@jshookmcp/jshook 0.3.0 → 0.3.1

package/dist/FingerprintManager-BN4UQWnX.mjs

@@ -1,96 +0,0 @@
-import { n as __require } from "./chunk-CjcI7cDX.mjs";
-import { t as logger } from "./logger-Dh_xb7_2.mjs";
-//#region src/modules/stealth/FingerprintManager.ts
-var FingerprintManager = class FingerprintManager {
-	static instance = null;
-	activeProfile = null;
-	available = null;
-	constructor() {}
-	static getInstance() {
-		if (!FingerprintManager.instance) FingerprintManager.instance = new FingerprintManager();
-		return FingerprintManager.instance;
-	}
-	/**
-	* Check if fingerprint-generator and fingerprint-injector packages are installed.
-	*/
-	isAvailable() {
-		if (this.available !== null) return this.available;
-		try {
-			__require.resolve("fingerprint-generator");
-			__require.resolve("fingerprint-injector");
-			this.available = true;
-		} catch {
-			this.available = false;
-		}
-		return this.available;
-	}
-	/**
-	* Generate a fingerprint profile using real-world datasets.
-	* Returns null if packages are not installed.
-	*/
-	async generateFingerprint(options) {
-		if (!this.isAvailable()) {
-			logger.warn("fingerprint-generator not installed. Run: pnpm add fingerprint-generator fingerprint-injector");
-			return null;
-		}
-		try {
-			const { FingerprintGenerator } = await import("fingerprint-generator");
-			const generator = new FingerprintGenerator();
-			const fpOptions = {};
-			if (options?.os) fpOptions.operatingSystems = [{
-				windows: "windows",
-				macos: "macos",
-				linux: "linux"
-			}[options.os] ?? "windows"];
-			if (options?.browser) fpOptions.browsers = [options.browser];
-			if (options?.locale) fpOptions.locales = [options.locale];
-			if (options?.screen) fpOptions.screen = options.screen;
-			const result = generator.getFingerprint(fpOptions);
-			this.activeProfile = {
-				fingerprint: result.fingerprint,
-				headers: result.headers ?? {},
-				generatedAt: Date.now(),
-				os: options?.os ?? "windows",
-				browser: options?.browser ?? "chrome"
-			};
-			logger.info(`Fingerprint generated for ${this.activeProfile.os}/${this.activeProfile.browser}`);
-			return this.activeProfile;
-		} catch (err) {
-			logger.error("Failed to generate fingerprint:", err);
-			return null;
-		}
-	}
-	/**
-	* Inject the given fingerprint profile into a page.
-	* Must be called BEFORE StealthScripts.injectAll().
-	*/
-	async injectFingerprint(page, profile) {
-		if (!this.isAvailable()) throw new Error("fingerprint-injector not installed");
-		try {
-			const { newInjectedPage } = await import("fingerprint-injector");
-			await newInjectedPage(page, { fingerprint: "fingerprint" in profile ? profile.fingerprint : profile });
-			logger.info("Fingerprint injected into page");
-		} catch (err) {
-			logger.error("Failed to inject fingerprint:", err);
-			throw err;
-		}
-	}
-	/**
-	* Get the currently cached fingerprint profile.
-	*/
-	getActiveProfile() {
-		return this.activeProfile;
-	}
-	/**
-	* Clear the cached fingerprint profile.
-	*/
-	clearProfile() {
-		this.activeProfile = null;
-	}
-	/** Reset singleton for testing purposes. */
-	static resetInstance() {
-		FingerprintManager.instance = null;
-	}
-};
-//#endregion
-export { FingerprintManager };

package/dist/HardwareBreakpoint-Cc2AFq1Y.mjs

@@ -1,239 +0,0 @@
-import { _ as BREAKPOINT_HIT_TIMEOUT_MS, v as BREAKPOINT_TRACE_MAX_HITS } from "./constants-CDZLOoVv.mjs";
-import { t as CloseHandle } from "./Win32API-C2kjj0ze.mjs";
-import { _ as openThreadForDebug, a as DebugActiveProcessStop, c as EnumerateProcessThreads, d as ResumeThread, f as SetThreadContext, g as encodeDR7, h as WaitForDebugEvent, i as DebugActiveProcess, n as ContinueDebugEvent, o as DebugSetProcessKillOnExit, p as SuspendThread, r as DBG, s as EXCEPTION_CODE, t as CONTEXT_FLAGS, u as GetThreadContext, v as parseContext, y as writeContext } from "./Win32Debug-CKrGOTpo.mjs";
-import { randomUUID } from "node:crypto";
-//#region src/native/HardwareBreakpoint.ts
-/**
-* Hardware Breakpoint Engine — x64 debug register management.
