@shriyanss/js-recon 1.0.0 → 1.1.0-beta.1

package/build/strings/index.js

@@ -0,0 +1,235 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import chalk from "chalk";
+import fs from "fs";
+import path from "path";
+import parser from "@babel/parser";
+import prettier from "prettier";
+import secrets from "./secrets.js";
+import permutate from "./permutate.js";
+import openapi from "./openapi.js";
+/**
+ * Recursively extracts strings from a babel AST node.
+ * This is a deeper search than just StringLiterals.
+ * @param {object} node - The AST node to traverse.
+ * @returns {string[]} - An array of extracted strings.
+ */
+function extractStrings(node) {
+    const strings = new Set();
+    const seen = new WeakSet();
+    function recurse(currentNode) {
+        if (!currentNode ||
+            typeof currentNode !== "object" ||
+            seen.has(currentNode)) {
+            return;
+        }
+        seen.add(currentNode);
+        if (Array.isArray(currentNode)) {
+            currentNode.forEach((item) => recurse(item));
+            return;
+        }
+        if (currentNode.type === "StringLiteral") {
+            strings.add(currentNode.value);
+        }
+        else if (currentNode.type === "TemplateLiteral") {
+            currentNode.quasis.forEach((q) => {
+                if (q.value.cooked) {
+                    strings.add(q.value.cooked);
+                }
+            });
+        }
+        Object.keys(currentNode).forEach((key) => {
+            // Avoid traversing location properties and other non-node properties
+            if ([
+                "loc",
+                "start",
+                "end",
+                "extra",
+                "raw",
+                "comments",
+                "leadingComments",
+                "trailingComments",
+                "innerComments",
+            ].includes(key))
+                return;
+            recurse(currentNode[key]);
+        });
+    }
+    recurse(node);
+    return Array.from(strings);
+}
+/**
+ * Extracts all string literals from all .js files in a given directory and its
+ * subdirectories and writes them to a JSON file.
+ * @param {string} directory - The directory to scan for .js files
+ * @param {string} output_file - The file to write the extracted strings to
+ */
+const strings = (directory, output_file, extract_urls, extracted_url_path, scan_secrets, permutate_option, openapi_option) => __awaiter(void 0, void 0, void 0, function* () {
+    console.log(chalk.cyan("[i] Loading 'Strings' module"));
+    // check if the directory exists
+    if (!fs.existsSync(directory)) {
+        console.log(chalk.red("[!] Directory does not exist"));
+        return;
+    }
+    console.log(chalk.cyan(`[i] Scanning ${directory} directory`));
+    // get all files in the directory and sub-directories
+    const files = fs.readdirSync(directory, { recursive: true });
+    // filter out non JS files
+    let jsFiles = files.filter((file) => file.endsWith(".js"));
+    // filter out subsequent requests files
+    // jsFiles = jsFiles.filter((file) => !file.startsWith("___subsequent_requests"));
+    // read all JS files
+    let js_files_path = [];
+    for (const file of jsFiles) {
+        const filePath = path.join(directory, file);
+        if (!fs.lstatSync(filePath).isDirectory()) {
+            js_files_path.push(filePath);
+        }
+    }
+    console.log(chalk.cyan(`[i] Found ${js_files_path.length} JS files`));
+    // read all JS files
+    let all_strings = {};
+    for (const file of js_files_path) {
+        if (file.includes("___subsequent_requests")) {
+            // iterate through the file line by line
+            const lines = fs.readFileSync(file, "utf-8").split("\n");
+            let strings = [];
+            for (const line of lines) {
+                // if the line matches with a particular regex, then extract the JS snippet
+                if (line.match(/^[0-9a-z]+:\[.+/)) {
+                    // get the JS snippet
+                    let jsCode;
+                    try {
+                        jsCode = `[${line.match(/\[(.+)\]/)[1]}]`;
+                    }
+                    catch (err) {
+                        continue;
+                    }
+                    // parse the JS snippet with babel
+                    let ast;
+                    try {
+                        ast = parser.parse(jsCode, {
