cyberchef 9.46.4 → 9.46.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/package.json +4 -3
  2. package/src/core/config/OperationConfig.json +13 -0
  3. package/src/core/operations/OpticalCharacterRecognition.mjs +3 -5
  4. package/src/core/operations/YARARules.mjs +24 -6
  5. package/tests/operations/tests/YARA.mjs +67 -0
  6. package/webpack.config.js +2 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "cyberchef",
3
- "version": "9.46.4",
3
+ "version": "9.46.6",
4
4
  "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
5
5
  "author": "n1474335 <n1474335@gmail.com>",
6
6
  "homepage": "https://gchq.github.io/CyberChef",
@@ -128,7 +128,7 @@
128
128
  "jsrsasign": "^10.5.23",
129
129
  "kbpgp": "2.1.15",
130
130
  "libbzip2-wasm": "0.0.4",
131
- "libyara-wasm": "^1.1.0",
131
+ "libyara-wasm": "^1.2.1",
132
132
  "lodash": "^4.17.21",
133
133
  "loglevel": "^1.8.0",
134
134
  "loglevel-message-prefix": "^3.0.0",
@@ -154,7 +154,7 @@
154
154
  "split.js": "^1.6.5",
155
155
  "ssdeep.js": "0.0.3",
156
156
  "stream-browserify": "^3.0.0",
157
- "tesseract.js": "2.1.5",
157
+ "tesseract.js": "3.0.2",
158
158
  "ua-parser-js": "^1.0.2",
159
159
  "unorm": "^1.6.0",
160
160
  "utf8": "^3.0.0",
@@ -167,6 +167,7 @@
167
167
  "scripts": {
168
168
  "start": "npx grunt dev",
169
169
  "build": "npx grunt prod",
170
+ "node": "npx grunt node",
170
171
  "repl": "node --experimental-modules --experimental-json-modules --experimental-specifier-resolution=node --no-warnings src/node/repl.mjs",
171
172
  "test": "npx grunt configTests && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation tests/node/index.mjs && node --experimental-modules --experimental-json-modules --no-warnings --no-deprecation tests/operations/index.mjs",
172
173
  "testnodeconsumer": "npx grunt testnodeconsumer",
package/src/core/config/OperationConfig.json CHANGED
@@ -9478,6 +9478,7 @@
9478
9478
  "Europe/Kaliningrad",
9479
9479
  "Europe/Kiev",
9480
9480
  "Europe/Kirov",
9481
+ "Europe/Kyiv",
9481
9482
  "Europe/Lisbon",
9482
9483
  "Europe/Ljubljana",
9483
9484
  "Europe/London",
@@ -14861,6 +14862,7 @@
14861
14862
  "Europe/Kaliningrad",
14862
14863
  "Europe/Kiev",
14863
14864
  "Europe/Kirov",
14865
+ "Europe/Kyiv",
14864
14866
  "Europe/Lisbon",
14865
14867
  "Europe/Ljubljana",
14866
14868
  "Europe/London",
@@ -15467,6 +15469,7 @@
15467
15469
  "Europe/Kaliningrad",
15468
15470
  "Europe/Kiev",
15469
15471
  "Europe/Kirov",
15472
+ "Europe/Kyiv",
15470
15473
  "Europe/Lisbon",
15471
15474
  "Europe/Ljubljana",
15472
15475
  "Europe/London",
@@ -16835,6 +16838,16 @@
16835
16838
  "name": "Show counts",
16836
16839
  "type": "boolean",
16837
16840
  "value": true
16841
+ },
16842
+ {
16843
+ "name": "Show rule warnings",
16844
+ "type": "boolean",
16845
+ "value": true
16846
+ },
16847
+ {
16848
+ "name": "Show console module messages",
16849
+ "type": "boolean",
16850
+ "value": true
16838
16851
  }
16839
16852
  ]
16840
16853
  },
package/src/core/operations/OpticalCharacterRecognition.mjs CHANGED
@@ -12,10 +12,8 @@ import { isImage } from "../lib/FileType.mjs";
12
12
  import { toBase64 } from "../lib/Base64.mjs";
13
13
  import { isWorkerEnvironment } from "../Utils.mjs";
14
14
 