-*
-* Sets/clears hardware breakpoints using DR0–DR3, monitors for hits,
-* and returns access context (instruction address, thread, register state).
-*
-* @module HardwareBreakpoint
-*/
-const toHex = (v) => `0x${v.toString(16).toUpperCase()}`;
-var HardwareBreakpointEngine = class {
-	breakpoints = /* @__PURE__ */ new Map();
-	attachedPids = /* @__PURE__ */ new Set();
-	drAllocation = [
-		false,
-		false,
-		false,
-		false
-	];
-	/** Attach to process as debugger (required before setting breakpoints) */
-	async attach(pid) {
-		if (this.attachedPids.has(pid)) return;
-		DebugActiveProcess(pid);
-		DebugSetProcessKillOnExit(false);
-		this.attachedPids.add(pid);
-		for (let i = 0; i < 100; i++) {
-			const evt = WaitForDebugEvent(100);
-			if (!evt) break;
-			ContinueDebugEvent(evt.processId, evt.threadId, DBG.CONTINUE);
-		}
-	}
-	/** Detach from process */
-	async detach(pid) {
-		for (const [id, bp] of this.breakpoints) if (bp.pid === pid) {
-			this.clearDR(pid, bp.drIndex);
-			this.drAllocation[bp.drIndex] = false;
-			this.breakpoints.delete(id);
-		}
-		if (this.attachedPids.has(pid)) {
-			try {
-				DebugActiveProcessStop(pid);
-			} catch {}
-			this.attachedPids.delete(pid);
-		}
-	}
-	/** Set a hardware breakpoint using an available DR register */
-	async setBreakpoint(pid, address, access, size = 4) {
-		if (!this.attachedPids.has(pid)) await this.attach(pid);
-		const drIndex = this.allocateDR();
-		const targetAddr = BigInt(address.startsWith("0x") ? address : `0x${address}`);
-		this.applyDRToAllThreads(pid, drIndex, targetAddr, access, size, true);
-		const config = {
-			id: randomUUID(),
-			pid,
-			address: `0x${targetAddr.toString(16).toUpperCase()}`,
-			access,
-			size,
-			enabled: true,
-			drIndex,
-			hitCount: 0
-		};
-		this.breakpoints.set(config.id, config);
-		return config;
-	}
-	/** Remove a hardware breakpoint */
-	async removeBreakpoint(id) {
-		const bp = this.breakpoints.get(id);
-		if (!bp) return false;
-		this.clearDR(bp.pid, bp.drIndex);
-		this.drAllocation[bp.drIndex] = false;
-		this.breakpoints.delete(id);
-		return true;
-	}
-	/** List all active breakpoints */
-	listBreakpoints() {
-		return Array.from(this.breakpoints.values()).map((bp) => ({
-			id: bp.id,
-			address: bp.address,
-			access: bp.access,
-			size: bp.size,
-			enabled: bp.enabled,
-			hitCount: bp.hitCount,
-			lastHit: bp.lastHit
-		}));
-	}
-	/** Wait for a breakpoint hit */
-	async waitForHit(timeoutMs) {
-		const timeout = timeoutMs ?? BREAKPOINT_HIT_TIMEOUT_MS;
-		const deadline = Date.now() + timeout;
-		while (Date.now() < deadline) {
-			const remaining = Math.max(100, deadline - Date.now());
-			const evt = WaitForDebugEvent(Math.min(remaining, 500));
-			if (!evt) continue;
-			if (evt.exceptionCode === EXCEPTION_CODE.SINGLE_STEP) {
-				const hit = this.processHit(evt.threadId, evt.processId, evt.exceptionAddress);
-				ContinueDebugEvent(evt.processId, evt.threadId, DBG.CONTINUE);
-				if (hit) return hit;
-			} else ContinueDebugEvent(evt.processId, evt.threadId, DBG.CONTINUE);
-		}
-		return null;
-	}
