muaddib-scanner 2.9.1 → 2.9.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "muaddib-scanner",
-  "version": "2.9.1",
+  "version": "2.9.2",
   "description": "Supply-chain threat detection & response for npm & PyPI/Python",
   "main": "src/index.js",
   "bin": {

package/src/index.js

@@ -28,7 +28,7 @@ const { computeReachableFiles } = require('./scanner/reachability.js');
 const { runTemporalAnalyses } = require('./temporal-runner.js');
 const { formatOutput } = require('./output-formatter.js');
 const { setExtraExcludes, getExtraExcludes, Spinner, listInstalledPackages, clearFileListCache, debugLog } = require('./utils.js');
-const { SEVERITY_WEIGHTS, RISK_THRESHOLDS, MAX_RISK_SCORE, isPackageLevelThreat, computeGroupScore, applyFPReductions, calculateRiskScore } = require('./scoring.js');
+const { SEVERITY_WEIGHTS, RISK_THRESHOLDS, MAX_RISK_SCORE, isPackageLevelThreat, computeGroupScore, applyFPReductions, applyCompoundBoosts, calculateRiskScore } = require('./scoring.js');
 const { buildIntentPairs } = require('./intent-graph.js');
 
 const { MAX_FILE_SIZE, safeParse } = require('./shared/constants.js');
@@ -598,6 +598,11 @@ async function run(targetPath, options = {}) {
   // A malware package typically has 1-3 occurrences, not dozens.
   applyFPReductions(deduped, reachableFiles, packageName, packageDeps);
 
+  // Compound scoring: inject synthetic CRITICAL threats when co-occurring types
+  // indicate unambiguous malice. Applied AFTER FP reductions to recover signals
+  // that were individually downgraded (count-based, dist, reachability).
+  applyCompoundBoosts(deduped);
+
   // Intent coherence analysis: detect source→sink pairs within files
   // Pass targetPath for destination-aware SDK pattern detection
   const intentResult = buildIntentPairs(deduped, targetPath);

package/src/response/playbooks.js

@@ -537,6 +537,35 @@ const PLAYBOOKS = {
     'Dans un package non-crypto, cela indique un potentiel canal C2 via blockchain. ' +
     'Verifier le contexte: si le package n\'a rien a voir avec la blockchain, supprimer immediatement.',
 
+  crypto_staged_payload:
+    'CRITIQUE: Chaine steganographique complete detectee — fichier binaire (.png/.jpg/.wasm) avec eval() + dechiffrement crypto. ' +
+    'Le payload malveillant est cache dans un fichier binaire et dechiffre a runtime. Supprimer le package immediatement. ' +
+    'Analyser le fichier binaire dans un sandbox pour extraire le payload.',
+
+  lifecycle_typosquat:
+    'CRITIQUE: Package avec nom similaire a un package populaire ET scripts lifecycle. ' +
+    'Vecteur classique de dependency confusion: le code s\'execute a l\'installation. ' +
+    'NE PAS installer. Verifier le nom exact du package. Signaler sur npm.',
+
+  credential_env_exfil:
+    'CRITIQUE: Ecriture dans des chemins sensibles (cache npm/yarn, credentials) + acces aux variables d\'environnement. ' +
+    'Double vecteur d\'exfiltration de credentials. Supprimer le package. Regenerer tous les secrets. ' +
+    'Nettoyer le cache: npm cache clean --force.',
+
+  lifecycle_inline_exec:
+    'CRITIQUE: Script lifecycle avec node -e (execution inline). Le code s\'execute automatiquement a npm install. ' +
+    'NE PAS installer. Si deja installe: considerer la machine compromise. ' +
+    'Auditer les modifications systeme recentes.',
+
+  lifecycle_remote_require:
+    'CRITIQUE: Script lifecycle avec require(http/https) pour charger du code distant. ' +
+    'Le payload est telecharge et execute automatiquement a l\'installation. ' +
+    'NE PAS installer. Bloquer les connexions sortantes. Supprimer le package.',
+
+  obfuscated_credential_tampering:
+    'CRITIQUE: Code obfusque + ecriture dans des chemins sensibles. Dissimulation de vol de credentials. ' +
+    'Supprimer le package immediatement. Nettoyer le cache npm/yarn. Regenerer tous les secrets.',
+
   bin_field_hijack:
     'CRITIQUE: Le champ "bin" de package.json shadow une commande systeme (node, npm, git, bash, etc.). ' +
     'A l\'installation, npm cree un symlink dans node_modules/.bin/ qui intercepte la commande reelle. ' +