15
- import Tesseract from "tesseract.js";
16
- const { createWorker } = Tesseract;
17
-
18
15
  import process from "process";
16
+ import { createWorker } from "tesseract.js";
19
17
 
20
18
  /**
21
19
  * Optical Character Recognition operation
@@ -55,7 +53,7 @@ class OpticalCharacterRecognition extends Operation {
55
53
 
56
54
  const type = isImage(input);
57
55
  if (!type) {
58
- throw new OperationError("Invalid File Type");
56
+ throw new OperationError("Unsupported file type (supported: jpg,png,pbm,bmp) or no file provided");
59
57
  }
60
58
 
61
59
  const assetDir = isWorkerEnvironment() ? `${self.docURL}/assets/` : `${process.cwd()}/src/core/vendor/`;
@@ -74,7 +72,7 @@ class OpticalCharacterRecognition extends Operation {
74
72
  }
75
73
  });
76
74
  await worker.load();
77
- self.sendStatusMessage("Loading English language...");
75
+ self.sendStatusMessage(`Loading English language pack...`);
78
76
  await worker.loadLanguage("eng");
79
77
  self.sendStatusMessage("Intialising Tesseract API...");
80
78
  await worker.initialize("eng");
package/src/core/operations/YARARules.mjs CHANGED
@@ -52,7 +52,17 @@ class YARARules extends Operation {
52
52
  name: "Show counts",
53
53
  type: "boolean",
54
54
  value: true
55
- }
55
+ },
56
+ {
57
+ name: "Show rule warnings",
58
+ type: "boolean",
59
+ value: true
60
+ },
61
+ {
62
+ name: "Show console module messages",
63
+ type: "boolean",
64
+ value: true
65
+ },
56
66
  ];
57
67
  }
58
68
 
@@ -64,7 +74,7 @@ class YARARules extends Operation {
64
74
  async run(input, args) {
65
75
  if (isWorkerEnvironment())
66
76
  self.sendStatusMessage("Instantiating YARA...");
67
- const [rules, showStrings, showLengths, showMeta, showCounts] = args;
77
+ const [rules, showStrings, showLengths, showMeta, showCounts, showRuleWarns, showConsole] = args;
68
78
  return new Promise((resolve, reject) => {
69
79
  Yara().then(yara => {
70
80
  if (isWorkerEnvironment()) self.sendStatusMessage("Converting data for YARA.");
@@ -83,11 +93,19 @@ class YARARules extends Operation {
83
93
  const compileError = resp.compileErrors.get(i);
84
94
  if (!compileError.warning) {
85
95
  reject(new OperationError(`Error on line ${compileError.lineNumber}: ${compileError.message}`));
86
- } else {
87
- matchString += `Warning on line ${compileError.lineNumber}: ${compileError.message}`;
96
+ } else if (showRuleWarns) {
97
+ matchString += `Warning on line ${compileError.lineNumber}: ${compileError.message}\n`;
88
98
  }
89
99
  }
90
100
  }
101
+
102
+ if (showConsole) {
103
+ const consoleLogs = resp.consoleLogs;
104
+ for (let i = 0; i < consoleLogs.size(); i++) {
105
+ matchString += consoleLogs.get(i) + "\n";
106
+ }
107
+ }
108
+
91
109
  const matchedRules = resp.matchedRules;
92
110
  for (let i = 0; i < matchedRules.size(); i++) {
93
111
  const rule = matchedRules.get(i);
@@ -100,11 +118,11 @@ class YARARules extends Operation {
100
118
  }
101
119
  meta = meta.slice(0, -2) + "]";
102
120
  }
103
- const countString = showCounts ? `${matches.size()} time${matches.size() > 1 ? "s" : ""}` : "";
121
+ const countString = matches.size() === 0 ? "" : (showCounts ? ` (${matches.size()} time${matches.size() > 1 ? "s" : ""})` : "");
104
122
  if (matches.size() === 0 || !(showStrings || showLengths)) {
105
123
  matchString += `Input matches rule "${rule.ruleName}"${meta}${countString.length > 0 ? ` ${countString}`: ""}.\n`;
106
124
  } else {
107
- matchString += `Rule "${rule.ruleName}"${meta} matches (${countString}):\n`;
125
+ matchString += `Rule "${rule.ruleName}"${meta} matches${countString}:\n`;
108
126
  for (let j = 0; j < matches.size(); j++) {
109
127
  const match = matches.get(j);
110
128
  if (showStrings || showLengths) {
package/tests/operations/tests/YARA.mjs CHANGED
@@ -8,6 +8,22 @@
8
8
  */
9
9
  import TestRegister from "../../lib/TestRegister.mjs";
10
10
 
