@jshookmcp/jshook 0.2.9 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/README.zh.md +2 -2
- package/dist/{AntiCheatDetector-BNk-EoBt.mjs → AntiCheatDetector-CqGDXmfc.mjs} +159 -53
- package/dist/{CodeInjector-Cq8q01kp.mjs → CodeInjector-BdjRfNx7.mjs} +5 -5
- package/dist/{ConsoleMonitor-CPVQW1Y-.mjs → ConsoleMonitor-DykL3IAw.mjs} +85 -17
- package/dist/{DetailedDataManager-BQQcxh64.mjs → DetailedDataManager-HT49OrvF.mjs} +1 -1
- package/dist/{ExtensionManager-CWYgw0YW.mjs → ExtensionManager-BDMsY2Dz.mjs} +15 -8
- package/dist/{HardwareBreakpoint-B9gZCdFP.mjs → HardwareBreakpoint-Cc2AFq1Y.mjs} +3 -3
- package/dist/{HeapAnalyzer-BLDH0dCv.mjs → HeapAnalyzer-DruMgsgj.mjs} +20 -20
- package/dist/{HookGeneratorBuilders.core.generators.storage-CtcdK78Q.mjs → HookGeneratorBuilders.core.generators.storage-CTbB4Lcx.mjs} +1 -74
- package/dist/{InstrumentationSession-CvPC7Jwy.mjs → InstrumentationSession-DLH0vd-z.mjs} +2 -2
- package/dist/{MemoryController-CbVdCIJF.mjs → MemoryController-CMtviNW_.mjs} +3 -3
- package/dist/{MemoryScanSession-BsDZbLYm.mjs → MemoryScanSession-ITgb_NMi.mjs} +2 -2
- package/dist/{MemoryScanner-Bcpml6II.mjs → MemoryScanner-CiL7Z3ey.mjs} +12 -9
- package/dist/{NativeMemoryManager.impl-dZtA1ZGn.mjs → NativeMemoryManager.impl-D9Lkovvn.mjs} +13 -10
- package/dist/{NativeMemoryManager.utils-B-FjA2mJ.mjs → NativeMemoryManager.utils-BBlAixF5.mjs} +1 -1
- package/dist/{PEAnalyzer-D1lzJ_VG.mjs → PEAnalyzer-DMQ44gen.mjs} +15 -15
- package/dist/{PageController-Bqm2kZ_X.mjs → PageController-BPJNqqBN.mjs} +18 -4
- package/dist/{PointerChainEngine-BOhyVsjx.mjs → PointerChainEngine-K7wN8Z-w.mjs} +10 -7
- package/dist/ProcessRegistry-zGg12QbE.mjs +74 -0
- package/dist/{ResponseBuilder-D3iFYx2N.mjs → ResponseBuilder-CJXWmWNw.mjs} +10 -10
- package/dist/{ScriptManager-aHHq0X7U.mjs → ScriptManager-ZuWD-0Jg.mjs} +195 -192
- package/dist/{Speedhack-CqdIFlQl.mjs → Speedhack-D-z0umeT.mjs} +2 -2
- package/dist/{StructureAnalyzer-DhFaPvRO.mjs → StructureAnalyzer-Cav5AVSL.mjs} +9 -6
- package/dist/{ToolCatalog-C0JGZoOm.mjs → ToolCatalog-5OJdMiF0.mjs} +81 -81
- package/dist/{ToolProbe-oC7aPrkv.mjs → ToolProbe-DbCFGyrg.mjs} +1 -1
- package/dist/{ToolRegistry-BjaF4oNz.mjs → ToolRegistry-B9krbTtI.mjs} +51 -2
- package/dist/{ToolRouter.policy-BWV67ZK-.mjs → ToolRouter.policy-BGDAGyeH.mjs} +60 -20
- package/dist/TraceRecorder-B41Z5XBj.mjs +1286 -0
- package/dist/{Win32API-CePkipZY.mjs → Win32API-C2kjj0ze.mjs} +18 -12
- package/dist/{Win32Debug-BvKs-gxc.mjs → Win32Debug-CKrGOTpo.mjs} +2 -2
- package/dist/{WorkflowEngine-CuvkZtWu.mjs → WorkflowEngine-DJ6M4opp.mjs} +226 -255
- package/dist/analysis-BHeJW2Nb.mjs +1234 -0
- package/dist/{antidebug-CqDTB_uk.mjs → antidebug-BRKeyt27.mjs} +3 -3
- package/dist/{artifactRetention-CFEprwPw.mjs → artifactRetention-CPXkUJXp.mjs} +13 -6
- package/dist/{artifacts-Bk2-_uPq.mjs → artifacts-DkfosXH3.mjs} +1 -1
- package/dist/authorization-schema-DRqyJMSk.mjs +31 -0
- package/dist/{binary-instrument-CXfpx6fT.mjs → binary-instrument--V3MAhJ4.mjs} +19 -27
- package/dist/bind-helpers-ClV34xdn.mjs +42 -0
- package/dist/{boringssl-inspector-BH2D3VKc.mjs → boringssl-inspector-Bo_LOLaS.mjs} +1 -1
- package/dist/{browser-BpOr5PEx.mjs → browser-Dx3_S2cG.mjs} +324 -37