package/src/rules/index.js

@@ -1594,6 +1594,81 @@ const RULES = {
     ],
     mitre: 'T1102'
   },
+
+  // Compound scoring rules (v2.9.2)
+  // Injected by applyCompoundBoosts() when co-occurring threat types indicate unambiguous malice.
+  crypto_staged_payload: {
+    id: 'MUADDIB-COMPOUND-001',
+    name: 'Steganographic Payload + Crypto Decryption',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Reference a un fichier binaire (.png/.jpg/.wasm) avec eval() combinee avec dechiffrement crypto (createDecipher). Chaine steganographique complete: payload cache dans un fichier binaire, dechiffre a runtime.',
+    references: [
+      'https://attack.mitre.org/techniques/T1140/',
+      'https://attack.mitre.org/techniques/T1027/003/'
+    ],
+    mitre: 'T1140'
+  },
+  lifecycle_typosquat: {
+    id: 'MUADDIB-COMPOUND-002',
+    name: 'Lifecycle Hook on Typosquat Package',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Script lifecycle (preinstall/postinstall) sur un package avec nom similaire a un package populaire. Vecteur classique de dependency confusion: le code s\'execute automatiquement a l\'installation.',
+    references: [
+      'https://attack.mitre.org/techniques/T1195/002/',
+      'https://snyk.io/blog/typosquatting-attacks/'
+    ],
+    mitre: 'T1195.002'
+  },
+  credential_env_exfil: {
+    id: 'MUADDIB-COMPOUND-003',
+    name: 'Credential Tampering + Env Access',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Ecriture dans un chemin sensible (cache npm/yarn, credentials) combinee avec acces aux variables d\'environnement. Chaine d\'exfiltration de credentials par double vecteur.',
+    references: [
+      'https://attack.mitre.org/techniques/T1552/001/',
+      'https://attack.mitre.org/techniques/T1565/001/'
+    ],
+    mitre: 'T1552.001'
+  },
+  lifecycle_inline_exec: {
+    id: 'MUADDIB-COMPOUND-004',
+    name: 'Lifecycle Hook + Inline Node Execution',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Script lifecycle avec execution inline Node.js (node -e). Le code s\'execute automatiquement a npm install avec un payload inline.',
+    references: [
+      'https://attack.mitre.org/techniques/T1059/007/',
+      'https://attack.mitre.org/techniques/T1195/002/'
+    ],
+    mitre: 'T1059.007'
+  },
+  lifecycle_remote_require: {
+    id: 'MUADDIB-COMPOUND-005',
+    name: 'Lifecycle Hook + Remote Code Loading',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Script lifecycle avec require(http/https) pour charger du code distant. Le payload est telecharge et execute automatiquement a l\'installation.',
+    references: [
+      'https://attack.mitre.org/techniques/T1105/',
+      'https://attack.mitre.org/techniques/T1195/002/'
+    ],
+    mitre: 'T1105'
+  },
+  obfuscated_credential_tampering: {
+    id: 'MUADDIB-COMPOUND-006',
+    name: 'Obfuscated Code + Credential Tampering',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Code obfusque combine avec ecriture dans des chemins sensibles (cache npm/yarn, credentials). Dissimulation de vol de credentials.',
+    references: [
+      'https://attack.mitre.org/techniques/T1027/',
+      'https://attack.mitre.org/techniques/T1565/001/'
+    ],
+    mitre: 'T1027'
+  },
 };
 
 function getRule(type) {

package/src/scoring.js

@@ -62,7 +62,9 @@ const PACKAGE_LEVEL_TYPES = new Set([
   'publish_burst', 'publish_dormant_spike', 'publish_rapid_succession',
   'maintainer_new_suspicious', 'maintainer_sole_change',
   'sandbox_network_activity', 'sandbox_file_changes', 'sandbox_process_spawns',
-  'sandbox_canary_exfiltration'
+  'sandbox_canary_exfiltration',
+  // Compound scoring rules — package-level co-occurrences
+  'lifecycle_typosquat', 'lifecycle_inline_exec', 'lifecycle_remote_require'
 ]);
 
 /**
@@ -156,7 +158,12 @@ const DIST_EXEMPT_TYPES = new Set([
   'reverse_shell',            // net.Socket + connect + pipe (always malicious)
   'detached_credential_exfil', // detached process + credential exfil (DPRK/Lazarus)
   'node_modules_write',       // writeFile to node_modules/ (worm propagation)
-  'npm_publish_worm'          // exec("npm publish") (worm propagation)
+  'npm_publish_worm',         // exec("npm publish") (worm propagation)
+  // Dangerous shell commands in dist/ are real threats, never bundler output
+  'dangerous_exec',
+  // Compound scoring rules — co-occurrence signals, never FP
+  'crypto_staged_payload', 'lifecycle_typosquat', 'credential_env_exfil',
+  'lifecycle_inline_exec', 'lifecycle_remote_require', 'obfuscated_credential_tampering'
   // P6: remote_code_load and proxy_data_intercept removed — in bundled dist/ files,
   // fetch + eval co-occurrence is coincidental (bundler combines HTTP client + template compilation).
   // fetch_decrypt_exec (fetch+decrypt+eval triple) remains exempt — never coincidental.
@@ -203,6 +210,93 @@ const REACHABILITY_EXEMPT_TYPES = new Set([
   'detached_credential_exfil' // DPRK/Lazarus: invoked via lifecycle, not require/import
 ]);
 