+                            sourceType: "unambiguous",
+                            plugins: ["jsx", "typescript"],
+                        });
+                    }
+                    catch (err) {
+                        continue;
+                    }
+                    const extracted = extractStrings(ast);
+                    strings.push(...extracted);
+                }
+            }
+            all_strings[file] = strings;
+        }
+        else {
+            const fileContent = fs.readFileSync(file, "utf-8");
+            // parse the file contents with babel
+            const ast = parser.parse(fileContent, {
+                sourceType: "unambiguous",
+                plugins: ["jsx", "typescript"],
+            });
+            all_strings[file] = extractStrings(ast);
+        }
+    }
+    let strings_count = 0;
+    for (const file of Object.keys(all_strings)) {
+        strings_count += all_strings[file].length;
+    }
+    console.log(chalk.cyan(`[i] Extracted ${strings_count} strings`));
+    // write to a JSON file
+    const formatted = yield prettier.format(JSON.stringify(all_strings), {
+        parser: "json",
+        printWidth: 80,
+        singleQuote: true,
+    });
+    fs.writeFileSync(output_file, formatted);
+    console.log(chalk.green(`[✓] Extracted strings to ${output_file}`));
+    // if -p is enabled, but not -e, or the same case with the --openapi flag
+    if ((permutate_option && !extract_urls) ||
+        (openapi_option && !extract_urls)) {
+        console.log(chalk.red("[!] Please enable -e flag for -p or --openapi flag"));
+        return;
+    }
+    // if the -e flag is enabled, extract the URLs also
+    if (extract_urls) {
+        console.log(chalk.cyan("[i] Extracting URLs and paths from strings"));
+        let urls = [];
+        let paths = [];
+        for (const file of Object.keys(all_strings)) {
+            for (const string of all_strings[file]) {
+                if (string.match(/^https?:\/\/[a-zA-Z0-9\.\-_]+\/?.*$/)) {
+                    // like https://site.com
+                    urls.push(string);
+                }
+                if (string.match(/^\/.+$/)) {
+                    // like /path/resource
+                    // make sure that the path doesn't start with two special chars except '/_'
+                    if (string.match(/^\/[^a-zA-Z0-9]/) &&
+                        !string.startsWith("/_")) {
+                        // ignore the path
+                    }
+                    else {
+                        paths.push(string);
+                    }
+                }
+                if (string.match(/^[a-zA-Z0-9_\-]\/[a-zA-Z0-9_\-].*$/)) {
+                    // like path/to/resource
+                    paths.push(string);
+                }
+                if (string.startsWith("./") || string.startsWith("../")) {
+                    // like "./path/to/resource" or "../path/to/resource"
+                    paths.push(string);
+                }
+            }
+        }
+        // dedupe the two lists
+        urls = [...new Set(urls)];
+        paths = [...new Set(paths)];
+        console.log(chalk.cyan(`[i] Found ${urls.length} URLs and ${paths.length} paths`));
+        // write to a JSON file
+        const formatted_urls = yield prettier.format(JSON.stringify({ urls, paths }), {
+            parser: "json",
+            printWidth: 80,
+            singleQuote: true,
+        });
+        fs.writeFileSync(`${extracted_url_path}.json`, formatted_urls);
+        console.log(chalk.green(`[✓] Written URLs and paths to ${extracted_url_path}.json`));
+        if (permutate_option) {
+            yield permutate(urls, paths, extracted_url_path);
+        }
+        if (openapi_option) {
+            yield openapi(paths, extracted_url_path);
+        }
+    }
+    if (scan_secrets) {
+        console.log(chalk.cyan("[i] Scanning for secrets"));
+        let total_secrets = 0;
+        for (const file of js_files_path) {
+            const fileContent = fs.readFileSync(file, "utf8");
+            const foundSecrets = yield secrets(fileContent);
+            if (foundSecrets.length > 0) {
+                for (const foundSecret of foundSecrets) {
+                    console.log(chalk.green(`[✓] Found ${foundSecret.name} in ${file}`));
+                    console.log(chalk.bgGreen(foundSecret.value));