- package/dist/capabilities-CcHlvWgK.mjs +33 -0
- package/dist/{constants-B0OANIBL.mjs → constants-CDZLOoVv.mjs} +18 -3
- package/dist/{coordination-qUbyF8KU.mjs → coordination-DgItD9DL.mjs} +2 -2
- package/dist/{debugger-gnKxRSN0.mjs → debugger-RS3RSAqs.mjs} +30 -13
- package/dist/definitions-BEoYofW5.mjs +47 -0
- package/dist/{definitions-bAhHQJq9.mjs → definitions-BRaefg3u.mjs} +11 -5
- package/dist/{definitions-DVGfrn7y.mjs → definitions-BbkvZkiv.mjs} +2 -2
- package/dist/definitions-BtWSHJ3o.mjs +17 -0
- package/dist/{definitions-BMfYXoNC.mjs → definitions-C1gCHO0i.mjs} +1 -1
- package/dist/{definitions-C1UvM5Iy.mjs → definitions-CDOg_b-l.mjs} +14 -2
- package/dist/definitions-CVPD9hzZ.mjs +54 -0
- package/dist/{definitions-Cke7zEb8.mjs → definitions-Cea8Lgl7.mjs} +1 -1
- package/dist/definitions-DAgIyjxM.mjs +10 -0
- package/dist/{definitions-B4rAvHNZ.mjs → definitions-DJA27nsL.mjs} +12 -9
- package/dist/{definitions-ClJLzsJQ.mjs → definitions-DKPFU3LW.mjs} +1 -1
- package/dist/{definitions-D3VsGcvz.mjs → definitions-DPRpZQ96.mjs} +7 -7
- package/dist/{definitions-B18eyf0B.mjs → definitions-DUE5gmdn.mjs} +1 -1
- package/dist/definitions-DYVjOtxa.mjs +26 -0
- package/dist/{definitions-BB_4jnmy.mjs → definitions-DcYLVLCo.mjs} +1 -1
- package/dist/{definitions-Beid2EB3.mjs → definitions-Pp5LI2H4.mjs} +1 -1
- package/dist/definitions-j9KdHVNR.mjs +14 -0
- package/dist/definitions-uzkjBwa7.mjs +258 -0
- package/dist/{definitions-Cq-zroAU.mjs → definitions-va-AnLuQ.mjs} +4 -4
- package/dist/{encoding-Bvz5jLRv.mjs → encoding-DJeqHmpd.mjs} +18 -4
- package/dist/{evidence-graph-bridge-C_fv9PuC.mjs → evidence-graph-bridge-DcYizFk2.mjs} +1 -0
- package/dist/{factory-DxlGh9Xf.mjs → factory-C90tBff6.mjs} +6 -6
- package/dist/flat-target-session-Dgax2Cy3.mjs +29 -0
- package/dist/{graphql-DYWzJ29s.mjs → graphql-CoHrhweh.mjs} +205 -34
- package/dist/{handlers-C67ktuRN.mjs → handlers-4jmR0nMs.mjs} +220 -32
- package/dist/{handlers-DlCJN4Td.mjs → handlers-BAHPxcch.mjs} +122 -90
- package/dist/{handlers-9sAbfIg-.mjs → handlers-BOs9b907.mjs} +849 -801
- package/dist/{handlers-DxGIq15_2.mjs → handlers-BWXEy6ef.mjs} +16 -16
- package/dist/{handlers-tB9Mp9ZK.mjs → handlers-Bndn6QvE.mjs} +31 -4
- package/dist/{handlers-CTsDAO6p.mjs → handlers-BqC4bD4s.mjs} +1 -1
- package/dist/{handlers-C87g8oCe.mjs → handlers-BtYq60bM2.mjs} +1 -1
- package/dist/{handlers-DeLOCd5m.mjs → handlers-BzgcB4iv.mjs} +17 -17
- package/dist/{handlers-Cgyg6c0U.mjs → handlers-CRyRWj2b.mjs} +237 -23
- package/dist/{handlers-U6L4xhuF.mjs → handlers-CVv2H1uq.mjs} +24 -17
- package/dist/{handlers-tiy7EIBp.mjs → handlers-Dl5a7JS4.mjs} +3 -3
- package/dist/{handlers-D6j6yka7.mjs → handlers-Dx2d7jt7.mjs} +1893 -1480
- package/dist/{handlers-Bl8zkwz1.mjs → handlers-Dz9PYsCa.mjs} +95 -6
- package/dist/handlers-HujRKC3b.mjs +661 -0
- package/dist/{handlers.impl-DS0d9fUw.mjs → handlers.impl-XWXkQfyi.mjs} +70 -24
- package/dist/{hooks-CzCWByww.mjs → hooks-B1B8NRHL.mjs} +3 -3
- package/dist/index.mjs +154 -144
- package/dist/{maintenance-P7ePRXQC.mjs → maintenance-PRMkLVRW.mjs} +35 -30
- package/dist/manifest-67Bok-Si.mjs +58 -0
- package/dist/{manifest-B3QVVeBS.mjs → manifest-6lNTMZAB2.mjs} +33 -28