11
+ const CONSOLE_COMPILE_WARNING_RULE = `import "console"
12
+ rule a
13
+ {
14
+ strings:
15
+ $s=" "
16
+ condition:
17
+ $s and console.log("log rule a")
18
+ }
19
+ rule b
20
+ {
21
+ strings:
22
+ $s=" "
23
+ condition:
24
+ $s and console.hex("log rule b: int8(0)=", int8(0))
25
+ }`;
26
+
11
27
  TestRegister.addTests([
12
28
  {
13
29
  name: "YARA Match: simple foobar",
@@ -20,5 +36,56 @@ TestRegister.addTests([
20
36
  }
21
37
  ],
22
38
  },
39
+ {
40
+ name: "YARA Match: hashing rules",
41
+ input: "Hello World!",
42
+ expectedOutput: "Input matches rule \"HelloWorldMD5\".\nInput matches rule \"HelloWorldSHA256\".\n",
43
+ recipeConfig: [
44
+ {
45
+ "op": "YARA Rules",
46
+ "args": [
47
+ `import "hash"
48
+ rule HelloWorldMD5 {
49
+ condition:
50
+ hash.md5(0,filesize) == "ed076287532e86365e841e92bfc50d8c"
51
+ }
52
+
53
+ rule HelloWorldSHA256 {
54
+ condition:
55
+ hash.sha256(0,filesize) == "7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069"
56
+ }`,
57
+ true, true, true, true, false, false
58
+ ],
59
+ }
60
+ ],
61
+ },
62
+ {
63
+ name: "YARA Match: compile warnings",
64
+ input: "CyberChef Yara",
65
+ expectedOutput: "Warning on line 5: string \"$s\" may slow down scanning\n" +
66
+ "Warning on line 12: string \"$s\" may slow down scanning\n" +
67
+ "Input matches rule \"a\".\n" +
68
+ "Input matches rule \"b\".\n",
69
+ recipeConfig: [
70
+ {
71
+ "op": "YARA Rules",
72
+ "args": [CONSOLE_COMPILE_WARNING_RULE, false, false, false, false, true, false],
73
+ }
74
+ ],
75
+ },
76
+ {
77
+ name: "YARA Match: console messages",
78
+ input: "CyberChef Yara",
79
+ expectedOutput: "log rule a\n" +
80
+ "log rule b: int8(0)=0x43\n" +
81
+ "Input matches rule \"a\".\n" +
82
+ "Input matches rule \"b\".\n",
83
+ recipeConfig: [
84
+ {
85
+ "op": "YARA Rules",
86
+ "args": [CONSOLE_COMPILE_WARNING_RULE, false, false, false, false, false, true],
87
+ }
88
+ ],
89
+ },
23
90
  ]);
24
91
 
package/webpack.config.js CHANGED
@@ -109,7 +109,8 @@ module.exports = {
109
109
  "buffer": require.resolve("buffer/"),
110
110
  "crypto": require.resolve("crypto-browserify"),
111
111
  "stream": require.resolve("stream-browserify"),
112
- "zlib": require.resolve("browserify-zlib")
112
+ "zlib": require.resolve("browserify-zlib"),
113
+ "process": false
113
114
  }
114
115
  },
115
116
  module: {