@nodesecure/js-x-ray 9.2.0 → 10.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/AstAnalyser.d.ts +19 -4
- package/dist/AstAnalyser.d.ts.map +1 -1
- package/dist/AstAnalyser.js +43 -25
- package/dist/AstAnalyser.js.map +1 -1
- package/dist/ProbeRunner.d.ts +21 -16
- package/dist/ProbeRunner.d.ts.map +1 -1
- package/dist/ProbeRunner.js +46 -16
- package/dist/ProbeRunner.js.map +1 -1
- package/dist/SourceFile.d.ts +2 -19
- package/dist/SourceFile.d.ts.map +1 -1
- package/dist/SourceFile.js +1 -30
- package/dist/SourceFile.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/pipelines/Runner.class.d.ts +11 -0
- package/dist/pipelines/Runner.class.d.ts.map +1 -0
- package/dist/pipelines/Runner.class.js +20 -0
- package/dist/pipelines/Runner.class.js.map +1 -0
- package/dist/pipelines/deobfuscate.d.ts +8 -0
- package/dist/pipelines/deobfuscate.d.ts.map +1 -0
- package/dist/pipelines/deobfuscate.js +33 -0
- package/dist/pipelines/deobfuscate.js.map +1 -0
- package/dist/pipelines/index.d.ts +8 -0
- package/dist/pipelines/index.d.ts.map +1 -0
- package/dist/pipelines/index.js +8 -0
- package/dist/pipelines/index.js.map +1 -0
- package/dist/probes/data-exfiltration.d.ts +19 -0
- package/dist/probes/data-exfiltration.d.ts.map +1 -0
- package/dist/probes/data-exfiltration.js +84 -0
- package/dist/probes/data-exfiltration.js.map +1 -0
- package/dist/probes/isFetch.d.ts +5 -5
- package/dist/probes/isFetch.d.ts.map +1 -1
- package/dist/probes/isFetch.js +12 -4
- package/dist/probes/isFetch.js.map +1 -1
- package/dist/probes/isLiteral.js +1 -1
- package/dist/probes/isLiteral.js.map +1 -1
- package/dist/probes/isRequire/RequireCallExpressionWalker.d.ts.map +1 -1
- package/dist/probes/isRequire/RequireCallExpressionWalker.js +32 -35
- package/dist/probes/isRequire/RequireCallExpressionWalker.js.map +1 -1
- package/dist/probes/isRequire/isRequire.d.ts +4 -9
- package/dist/probes/isRequire/isRequire.d.ts.map +1 -1
- package/dist/probes/isRequire/isRequire.js +7 -9
- package/dist/probes/isRequire/isRequire.js.map +1 -1
- package/dist/probes/isSerializeEnv.d.ts +4 -6
- package/dist/probes/isSerializeEnv.d.ts.map +1 -1
- package/dist/probes/isSerializeEnv.js +13 -11
- package/dist/probes/isSerializeEnv.js.map +1 -1
- package/dist/probes/isSyncIO.d.ts +4 -6
- package/dist/probes/isSyncIO.d.ts.map +1 -1
- package/dist/probes/isSyncIO.js +6 -7
- package/dist/probes/isSyncIO.js.map +1 -1
- package/dist/probes/isUnsafeCallee.d.ts +2 -5
- package/dist/probes/isUnsafeCallee.d.ts.map +1 -1
- package/dist/probes/isUnsafeCallee.js +5 -7
- package/dist/probes/isUnsafeCallee.js.map +1 -1
- package/dist/probes/isUnsafeCommand.d.ts +2 -5
- package/dist/probes/isUnsafeCommand.d.ts.map +1 -1
- package/dist/probes/isUnsafeCommand.js +19 -9
- package/dist/probes/isUnsafeCommand.js.map +1 -1
- package/dist/probes/isWeakCrypto.d.ts +4 -6
- package/dist/probes/isWeakCrypto.d.ts.map +1 -1
- package/dist/probes/isWeakCrypto.js +7 -7
- package/dist/probes/isWeakCrypto.js.map +1 -1
- package/dist/types/estree.d.ts +4 -3
- package/dist/types/estree.d.ts.map +1 -1
- package/dist/types/estree.js +11 -0
- package/dist/types/estree.js.map +1 -1
- package/dist/walker/index.d.ts +9 -0
- package/dist/walker/index.d.ts.map +1 -0
- package/dist/walker/index.js +10 -0
- package/dist/walker/index.js.map +1 -0
- package/dist/walker/walker.base.d.ts +17 -0
- package/dist/walker/walker.base.d.ts.map +1 -0
- package/dist/walker/walker.base.js +45 -0
- package/dist/walker/walker.base.js.map +1 -0
- package/dist/walker/walker.sync.d.ts +15 -0
- package/dist/walker/walker.sync.d.ts.map +1 -0
- package/dist/walker/walker.sync.js +87 -0
- package/dist/walker/walker.sync.js.map +1 -0
- package/dist/warnings.d.ts +6 -1
- package/dist/warnings.d.ts.map +1 -1
- package/dist/warnings.js +8 -3
- package/dist/warnings.js.map +1 -1
- package/package.json +3 -4
package/dist/AstAnalyser.d.ts
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
import type { ESTree } from "meriyah";
|
|
2
|
-
import { type Warning } from "./warnings.js";
|
|
3
|
-
import { SourceFile, type
|
|
2
|
+
import { type Warning, type OptionalWarningName } from "./warnings.js";
|
|
3
|
+
import { SourceFile, type SourceFlags } from "./SourceFile.js";
|
|
4
4
|
import { type SourceParser } from "./JsSourceParser.js";
|
|
5
|
+
import { type Probe } from "./ProbeRunner.js";
|
|
6
|
+
import { type Pipeline } from "./pipelines/index.js";
|
|
5
7
|
export interface Dependency {
|
|
6
8
|
unsafe: boolean;
|
|
7
9
|
inTry: boolean;
|
|
@@ -42,11 +44,24 @@ export type ReportOnFile = {
|
|
|
42
44
|
ok: false;
|
|
43
45
|
warnings: Warning[];
|
|
44
46
|
};
|
|
45
|
-
export interface AstAnalyserOptions
|
|
47
|
+
export interface AstAnalyserOptions {
|
|
46
48
|
/**
|
|
47
49
|
* @default JsSourceParser
|
|
48
50
|
*/
|
|
49
51
|
customParser?: SourceParser;
|
|
52
|
+
/**
|
|
53
|
+
* @default []
|
|
54
|
+
*/
|
|
55
|
+
customProbes?: Probe[];
|
|
56
|
+
/**
|
|
57
|
+
* @default false
|
|
58
|
+
*/
|
|
59
|
+
skipDefaultProbes?: boolean;
|
|
60
|
+
/**
|
|
61
|
+
* @default false
|
|
62
|
+
*/
|
|
63
|
+
optionalWarnings?: boolean | Iterable<OptionalWarningName>;
|
|
64
|
+
pipelines?: Pipeline[];
|
|
50
65
|
}
|
|
51
66
|
export interface PrepareSourceOptions {
|
|
52
67
|
removeHTMLComments?: boolean;
|
|
@@ -54,7 +69,7 @@ export interface PrepareSourceOptions {
|
|
|
54
69
|
export declare class AstAnalyser {
|
|
55
70
|
#private;
|
|
56
71
|
parser: SourceParser;
|
|
57
|
-
|
|
72
|
+
probes: Probe[];
|
|
58
73
|
constructor(options?: AstAnalyserOptions);
|
|
59
74
|
analyse(str: string, options?: RuntimeOptions): Report;
|
|
60
75
|