- package/dist/manifest-B2duEHiH.mjs +90 -0
- package/dist/manifest-B6EY9Vm8.mjs +57 -0
- package/dist/{manifest-gZ4s_UtG.mjs → manifest-B6nKSbyY.mjs} +32 -33
- package/dist/{manifest-2ToTpjv8.mjs → manifest-BL8AQNPF.mjs} +31 -31
- package/dist/{manifest-DzwvxPJX.mjs → manifest-BSZvJJmV.mjs} +23 -14
- package/dist/{manifest-Sc_0JQ13.mjs → manifest-BU7qzUyX.mjs} +23 -23
- package/dist/{manifest-CT7zZBV1.mjs → manifest-Bl62e8WK.mjs} +24 -23
- package/dist/manifest-Bo5cXjdt.mjs +82 -0
- package/dist/manifest-BpS4gtUK.mjs +1347 -0
- package/dist/manifest-Bv65_e2W.mjs +101 -0
- package/dist/manifest-BytNIF4Z.mjs +117 -0
- package/dist/{manifest-BqrQ4Tpj.mjs → manifest-C-xtsjS3.mjs} +23 -23
- package/dist/{manifest-NXctwWQq.mjs → manifest-CDYl7OhA.mjs} +36 -38
- package/dist/manifest-CRZ3xmkD.mjs +61 -0
- package/dist/manifest-CoW6u4Tp.mjs +132 -0
- package/dist/manifest-Cq5zN_8A.mjs +50 -0
- package/dist/{manifest-CAhOuvSl.mjs → manifest-D7YZM_2e.mjs} +75 -85
- package/dist/{manifest-DCyjf4n2.mjs → manifest-DE_VrAeQ.mjs} +27 -7
- package/dist/manifest-DGsXSCpT.mjs +39 -0
- package/dist/{manifest-BB2J8IMJ.mjs → manifest-DJ2vfEuW.mjs} +48 -41
- package/dist/{manifest-3g71z6Bg.mjs → manifest-DPXDYhEu.mjs} +26 -25
- package/dist/manifest-Dd4fQb0a.mjs +322 -0
- package/dist/{manifest-CXsRWjjI.mjs → manifest-Deq6opGg.mjs} +95 -96
- package/dist/{manifest-C9RT5nk32.mjs → manifest-DfJTafJK.mjs} +14 -11
- package/dist/manifest-DgOdgN_j.mjs +50 -0
- package/dist/{manifest-BmtZzQiQ2.mjs → manifest-DlbMW4v4.mjs} +17 -15
- package/dist/{manifest-DrbmZcFl2.mjs → manifest-DmVfbH0w.mjs} +212 -91
- package/dist/manifest-Dog6Ddjr.mjs +109 -0
- package/dist/manifest-DvgU5FWb.mjs +58 -0
- package/dist/manifest-HsfDBs7j.mjs +50 -0
- package/dist/manifest-I8oQHvCG.mjs +186 -0
- package/dist/manifest-NvH_a-av.mjs +786 -0
- package/dist/{manifest-Dh8WBmEW.mjs → manifest-cEJU1v0Z.mjs} +24 -24
- package/dist/manifest-wOl5XLB12.mjs +112 -0
- package/dist/{modules-C184v-S9.mjs → modules-tZozf0LQ.mjs} +130 -860
- package/dist/{mojo-ipc-B_H61Afw.mjs → mojo-ipc-DXNEXEqb.mjs} +141 -26
- package/dist/{network-671Cw6hV.mjs → network-CPVvwvFg.mjs} +1329 -823
- package/dist/{outputPaths-B1uGmrWZ.mjs → outputPaths-um7lCRY3.mjs} +4 -8
- package/dist/{platform-WmNn8Sxb.mjs → platform-CYeFoTWp.mjs} +101 -10
- package/dist/{process-QcbIy5Zq.mjs → process-BTbgcVc6.mjs} +251 -346
- package/dist/{proxy-DqNs0bAd.mjs → proxy-r8YN6nP1.mjs} +30 -8
- package/dist/{registry-D-6e18lB.mjs → registry-Bl8ZQW61.mjs} +3 -3
- package/dist/{response-BQVP-xUn.mjs → response-CWhh2aLo.mjs} +7 -1
- package/dist/{shared-state-board-DV-dpHFJ.mjs → shared-state-board-BoZnSoj-.mjs} +2 -2
- package/dist/{sourcemap-Dq8ez8vS.mjs → sourcemap-BIDHUVXy.mjs} +350 -66
- package/dist/{streaming-BUQ0VJsg.mjs → streaming-Dal6utPp.mjs} +13 -13
- package/dist/{tool-builder-DCbIC5Eo.mjs → tool-builder-BHJp32mV.mjs} +1 -1
- package/dist/{transform-CiYJfNX0.mjs → transform-DRVgGG90.mjs} +18 -14
- package/dist/wasm-BYx5UOeG.mjs +1044 -0
- package/dist/webcrack-Be0_FccV.mjs +747 -0
- package/dist/{workflow-f3xJOcjx.mjs → workflow-BpuKEtvn.mjs} +8 -8
- package/package.json +76 -43
- package/dist/TraceRecorder-DgxyVbdQ.mjs +0 -519