+                    total_secrets++;
+                }
+            }
+        }
+        if (total_secrets === 0) {
+            console.log(chalk.yellow(`[!] No secrets found`));
+        }
+        else {
+            console.log(chalk.green(`[✓] Found ${total_secrets} secrets`));
+        }
+    }
+});
+export default strings;
+//# sourceMappingURL=index.js.map

package/build/strings/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/strings/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,MAAM,MAAM,eAAe,CAAC;AACnC,OAAO,QAAQ,MAAM,UAAU,CAAC;AAChC,OAAO,OAAO,MAAM,cAAc,CAAC;AACnC,OAAO,SAAS,MAAM,gBAAgB,CAAC;AACvC,OAAO,OAAO,MAAM,cAAc,CAAC;AAEnC;;;;;GAKG;AACH,SAAS,cAAc,CAAC,IAAI;IACxB,MAAM,OAAO,GAAG,IAAI,GAAG,EAAE,CAAC;IAC1B,MAAM,IAAI,GAAG,IAAI,OAAO,EAAE,CAAC;IAE3B,SAAS,OAAO,CAAC,WAAW;QACxB,IACI,CAAC,WAAW;YACZ,OAAO,WAAW,KAAK,QAAQ;YAC/B,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,EACvB,CAAC;YACC,OAAO;QACX,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAEtB,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7B,WAAW,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;YAC7C,OAAO;QACX,CAAC;QAED,IAAI,WAAW,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YACvC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACnC,CAAC;aAAM,IAAI,WAAW,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;YAChD,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC7B,IAAI,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;oBACjB,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAChC,CAAC;YACL,CAAC,CAAC,CAAC;QACP,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YACrC,qEAAqE;YACrE,IACI;gBACI,KAAK;gBACL,OAAO;gBACP,KAAK;gBACL,OAAO;gBACP,KAAK;gBACL,UAAU;gBACV,iBAAiB;gBACjB,kBAAkB;gBAClB,eAAe;aAClB,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAEf,OAAO;YACX,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;IACP,CAAC;IAED,OAAO,CAAC,IAAI,CAAC,CAAC;IACd,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;GAKG;AACH,MAAM,OAAO,GAAG,CACZ,SAAS,EACT,WAAW,EACX,YAAY,EACZ,kBAAkB,EAClB,YAAY,EACZ,gBAAgB,EAChB,cAAc,EAChB,EAAE;IACA,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC,CAAC;IAExD,gCAAgC;IAChC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC,CAAC;QACvD,OAAO;IACX,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,SAAS,YAAY,CAAC,CAAC,CAAC;IAE/D,qDAAqD;IACrD,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE7D,0BAA0B;IAC1B,IAAI,OAAO,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;IAE3D,uCAAuC;IACvC,kFAAkF;IAElF,oBAAoB;IACpB,IAAI,aAAa,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAC5C,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;YACxC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACjC,CAAC;IACL,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,aAAa,CAAC,MAAM,WAAW,CAAC,CAAC,CAAC;IAEtE,oBAAoB;IACpB,IAAI,WAAW,GAAG,EAAE,CAAC;IACrB,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;QAC/B,IAAI,IAAI,CAAC,QAAQ,CAAC,wBAAwB,CAAC,EAAE,CAAC;YAC1C,wCAAwC;YACxC,MAAM,KAAK,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACzD,IAAI,OAAO,GAAG,EAAE,CAAC;YACjB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACvB,2EAA2E;gBAC3E,IAAI,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAChC,qBAAqB;oBACrB,IAAI,MAAM,CAAC;oBACX,IAAI,CAAC;wBACD,MAAM,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;oBAC9C,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACX,SAAS;oBACb,CAAC;oBAED,kCAAkC;oBAClC,IAAI,GAAG,CAAC;oBACR,IAAI,CAAC;wBACD,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE;4BACvB,UAAU,EAAE,aAAa;4BACzB,OAAO,EAAE,CAAC,KAAK,EAAE,YAAY,CAAC;yBACjC,CAAC,CAAC;oBACP,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACX,SAAS;oBACb,CAAC;oBAED,MAAM,SAAS,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;oBACtC,OAAO,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,CAAC;gBAC/B,CAAC;YACL,CAAC;YACD,WAAW,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC;QAChC,CAAC;aAAM,CAAC;YACJ,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAEnD,qCAAqC;YACrC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE;gBAClC,UAAU,EAAE,aAAa;gBACzB,OAAO,EAAE,CAAC,KAAK,EAAE,YAAY,CAAC;aACjC,CAAC,CAAC;YAEH,WAAW,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;QAC5C,CAAC;IACL,CAAC;IAED,IAAI,aAAa,GAAG,CAAC,CAAC;IACtB,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC1C,aAAa,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;IAC9C,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