analyseFile(pathToFile: string | URL, options?: RuntimeFileOptions): Promise<ReportOnFile>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AstAnalyser.d.ts","sourceRoot":"","sources":["../src/AstAnalyser.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"AstAnalyser.d.ts","sourceRoot":"","sources":["../src/AstAnalyser.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAItC,OAAO,EAEL,KAAK,OAAO,EACZ,KAAK,mBAAmB,EACzB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,UAAU,EACV,KAAK,WAAW,EACjB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAkB,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACxE,OAAO,EAAe,KAAK,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAM3D,OAAO,EAEL,KAAK,QAAQ,EACd,MAAM,sBAAsB,CAAC;AAE9B,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,OAAO,CAAC;IACf,QAAQ,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,cAAc,CAAC;CACzC;AAED,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB;;OAEG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B;;OAEG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,UAAU,CAAC,EAAE,CAAC,UAAU,EAAE,UAAU,KAAK,IAAI,CAAC;IAC9C,QAAQ,CAAC,EAAE,CAAC,UAAU,EAAE,UAAU,KAAK,IAAI,CAAC;CAC7C;AAED,MAAM,WAAW,kBAAmB,SAAQ,IAAI,CAAC,cAAc,EAAE,YAAY,CAAC;IAC5E,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,MAAM;IACrB,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACtC,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,KAAK,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,EAAE,EAAE,IAAI,CAAC;IACT,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACtC,KAAK,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;CACzB,GAAG;IACF,EAAE,EAAE,KAAK,CAAC;IACV,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB,CAAC;AAEF,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B;;OAEG;IACH,YAAY,CAAC,EAAE,KAAK,EAAE,CAAC;IACvB;;OAEG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B;;OAEG;IACH,gBAAgB,CAAC,EAAE,OAAO,GAAG,QAAQ,CAAC,mBAAmB,CAAC,CAAC;IAC3D,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC;CACxB;AAED,MAAM,WAAW,oBAAoB;IACnC,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B;AAED,qBAAa,WAAW;;IAEtB,MAAM,EAAE,YAAY,CAAC;IACrB,MAAM,EAAE,KAAK,EAAE,CAAC;gBAEJ,OAAO,GAAE,kBAAuB;IAoC5C,OAAO,CACL,GAAG,EAAE,MAAM,EACX,OAAO,GAAE,cAAmB,GAC3B,MAAM;IA+DH,WAAW,CACf,UAAU,EAAE,MAAM,GAAG,GAAG,EACxB,OAAO,GAAE,kBAAuB,GAC/B,OAAO,CAAC,YAAY,CAAC;IAkDxB,eAAe,CACb,UAAU,EAAE,MAAM,GAAG,GAAG,EACxB,OAAO,GAAE,kBAAuB,GAC/B,YAAY;IAkDf,aAAa,CACX,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,oBAAyB,GACjC,MAAM;CAqBV"}
|
package/dist/AstAnalyser.js
CHANGED
|
@@ -2,33 +2,53 @@
|
|
|
2
2
|
import fs from "node:fs/promises";
|
|
3
3
|
import fsSync from "node:fs";
|
|
4
4
|
import path from "node:path";
|
|
5
|
-
// Import Third-party Dependencies
|
|
6
|
-
import { walk } from "estree-walker";
|
|
7
5
|
import isMinified from "is-minified-code";
|
|
8
6
|
// Import Internal Dependencies
|
|
9
7
|
import { generateWarning } from "./warnings.js";
|
|
10
8
|
import { SourceFile } from "./SourceFile.js";
|
|
11
|
-
import { isOneLineExpressionExport } from "./utils/index.js";
|
|
12
9
|
import { JsSourceParser } from "./JsSourceParser.js";
|
|
10
|
+
import { ProbeRunner } from "./ProbeRunner.js";
|
|
11
|
+
import { walkEnter } from "./walker/index.js";
|
|
12
|
+
import * as trojan from "./obfuscators/trojan-source.js";
|
|
13
|
+
import { isOneLineExpressionExport } from "./utils/index.js";
|
|
14
|
+
import { PipelineRunner } from "./pipelines/index.js";
|
|
13
15
|
export class AstAnalyser {
|
|
16
|
+
#pipelineRunner;
|
|
14
17
|
parser;
|
|
15
|
-
|
|
18
|
+
probes;
|
|
16
19
|
constructor(options = {}) {
|
|
20
|
+
const { customProbes = [], optionalWarnings = false, skipDefaultProbes = false, pipelines = [] } = options;
|
|
21
|
+
this.#pipelineRunner = new PipelineRunner(pipelines);
|
|
17
22
|
this.parser = options.customParser ?? new JsSourceParser();
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
+
let probes = ProbeRunner.Defaults;
|
|
24
|
+
if (Array.isArray(customProbes) &&
|
|
25
|
+
customProbes.length > 0) {
|
|
26
|
+
probes = skipDefaultProbes === true ?
|
|
27
|
+
customProbes :
|
|
28
|
+
[...probes, ...customProbes];
|
|
29
|
+
}
|
|
30
|
+
if (typeof optionalWarnings === "boolean") {
|
|
31
|
+
if (optionalWarnings) {
|
|
32
|
+
probes = [...probes, ...Object.values(ProbeRunner.Optionals)];
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
else {
|
|
36
|
+
const optionalProbes = Array.from(optionalWarnings ?? [])
|
|
37
|
+
.flatMap((warning) => ProbeRunner.Optionals[warning] ?? []);
|
|
38
|
+
probes = [...probes, ...optionalProbes];
|
|
39
|
+
}
|
|
40
|
+
this.probes = probes;
|
|
23
41
|
}
|
|
24
42
|
analyse(str, options = {}) {
|
|
25
43
|
const { isMinified = false, module = true, removeHTMLComments = false, initialize, finalize } = options;
|
|
26
44
|
const body = this.parser.parse(this.prepareSource(str, { removeHTMLComments }), {
|
|
27
45
|
isEcmaScriptModule: Boolean(module)
|
|
28
46
|
});
|
|
29
|
-
const source = new SourceFile(
|
|
30
|
-
|
|
31
|
-
|
|
47
|
+
const source = new SourceFile();
|
|
48
|
+
if (trojan.verify(str)) {
|
|
49
|
+
source.warnings.push(generateWarning("obfuscated-code", { value: "trojan-source" }));
|
|
50
|
+
}
|
|
51
|
+
const probeRunner = new ProbeRunner(source, this.probes);
|
|
32
52
|
if (initialize) {
|
|
33
53
|
if (typeof initialize !== "function") {
|
|
34
54
|
throw new TypeError("options.initialize must be a function");
|
|
@@ -36,27 +56,25 @@ export class AstAnalyser {
|
|
|
36
56
|
initialize(source);
|
|
37
57
|
}
|
|
38
58
|
// we walk each AST Nodes, this is a purely synchronous I/O
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
}
|
|
59
|
+
const reducedBody = this.#pipelineRunner.reduce(body);
|
|
60
|
+
walkEnter(reducedBody, function walk(node) {
|
|
61
|
+
// Skip the root of the AST.