- package/dist/analysis-CL9uACt9.mjs +0 -463
- package/dist/bind-helpers-xFfRF-qm.mjs +0 -22
- package/dist/definitions-6M-eejaT.mjs +0 -53
- package/dist/definitions-B3QdlrHv.mjs +0 -34
- package/dist/definitions-CXEI7QC72.mjs +0 -216
- package/dist/definitions-C_4r7Fo-2.mjs +0 -14
- package/dist/definitions-CkFDALoa.mjs +0 -26
- package/dist/definitions-Cy3Sl6gV.mjs +0 -34
- package/dist/definitions-LKpC3-nL.mjs +0 -9
- package/dist/handlers-DdFzXLvF.mjs +0 -446
- package/dist/manifest-82baTv4U.mjs +0 -45
- package/dist/manifest-BKbgbSiY.mjs +0 -60
- package/dist/manifest-Bcf-TJzH.mjs +0 -848
- package/dist/manifest-Bnd7kqEY.mjs +0 -55
- package/dist/manifest-BqQX6OQC2.mjs +0 -65
- package/dist/manifest-Br4RPFt5.mjs +0 -370
- package/dist/manifest-C5qDjysN.mjs +0 -107
- package/dist/manifest-CBYWCUBJ.mjs +0 -51
- package/dist/manifest-CFADCRa1.mjs +0 -37
- package/dist/manifest-CQVhavRF.mjs +0 -114
- package/dist/manifest-CV12bcrF.mjs +0 -121
- package/dist/manifest-CZLUCfG02.mjs +0 -95
- package/dist/manifest-D6phHKFd.mjs +0 -131
- package/dist/manifest-DHsnKgP6.mjs +0 -60
- package/dist/manifest-Df_dliIe.mjs +0 -55
- package/dist/manifest-DhKRAT8_.mjs +0 -92
- package/dist/manifest-DlpTj4ic2.mjs +0 -193
- package/dist/manifest-DuwHjUa5.mjs +0 -70
- package/dist/manifest-qSleDqdO.mjs +0 -1023
- package/dist/wasm-DQTnHDs4.mjs +0 -531
- /package/dist/{CacheAdapters-CDe5WPSV.mjs → CacheAdapters-jJFy20G-.mjs} +0 -0
- /package/dist/{DarwinAPI-BNPxu0RH.mjs → DarwinAPI-ETyy0xyo.mjs} +0 -0
- /package/dist/{EventBus-DgPmwpeu.mjs → EventBus-DFKvADm3.mjs} +0 -0
- /package/dist/{EvidenceGraphBridge-SFesNera.mjs → EvidenceGraphBridge-318Oi0Lf.mjs} +0 -0
- /package/dist/{FingerprintManager-gzWtkKuf.mjs → FingerprintManager-BN4UQWnX.mjs} +0 -0
- /package/dist/{PrerequisiteError-Dl33Svkz.mjs → PrerequisiteError-TuyZIs6n.mjs} +0 -0
- /package/dist/{ReverseEvidenceGraph-Dlsk94LC.mjs → ReverseEvidenceGraph-C02-gXOh.mjs} +0 -0
- /package/dist/{StealthVerifier-Bo4T3bz8.mjs → StealthVerifier-BWmPgQsv.mjs} +0 -0
- /package/dist/{VersionDetector-CwVLVdDM.mjs → VersionDetector-K3V4vGsw.mjs} +0 -0
- /package/dist/{betterSqlite3-0pqusHHH.mjs → betterSqlite3-DLSBZodi.mjs} +0 -0
- /package/dist/{concurrency-Bt0yv1kJ.mjs → concurrency-Drev_Vz9.mjs} +0 -0
- /package/dist/{formatAddress-DVkj9kpI.mjs → formatAddress-nnMvEohD.mjs} +0 -0
- /package/dist/{parse-args-BlRjqlkL.mjs → parse-args-B4cY5Vx5.mjs} +0 -0
- /package/dist/{ssrf-policy-ZaUfvhq7.mjs → ssrf-policy-Dsqd-DTX.mjs} +0 -0
- /package/dist/{types-CPhOReNX.mjs → types-DDBWs9UP.mjs} +0 -0
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { n as asJsonResponse } from "./response-
|
|
2
|
-
import { a as argString, t as argBool } from "./parse-args-
|
|
1
|
+
import { n as asJsonResponse } from "./response-CWhh2aLo.mjs";
|
|
2
|
+
import { a as argString, t as argBool } from "./parse-args-B4cY5Vx5.mjs";
|
|
3
3
|
//#region src/server/domains/cross-domain/handlers/skia-correlator.ts
|
|
4
4
|
function normalizeSkiaToken(value) {
|
|
5
5
|
return value.toLowerCase().replace(/[^a-z0-9]/g, "");
|
|
@@ -133,12 +133,21 @@ function correlateMojoToCDP(bridge, mojoMessages, cdpEvents, networkRequests) {
|
|
|
133
133
|
