brave-real-browser-mcp-server 2.27.13 → 2.27.15

package/README.md

@@ -31,7 +31,12 @@
   "mcpServers": {
     "brave-real-browser": {
       "command": "node",
-      "args": ["c:\\Users\\Admin\\Desktop\\Workspace-For-Brave-Real-browser-Mcp-Server\\Brave-Real-Browser-Mcp-Server\\dist\\index.js"]
+      "args": [
+        "c:\\Users\\Admin\\Desktop\\Workspace-For-Brave-Real-browser-Mcp-Server\\Brave-Real-Browser-Mcp-Server\\dist\\index.js"
+      ],
+      "env": {
+        "headless": "false"
+      }
     }
   }
 }

package/dist/handlers/advanced-tools.js

@@ -408,6 +408,173 @@ function decodeRot13(input) {
 function reverseString(input) {
     return input.split('').reverse().join('');
 }
+/**
+ * Unpack obfuscated JavaScript code using eval(function(p,a,c,k,e,d)) pattern
+ * This is the most common packer used by streaming sites
+ *
+ * Format: eval(function(p,a,c,k,e,d){while(c--)...}('packed_code',36,623,'dict'.split('|'),0,{}))
+ */
+function unpackJs(input) {
+    try {
+        // Check if input contains packed JS pattern
+        if (!input.includes('function(p,a,c,k,e,d)') && !input.includes('function (p,a,c,k,e,d)')) {
+            return input;
+        }
+        // Strategy 1: Extract dictionary from the end (most reliable)
+        // Pattern: 'dictionary_words'.split('|')
+        const dictRegex = /'([^']{50,})'\.split\s*\(\s*'\|'\s*\)/;
+        const dictMatch = input.match(dictRegex);
+        if (!dictMatch) {
+            return input;
+        }
+        const dictionary = dictMatch[1].split('|');
+        // Strategy 2: Position-based extraction (handles escaped quotes in packed code)
+        // Find start marker: }('
+        const startMarker = "}('";
+        const startIdx = input.indexOf(startMarker);
+        if (startIdx === -1) {
+            return input;
+        }
+        // Find radix and count pattern: ,radix,count,'
+        // Common radix values: 36, 62, 10, 16
+        const radixPattern = /,(\d{1,2}),(\d+),'/;
+        const radixMatch = input.match(radixPattern);
+        if (!radixMatch) {
+            return input;
+        }
+        const radix = parseInt(radixMatch[1]);
+        const count = parseInt(radixMatch[2]);
+        // Validate radix (must be between 2-62)
+        if (radix < 2 || radix > 62) {
+            return input;
+        }
+        // Find position of radix pattern in input
+        const radixSearchPattern = ',' + radixMatch[1] + ',' + radixMatch[2] + ",'";
+        const radixPos = input.indexOf(radixSearchPattern);
+        if (radixPos === -1 || radixPos <= startIdx) {
+            return input;
+        }
+        // Extract packed code between }(' and the radix position
+        const packedStart = startIdx + startMarker.length;
+        const packed = input.substring(packedStart, radixPos);
+        // Validate packed code (must end with quote)
+        if (!packed.endsWith("'")) {
+            // Try to trim trailing quote
+            const cleanPacked = packed.replace(/'$/, '');
+            return unpackPACKer(cleanPacked, radix, count, dictionary);
+        }
+        // Remove trailing quote
+        const cleanPacked = packed.slice(0, -1);
+        return unpackPACKer(cleanPacked, radix, count, dictionary);
+    }
+    catch (e) {
+        return input;
+    }
+}
+/**
+ * Core P.A.C.K.E.R. decoding algorithm
+ * Replaces placeholders in packed code with dictionary values
+ */
+function unpackPACKer(p, a, c, k) {
+    // Validate inputs
+    if (!p || a < 2 || a > 62 || c <= 0 || !k || k.length === 0) {
+        return p || '';
+    }
+    // Decode function to convert number to base-a representation
+    function decode(d) {
+        const chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+        if (d === 0)
+            return '0';
+        let result = '';
+        while (d > 0) {
+            result = chars[d % a] + result;
+            d = Math.floor(d / a);
+        }
+        return result;
+    }
+    // Replace encoded values with dictionary words (iterate from high to low)
+    let unpacked = p;
+    for (let i = Math.min(c, k.length) - 1; i >= 0; i--) {
+        if (k[i] && k[i].length > 0) {
+            const encoded = decode(i);
+            // Use word boundary matching
+            const pattern = new RegExp('\\b' + encoded + '\\b', 'g');
+            unpacked = unpacked.replace(pattern, k[i]);
+        }
+    }
+    return unpacked;
+}
+/**
+ * Extract all packed scripts from HTML and decode them
+ */
+function extractAndUnpackAll(html) {
+    const scripts = [];
+    const urls = [];
+    // Find script contents that contain packed JS signature
+    // Split by script tags and process each one
+    const scriptBlocks = [];
+    // Method 1: Find eval(function(p,a,c,k,e,d) blocks by searching for the pattern
+    // and extracting until the matching closing ))
+    const evalStarts = [...html.matchAll(/eval\s*\(\s*function\s*\(\s*p\s*,\s*a\s*,\s*c\s*,\s*k\s*,\s*e\s*,\s*d\s*\)/g)];
+    for (const evalStart of evalStarts) {
+        if (evalStart.index !== undefined) {
+            // Find the end by looking for .split('|')))
+            const searchStart = evalStart.index;
+            const searchEnd = html.indexOf(".split('|')))", searchStart);