|
|
62
|
+
if (Array.isArray(node)) {
|
|
63
|
+
return;
|
|
64
|
+
}
|
|
65
|
+
source.walk(node);
|
|
66
|
+
const action = probeRunner.walk(node);
|
|
67
|
+
if (action === "skip") {
|
|
68
|
+
this.skip();
|
|
50
69
|
}
|
|
51
70
|
});
|
|
52
|
-
// TODO: this check should be factorized in a way that we reuse it
|
|
53
|
-
// on analyze and anlyseFile
|
|
54
71
|
if (finalize) {
|
|
55
72
|
if (typeof finalize !== "function") {
|
|
56
73
|
throw new TypeError("options.finalize must be a function");
|
|
57
74
|
}
|
|
58
75
|
finalize(source);
|
|
59
76
|
}
|
|
77
|
+
probeRunner.finalize();
|
|
60
78
|
// Add oneline-require flag if this is a one-line require expression
|
|
61
79
|
if (isOneLineExpressionExport(body)) {
|
|
62
80
|
source.flags.add("oneline-require");
|
package/dist/AstAnalyser.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AstAnalyser.js","sourceRoot":"","sources":["../src/AstAnalyser.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,MAAM,MAAM,SAAS,CAAC;AAC7B,OAAO,IAAI,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"AstAnalyser.js","sourceRoot":"","sources":["../src/AstAnalyser.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,MAAM,MAAM,SAAS,CAAC;AAC7B,OAAO,IAAI,MAAM,WAAW,CAAC;AAI7B,OAAO,UAAU,MAAM,kBAAkB,CAAC;AAE1C,+BAA+B;AAC/B,OAAO,EACL,eAAe,EAGhB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,UAAU,EAEX,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,cAAc,EAAqB,MAAM,qBAAqB,CAAC;AACxE,OAAO,EAAE,WAAW,EAAc,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,KAAK,MAAM,MAAM,gCAAgC,CAAC;AACzD,OAAO,EACL,yBAAyB,EAC1B,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,cAAc,EAEf,MAAM,sBAAsB,CAAC;AAuE9B,MAAM,OAAO,WAAW;IACtB,eAAe,CAAiB;IAChC,MAAM,CAAe;IACrB,MAAM,CAAU;IAEhB,YAAY,UAA8B,EAAE;QAC1C,MAAM,EACJ,YAAY,GAAG,EAAE,EACjB,gBAAgB,GAAG,KAAK,EACxB,iBAAiB,GAAG,KAAK,EACzB,SAAS,GAAG,EAAE,EACf,GAAG,OAAO,CAAC;QAEZ,IAAI,CAAC,eAAe,GAAG,IAAI,cAAc,CAAC,SAAS,CAAC,CAAC;QACrD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,YAAY,IAAI,IAAI,cAAc,EAAE,CAAC;QAE3D,IAAI,MAAM,GAAG,WAAW,CAAC,QAAQ,CAAC;QAClC,IACE,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC;YAC3B,YAAY,CAAC,MAAM,GAAG,CAAC,EACvB,CAAC;YACD,MAAM,GAAG,iBAAiB,KAAK,IAAI,CAAC,CAAC;gBACnC,YAAY,CAAC,CAAC;gBACd,CAAC,GAAG,MAAM,EAAE,GAAG,YAAY,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,OAAO,gBAAgB,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,gBAAgB,EAAE,CAAC;gBACrB,MAAM,GAAG,CAAC,GAAG,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;aACI,CAAC;YACJ,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,gBAAgB,IAAI,EAAE,CAAC;iBACtD,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;YAE9D,MAAM,GAAG,CAAC,GAAG,MAAM,EAAE,GAAG,cAAc,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,OAAO,CACL,GAAW,EACX,UAA0B,EAAE;QAE5B,MAAM,EACJ,UAAU,GAAG,KAAK,EAClB,MAAM,GAAG,IAAI,EACb,kBAAkB,GAAG,KAAK,EAC1B,UAAU,EACV,QAAQ,EACT,GAAG,OAAO,CAAC;QAEZ,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE;YAC9E,kBAAkB,EAAE,OAAO,CAAC,MAAM,CAAC;SACpC,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;QAChC,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,eAAe,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAC/D,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,UAAU,EAAE,CAAC;YACf,IAAI,OAAO,UAAU,KAAK,UAAU,EAAE,CAAC;gBACrC,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAC;YAC/D,CAAC;YACD,UAAU,CAAC,MAAM,CAAC,CAAC;QACrB,CAAC;QAED,2DAA2D;QAC3D,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACtD,SAAS,CAAC,WAAW,EAAE,SAAS,IAAI,CAAC,IAAI;YACvC,4BAA4B;YAC5B,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,OAAO;YACT,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClB,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACtC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtB,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE,CAAC;gBACnC,MAAM,IAAI,SAAS,CAAC,qCAAqC,CAAC,CAAC;YAC7D,CAAC;YACD,QAAQ,CAAC,MAAM,CAAC,CAAC;QACnB,CAAC;QACD,WAAW,CAAC,QAAQ,EAAE,CAAC;QAEvB,oEAAoE;QACpE,IAAI,yBAAyB,CAAC,IAAI,CAAC,EAAE,CAAC;YACpC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACtC,CAAC;QAED,OAAO;YACL,GAAG,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC;YAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,KAAK,EAAE,MAAM,CAAC,KAAK;SACpB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,WAAW,CACf,UAAwB,EACxB,UAA8B,EAAE;QAEhC,IAAI,CAAC;YACH,MAAM,EACJ,WAAW,GAAG,IAAI,EAClB,MAAM,GAAG,IAAI,EACb,kBAAkB,GAAG,KAAK,EAC1B,UAAU,EACV,QAAQ,EACT,GAAG,OAAO,CAAC;YAEZ,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,cAAc,GAAG,UAAU,YAAY,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC;YAEhF,MAAM,KAAK,GAAG,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;YACjE,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE;gBAC7B,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM;gBAC/D,kBAAkB;gBAClB,UAAU;gBACV,QAAQ;aACT,CAAC,CAAC;YAEH,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;gBACzB,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACxC,CAAC;YAED,0EAA0E;YAC1E,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,KAAK,EAAE,CAAC;gBAChD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAChC,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,IAAI;gBACR,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC;QACJ,CAAC;QACD,OAAO,KAAU,EAAE,CAAC;YAClB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,QAAQ,EAAE;oBACR,eAAe,CAAC,eAAe,EAAE;wBAC/B,KAAK,EAAE,KAAK,CAAC,OAAO;qBACrB,CAAC;iBACH;aACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,eAAe,CACb,UAAwB,EACxB,UAA8B,EAAE;QAEhC,IAAI,CAAC;YACH,MAAM,EACJ,WAAW,GAAG,IAAI,EAClB,MAAM,GAAG,IAAI,EACb,kBAAkB,GAAG,KAAK,EAC1B,UAAU,EACV,QAAQ,EACT,GAAG,OAAO,CAAC;YAEZ,MAAM,GAAG,GAAG,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACrD,MAAM,cAAc,GAAG,UAAU,YAAY,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC;YAEhF,MAAM,KAAK,GAAG,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