const graphNodeIds = [];
|
|
134
134
|
const matchedPairs = [];
|
|
135
135
|
const matchedMojoIds = /* @__PURE__ */ new Set();
|
|
136
|
+
const requestNodeIds = /* @__PURE__ */ new Map();
|
|
137
|
+
for (const request of networkRequests) {
|
|
138
|
+
const { node } = bridge.addNetworkRequest({
|
|
139
|
+
requestId: request.requestId,
|
|
140
|
+
url: request.url
|
|
141
|
+
});
|
|
142
|
+
requestNodeIds.set(request.requestId, node.id);
|
|
143
|
+
graphNodeIds.push(node.id);
|
|
144
|
+
}
|
|
136
145
|
if (mojoMessages.length === 0) return {
|
|
137
146
|
mojoMessages: 0,
|
|
138
147
|
matchedPairs: [],
|
|
139
148
|
unmatchedMojo: [],
|
|
140
149
|
confidence: 0,
|
|
141
|
-
graphNodeIds
|
|
150
|
+
graphNodeIds
|
|
142
151
|
};
|
|
143
152
|
const mojoNodeMap = /* @__PURE__ */ new Map();
|
|
144
153
|
for (const msg of mojoMessages) {
|
|
@@ -171,6 +180,14 @@ function correlateMojoToCDP(bridge, mojoMessages, cdpEvents, networkRequests) {
|
|
|
171
180
|
if (/URLLoader/i.test(msg.interface)) {
|
|
172
181
|
const matchingReq = networkRequests.find((req) => Math.abs(req.timestamp - msg.timestamp) <= TIMESTAMP_PROXIMITY_MS);
|
|
173
182
|
if (matchingReq) {
|
|
183
|
+
const requestNodeId = requestNodeIds.get(matchingReq.requestId);
|
|
184
|
+
const mojoNodeId = mojoNodeMap.get(msg.messageId);
|
|
185
|
+
if (requestNodeId && mojoNodeId) bridge.getGraph().addEdge(requestNodeId, mojoNodeId, "mojo-routed-to", {
|
|
186
|
+
domain: "cross-domain",
|
|
187
|
+
relation: "network-request-correlates-to-mojo",
|
|
188
|
+
matchType: "urlloader",
|
|
189
|
+
timestampDelta: Math.abs(matchingReq.timestamp - msg.timestamp)
|
|
190
|
+
});
|
|
174
191
|
matchedPairs.push({
|
|
175
192
|
mojoMessageId: msg.messageId,
|
|
176
193
|
matchType: "urlloader",
|
|
@@ -373,6 +390,105 @@ function buildBinaryToJSPipeline(bridge, ghidraOutput, forcedFunctions) {
|
|
|
373
390
|
};
|
|
374
391
|
}
|
|
375
392
|
//#endregion
|
|
393
|
+
//#region src/server/domains/cross-domain/handlers/input-extractors.ts
|
|
394
|
+
function isRecord(value) {
|
|
395
|
+
return value !== null && typeof value === "object";
|
|
396
|
+
}
|
|
397
|
+
function readRecordArray(value) {
|
|
398
|
+
return Array.isArray(value) ? value.filter(isRecord) : [];
|
|
399
|
+
}
|
|
400
|
+
function readString(value, fallback = "") {
|
|
401
|
+
return typeof value === "string" ? value : fallback;
|
|
402
|
+
}
|
|
403
|
+
function readOptionalString(value) {
|
|
404
|
+
return typeof value === "string" ? value : void 0;
|
|
405
|
+
}
|
|
406
|
+
function readNumber(value, fallback = 0) {
|
|
407
|
+
return typeof value === "number" ? value : fallback;
|
|
408
|
+
}
|
|
409
|
+
function readStringArray(value) {
|
|
410
|
+
return Array.isArray(value) ? value.filter((item) => typeof item === "string") : [];
|
|
411
|
+
}
|
|
412
|
+
function readOptionalStringArray(value) {
|
|
413
|
+
return Array.isArray(value) ? value.filter((item) => typeof item === "string") : void 0;
|
|
414
|
+
}
|
|
415
|
+
function readNumberRecord(value) {
|
|
416
|
+
if (!isRecord(value)) return {};
|
|
417
|
+
return Object.fromEntries(Object.entries(value).filter((entry) => typeof entry[1] === "number"));
|
|
418
|
+
}
|
|
419
|
+