-	/** Trace access: collect multiple hits, answers "who reads/writes this address?" */
-	async traceAccess(pid, address, access, maxHits, timeoutMs) {
-		const max = maxHits ?? BREAKPOINT_TRACE_MAX_HITS;
-		const timeout = timeoutMs ?? BREAKPOINT_HIT_TIMEOUT_MS;
-		const bp = await this.setBreakpoint(pid, address, access);
-		const hits = [];
-		const deadline = Date.now() + timeout;
-		while (hits.length < max && Date.now() < deadline) {
-			const hit = await this.waitForHit(Math.min(1e3, deadline - Date.now()));
-			if (hit?.breakpointId === bp.id) hits.push(hit);
-		}
-		await this.removeBreakpoint(bp.id);
-		return hits;
-	}
-	allocateDR() {
-		for (let i = 0; i < 4; i++) if (!this.drAllocation[i]) {
-			this.drAllocation[i] = true;
-			return i;
-		}
-		throw new Error("All 4 hardware breakpoint registers (DR0-DR3) are in use");
-	}
-	applyDRToAllThreads(pid, drIndex, address, access, size, enable) {
-		const threads = EnumerateProcessThreads(pid);
-		const drAccessMap = {
-			execute: "execute",
-			write: "write",
-			readwrite: "readwrite",
-			read: "read"
-		};
-		for (const tid of threads) {
-			let hThread;
-			try {
-				hThread = openThreadForDebug(tid);
-			} catch {
-				continue;
-			}
-			try {
-				SuspendThread(hThread);
-				const ctxBuf = GetThreadContext(hThread, CONTEXT_FLAGS.ALL);
-				const drOffsets = [
-					72,
-					80,
-					88,
-					96
-				];
-				if (enable) ctxBuf.writeBigUInt64LE(address, drOffsets[drIndex]);
-				else ctxBuf.writeBigUInt64LE(0n, drOffsets[drIndex]);
-				const entries = Array.from(this.breakpoints.values()).filter((bp) => bp.enabled).map((bp) => ({
-					drIndex: bp.drIndex,
-					enabled: true,
-					access: drAccessMap[bp.access],
-					size: bp.size
-				}));
-				if (enable) entries.push({
-					drIndex,
-					enabled: true,
-					access: drAccessMap[access],
-					size
-				});
-				const dr7 = encodeDR7(entries);
-				ctxBuf.writeBigUInt64LE(dr7, 112);
-				writeContext(ctxBuf, { contextFlags: CONTEXT_FLAGS.ALL });
-				SetThreadContext(hThread, ctxBuf);
-				ResumeThread(hThread);
-			} catch {
-				try {
-					ResumeThread(hThread);
-				} catch {}
-			} finally {
-				CloseHandle(hThread);
-			}
-		}
-	}
-	clearDR(pid, drIndex) {
-		this.applyDRToAllThreads(pid, drIndex, 0n, "write", 1, false);
-	}
-	processHit(threadId, processId, _exceptionAddress) {
-		let hThread;
-		try {
-			hThread = openThreadForDebug(threadId);
-		} catch {
-			return null;
-		}
-		try {
-			const ctxBuf = GetThreadContext(hThread, CONTEXT_FLAGS.ALL);
-			const ctx = parseContext(ctxBuf);
-			for (const [id, bp] of this.breakpoints) {
-				if (bp.pid !== processId) continue;
-				const drBit = 1n << BigInt(bp.drIndex);
-				if (ctx.dr6 & drBit) {
-					bp.hitCount++;
-					bp.lastHit = Date.now();
-					ctxBuf.writeBigUInt64LE(0n, 104);
-					SetThreadContext(hThread, ctxBuf);
-					return {
-						breakpointId: id,
-						address: bp.address,
-						accessAddress: bp.address,
-						instructionAddress: toHex(ctx.rip),
-						threadId,
-						accessType: bp.access,
-						timestamp: Date.now(),
-						registers: {
-							rax: toHex(ctx.rax),
-							rbx: toHex(ctx.rbx),