;YACjE,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE;gBAC7B,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM;gBAC/D,kBAAkB;gBAClB,UAAU;gBACV,QAAQ;aACT,CAAC,CAAC;YAEH,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;gBACzB,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACxC,CAAC;YAED,0EAA0E;YAC1E,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,KAAK,EAAE,CAAC;gBAChD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAChC,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,IAAI;gBACR,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC;QACJ,CAAC;QACD,OAAO,KAAU,EAAE,CAAC;YAClB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,QAAQ,EAAE;oBACR,eAAe,CAAC,eAAe,EAAE;wBAC/B,KAAK,EAAE,KAAK,CAAC,OAAO;qBACrB,CAAC;iBACH;aACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,aAAa,CACX,MAAc,EACd,UAAgC,EAAE;QAElC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CAAC,yBAAyB,CAAC,CAAC;QACjD,CAAC;QACD,MAAM,EAAE,kBAAkB,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC;QAE/C;;;;WAIG;QACH,MAAM,YAAY,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3C,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAElD,OAAO,kBAAkB,CAAC,CAAC;YACzB,IAAI,CAAC,kBAAkB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC;IACzD,CAAC;IAED,kBAAkB,CAAC,GAAW;QAC5B,OAAO,GAAG,CAAC,UAAU,CAAC,sBAAsB,EAAE,EAAE,CAAC,CAAC;IACpD,CAAC;CACF"}
|
package/dist/ProbeRunner.d.ts
CHANGED
|
@@ -2,32 +2,36 @@ import type { ESTree } from "meriyah";
|
|
|
2
2
|
import type { SourceFile } from "./SourceFile.js";
|
|
3
3
|
import type { OptionalWarningName } from "./warnings.js";
|
|
4
4
|
export type ProbeReturn = void | null | symbol;
|
|
5
|
-
export type
|
|
6
|
-
export type
|
|
5
|
+
export type ProbeContextDef = Record<string, any>;
|
|
6
|
+
export type ProbeContext<T extends ProbeContextDef = ProbeContextDef> = {
|
|
7
7
|
sourceFile: SourceFile;
|
|
8
|
+
context?: T;
|
|
9
|
+
};
|
|
10
|
+
export type ProbeMainContext<T extends ProbeContextDef = ProbeContextDef> = ProbeContext<T> & {
|
|
8
11
|
data?: any;
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
export type ProbeValidationCallback = (node: ESTree.Node, sourceFile: SourceFile) => [boolean, any?];
|
|
14
|
-
export interface Probe {
|
|
12
|
+
signals: typeof ProbeRunner.Signals;
|
|
13
|
+
};
|
|
14
|
+
export type ProbeValidationCallback<T extends ProbeContextDef = ProbeContextDef> = (node: ESTree.Node, ctx: ProbeContext<T>) => [boolean, any?];
|
|
15
|
+
export interface Probe<T extends ProbeContextDef = ProbeContextDef> {
|
|
15
16
|
name: string;
|
|
16
|
-
initialize?:
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
17
|
+
initialize?: (ctx: ProbeContext<T>) => void | ProbeContext;
|
|
18
|
+
finalize?: (ctx: ProbeContext<T>) => void;
|
|
19
|
+
validateNode: ProbeValidationCallback<T> | ProbeValidationCallback<T>[];
|
|
20
|
+
main: (node: any, ctx: ProbeMainContext<T>) => ProbeReturn;
|
|
21
|
+
teardown?: (ctx: ProbeContext<T>) => void;
|
|
20
22
|
breakOnMatch?: boolean;
|
|
21
23
|
breakGroup?: string;
|
|
24
|
+
context?: T;
|
|
22
25
|
}
|
|
23
|
-
export declare const ProbeSignals: Readonly<{
|
|
24
|
-
Break: symbol;
|
|
25
|
-
Skip: symbol;
|
|
26
|
-
}>;
|
|
27
26
|
export declare class ProbeRunner {
|
|
28
27
|
#private;
|
|
29
28
|
probes: Probe[];
|
|
30
29
|
sourceFile: SourceFile;
|
|
30
|
+
static Signals: Readonly<{
|
|
31
|
+
Break: symbol;
|
|
32
|
+
Skip: symbol;
|
|
33
|
+
Continue: null;
|
|
34
|
+
}>;
|
|
31
35
|
/**
|
|
32
36
|
* Note:
|
|
33
37
|
* The order of the table has an importance/impact on the correct execution of the probes
|
|
@@ -36,5 +40,6 @@ export declare class ProbeRunner {
|
|
|
36
40
|
static Optionals: Record<OptionalWarningName, Probe>;
|
|
37
41
|
constructor(sourceFile: SourceFile, probes?: Probe[]);
|
|
38
42
|
walk(node: ESTree.Node): null | "skip";
|
|
43
|
+
finalize(): void;
|
|
39
44
|
}
|
|
40
45
|
//# sourceMappingURL=ProbeRunner.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProbeRunner.d.ts","sourceRoot":"","sources":["../src/ProbeRunner.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"ProbeRunner.d.ts","sourceRoot":"","sources":["../src/ProbeRunner.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAmBtC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAKzD,MAAM,MAAM,WAAW,GAAG,IAAI,GAAG,IAAI,GAAG,MAAM,CAAC;AAC/C,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;AAClD,MAAM,MAAM,YAAY,CAAC,CAAC,SAAS,eAAe,GAAG,eAAe,IAAI;IACtE,UAAU,EAAE,UAAU,CAAC;IACvB,OAAO,CAAC,EAAE,CAAC,CAAC;CACb,CAAC;AACF,MAAM,MAAM,gBAAgB,CAAC,CAAC,SAAS,eAAe,GAAG,eAAe,IAAI,YAAY,CAAC,CAAC,CAAC,GAAG;IAC5F,IAAI,CAAC,EAAE,GAAG,CAAC;IACX,OAAO,EAAE,OAAO,WAAW,CAAC,OAAO,CAAC;CACrC,CAAC;AAEF,MAAM,MAAM,uBAAuB,CAAC,CAAC,SAAS,eAAe,GAAG,eAAe,IAAI,CACjF,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,KACpC,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;AAErB,MAAM,WAAW,KAAK,CAAC,CAAC,SAAS,eAAe,GAAG,eAAe;IAChE,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,KAAK,IAAI,GAAG,YAAY,CAAC;IAC3D,QAAQ,CAAC,EAAE,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;IAC1C,YAAY,EAAE,uBAAuB,CAAC,CAAC,CAAC,GAAG,uBAAuB,CAAC,CAAC,CAAC,EAAE,CAAC;IACxE,IAAI,EAAE,CACJ,IAAI,EAAE,GAAG,EACT,GAAG,EAAE,gBAAgB,CAAC,CAAC,CAAC,KACrB,WAAW,CAAC;IACjB,QAAQ,CAAC,EAAE,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;IAC1C,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,CAAC,CAAC;CACb;AAED,qBAAa,WAAW;;IACtB,MAAM,EAAE,KAAK,EAAE,CAAC;IAChB,UAAU,EAAE,UAAU,CAAC;IAEvB,MAAM,CAAC,OAAO;;;;OAIX;IAEH;;;OAGG;IACH,MAAM,CAAC,QAAQ,EAAE,KAAK,EAAE,CAetB;IAEF,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAElD;gBAGA,UAAU,EAAE,UAAU,EACtB,MAAM,GAAE,KAAK,EAAyB;IAyExC,IAAI,CACF,IAAI,EAAE,MAAM,CAAC,IAAI,GAChB,IAAI,GAAG,MAAM;IAoChB,QAAQ,IAAI,IAAI;CAMjB"}
|
package/dist/ProbeRunner.js
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
var _a;
|
|
1
2
|
// Import Node.js Dependencies