function extractSkiaSceneTree(value) {
|
|
420
|
+
if (!isRecord(value)) return {
|
|
421
|
+
layers: [],
|
|
422
|
+
drawCommands: []
|
|
423
|
+
};
|
|
424
|
+
return {
|
|
425
|
+
layers: Array.isArray(value["layers"]) ? value["layers"] : [],
|
|
426
|
+
drawCommands: Array.isArray(value["drawCommands"]) ? value["drawCommands"] : []
|
|
427
|
+
};
|
|
428
|
+
}
|
|
429
|
+
function extractJSObjectArray(value) {
|
|
430
|
+
return readRecordArray(value).map((item) => ({
|
|
431
|
+
objectId: readString(item["objectId"]),
|
|
432
|
+
className: readString(item["className"]),
|
|
433
|
+
name: readString(item["name"]),
|
|
434
|
+
stringProps: readStringArray(item["stringProps"]),
|
|
435
|
+
numericProps: readNumberRecord(item["numericProps"]),
|
|
436
|
+
colorProps: readStringArray(item["colorProps"]),
|
|
437
|
+
urlProps: readStringArray(item["urlProps"])
|
|
438
|
+
}));
|
|
439
|
+
}
|
|
440
|
+
function extractMojoMessages(value) {
|
|
441
|
+
return readRecordArray(value).map((item) => ({
|
|
442
|
+
interface: readString(item["interface"]),
|
|
443
|
+
method: readString(item["method"]),
|
|
444
|
+
timestamp: readNumber(item["timestamp"]),
|
|
445
|
+
messageId: readString(item["messageId"])
|
|
446
|
+
}));
|
|
447
|
+
}
|
|
448
|
+
function extractCDPEvents(value) {
|
|
449
|
+
return readRecordArray(value).map((item) => ({
|
|
450
|
+
eventType: readString(item["eventType"]),
|
|
451
|
+
timestamp: readNumber(item["timestamp"]),
|
|
452
|
+
url: readOptionalString(item["url"])
|
|
453
|
+
}));
|
|
454
|
+
}
|
|
455
|
+
function extractNetworkRequests(value) {
|
|
456
|
+
return readRecordArray(value).map((item) => ({
|
|
457
|
+
requestId: readString(item["requestId"]),
|
|
458
|
+
url: readString(item["url"]),
|
|
459
|
+
timestamp: readNumber(item["timestamp"])
|
|
460
|
+
}));
|
|
461
|
+
}
|
|
462
|
+
function extractSyscallEvents(value) {
|
|
463
|
+
return readRecordArray(value).map((item) => ({
|
|
464
|
+
pid: readNumber(item["pid"]),
|
|
465
|
+
tid: readNumber(item["tid"]),
|
|
466
|
+
syscallName: readString(item["syscallName"]),
|
|
467
|
+
timestamp: readNumber(item["timestamp"])
|
|
468
|
+
}));
|
|
469
|
+
}
|
|
470
|
+
function extractJSStacks(value) {
|
|
471
|
+
return readRecordArray(value).map((item) => ({
|
|
472
|
+
threadId: readNumber(item["threadId"]),
|
|
473
|
+
timestamp: readNumber(item["timestamp"]),
|
|
474
|
+
frames: readRecordArray(item["frames"]).map((frame) => ({ functionName: readString(frame["functionName"]) }))
|
|
475
|
+
}));
|
|
476
|
+
}
|
|
477
|
+
function extractGhidraOutput(value) {
|
|
478
|
+
if (!isRecord(value)) return null;
|
|
479
|
+
const moduleName = readString(value["moduleName"]);
|
|
480
|
+
if (!moduleName) return null;
|
|
481
|
+
return {
|
|
482
|
+
functions: readRecordArray(value["functions"]).map((item) => ({
|
|
483
|
+
name: readString(item["name"]),
|
|
484
|
+
moduleName: readString(item["moduleName"]),
|
|
485
|
+
address: readOptionalString(item["address"]),
|
|
486
|
+
calledFrom: readOptionalStringArray(item["calledFrom"])
|
|
487
|
+
})),
|
|
488
|
+
moduleName
|
|
489
|
+
};
|
|
490
|
+
}
|
|
491
|
+
//#endregion
|
|
376
492
|
//#region src/server/domains/cross-domain/workflows/missions.ts