,aAAa,UAAU,CAAC,CAAC,CAAC;IAElE,uBAAuB;IACvB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE;QACjE,MAAM,EAAE,MAAM;QACd,UAAU,EAAE,EAAE;QACd,WAAW,EAAE,IAAI;KACpB,CAAC,CAAC;IACH,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;IAEzC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,4BAA4B,WAAW,EAAE,CAAC,CAAC,CAAC;IAEpE,yEAAyE;IACzE,IACI,CAAC,gBAAgB,IAAI,CAAC,YAAY,CAAC;QACnC,CAAC,cAAc,IAAI,CAAC,YAAY,CAAC,EACnC,CAAC;QACC,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAClE,CAAC;QACF,OAAO;IACX,CAAC;IAED,mDAAmD;IACnD,IAAI,YAAY,EAAE,CAAC;QACf,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC,CAAC;QAEtE,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,IAAI,KAAK,GAAG,EAAE,CAAC;QAEf,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAC1C,KAAK,MAAM,MAAM,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,IAAI,MAAM,CAAC,KAAK,CAAC,qCAAqC,CAAC,EAAE,CAAC;oBACtD,wBAAwB;oBACxB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACtB,CAAC;gBACD,IAAI,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACzB,sBAAsB;oBACtB,2EAA2E;oBAC3E,IACI,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC;wBAC/B,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,EAC1B,CAAC;wBACC,kBAAkB;oBACtB,CAAC;yBAAM,CAAC;wBACJ,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBACvB,CAAC;gBACL,CAAC;gBACD,IAAI,MAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,EAAE,CAAC;oBACrD,wBAAwB;oBACxB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACvB,CAAC;gBACD,IAAI,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;oBACtD,qDAAqD;oBACrD,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACvB,CAAC;YACL,CAAC;QACL,CAAC;QAED,uBAAuB;QACvB,IAAI,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1B,KAAK,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;QAE5B,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,IAAI,CACN,aAAa,IAAI,CAAC,MAAM,aAAa,KAAK,CAAC,MAAM,QAAQ,CAC5D,CACJ,CAAC;QAEF,uBAAuB;QACvB,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,MAAM,CACxC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAC/B;YACI,MAAM,EAAE,MAAM;YACd,UAAU,EAAE,EAAE;YACd,WAAW,EAAE,IAAI;SACpB,CACJ,CAAC;QACF,EAAE,CAAC,aAAa,CAAC,GAAG,kBAAkB,OAAO,EAAE,cAAc,CAAC,CAAC;QAE/D,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,KAAK,CACP,iCAAiC,kBAAkB,OAAO,CAC7D,CACJ,CAAC;QAEF,IAAI,gBAAgB,EAAE,CAAC;YACnB,MAAM,SAAS,CAAC,IAAI,EAAE,KAAK,EAAE,kBAAkB,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,cAAc,EAAE,CAAC;YACjB,MAAM,OAAO,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAC;QAC7C,CAAC;IACL,CAAC;IAED,IAAI,YAAY,EAAE,CAAC;QACf,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC;QAEpD,IAAI,aAAa,GAAG,CAAC,CAAC;QAEtB,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;YAC/B,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAClD,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAC;YAChD,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE,CAAC;oBACrC,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,KAAK,CAAC,aAAa,WAAW,CAAC,IAAI,OAAO,IAAI,EAAE,CAAC,CAC1D,CAAC;oBACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC;oBAC9C,aAAa,EAAE,CAAC;gBACpB,CAAC;YACL,CAAC;QACL,CAAC;QAED,IAAI,aAAa,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,CAAC;QACtD,CAAC;aAAM,CAAC;YACJ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,aAAa,UAAU,CAAC,CAAC,CAAC;QACnE,CAAC;IACL,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,eAAe,OAAO,CAAC"}

package/build/strings/openapi.js

@@ -0,0 +1,55 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import chalk from "chalk";
+import { writeFile } from "fs/promises";
+const openapi = (paths, output_file) => __awaiter(void 0, void 0, void 0, function* () {
+    console.log(chalk.cyan("[i] Generating OpenAPI v3 file"));
+    const openapiData = {
+        openapi: "3.0.0",
+        info: {
+            title: "API Collection",
+            description: "A collection of API endpoints discovered by js-recon.",
+            version: "1.0.0",
+        },
+        servers: [
+            {
+                url: "{{baseUrl}}",
+                description: "Base URL for the API",
+            },
+        ],
+        paths: {},
+    };
+    for (const p of paths) {
+        const pathKey = p.startsWith("/") ? p : `/${p}`;
+        if (!openapiData.paths[pathKey]) {
+            openapiData.paths[pathKey] = {};
+        }
+        // Assuming GET method for all paths for now.