|
|
2
3
|
import assert from "node:assert";
|
|
3
4
|
// Import Internal Dependencies
|
|
@@ -15,13 +16,17 @@ import isFetch from "./probes/isFetch.js";
|
|
|
15
16
|
import isUnsafeCommand from "./probes/isUnsafeCommand.js";
|
|
16
17
|
import isSyncIO from "./probes/isSyncIO.js";
|
|
17
18
|
import isSerializeEnv from "./probes/isSerializeEnv.js";
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
});
|
|
19
|
+
import dataExfiltration from "./probes/data-exfiltration.js";
|
|
20
|
+
// CONSTANTS
|
|
21
|
+
const kProbeOriginalContext = Symbol.for("ProbeOriginalContext");
|
|
22
22
|
export class ProbeRunner {
|
|
23
23
|
probes;
|
|
24
24
|
sourceFile;
|
|
25
|
+
static Signals = Object.freeze({
|
|
26
|
+
Break: Symbol.for("breakWalk"),
|
|
27
|
+
Skip: Symbol.for("skipWalk"),
|
|
28
|
+
Continue: null
|
|
29
|
+
});
|
|
25
30
|
/**
|
|
26
31
|
* Note:
|
|
27
32
|
* The order of the table has an importance/impact on the correct execution of the probes
|
|
@@ -39,31 +44,51 @@ export class ProbeRunner {
|
|
|
39
44
|
isBinaryExpression,
|
|
40
45
|
isArrayExpression,
|
|
41
46
|
isUnsafeCommand,
|
|
42
|
-
isSerializeEnv
|
|
47
|
+
isSerializeEnv,
|
|
48
|
+
dataExfiltration
|
|
43
49
|
];
|
|
44
50
|
static Optionals = {
|
|
45
51
|
"synchronous-io": isSyncIO
|
|
46
52
|
};
|
|
47
|
-
constructor(sourceFile, probes =
|
|
53
|
+
constructor(sourceFile, probes = _a.Defaults) {
|
|
48
54
|
this.sourceFile = sourceFile;
|
|
49
55
|
for (const probe of probes) {
|
|
50
56
|
assert(typeof probe.validateNode === "function" || Array.isArray(probe.validateNode), `Invalid probe ${probe.name}: validateNode must be a function or an array of functions`);
|
|
51
57
|
assert(typeof probe.main === "function", `Invalid probe ${probe.name}: main must be a function`);
|
|
52
58
|
assert(typeof probe.initialize === "function" || probe.initialize === undefined, `Invalid probe ${probe.name}: initialize must be a function or undefined`);
|
|
53
59
|
if (probe.initialize) {
|
|
54
|
-
|
|
60
|
+
const isDefined = Reflect.defineProperty(probe, kProbeOriginalContext, {
|
|
61
|
+
enumerable: false,
|
|
62
|
+
value: structuredClone(probe.context),
|
|
63
|
+
configurable: true
|
|
64
|
+
});
|
|
65
|
+
if (!isDefined) {
|
|
66
|
+
throw new Error(`Failed to define original context for probe '${probe.name}'`);
|
|
67
|
+
}
|
|
68
|
+
const context = probe.initialize(this.#getProbeContext(probe));
|
|
69
|
+
if (context) {
|
|
70
|
+
probe.context = structuredClone(context);
|
|
71
|
+
}
|
|
55
72
|
}
|
|
56
73
|
}
|
|
57
74
|
this.probes = probes;
|
|
58
75
|
}
|
|
76
|
+
#getProbeContext(probe) {
|
|
77
|
+
return {
|
|
78
|
+
sourceFile: this.sourceFile,
|
|
79
|
+
context: probe.context
|
|
80
|
+
};
|
|
81
|
+
}
|
|
59
82
|
#runProbe(probe, node) {
|
|
60
83
|
const validationFns = Array.isArray(probe.validateNode) ?
|
|
61
84
|
probe.validateNode : [probe.validateNode];
|
|
85
|
+
const ctx = this.#getProbeContext(probe);
|
|
62
86
|
for (const validateNode of validationFns) {
|
|
63
|
-
const [isMatching, data = null] = validateNode(node,
|
|
87
|
+
const [isMatching, data = null] = validateNode(node, ctx);
|
|
64
88
|
if (isMatching) {
|
|
65
89
|
return probe.main(node, {
|
|
66
|
-
|
|
90
|
+
...ctx,
|
|
91
|
+
signals: _a.Signals,
|
|
67
92
|
data
|
|
68
93
|
});
|
|
69
94
|
}
|
|
@@ -77,14 +102,14 @@ export class ProbeRunner {
|
|
|
77
102
|
continue;
|
|
78
103
|
}
|
|
79
104
|
try {
|
|
80
|
-
const
|
|
81
|
-
if (
|
|
105
|
+
const signal = this.#runProbe(probe, node);
|
|
106
|
+
if (signal === _a.Signals.Continue) {
|
|
82
107
|
continue;
|
|
83
108
|
}
|
|
84
|
-
if (
|
|
109
|
+
if (signal === _a.Signals.Skip) {
|
|
85
110
|
return "skip";
|
|
86
111
|
}
|
|
87
|
-
if (
|
|
112
|
+
if (signal === _a.Signals.Break || probe.breakOnMatch) {
|
|
88
113
|
const breakGroup = probe.breakGroup || null;
|
|
89
114
|
if (breakGroup === null) {
|
|
90
115
|
break;
|
|
@@ -95,12 +120,17 @@ export class ProbeRunner {
|
|
|
95
120
|
}
|
|
96
121
|
}
|
|
97
122
|
finally {
|
|
98
|
-
|
|
99
|
-
probe.teardown({ sourceFile: this.sourceFile });
|
|
100
|
-
}
|
|
123
|
+
probe.teardown?.(this.#getProbeContext(probe));
|
|
101
124
|
}
|
|
102
125
|
}
|
|
103
126
|
return null;
|
|
104
127
|
}
|
|
128
|
+
finalize() {
|
|
129
|
+
for (const probe of this.probes) {
|
|
130
|
+
probe.finalize?.(this.#getProbeContext(probe));
|
|
131
|
+
probe.context = probe[kProbeOriginalContext];
|
|
132
|
+
}
|
|
133
|
+
}
|
|
105
134
|
}
|
|
135
|
+
_a = ProbeRunner;
|
|
106
136
|
//# sourceMappingURL=ProbeRunner.js.map
|
package/dist/ProbeRunner.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProbeRunner.js","sourceRoot":"","sources":["../src/ProbeRunner.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,MAAM,MAAM,aAAa,CAAC;AAKjC,+BAA+B;AAC/B,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,SAAS,MAAM,uBAAuB,CAAC;AAC9C,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,aAAa,MAAM,2BAA2B,CAAC;AACtD,OAAO,SAAS,MAAM,iCAAiC,CAAC;AACxD,OAAO,mBAAmB,MAAM,iCAAiC,CAAC;AAClE,OAAO,YAAY,MAAM,0BAA0B,CAAC;AACpD,OAAO,kBAAkB,MAAM,gCAAgC,CAAC;AAChE,OAAO,iBAAiB,MAAM,+BAA+B,CAAC;AAC9D,OAAO,WAAW,MAAM,yBAAyB,CAAC;AAClD,OAAO,OAAO,MAAM,qBAAqB,CAAC;AAC1C,OAAO,eAAe,MAAM,6BAA6B,CAAC;AAC1D,OAAO,QAAQ,MAAM,sBAAsB,CAAC;AAC5C,OAAO,cAAc,MAAM,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"ProbeRunner.js","sourceRoot":"","sources":["../src/ProbeRunner.ts"],"names":[],"mappings":";AAAA,8BAA8B;AAC9B,OAAO,MAAM,MAAM,aAAa,CAAC;AAKjC,+BAA+B;AAC/B,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,SAAS,MAAM,uBAAuB,CAAC;AAC9C,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,aAAa,MAAM,2BAA2B,CAAC;AACtD,OAAO,SAAS,MAAM,iCAAiC,CAAC;AACxD,OAAO,mBAAmB,MAAM,iCAAiC,CAAC;AAClE,OAAO,YAAY,MAAM,0BAA0B,CAAC;AACpD,OAAO,kBAAkB,MAAM,gCAAgC,CAAC;AAChE,OAAO,iBAAiB,MAAM,+BAA+B,CAAC;AAC9D,OAAO,WAAW,MAAM,yBAAyB,CAAC;AAClD,OAAO,OAAO,MAAM,qBAAqB,CAAC;AAC1C,OAAO,eAAe,MAAM,6BAA6B,CAAC;AAC1D,OAAO,QAAQ,MAAM,sBAAsB,CAAC;AAC5C,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,gBAAgB,MAAM,+BAA+B,CAAC;AAK7D,YAAY;AACZ,MAAM,qBAAqB,GAAG,MAAM,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;AAgCjE,MAAM,OAAO,WAAW;IACtB,MAAM,CAAU;IAChB,UAAU,CAAa;IAEvB,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;QAC7B,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC;QAC9B,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC;QAC5B,QAAQ,EAAE,IAAI;KACf,CAAC,CAAC;IAEH;;;OAGG;IACH,MAAM,CAAC,QAAQ,GAAY;QACzB,OAAO;QACP,SAAS;QACT,WAAW;QACX,cAAc;QACd,SAAS;QACT,cAAc;QACd,aAAa;QACb,mBAAmB;QACnB,YAAY;QACZ,kBAAkB;QAClB,iBAAiB;QACjB,eAAe;QACf,cAAc;QACd,gBAAgB;KACjB,CAAC;IAEF,MAAM,CAAC,SAAS,GAAuC;QACrD,gBAAgB,EAAE,QAAQ;KAC3B,CAAC;IAEF,YACE,UAAsB,EACtB,SAAkB,EAAW,CAAC,QAAQ;QAEtC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,CACJ,OAAO,KAAK,CAAC,YAAY,KAAK,UAAU,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,EAC7E,iBAAiB,KAAK,CAAC,IAAI,4DAA4D,CACxF,CAAC;YACF,MAAM,CACJ,OAAO,KAAK,CAAC,IAAI,KAAK,UAAU,EAChC,iBAAiB,KAAK,CAAC,IAAI,2BAA2B,CACvD,CAAC;YACF,MAAM,CACJ,OAAO,KAAK,CAAC,UAAU,KAAK,UAAU,IAAI,KAAK,CAAC,UAAU,KAAK,SAAS,EACxE,iBAAiB,KAAK,CAAC,IAAI,8CAA8C,CAC1E,CAAC;YACF,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;gBACrB,MAAM,SAAS,GAAG,OAAO,CAAC,cAAc,CAAC,KAAK,EAAE,qBAAqB,EAAE;oBACrE,UAAU,EAAE,KAAK;oBACjB,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC;oBACrC,YAAY,EAAE,IAAI;iBACnB,CAAC,CAAC;gBAEH,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,MAAM,IAAI,KAAK,CAAC,gDAAgD,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC;gBACjF,CAAC;gBAED,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC/D,IAAI,OAAO,EAAE,CAAC;oBACZ,KAAK,CAAC,OAAO,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;gBAC3C,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,gBAAgB,CACd,KAAY;QAEZ,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC;IACJ,CAAC;IAED,SAAS,CACP,KAAY,EACZ,IAAiB;QAEjB,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC;YACvD,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;QAEzC,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE,CAAC;YACzC,MAAM,CAAC,UAAU,EAAE,IAAI,GAAG,IAAI,CAAC,GAAG,YAAY,CAC5C,IAAI,EACJ,GAAG,CACJ,CAAC;YAEF,IAAI,UAAU,EAAE,CAAC;gBACf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE;oBACtB,GAAG,GAAG;oBACN,OAAO,EAAE,EAAW,CAAC,OAAO;oBAC5B,IAAI;iBACL,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CACF,IAAiB;QAEjB,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;QAEtC,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChC,IAAI,KAAK,CAAC,UAAU,IAAI,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC1D,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;gBAC3C,IAAI,MAAM,KAAK,EAAW,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;oBAC5C,SAAS;gBACX,CAAC;gBAED,IAAI,MAAM,KAAK,EAAW,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;oBACxC,OAAO,MAAM,CAAC;gBAChB,CAAC;gBACD,IAAI,MAAM,KAAK,EAAW,CAAC,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;oBAC/D,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,IAAI,CAAC;oBAE5C,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;wBACxB,MAAM;oBACR,CAAC;yBACI,CAAC;wBACJ,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;oBAC9B,CAAC;gBACH,CAAC;YACH,CAAC;oBACO,CAAC;gBACP,KAAK,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,QAAQ;QACN,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChC,KAAK,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;YAC/C,KAAK,CAAC,OAAO,GAAG,KAAK,CAAC,qBAAqB,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC"}
|
package/dist/SourceFile.d.ts
CHANGED
|
@@ -1,27 +1,11 @@
|
|
|
1
1
|
import { VariableTracer } from "@nodesecure/tracer";
|
|
2
2
|
import type { ESTree } from "meriyah";
|
|
3
|
-
import { type
|
|
3
|
+
import { type Warning } from "./warnings.js";
|
|
4
4
|
import type { Dependency } from "./AstAnalyser.js";
|
|
5
|
-
import { ProbeRunner, type Probe } from "./ProbeRunner.js";
|
|
6
5
|
import { Deobfuscator } from "./Deobfuscator.js";
|
|
7
6
|
export type SourceFlags = "fetch" | "oneline-require" | "is-minified";
|
|
8
|
-
export interface ProbesOptions {
|
|
9
|
-
/**
|
|
10
|
-
* @default []
|
|
11
|
-
*/
|
|
12
|
-
customProbes?: Probe[];
|
|
13
|
-
/**
|
|
14
|
-
* @default false
|
|
15
|
-
*/
|
|
16
|
-
skipDefaultProbes?: boolean;
|
|
17
|
-
/**
|
|
18
|
-
* @default false
|
|
19
|
-
*/
|
|
20
|
-
optionalWarnings?: boolean | Iterable<OptionalWarningName>;
|
|
21
|
-
}
|
|
22
7
|
export declare class SourceFile {
|
|
23
8
|
tracer: VariableTracer;
|
|
24
|
-
probesRunner: ProbeRunner;
|
|
25
9
|
inTryStatement: boolean;
|
|
26
10
|
dependencyAutoWarning: boolean;
|
|
27
11
|
deobfuscator: Deobfuscator;
|
|
@@ -29,7 +13,6 @@ export declare class SourceFile {
|
|
|
29
13
|
encodedLiterals: Map<string, string>;
|
|
30
14
|
warnings: Warning[];
|
|
31
15
|
flags: Set<SourceFlags>;
|
|
32
|
-
constructor(sourceCodeString: string, probesOptions?: ProbesOptions);
|
|
33
16
|
addDependency(name: string, location?: ESTree.SourceLocation | null, unsafe?: boolean): void;
|
|
34
17
|
addEncodedLiteral(value: string, location?: ESTree.SourceLocation): void;
|
|
35
18
|
analyzeLiteral(node: any, inArrayExpr?: boolean): void;
|
|
@@ -38,6 +21,6 @@ export declare class SourceFile {
|
|
|
38
21
|
stringScore: number;
|
|
39
22
|
warnings: Warning[];
|
|
40
23
|
};
|
|
41
|
-
walk(node: ESTree.Node):
|
|
24
|
+
walk(node: ESTree.Node): void;
|
|
42
25
|
}
|
|
43
26
|
//# sourceMappingURL=SourceFile.d.ts.map
|
package/dist/SourceFile.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SourceFile.d.ts","sourceRoot":"","sources":["../src/SourceFile.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAItC,OAAO,EAEL,KAAK,
|
|
1
|
+