|
|
377
493
|
const WORKFLOWS = {
|
|
378
494
|
WORKFLOW_REVERSE_OBFUSCATED: {
|
|
@@ -385,7 +501,7 @@ const WORKFLOWS = {
|
|
|
385
501
|
},
|
|
386
502
|
{
|
|
387
503
|
tool: "js_heap_search",
|
|
388
|
-
args: {
|
|
504
|
+
args: { pattern: "${previous.cryptoKeys}" }
|
|
389
505
|
},
|
|
390
506
|
{
|
|
391
507
|
tool: "network_enable",
|
|
@@ -423,7 +539,7 @@ const WORKFLOWS = {
|
|
|
423
539
|
},
|
|
424
540
|
{
|
|
425
541
|
tool: "js_heap_search",
|
|
426
|
-
args: {
|
|
542
|
+
args: { pattern: "${input.searchTerm}" }
|
|
427
543
|
}
|
|
428
544
|
]
|
|
429
545
|
},
|
|
@@ -452,90 +568,6 @@ const WORKFLOWS = {
|
|
|
452
568
|
};
|
|
453
569
|
//#endregion
|
|
454
570
|
//#region src/server/domains/cross-domain/handlers.impl.ts
|
|
455
|
-
function isRecord(value) {
|
|
456
|
-
return value !== null && typeof value === "object";
|
|
457
|
-
}
|
|
458
|
-
function extractSkiaSceneTree(value) {
|
|
459
|
-
if (!isRecord(value)) return {
|
|
460
|
-
layers: [],
|
|
461
|
-
drawCommands: []
|
|
462
|
-
};
|
|
463
|
-
return {
|
|
464
|
-
layers: Array.isArray(value["layers"]) ? value["layers"] : [],
|
|
465
|
-
drawCommands: Array.isArray(value["drawCommands"]) ? value["drawCommands"] : []
|
|
466
|
-
};
|
|
467
|
-
}
|
|
468
|
-
function extractJSObjectArray(value) {
|
|
469
|
-
if (!Array.isArray(value)) return [];
|
|
470
|
-
return value.filter(isRecord).map((item) => ({
|
|
471
|
-
objectId: typeof item["objectId"] === "string" ? item["objectId"] : "",
|
|
472
|
-
className: typeof item["className"] === "string" ? item["className"] : "",
|
|
473
|
-
name: typeof item["name"] === "string" ? item["name"] : "",
|
|
474
|
-
stringProps: Array.isArray(item["stringProps"]) ? item["stringProps"].filter((s) => typeof s === "string") : [],
|
|
475
|
-
numericProps: isRecord(item["numericProps"]) ? Object.fromEntries(Object.entries(item["numericProps"]).filter((entry) => typeof entry[1] === "number")) : {},
|
|
476
|
-
colorProps: Array.isArray(item["colorProps"]) ? item["colorProps"].filter((s) => typeof s === "string") : [],
|
|
477
|
-
urlProps: Array.isArray(item["urlProps"]) ? item["urlProps"].filter((s) => typeof s === "string") : []
|
|
478
|
-
}));
|
|
479
|
-
}
|
|
480
|
-
function extractMojoMessages(value) {
|
|
481
|
-
if (!Array.isArray(value)) return [];
|
|
482
|
-
return value.filter(isRecord).map((item) => ({
|
|
483
|
-
interface: typeof item["interface"] === "string" ? item["interface"] : "",
|
|
484
|
-
method: typeof item["method"] === "string" ? item["method"] : "",
|
|
485
|
-
timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0,
|
|
486
|
-
messageId: typeof item["messageId"] === "string" ? item["messageId"] : ""
|
|
487
|
-
}));
|
|
488
|
-
}
|
|
489
|
-
function extractCDPEvents(value) {
|
|
490
|
-
if (!Array.isArray(value)) return [];
|
|
491
|
-
return value.filter(isRecord).map((item) => ({
|
|
492
|
-
eventType: typeof item["eventType"] === "string" ? item["eventType"] : "",
|
|
493
|
-
timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0,
|
|
494
|
-
url: typeof item["url"] === "string" ? item["url"] : void 0
|
|
495
|
-
}));
|
|
496
|
-
}
|
|
497
|
-
function extractNetworkRequests(value) {
