
1017
|
+
to: "boringssl-inspector",
|
|
1018
|
+
relation: "uses",
|
|
1019
|
+
weight: .8
|
|
1020
|
+
}]
|
|
1021
|
+
};
|
|
1022
|
+
//#endregion
|
|
1023
|
+
export { manifest as default };
|