+// ============================================
+// COMPOUND SCORING RULES (v2.9.2)
+// ============================================
+// Co-occurrences of threat types that NEVER appear in benign packages.
+// Applied AFTER FP reductions to recover signals that were individually downgraded.
+// Each compound injects a new CRITICAL threat when all required types are present.
+const SCORING_COMPOUNDS = [
+  {
+    type: 'crypto_staged_payload',
+    requires: ['staged_binary_payload', 'crypto_decipher'],
+    severity: 'CRITICAL',
+    message: 'Binary file reference + crypto decryption — steganographic payload chain (scoring compound).',
+    fileFrom: 'staged_binary_payload'
+  },
+  {
+    type: 'lifecycle_typosquat',
+    requires: ['lifecycle_script', 'typosquat_detected'],
+    severity: 'CRITICAL',
+    message: 'Lifecycle hook on typosquat package — dependency confusion attack vector (scoring compound).',
+    fileFrom: 'typosquat_detected'
+  },
+  {
+    type: 'credential_env_exfil',
+    requires: ['credential_tampering', 'env_access'],
+    severity: 'CRITICAL',
+    message: 'Credential path tampering + environment variable access — credential exfiltration chain (scoring compound).',
+    fileFrom: 'credential_tampering'
+  },
+  {
+    type: 'lifecycle_inline_exec',
+    requires: ['lifecycle_script', 'node_inline_exec'],
+    severity: 'CRITICAL',
+    message: 'Lifecycle hook with inline Node execution (node -e) — install-time code execution (scoring compound).',
+    fileFrom: 'node_inline_exec'
+  },
+  {
+    type: 'lifecycle_remote_require',
+    requires: ['lifecycle_script', 'network_require'],
+    severity: 'CRITICAL',
+    message: 'Lifecycle hook loading remote code (require http/https) — supply chain payload delivery (scoring compound).',
+    fileFrom: 'network_require'
+  },
+  {
+    type: 'obfuscated_credential_tampering',
+    requires: ['credential_tampering', 'obfuscation_detected'],
+    severity: 'CRITICAL',
+    message: 'Obfuscated code + credential path tampering — concealed credential theft (scoring compound).',
+    fileFrom: 'credential_tampering'
+  }
+];
+
+/**
+ * Apply compound boost rules: inject synthetic CRITICAL threats when
+ * co-occurring threat types indicate unambiguous malice.
+ * Called AFTER applyFPReductions to recover individually-downgraded signals.
+ * @param {Array} threats - deduplicated threat array (mutated in place)
+ */
+function applyCompoundBoosts(threats) {
+  const typeSet = new Set(threats.map(t => t.type));
+
+  // Build map of type → first file encountered (for file assignment)
+  const typeFileMap = Object.create(null);
+  for (const t of threats) {
+    if (!typeFileMap[t.type]) {
+      typeFileMap[t.type] = t.file || '(unknown)';
+    }
+  }
+
+  for (const compound of SCORING_COMPOUNDS) {
+    // Skip if compound already present (e.g. from a scanner)
+    if (typeSet.has(compound.type)) continue;
+
+    // Check all required types are present
+    if (compound.requires.every(req => typeSet.has(req))) {
+      threats.push({
+        type: compound.type,
+        severity: compound.severity,
+        message: compound.message,
+        file: typeFileMap[compound.fileFrom] || '(unknown)',
+        count: 1,
+        compound: true
+      });
+      typeSet.add(compound.type);
+    }
+  }
+}
+
 // Custom class prototypes that HTTP frameworks legitimately extend.
 // Distinguished from dangerous core Node.js prototype hooks.
 const FRAMEWORK_PROTOTYPES = ['Request', 'Response', 'App', 'Router'];
@@ -463,5 +557,5 @@ function calculateRiskScore(deduped, intentResult) {
 
 module.exports = {
   SEVERITY_WEIGHTS, RISK_THRESHOLDS, MAX_RISK_SCORE, CONFIDENCE_FACTORS,
-  isPackageLevelThreat, computeGroupScore, applyFPReductions, calculateRiskScore
+  isPackageLevelThreat, computeGroupScore, applyFPReductions, applyCompoundBoosts, calculateRiskScore
 };