|
|
498
|
-
if (!Array.isArray(value)) return [];
|
|
499
|
-
return value.filter(isRecord).map((item) => ({
|
|
500
|
-
requestId: typeof item["requestId"] === "string" ? item["requestId"] : "",
|
|
501
|
-
url: typeof item["url"] === "string" ? item["url"] : "",
|
|
502
|
-
timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0
|
|
503
|
-
}));
|
|
504
|
-
}
|
|
505
|
-
function extractSyscallEvents(value) {
|
|
506
|
-
if (!Array.isArray(value)) return [];
|
|
507
|
-
return value.filter(isRecord).map((item) => ({
|
|
508
|
-
pid: typeof item["pid"] === "number" ? item["pid"] : 0,
|
|
509
|
-
tid: typeof item["tid"] === "number" ? item["tid"] : 0,
|
|
510
|
-
syscallName: typeof item["syscallName"] === "string" ? item["syscallName"] : "",
|
|
511
|
-
timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0
|
|
512
|
-
}));
|
|
513
|
-
}
|
|
514
|
-
function extractJSStacks(value) {
|
|
515
|
-
if (!Array.isArray(value)) return [];
|
|
516
|
-
return value.filter(isRecord).map((item) => {
|
|
517
|
-
const frames = Array.isArray(item["frames"]) ? item["frames"].filter(isRecord).map((f) => ({ functionName: typeof f["functionName"] === "string" ? f["functionName"] : "" })) : [];
|
|
518
|
-
return {
|
|
519
|
-
threadId: typeof item["threadId"] === "number" ? item["threadId"] : 0,
|
|
520
|
-
timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0,
|
|
521
|
-
frames
|
|
522
|
-
};
|
|
523
|
-
});
|
|
524
|
-
}
|
|
525
|
-
function extractGhidraOutput(value) {
|
|
526
|
-
if (!isRecord(value)) return null;
|
|
527
|
-
const moduleName = typeof value["moduleName"] === "string" ? value["moduleName"] : "";
|
|
528
|
-
if (!moduleName) return null;
|
|
529
|
-
return {
|
|
530
|
-
functions: (Array.isArray(value["functions"]) ? value["functions"] : []).filter(isRecord).map((item) => ({
|
|
531
|
-
name: typeof item["name"] === "string" ? item["name"] : "",
|
|
532
|
-
moduleName: typeof item["moduleName"] === "string" ? item["moduleName"] : "",
|
|
533
|
-
address: typeof item["address"] === "string" ? item["address"] : void 0,
|
|
534
|
-
calledFrom: Array.isArray(item["calledFrom"]) ? item["calledFrom"].filter((c) => typeof c === "string") : void 0
|
|
535
|
-
})),
|
|
536
|
-
moduleName
|
|
537
|
-
};
|
|
538
|
-
}
|
|
539
571
|
const V5_DOMAIN_NAMES = [
|
|
540
572
|
"analysis",
|
|
541
573
|
"browser",
|
|
@@ -641,7 +673,7 @@ var CrossDomainWorkflowClassifier = class {
|
|
|
641
673
|
if (toolName.startsWith("syscall_")) return ["syscall-hook"];
|
|
642
674
|
if (toolName.startsWith("adb_")) return ["adb-bridge"];
|
|
643
675
|
if (toolName.startsWith("ghidra_") || toolName.startsWith("frida_") || toolName.startsWith("generate_hooks") || toolName.startsWith("unidbg_") || toolName.startsWith("export_hook_script")) return ["binary-instrument"];
|
|
644
|
-
if (toolName.startsWith("extension_") || toolName
|
|
676
|
+
if (toolName.startsWith("extension_") || toolName === "webhook") return ["extension-registry"];
|
|
645
677
|
if (toolName.startsWith("cross_domain_")) return ["cross-domain"];
|
|
646
678
|
if (toolName.startsWith("evidence_")) return ["evidence"];
|
|
647
679
|
if (toolName.startsWith("boringssl_")) return ["boringssl-inspector"];
|