+            if (searchEnd !== -1) {
+                const block = html.substring(searchStart, searchEnd + 14); // +14 for ".split('|')))"
+                scriptBlocks.push(block);
+            }
+        }
+    }
+    // Method 2: Fallback - look for any scripts containing the signature
+    if (scriptBlocks.length === 0) {
+        const signature = "function(p,a,c,k,e,d)";
+        let searchPos = 0;
+        while ((searchPos = html.indexOf(signature, searchPos)) !== -1) {
+            // Extract surrounding context (up to 15000 chars)
+            const start = Math.max(0, searchPos - 100);
+            const end = Math.min(html.length, searchPos + 15000);
+            const context = html.substring(start, end);
+            // Check if this looks like a full packed script
+            if (context.includes(".split('|')")) {
+                scriptBlocks.push(context);
+            }
+            searchPos += signature.length;
+        }
+    }
+    // Process all found script blocks
+    for (const block of scriptBlocks) {
+        try {
+            const unpacked = unpackJs(block);
+            if (unpacked && unpacked !== block && unpacked.length > 100) {
+                scripts.push(unpacked);
+                // Extract URLs from unpacked script
+                const urlPatterns = [
+                    /https?:\/\/[^\s"'<>\\]+\.m3u8[^\s"'<>\\]*/gi,
+                    /https?:\/\/[^\s"'<>\\]+\.txt\?[^\s"'<>\\]*/gi,
+                    /https?:\/\/[^\s"'<>\\]+\/stream\/[^\s"'<>\\]*/gi,
+                    /https?:\/\/[^\s"'<>\\]+\/hls\/[^\s"'<>\\]*/gi,
+                    /https?:\/\/[^\s"'<>\\]+pureluxury[^\s"'<>\\]*/gi,
+                    /https?:\/\/[^\s"'<>\\]+minochinos[^\s"'<>\\]*/gi,
+                ];
+                for (const pattern of urlPatterns) {
+                    let urlMatch;
+                    while ((urlMatch = pattern.exec(unpacked)) !== null) {
+                        const url = urlMatch[0].replace(/['"\\,;}\]]+$/, ''); // Clean trailing chars
+                        if (!urls.includes(url) && url.length > 20) {
+                            urls.push(url);
+                        }
+                    }
+                }
+            }
+        }
+        catch (e) {
+            // Skip failed unpacking
+        }
+    }
+    return { scripts, urls };
+}
 function applyDecodeLayer(input, layer) {
     switch (layer) {
         case 'base64': return decodeBase64(input);
@@ -415,6 +582,7 @@ function applyDecodeLayer(input, layer) {
         case 'hex': return decodeHex(input);
         case 'rot13': return decodeRot13(input);
         case 'reverse': return reverseString(input);
+        case 'unpackJs': return unpackJs(input);
         default: return input;
     }
 }
@@ -577,7 +745,48 @@ export async function handleExtractJson(page, args) {
         }
     }
     // ============================================================
-    // 5. ORIGINAL JSON EXTRACTION (preserved)
+    // 5. DECODE PACKED JAVASCRIPT (AUTO-DETECT)
+    // ============================================================
+    if (args.decodePackedJs) {
+        try {
+            // Get all script contents from page
+            const scriptContents = await page.evaluate(() => {
+                const scripts = Array.from(document.querySelectorAll('script'));
+                return scripts.map(s => s.textContent || '').filter(s => s.length > 0);
+            });
+            const allUnpacked = { scripts: [], urls: [] };
+            for (const script of scriptContents) {
+                const result = extractAndUnpackAll(script);
+                allUnpacked.scripts.push(...result.scripts);
+                allUnpacked.urls.push(...result.urls);
+            }
+            // Remove duplicates from URLs
+            const uniqueUrls = [...new Set(allUnpacked.urls)];
+            if (allUnpacked.scripts.length > 0 || uniqueUrls.length > 0) {
+                decoded = {
+                    source: 'decodePackedJs',
+                    packedScriptsFound: allUnpacked.scripts.length,
+                    unpackedScripts: allUnpacked.scripts.slice(0, 5), // Limit to first 5
+                    extractedUrls: uniqueUrls,
+                    streamUrls: uniqueUrls.filter(u => u.includes('m3u8') || u.includes('.txt?') ||
+                        u.includes('/stream/') || u.includes('/hls/')),
+                };
+                data.push(decoded);
+            }
+            else {
+                decoded = {
+                    source: 'decodePackedJs',
+                    message: 'No packed JavaScript found in page',
+                    hint: 'Try using execute_js or player_api_hook for dynamically loaded content',
+                };
+            }
+        }
+        catch (e) {
+            decoded = { source: 'decodePackedJs', error: String(e) };
+        }
+    }
+    // ============================================================
+    // 6. ORIGINAL JSON EXTRACTION (preserved)
     // ============================================================
     // Extract from script tags with type="application/json" or type="application/ld+json"
     const scriptData = await page.evaluate((selector) => {