{"version":3,"file":"SourceFile.d.ts","sourceRoot":"","sources":["../src/SourceFile.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAItC,OAAO,EAEL,KAAK,OAAO,EACb,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAKjD,MAAM,MAAM,WAAW,GACnB,OAAO,GACP,iBAAiB,GACjB,aAAa,CAAC;AAElB,qBAAa,UAAU;IACrB,MAAM,iBAA+C;IACrD,cAAc,UAAS;IACvB,qBAAqB,UAAS;IAC9B,YAAY,eAAsB;IAClC,YAAY,0BAAiC;IAC7C,eAAe,sBAA6B;IAC5C,QAAQ,EAAE,OAAO,EAAE,CAAM;IACzB,KAAK,mBAA0B;IAC/B,aAAa,CACX,IAAI,EAAE,MAAM,EACZ,QAAQ,CAAC,EAAE,MAAM,CAAC,cAAc,GAAG,IAAI,EACvC,MAAM,GAAE,OAAoC;IAwB9C,iBAAiB,CACf,KAAK,EAAE,MAAM,EACb,QAAQ,wBAAiB;IAiB3B,cAAc,CACZ,IAAI,EAAE,GAAG,EACT,WAAW,UAAQ;IAsBrB,SAAS,CACP,UAAU,EAAE,OAAO,GAClB;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,OAAO,EAAE,CAAC;KAAE;IA0CtE,IAAI,CACF,IAAI,EAAE,MAAM,CAAC,IAAI,GAChB,IAAI;CAYR"}
|
package/dist/SourceFile.js
CHANGED
|
@@ -4,14 +4,11 @@ import { VariableTracer } from "@nodesecure/tracer";
|
|
|
4
4
|
// Import Internal Dependencies
|
|
5
5
|
import { rootLocation, toArrayLocation } from "./utils/index.js";
|
|
6
6
|
import { generateWarning } from "./warnings.js";
|
|
7
|
-
import { ProbeRunner } from "./ProbeRunner.js";
|
|
8
7
|
import { Deobfuscator } from "./Deobfuscator.js";
|
|
9
|
-
import * as trojan from "./obfuscators/trojan-source.js";
|
|
10
8
|
// CONSTANTS
|
|
11
9
|
const kMaximumEncodedLiterals = 10;
|
|
12
10
|
export class SourceFile {
|
|
13
|
-
tracer;
|
|
14
|
-
probesRunner;
|
|
11
|
+
tracer = new VariableTracer().enableDefaultTracing();
|
|
15
12
|
inTryStatement = false;
|
|
16
13
|
dependencyAutoWarning = false;
|
|
17
14
|
deobfuscator = new Deobfuscator();
|
|
@@ -19,31 +16,6 @@ export class SourceFile {
|
|
|
19
16
|
encodedLiterals = new Map();
|
|
20
17
|
warnings = [];
|
|
21
18
|
flags = new Set();
|
|
22
|
-
constructor(sourceCodeString, probesOptions = {}) {
|
|
23
|
-
this.tracer = new VariableTracer()
|
|
24
|
-
.enableDefaultTracing();
|
|
25
|
-
let probes = ProbeRunner.Defaults;
|
|
26
|
-
if (Array.isArray(probesOptions.customProbes) &&
|
|
27
|
-
probesOptions.customProbes.length > 0) {
|
|
28
|
-
probes = probesOptions.skipDefaultProbes === true ?
|
|
29
|
-
probesOptions.customProbes :
|
|
30
|
-
[...probes, ...probesOptions.customProbes];
|
|
31
|
-
}
|
|
32
|
-
if (typeof probesOptions.optionalWarnings === "boolean") {
|
|
33
|
-
if (probesOptions.optionalWarnings) {
|
|
34
|
-
probes = [...probes, ...Object.values(ProbeRunner.Optionals)];
|
|
35
|
-
}
|
|
36
|
-
}
|
|
37
|
-
else {
|
|
38
|
-
const optionalProbes = Array.from(probesOptions.optionalWarnings ?? [])
|
|
39
|
-
.flatMap((warning) => ProbeRunner.Optionals[warning] ?? []);
|
|
40
|
-
probes = [...probes, ...optionalProbes];
|
|
41
|
-
}
|
|
42
|
-
this.probesRunner = new ProbeRunner(this, probes);
|
|
43
|
-
if (trojan.verify(sourceCodeString)) {
|
|
44
|
-
this.warnings.push(generateWarning("obfuscated-code", { value: "trojan-source" }));
|
|
45
|
-
}
|
|
46
|
-
}
|
|
47
19
|
addDependency(name, location, unsafe = this.dependencyAutoWarning) {
|
|
48
20
|
if (typeof name !== "string" || name.trim() === "") {
|
|
49
21
|
return;
|
|
@@ -128,7 +100,6 @@ export class SourceFile {
|
|
|
128
100
|
else if (node.type === "CatchClause") {
|
|
129
101
|
this.inTryStatement = false;
|
|
130
102
|
}
|
|
131
|
-
return this.probesRunner.walk(node);
|
|
132
103
|
}
|
|
133
104
|
}
|
|
134
105
|
function sum(arr = []) {
|
package/dist/SourceFile.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SourceFile.js","sourceRoot":"","sources":["../src/SourceFile.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAGpD,+BAA+B;AAC/B,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACjE,OAAO,EACL,eAAe,
|
|
1
|
+
{"version":3,"file":"SourceFile.js","sourceRoot":"","sources":["../src/SourceFile.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAGpD,+BAA+B;AAC/B,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACjE,OAAO,EACL,eAAe,EAEhB,MAAM,eAAe,CAAC;AAEvB,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,YAAY;AACZ,MAAM,uBAAuB,GAAG,EAAE,CAAC;AAOnC,MAAM,OAAO,UAAU;IACrB,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC,oBAAoB,EAAE,CAAC;IACrD,cAAc,GAAG,KAAK,CAAC;IACvB,qBAAqB,GAAG,KAAK,CAAC;IAC9B,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;IAClC,YAAY,GAAG,IAAI,GAAG,EAAsB,CAAC;IAC7C,eAAe,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC5C,QAAQ,GAAc,EAAE,CAAC;IACzB,KAAK,GAAG,IAAI,GAAG,EAAe,CAAC;IAC/B,aAAa,CACX,IAAY,EACZ,QAAuC,EACvC,SAAkB,IAAI,CAAC,qBAAqB;QAE5C,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACnD,OAAO;QACT,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC;YAC3D,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC3B,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE;YACpC,MAAM;YACN,KAAK,EAAE,IAAI,CAAC,cAAc;YAC1B,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAC/B,IAAI,CAAC,QAAQ,CAAC,IAAI,CAChB,eAAe,CAAC,eAAe,EAAE;gBAC/B,KAAK,EAAE,cAAc;gBACrB,QAAQ,EAAE,QAAQ,IAAI,KAAK,CAAC;aAC7B,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,iBAAiB,CACf,KAAa,EACb,QAAQ,GAAG,YAAY,EAAE;QAEzB,IAAI,IAAI,CAAC,eAAe,CAAC,IAAI,GAAG,uBAAuB,EAAE,CAAC;YACxD,OAAO;QACT,CAAC;QAED,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACpC,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC;YAC/C,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC;YAE9D,OAAO;QACT,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC5E,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;IACpE,CAAC;IAED,cAAc,CACZ,IAAS,EACT,WAAW,GAAG,KAAK;QAEnB,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YACxD,OAAO;QACT,CAAC;QACD,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE5C,MAAM,EACJ,sBAAsB,EACtB,kBAAkB,EAClB,QAAQ,EACT,GAAG,OAAO,CAAC,eAAe,CAAC,IAAI,CAAE,CAAC;QACnC,IAAI,CAAC,sBAAsB,IAAI,kBAAkB,CAAC,IAAI,QAAQ,EAAE,CAAC;YAC/D,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC,YAAY,CAAC,iBAAiB,EAAE,CAAC;YACxC,CAAC;iBACI,CAAC;gBACJ,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;IACH,CAAC;IAED,SAAS,CACP,UAAmB;QAEnB