-							rcx: toHex(ctx.rcx),
-							rdx: toHex(ctx.rdx),
-							rsi: toHex(ctx.rsi),
-							rdi: toHex(ctx.rdi),
-							rsp: toHex(ctx.rsp),
-							rbp: toHex(ctx.rbp),
-							r8: toHex(ctx.r8),
-							r9: toHex(ctx.r9),
-							r10: toHex(ctx.r10),
-							r11: toHex(ctx.r11),
-							r12: toHex(ctx.r12),
-							r13: toHex(ctx.r13),
-							r14: toHex(ctx.r14),
-							r15: toHex(ctx.r15),
-							rip: toHex(ctx.rip),
-							rflags: `0x${ctx.eflags.toString(16).toUpperCase()}`
-						}
-					};
-				}
-			}
-			return null;
-		} finally {
-			CloseHandle(hThread);
-		}
-	}
-};
-const hardwareBreakpointEngine = new HardwareBreakpointEngine();
-//#endregion
-export { HardwareBreakpointEngine, hardwareBreakpointEngine };

package/dist/HeapAnalyzer-DruMgsgj.mjs

@@ -1,284 +0,0 @@
-import { t as logger } from "./logger-Dh_xb7_2.mjs";
-import { ct as HEAP_SPRAY_THRESHOLD, lt as HEAP_SUSPICIOUS_BLOCK_SIZE, ot as HEAP_ENUMERATE_MAX_BLOCKS, st as HEAP_SPRAY_SIZE_TOLERANCE } from "./constants-CDZLOoVv.mjs";
-import { b as openProcessForMemory, d as ReadProcessMemory, t as CloseHandle } from "./Win32API-C2kjj0ze.mjs";
-import { m as TH32CS } from "./Win32Debug-CKrGOTpo.mjs";
-import koffi from "koffi";
-//#region src/native/HeapAnalyzer.types.ts
-/** Heap block flags */
-const LF32 = {
-	FIXED: 1,
-	FREE: 2,
-	MOVEABLE: 4
-};
-/** Heap flags */
-const HF32 = {
-	DEFAULT: 1,
-	SHARED: 2
-};
-//#endregion
-//#region src/native/HeapAnalyzer.ts
-/**
-* Heap Analysis Engine.
-*
-* Enumerates process heaps and blocks via Toolhelp32 Snapshot APIs,
-* provides statistical analysis and anomaly detection (spray, UAF heuristic).
-*
-* @module HeapAnalyzer
-*/
-let heapApisCache = null;
-function loadHeapApis() {
-	const k32 = koffi.load("kernel32.dll");
-	return {
-		CreateToolhelp32Snapshot: k32.func("CreateToolhelp32Snapshot", "intptr", ["uint32", "uint32"]),
-		Heap32ListFirst: k32.func("Heap32ListFirst", "bool", ["intptr", "_Inout_ uint8_t *"]),
-		Heap32ListNext: k32.func("Heap32ListNext", "bool", ["intptr", "_Inout_ uint8_t *"]),
-		Heap32First: k32.func("Heap32First", "bool", [
-			"_Inout_ uint8_t *",
-			"uint32",
-			"uintptr_t"
-		]),
-		Heap32Next: k32.func("Heap32Next", "bool", ["_Inout_ uint8_t *"]),
-		CloseHandle: k32.func("int CloseHandle(intptr)"),
-		HEAPLIST32_SIZE: 36,
-		HEAPENTRY32_SIZE: 56
-	};
-}
-function getHeapApis() {
-	if (!heapApisCache) heapApisCache = loadHeapApis();
-	return heapApisCache;
-}
-const SIZE_RANGES = [
-	[
-		"0-64B",
-		0,
-		64
-	],
-	[
-		"64-256B",
-		64,
-		256
-	],
-	[
-		"256B-1KB",
-		256,
-		1024
-	],
-	[
-		"1-4KB",
-		1024,
-		4096
-	],
-	[
-		"4-16KB",
-		4096,
-		16384
-	],
-	[
-		"16-64KB",
-		16384,
-		65536
-	],
-	[
-		"64KB-1MB",
-		65536,
-		1048576
-	],
-	[
-		">1MB",
-		1048576,
-		Number.MAX_SAFE_INTEGER
-	]
-];
-function classifyBlock(size) {
-	for (let i = 0; i < SIZE_RANGES.length; i++) {
-		const range = SIZE_RANGES[i];
-		if (size >= range[1] && size < range[2]) return i;
-	}
-	return SIZE_RANGES.length - 1;
-}
-var HeapAnalyzer = class {
-	/**
-	* Enumerate all heaps in a process and return info + stats.