+        // This can be expanded later.
+        openapiData.paths[pathKey].get = {
+            summary: `Discovered endpoint: ${pathKey}`,
+            description: `An endpoint discovered at ${pathKey}.`,
+            responses: {
+                200: {
+                    description: "Successful response. The actual response will vary.",
+                },
+            },
+        };
+    }
+    try {
+        yield writeFile(`${output_file}-openapi.json`, JSON.stringify(openapiData, null, 2));
+        console.log(chalk.green(`[✓] OpenAPI v3 file saved to: ${output_file}-openapi.json`));
+    }
+    catch (error) {
+        console.error(chalk.red(`[!] Error writing OpenAPI file: ${error.message}`));
+    }
+});
+export default openapi;
+//# sourceMappingURL=openapi.js.map

package/build/strings/openapi.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"openapi.js","sourceRoot":"","sources":["../../src/strings/openapi.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAGxC,MAAM,OAAO,GAAG,CAAO,KAAK,EAAE,WAAW,EAAE,EAAE;IACzC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,CAAC;IAE1D,MAAM,WAAW,GAAG;QAChB,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE;YACF,KAAK,EAAE,gBAAgB;YACvB,WAAW,EACP,uDAAuD;YAC3D,OAAO,EAAE,OAAO;SACnB;QACD,OAAO,EAAE;YACL;gBACI,GAAG,EAAE,aAAa;gBAClB,WAAW,EAAE,sBAAsB;aACtC;SACJ;QACD,KAAK,EAAE,EAAE;KACZ,CAAC;IAEF,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACpB,MAAM,OAAO,GAAG,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;QAChD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACpC,CAAC;QACD,6CAA6C;QAC7C,8BAA8B;QAC9B,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,GAAG,GAAG;YAC7B,OAAO,EAAE,wBAAwB,OAAO,EAAE;YAC1C,WAAW,EAAE,6BAA6B,OAAO,GAAG;YACpD,SAAS,EAAE;gBACP,GAAG,EAAE;oBACD,WAAW,EACP,qDAAqD;iBAC5D;aACJ;SACJ,CAAC;IACN,CAAC;IAED,IAAI,CAAC;QACD,MAAM,SAAS,CACX,GAAG,WAAW,eAAe,EAC7B,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CACvC,CAAC;QACF,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,KAAK,CACP,iCAAiC,WAAW,eAAe,CAC9D,CACJ,CAAC;IACN,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CACT,KAAK,CAAC,GAAG,CAAC,mCAAmC,KAAK,CAAC,OAAO,EAAE,CAAC,CAChE,CAAC;IACN,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,eAAe,OAAO,CAAC"}

package/build/strings/permutate.js

@@ -0,0 +1,55 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import chalk from "chalk";
+import fs from "fs";
+const permutate = (urls, paths, output) => __awaiter(void 0, void 0, void 0, function* () {
+    console.log(chalk.cyan("[i] Permutating URLs and paths"));
+    let permutedUrls = [];
+    //   go through each URL
+    for (const url of urls) {
+        // check if the URL is valid or not by passing to URL
+        try {
+            new URL(url);
+        }
+        catch (err) {
+            continue;
+        }
+        // now that's a valid URL, get the base URL from it
+        const baseUrl = new URL(url).origin;
+        // go through each path
+        for (const path of paths) {
+            // join the baseurl and the path, and push it to an array
+            permutedUrls.push(new URL(path, baseUrl).href);
+        }
+    }
+    // append all the urls also
+    permutedUrls.push(...urls);
+    // get the origin aka baseurl, and push those also