,MAAM,cAAc,GAAG,IAAI,CAAC,YAAY,CAAC,iBAAiB,EAAE,CAAC;QAC7D,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC,QAAQ,CAAC,IAAI,CAChB,eAAe,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAC9D,CAAC;QACJ,CAAC;QAED,MAAM,oBAAoB,GAAG,IAAI,CAAC,YAAY,CAAC,WAAW;aACvD,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,UAAU,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC;aAC9E,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAErC,MAAM,CAAC,YAAY,EAAE,WAAW,CAAC,GAAG;YAClC,GAAG,CAAC,oBAAoB,CAAC;YACzB,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC;SACrC,CAAC;QACF,IAAI,CAAC,UAAU,IAAI,oBAAoB,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,IAAI,GAAG,EAAE,CAAC;YAC1E,IAAI,CAAC,QAAQ,CAAC,IAAI,CAChB,eAAe,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC,CACtE,CAAC;QACJ,CAAC;QACD,IAAI,WAAW,IAAI,CAAC,EAAE,CAAC;YACrB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAChB,eAAe,CAAC,oBAAoB,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CACtE,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,CAAC,eAAe,CAAC,IAAI,GAAG,uBAAuB,EAAE,CAAC;YACxD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAChB,eAAe,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CACpD,CAAC;YACF,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ;iBAC1B,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,KAAK,iBAAiB,CAAC,CAAC;QAC7D,CAAC;QAED,OAAO;YACL,YAAY;YACZ,WAAW;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC;IACJ,CAAC;IAED,IAAI,CACF,IAAiB;QAEjB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE7B,+FAA+F;QAC/F,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;aACI,IAAI,IAAI,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;YACrC,IAAI,CAAC,cAAc,GAAG,KAAK,CAAC;QAC9B,CAAC;IACH,CAAC;CACF;AAED,SAAS,GAAG,CACV,MAAgB,EAAE;IAElB,OAAO,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;AAC1F,CAAC"}
|
package/dist/index.d.ts
CHANGED
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,qBAAqB,CAAC;AACpC,cAAc,kBAAkB,CAAC;AACjC,cAAc,yBAAyB,CAAC;AACxC,cAAc,iBAAiB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,qBAAqB,CAAC;AACpC,cAAc,kBAAkB,CAAC;AACjC,cAAc,yBAAyB,CAAC;AACxC,cAAc,iBAAiB,CAAC;AAChC,OAAO,EACL,SAAS,EACT,KAAK,QAAQ,EACd,MAAM,sBAAsB,CAAC"}
|
package/dist/index.js
CHANGED
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,qBAAqB,CAAC;AACpC,cAAc,kBAAkB,CAAC;AACjC,cAAc,yBAAyB,CAAC;AACxC,cAAc,iBAAiB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,qBAAqB,CAAC;AACpC,cAAc,kBAAkB,CAAC;AACjC,cAAc,yBAAyB,CAAC;AACxC,cAAc,iBAAiB,CAAC;AAChC,OAAO,EACL,SAAS,EAEV,MAAM,sBAAsB,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import type { ESTree } from "meriyah";
|
|
2
|
+
export interface Pipeline {
|
|
3
|
+
name: string;
|
|
4
|
+
walk(body: ESTree.Program["body"]): ESTree.Program["body"];
|
|
5
|
+
}
|
|
6
|
+
export declare class PipelineRunner {
|
|
7
|
+
#private;
|
|
8
|
+
constructor(pipelines: Pipeline[]);
|
|
9
|
+
reduce(initialBody: ESTree.Program["body"]): ESTree.Program["body"];
|
|
10
|
+
}
|
|
11
|
+
//# sourceMappingURL=Runner.class.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Runner.class.d.ts","sourceRoot":"","sources":["../../src/pipelines/Runner.class.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAEtC,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IAEb,IAAI,CACF,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,GAC3B,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;CAC3B;AAED,qBAAa,cAAc;;gBAIvB,SAAS,EAAE,QAAQ,EAAE;IAKvB,MAAM,CACJ,WAAW,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,GAClC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;CAM1B"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
export class PipelineRunner {
|
|
2
|
+
#pipelines;
|
|
3
|
+
constructor(pipelines) {
|
|
4
|
+
this.#pipelines = removeDuplicatedPipelines(pipelines);
|
|
5
|
+
}
|
|
6
|
+
reduce(initialBody) {
|
|
7
|
+
return this.#pipelines.reduce((body, pipeline) => pipeline.walk(body), initialBody);
|
|
8
|
+
}
|
|
9
|
+
}
|
|
10
|
+
function removeDuplicatedPipelines(pipelines) {
|
|
11
|
+
const seen = new Set();
|
|
12
|
+
return pipelines.filter((pipeline) => {
|
|
13
|
+
if (seen.has(pipeline.name)) {
|
|
14
|
+
return false;
|
|
15
|
+
}
|
|
16
|
+
seen.add(pipeline.name);
|
|
17
|
+
return true;
|
|
18
|
+
});
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=Runner.class.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Runner.class.js","sourceRoot":"","sources":["../../src/pipelines/Runner.class.ts"],"names":[],"mappings":"AAWA,MAAM,OAAO,cAAc;IACzB,UAAU,CAAa;IAEvB,YACE,SAAqB;QAErB,IAAI,CAAC,UAAU,GAAG,yBAAyB,CAAC,SAAS,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,CACJ,WAAmC;QAEnC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAC3B,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EACvC,WAAW,CACZ,CAAC;IACJ,CAAC;CACF;AAED,SAAS,yBAAyB,CAChC,SAAqB;IAErB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAE/B,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;QACnC,IAAI,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5B,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAExB,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { ESTree } from "meriyah";
|
|
2
|
+
import type { Pipeline } from "./Runner.class.js";
|
|
3
|
+
export declare class Deobfuscate implements Pipeline {
|
|
4
|
+
#private;
|
|
5
|
+
name: string;
|
|
6
|
+
walk(body: ESTree.Program["body"]): ESTree.Program["body"];
|
|
7
|
+
}
|
|
8
|
+
//# sourceMappingURL=deobfuscate.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"deobfuscate.d.ts","sourceRoot":"","sources":["../../src/pipelines/deobfuscate.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAMtC,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAElD,qBAAa,WAAY,YAAW,QAAQ;;IAC1C,IAAI,SAAiB;IAiBrB,IAAI,CACF,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,GAC3B,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;CAgB1B"}
|