-	*/
-	async enumerateHeaps(pid) {
-		const apis = getHeapApis();
-		const hSnap = apis.CreateToolhelp32Snapshot(TH32CS.SNAPHEAPLIST, pid);
-		if (hSnap === -1n && typeof hSnap === "bigint") throw new Error(`Failed to create heap snapshot for PID ${pid}`);
-		const heaps = [];
-		try {
-			const hlBuf = Buffer.alloc(apis.HEAPLIST32_SIZE);
-			hlBuf.writeBigUInt64LE(BigInt(apis.HEAPLIST32_SIZE), 0);
-			let hasHeap = apis.Heap32ListFirst(hSnap, hlBuf);
-			while (hasHeap) {
-				const processId = hlBuf.readUInt32LE(8);
-				const heapId = hlBuf.readBigUInt64LE(12);
-				const flags = hlBuf.readUInt32LE(20);
-				const blocks = await this.enumerateBlocksInternal(pid, heapId, HEAP_ENUMERATE_MAX_BLOCKS);
-				heaps.push({
-					heapId: `0x${heapId.toString(16)}`,
-					processId,
-					flags,
-					isDefault: (flags & HF32.DEFAULT) !== 0,
-					blockCount: blocks.length,
-					totalSize: blocks.reduce((sum, b) => sum + b.size, 0)
-				});
-				hlBuf.writeBigUInt64LE(BigInt(apis.HEAPLIST32_SIZE), 0);
-				hasHeap = apis.Heap32ListNext(hSnap, hlBuf);
-			}
-		} finally {
-			apis.CloseHandle(hSnap);
-		}
-		return {
-			heaps,
-			stats: this.computeStats(heaps, [])
-		};
-	}
-	/**
-	* Enumerate blocks within a specific heap.
-	*/
-	async enumerateBlocks(pid, heapId, options) {
-		const id = BigInt(heapId);
-		const max = options?.maxBlocks ?? HEAP_ENUMERATE_MAX_BLOCKS;
-		return this.enumerateBlocksInternal(pid, id, max);
-	}
-	/**
-	* Get full statistical breakdown for all heaps.
-	*/
-	async getStats(pid) {
-		const { heaps } = await this.enumerateHeaps(pid);
-		const allBlocks = [];
-		for (const heap of heaps) {
-			const blocks = await this.enumerateBlocksInternal(pid, BigInt(heap.heapId), HEAP_ENUMERATE_MAX_BLOCKS);
-			allBlocks.push(...blocks);
-		}
-		return this.computeStats(heaps, allBlocks);
-	}
-	/**
-	* Detect heap anomalies: spray, UAF heuristic, suspicious sizes.
-	*/
-	async detectAnomalies(pid) {
-		const anomalies = [];
-		const { heaps } = await this.enumerateHeaps(pid);
-		for (const heap of heaps) {
-			const blocks = await this.enumerateBlocksInternal(pid, BigInt(heap.heapId), HEAP_ENUMERATE_MAX_BLOCKS);
-			this.detectSpray(blocks, heap.heapId, anomalies);
-			this.detectSuspiciousSizes(blocks, heap.heapId, anomalies);
-			await this.detectPossibleUaf(pid, blocks, heap.heapId, anomalies);
-		}
-		return anomalies;
-	}
-	async enumerateBlocksInternal(pid, heapId, maxBlocks) {
-		const apis = getHeapApis();
-		const blocks = [];
-		const heBuf = Buffer.alloc(apis.HEAPENTRY32_SIZE);
-		heBuf.writeBigUInt64LE(BigInt(apis.HEAPENTRY32_SIZE), 0);
-		let hasBlock = apis.Heap32First(heBuf, pid, heapId);
-		while (hasBlock && blocks.length < maxBlocks) {
-			const address = heBuf.readBigUInt64LE(16);
-			const blockSize = Number(heBuf.readBigUInt64LE(24));
-			const flags = heBuf.readUInt32LE(32);
-			blocks.push({
-				address: `0x${address.toString(16)}`,
-				size: blockSize,
-				flags,
-				heapId: `0x${heapId.toString(16)}`,
-				isFree: (flags & LF32.FREE) !== 0
-			});
-			heBuf.writeBigUInt64LE(BigInt(apis.HEAPENTRY32_SIZE), 0);
-			hasBlock = apis.Heap32Next(heBuf);
-		}
-		return blocks;
-	}
-	computeStats(heaps, blocks) {