+    for (const url of urls) {
+        try {
+            permutedUrls.push(new URL(url).origin);
+        }
+        catch (_a) { }
+    }
+    // deduplicate
+    permutedUrls = [...new Set(permutedUrls)];
+    // write to a .txt file
+    const results = permutedUrls.join("\n");
+    try {
+        fs.writeFileSync(`${output}.txt`, results);
+        console.log(chalk.green(`[✓] Written permuted URLs to ${output}.txt`));
+    }
+    catch (error) {
+        console.error(chalk.red(`[✗] Failed to write to ${output}.txt: ${error.message}`));
+        throw error;
+    }
+});
+export default permutate;
+//# sourceMappingURL=permutate.js.map

package/build/strings/permutate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permutate.js","sourceRoot":"","sources":["../../src/strings/permutate.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,MAAM,SAAS,GAAG,CACd,IAAc,EACd,KAAe,EACf,MAAc,EACD,EAAE;IACf,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,CAAC;IAE1D,IAAI,YAAY,GAAG,EAAE,CAAC;IAEtB,wBAAwB;IACxB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACrB,qDAAqD;QACrD,IAAI,CAAC;YACD,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QACjB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,SAAS;QACb,CAAC;QAED,mDAAmD;QACnD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;QAEpC,uBAAuB;QACvB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,yDAAyD;YACzD,YAAY,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC;QACnD,CAAC;IACL,CAAC;IAED,2BAA2B;IAC3B,YAAY,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;IAE3B,kDAAkD;IAClD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACrB,IAAI,CAAC;YACD,YAAY,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;QAC3C,CAAC;QAAC,WAAM,CAAC,CAAA,CAAC;IACd,CAAC;IAED,cAAc;IACd,YAAY,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;IAE1C,uBAAuB;IACvB,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxC,IAAI,CAAC;QACD,EAAE,CAAC,aAAa,CAAC,GAAG,MAAM,MAAM,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,gCAAgC,MAAM,MAAM,CAAC,CAAC,CAAC;IAC3E,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CACT,KAAK,CAAC,GAAG,CAAC,0BAA0B,MAAM,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CACtE,CAAC;QACF,MAAM,KAAK,CAAC;IAChB,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,eAAe,SAAS,CAAC"}

package/build/strings/secrets.js

@@ -0,0 +1,89 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+// file deepcode ignore HardcodedNonCryptoSecret: False positive
+const secret_patterns = {
+    Cloudinary: "cloudinary://.*",
+    "Firebase URL": ".*firebaseio\\.com",
+    "Slack Token": "(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})",
+    "RSA private key": "-----BEGIN RSA PRIVATE KEY-----",
+    "SSH (DSA) private key": "-----BEGIN DSA PRIVATE KEY-----",
+    "SSH (EC) private key": "-----BEGIN EC PRIVATE KEY-----",
+    "PGP private key block": "-----BEGIN PGP PRIVATE KEY BLOCK-----",
+    "Amazon AWS Access Key ID": "AKIA[0-9A-Z]{16}",
+    "Amazon MWS Auth Token": "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}",
+    "Facebook Access Token": "EAACEdEose0cBA[0-9A-Za-z]+",
+    "Facebook OAuth": "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]",
+    GitHub: "[g|G][i|I][t|T][h|H][u|U][b|B].*['|\"][0-9a-zA-Z]{35,40}['|\"]",