package/dist/tool-definitions.js

@@ -2,7 +2,7 @@
 // Server metadata
 export const SERVER_INFO = {
     name: 'brave-real-browser-mcp-server',
-    version: '2.24.0',
+    version: '2.25.0',
 };
 // MCP capabilities with LSP-compatible streaming support
 export const CAPABILITIES = {
@@ -470,7 +470,7 @@ export const TOOLS = [
     },
     {
         name: 'extract_json',
-        description: 'Extract embedded JSON/API data from page (LD+JSON, __NEXT_DATA__, etc.) + Advanced Decode capabilities for complex websites (base64, URL, hex, rot13, multi-layer)',
+        description: 'Extract embedded JSON/API data from page (LD+JSON, __NEXT_DATA__, etc.) + Advanced Decode capabilities for complex websites (base64, URL, hex, rot13, multi-layer) + Packed JavaScript decoder (eval/function(p,a,c,k,e,d) unpacker)',
         inputSchema: {
             type: 'object',
             additionalProperties: false,
@@ -484,15 +484,17 @@ export const TOOLS = [
                 decodeFromUrl: { type: 'string', description: 'URL to extract and decode encoded parameter from (e.g., gadgetsweb.xyz/?id=xxx)' },
                 decodeUrlParam: { type: 'string', description: 'URL parameter name to decode (default: id)', default: 'id' },
                 decodePattern: { type: 'string', description: 'Regex pattern to find and decode base64 strings in page content' },
+                // NEW: Packed JavaScript decoder
+                decodePackedJs: { type: 'boolean', description: 'Auto-detect and decode packed JavaScript (eval/function(p,a,c,k,e,d)) in page scripts. Extracts m3u8/stream URLs automatically.', default: false },
                 advancedDecode: {
                     type: 'object',
-                    description: 'Multi-layer decode for complex obfuscation (supports base64, url, hex, rot13, reverse)',
+                    description: 'Multi-layer decode for complex obfuscation (supports base64, url, hex, rot13, reverse, unpackJs)',
                     properties: {
                         input: { type: 'string', description: 'Input string to decode (if not using page content)' },
                         layers: {
                             type: 'array',
-                            items: { type: 'string', enum: ['base64', 'url', 'hex', 'rot13', 'reverse'] },
-                            description: 'Decode layers to apply in order (e.g., ["base64", "url"])'
+                            items: { type: 'string', enum: ['base64', 'url', 'hex', 'rot13', 'reverse', 'unpackJs'] },
+                            description: 'Decode layers to apply in order (e.g., ["base64", "url", "unpackJs"])'
                         },
                         extractFromPage: { type: 'boolean', description: 'Extract input from current page content', default: false },
                         pageSelector: { type: 'string', description: 'CSS selector to extract from (for extractFromPage)' },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "brave-real-browser-mcp-server",
-  "version": "2.27.13",
+  "version": "2.27.15",
   "description": "🦁 MCP server for Brave Real Browser - NPM Workspaces Monorepo with anti-detection features, SSE streaming, and LSP compatibility",
   "type": "module",
   "main": "dist/index.js",
@@ -50,7 +50,7 @@
   "dependencies": {
     "@modelcontextprotocol/sdk": "latest",
     "@types/turndown": "latest",
-    "brave-real-browser": "^2.8.13",
+    "brave-real-browser": "^2.8.15",
     "puppeteer-core": "^24.35.0",
     "turndown": "latest",
     "vscode-languageserver": "^9.0.1",