-		const buckets = SIZE_RANGES.map(([range]) => ({
-			range,
-			count: 0,
-			totalBytes: 0
-		}));
-		let totalSize = 0;
-		let freeSize = 0;
-		let largestBlock = 0;
-		let smallestBlock = Number.MAX_SAFE_INTEGER;
-		for (const block of blocks) {
-			totalSize += block.size;
-			if (block.isFree) freeSize += block.size;
-			if (block.size > largestBlock) largestBlock = block.size;
-			if (!block.isFree && block.size < smallestBlock) smallestBlock = block.size;
-			const idx = classifyBlock(block.size);
-			buckets[idx].count++;
-			buckets[idx].totalBytes += block.size;
-		}
-		if (smallestBlock === Number.MAX_SAFE_INTEGER) smallestBlock = 0;
-		if (totalSize === 0 && heaps.length > 0) totalSize = heaps.reduce((s, h) => s + h.totalSize, 0);
-		return {
-			totalHeaps: heaps.length,
-			totalBlocks: blocks.length || heaps.reduce((s, h) => s + h.blockCount, 0),
-			totalSize,
-			freeSize,
-			usedSize: totalSize - freeSize,
-			largestBlock,
-			smallestBlock,
-			averageBlockSize: blocks.length > 0 ? Math.round(totalSize / blocks.length) : 0,
-			sizeDistribution: buckets,
-			fragmentationRatio: totalSize > 0 ? freeSize / totalSize : 0
-		};
-	}
-	detectSpray(blocks, heapId, anomalies) {
-		const sizeGroups = /* @__PURE__ */ new Map();
-		for (const block of blocks) {
-			if (block.isFree) continue;
-			const rounded = Math.round(block.size / HEAP_SPRAY_SIZE_TOLERANCE) * HEAP_SPRAY_SIZE_TOLERANCE;
-			const group = sizeGroups.get(rounded) ?? [];
-			group.push(block);
-			sizeGroups.set(rounded, group);
-		}
-		for (const [size, group] of sizeGroups) if (group.length >= HEAP_SPRAY_THRESHOLD) anomalies.push({
-			type: "heap_spray_pattern",
-			severity: "high",
-			address: group[0].address,
-			details: `${group.length} blocks of ~${size} bytes detected — possible heap spray`,
-			heapId
-		});
-	}
-	detectSuspiciousSizes(blocks, heapId, anomalies) {
-		for (const block of blocks) if (block.size === 0) anomalies.push({
-			type: "suspicious_size",
-			severity: "medium",
-			address: block.address,
-			details: "Block with zero size",
-			heapId
-		});
-		else if (block.size > HEAP_SUSPICIOUS_BLOCK_SIZE) anomalies.push({
-			type: "suspicious_size",
-			severity: "medium",
-			address: block.address,
-			details: `Unusually large block: ${(block.size / (1024 * 1024)).toFixed(1)} MB`,
-			heapId
-		});
-	}
-	async detectPossibleUaf(pid, blocks, heapId, anomalies) {
-		const sampled = blocks.filter((b) => b.isFree && b.size >= 8).slice(0, 100);
-		let hProcess = null;
-		try {
-			hProcess = openProcessForMemory(pid);
-			for (const block of sampled) {
-				const addr = BigInt(block.address);
-				const data = ReadProcessMemory(hProcess, addr, 8);
-				if (data && data.readBigUInt64LE(0) !== 0n) anomalies.push({
-					type: "possible_uaf",
-					severity: "low",
-					address: block.address,
-					details: `Free block has non-zero data: 0x${data.readBigUInt64LE(0).toString(16)}`,
-					heapId
-				});
-			}
-		} catch (e) {
-			logger.debug(`UAF check failed for PID ${pid}: ${e}`);
-		} finally {
-			if (hProcess) CloseHandle(hProcess);
-		}
-	}
-};
-const heapAnalyzer = new HeapAnalyzer();
-//#endregion
-export { HeapAnalyzer, heapAnalyzer };