+    "Generic API Key": "[a|A][p|P][i|I][_]?[k|K][e|E][y|Y].*['|\"][0-9a-zA-Z]{32,45}['|\"]",
+    "Generic Secret": "[s|S][e|E][c|C][r|R][e|E][t|T].*['|\"][0-9a-zA-Z]{32,45}['|\"]",
+    "Google API Key": "AIza[0-9A-Za-z\\-_]{35}",
+    "Google Cloud Platform API Key": "AIza[0-9A-Za-z\\-_]{35}",
+    "Google Cloud Platform OAuth": "[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com",
+    "Google Drive API Key": "AIza[0-9A-Za-z\\-_]{35}",
+    "Google Drive OAuth": "[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com",
+    "Google (GCP) Service-account": '\\"type\\": \\"service_account\\"',
+    "Google Gmail API Key": "AIza[0-9A-Za-z\\-_]{35}",
+    "Google Gmail OAuth": "[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com",
+    "Google OAuth Access Token": "ya29\\.[0-9A-Za-z\\-_]+",
+    "Google YouTube API Key": "AIza[0-9A-Za-z\\-_]{35}",
+    "Google YouTube OAuth": "[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com",
+    "Heroku API Key - 1": "[h|H][e|E][r|R][o|O][k|K][u|U].*[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}",
+    "Heroku API Key - 2": "[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}",
+    "MailChimp API Key": "[0-9a-f]{32}-us[0-9]{1,2}",
+    "Mailgun API Key": "key-[0-9a-zA-Z]{32}",
+    "Password in URL": "[a-zA-Z]{3,10}://[^/\\s:@]{3,20}:[^/\\s:@]{3,20}@.{1,100}[\\\"'\\s]",
+    "PayPal Braintree Access Token": "access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}",
+    "Picatic API Key": "sk_live_[0-9a-z]{32}",
+    "Slack Webhook": "https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8}/[a-zA-Z0-9_]{24}",
+    "Stripe API Key": "sk_live_[0-9a-zA-Z]{24}",
+    "Stripe Restricted API Key": "rk_live_[0-9a-zA-Z]{24}",
+    "Square Access Token": "sq0atp-[0-9A-Za-z\\-_]{22}",
+    "Square OAuth Secret": "sq0csp-[0-9A-Za-z\\-_]{43}",
+    "Twilio API Key": "SK[0-9a-fA-F]{32}",
+    "Twitter Access Token": "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*[1-9][0-9]+-[0-9a-zA-Z]{40}",
+    "Twitter OAuth": "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*['|\"][0-9a-zA-Z]{35,44}['|\"]",
+    "OpenAI User API Key": "sk-[A-Za-z0-9]{20}T3BlbkFJ[A-Za-z0-9]{20}",
+    "OpenAI User Project Key": "sk-proj-[A-Za-z0-9]{20}T3BlbkFJ[A-Za-z0-9]{20}",
+    "OpenAI Service ID": "^[A-Za-z0-9]+(-*[A-Za-z0-9]+)*$",
+    "OpenAI Service Key": "sk-{SERVICE ID}-[A-Za-z0-9]{20}T3BlbkFJ[A-Za-z0-9]{20}",
+    Wakatime: "waka_[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}",
+    "Artifactory API Token": '(?:\\s|=|:|"|^)AKC[a-zA-Z0-9]{10,}',
+    "Artifactory Password": '(?:\\s|=|:|"|^)AP[\\dABCDEF][a-zA-Z0-9]{8,}',
+    "Authorization Basic": "basic [a-zA-Z0-9_:\\\.=\-]+",
+    "Authorization Bearer": "bearer [a-zA-Z0-9_\\\.=\-]+",
+    "AWS Client ID": "(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}",
+    "AWS MWS Key": "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}",
+    Base64: "(eyJ|YTo|Tzo|PD[89]|aHR0cHM6L|aHR0cDo|rO0)[a-zA-Z0-9+/]+={0,2}",
+    "Basic Auth Credentials": "(?<=:\/\/ )[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\\.[a-zA-Z]+",
+    "Cloudinary Basic Auth": "cloudinary:\/\/[0-9]{15}:[0-9A-Za-z]+@[a-z]+",
+    "Facebook Client ID": "(?:[Ff](?:[Aa][Cc][Ee][Bb][Oo][Oo][Kk])|[Ff][Bb])(?:.{0,20})?['\"][0-9]{13,17}",
+    "Facebook Secret Key": "(?:[Ff](?:[Aa][Cc][Ee][Bb][Oo][Oo][Kk])|[Ff][Bb])(?:.{0,20})?['\"][0-9a-fA-F]{32}",
+    "Google Oauth Access Token": "ya29\\.[0-9A-Za-z\\-_]+",
+    "Heroku API Key": "[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}",
+    "LinkedIn Client ID": "(?:[Ll]inked[Ii]n)(?:.{0,20})?['\"][0-9a-zA-Z]{12}['\"]",
+    "LinkedIn Secret Key": "(?:[Ll]inked[Ii]n)(?:.{0,20})?['\"][0-9a-zA-Z]{16}['\"]",
+    "MD5 Hash": "[a-f0-9]{32}",
+};
+const secrets = (source) => __awaiter(void 0, void 0, void 0, function* () {
+    const foundSecrets = [];
+    for (const [secretName, pattern] of Object.entries(secret_patterns)) {
+        const regex = new RegExp(pattern, "g");
+        const matches = source.matchAll(regex);
+        for (const match of matches) {
+            foundSecrets.push({
+                name: secretName,
+                value: match[0],
+            });
+        }
+    }
+    return foundSecrets;
+});
+export default secrets;
+//# sourceMappingURL=secrets.js.map

package/build/strings/secrets.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../src/strings/secrets.ts"],"names":[],"mappings":";;;;;;;;;AAEA,gEAAgE;AAChE,MAAM,eAAe,GAAG;IACpB,UAAU,EAAE,iBAAiB;IAC7B,cAAc,EAAE,oBAAoB;IACpC,aAAa,EAAE,2DAA2D;IAC1E,iBAAiB,EAAE,iCAAiC;IACpD,uBAAuB,EAAE,iCAAiC;IAC1D,sBAAsB,EAAE,gCAAgC;IACxD,uBAAuB,EAAE,uCAAuC;IAChE,0BAA0B,EAAE,kBAAkB;IAC9C,uBAAuB,EACnB,2EAA2E;IAC/E,uBAAuB,EAAE,4BAA4B;IACrD,gBAAgB,EACZ,oEAAoE;IACxE,MAAM,EAAE,gEAAgE;IACxE,iBAAiB,EACb,oEAAoE;IACxE,gBAAgB,EACZ,gEAAgE;IACpE,gBAAgB,EAAE,yBAAyB;IAC3C,+BAA+B,EAAE,yBAAyB;IAC1D,6BAA6B,EACzB,0DAA0D;IAC9D,sBAAsB,EAAE,yBAAyB;IACjD,oBAAoB,EAChB,0DAA0D;IAC9D,8BAA8B,EAAE,mCAAmC;IACnE,sBAAsB,EAAE,yBAAyB;IACjD,oBAAoB,EAChB,0DAA0D;IAC9D,2BAA2B,EAAE,yBAAyB;IACtD,wBAAwB,EAAE,yBAAyB;IACnD,sBAAsB,EAClB,0DAA0D;IAC9D,oBAAoB,EAChB,8FAA8F;IAClG,oBAAoB,EAChB,6EAA6E;IACjF,mBAAmB,EAAE,2BAA2B;IAChD,iBAAiB,EAAE,qBAAqB;IACxC,iBAAiB,EACb,qEAAqE;IACzE,+BAA+B,EAC3B,yDAAyD;IAC7D,iBAAiB,EAAE,sBAAsB;IACzC,eAAe,EACX,qFAAqF;IACzF,gBAAgB,EAAE,yBAAyB;IAC3C,2BAA2B,EAAE,yBAAyB;IACtD,qBAAqB,EAAE,4BAA4B;IACnD,qBAAqB,EAAE,4BAA4B;IACnD,gBAAgB,EAAE,mBAAmB;IACrC,sBAAsB,EAClB,kEAAkE;IACtE,eAAe,EACX,qEAAqE;IACzE,qBAAqB,EAAE,2CAA2C;IAClE,yBAAyB,EAAE,gDAAgD;IAC3E,mBAAmB,EAAE,iCAAiC;IACtD,oBAAoB,EAChB,wDAAwD;IAC5D,QAAQ,EACJ,mEAAmE;IACvE,uBAAuB,EAAE,oCAAoC;IAC7D,sBAAsB,EAAE,6CAA6C;IACrE,qBAAqB,EAAE,6BAA6B;IACpD,sBAAsB,EAAE,6BAA6B;IACrD,eAAe,EACX,mEAAmE;IACvE,aAAa,EACT,2EAA2E;IAC/E,MAAM,EAAE,gEAAgE;IACxE,wBAAwB,EACpB,+DAA+D;IACnE,uBAAuB,EAAE,8CAA8C;IACvE,oBAAoB,EAChB,gFAAgF;IACpF,qBAAqB,EACjB,mFAAmF;IACvF,2BAA2B,EAAE,yBAAyB;IACtD,gBAAgB,EACZ,mGAAmG;IACvG,oBAAoB,EAChB,yDAAyD;IAC7D,qBAAqB,EACjB,yDAAyD;IAC7D,UAAU,EAAE,cAAc;CAC7B,CAAC;AAOF,MAAM,OAAO,GAAG,CAAO,MAAc,EAA0B,EAAE;IAC7D,MAAM,YAAY,GAAkB,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;QAClE,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACvC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC1B,YAAY,CAAC,IAAI,CAAC;gBACd,IAAI,EAAE,UAAU;gBAChB,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;aAClB,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IACD,OAAO,YAAY,CAAC;AACxB,CAAC,CAAA,CAAC;AAEF,eAAe,OAAO,CAAC"}