Mirror/CyberChef
1
0
Fork 0
mirror of https://github.com/gchq/CyberChef.git synced 2024-11-02 14:11:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

ESM: Ported Punycode, HTTP and PRNG operations

Browse Source
This commit is contained in:
n1474335 2018-05-21 19:08:24 +00:00
parent 0d1e5311dc
commit c29ea53405
6 changed files with 427 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
src/core/operations/FromPunycode.mjs Normal file
View File

@ -0,0 +1,52 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2016
* @license Apache-2.0
*/
import Operation from "../Operation";
import punycode from "punycode";
/**
* From Punycode operation
*/
class FromPunycode extends Operation {
/**
* FromPunycode constructor
*/
constructor() {
super();
this.name = "From Punycode";
this.module = "Encodings";
this.description = "Punycode is a way to represent Unicode with the limited character subset of ASCII supported by the Domain Name System.<br><br>e.g. <code>mnchen-3ya</code> decodes to <code>m\xfcnchen</code>";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
"name": "Internationalised domain name",
"type": "boolean",
"value": false
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const idn = args[0];
if (idn) {
return punycode.toUnicode(input);
} else {
return punycode.decode(input);
}
}
}
export default FromPunycode;

146
src/core/operations/HTTPRequest.mjs Normal file
View File

@ -0,0 +1,146 @@
/**
* @author tlwr [toby@toby.codes]
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2016
* @license Apache-2.0
*/
import Operation from "../Operation";
import OperationError from "../errors/OperationError";
/**
* HTTP request operation
*/
class HTTPRequest extends Operation {
/**
* HTTPRequest constructor
*/
constructor() {
super();
this.name = "HTTP request";
this.module = "Default";
this.description = [
"Makes an HTTP request and returns the response.",
"<br><br>",
"This operation supports different HTTP verbs like GET, POST, PUT, etc.",
"<br><br>",
"You can add headers line by line in the format <code>Key: Value</code>",
"<br><br>",
"The status code of the response, along with a limited selection of exposed headers, can be viewed by checking the 'Show response metadata' option. Only a limited set of response headers are exposed by the browser for security reasons.",
].join("\n");
this.inputType = "string";
this.outputType = "string";
this.manualBake = true;
this.args = [
{
"name": "Method",
"type": "option",
"value": [
"GET", "POST", "HEAD",
"PUT", "PATCH", "DELETE",
"CONNECT", "TRACE", "OPTIONS"
]
},
{
"name": "URL",
"type": "string",
"value": ""
},
{
"name": "Headers",
"type": "text",
"value": ""
},
{
"name": "Mode",
"type": "option",
"value": [
"Cross-Origin Resource Sharing",
"No CORS (limited to HEAD, GET or POST)",
]
},
{
"name": "Show response metadata",
"type": "boolean",
"value": false
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const [method, url, headersText, mode, showResponseMetadata] = args;
if (url.length === 0) return "";
const headers = new Headers();
headersText.split(/\r?\n/).forEach(line => {
line = line.trim();
if (line.length === 0) return;
const split = line.split(":");
if (split.length !== 2) throw `Could not parse header in line: ${line}`;
headers.set(split[0].trim(), split[1].trim());
});
const config = {
method: method,
headers: headers,
mode: modeLookup[mode],
cache: "no-cache",
};
if (method !== "GET" && method !== "HEAD") {
config.body = input;
}
return fetch(url, config)
.then(r => {
if (r.status === 0 && r.type === "opaque") {
throw new OperationError("Error: Null response. Try setting the connection mode to CORS.");
}
if (showResponseMetadata) {
let headers = "";
for (const pair of r.headers.entries()) {
headers += " " + pair[0] + ": " + pair[1] + "\n";
}
return r.text().then(b => {
return "####\n Status: " + r.status + " " + r.statusText +
"\n Exposed headers:\n" + headers + "####\n\n" + b;
});
}
return r.text();
})
.catch(e => {
throw new OperationError(e.toString() +
"\n\nThis error could be caused by one of the following:\n" +
" - An invalid URL\n" +
" - Making a request to an insecure resource (HTTP) from a secure source (HTTPS)\n" +
" - Making a cross-origin request to a server which does not support CORS\n");
});
}
}
/**
* Lookup table for HTTP modes
*
* @private
*/
const modeLookup = {
"Cross-Origin Resource Sharing": "cors",
"No CORS (limited to HEAD, GET or POST)": "no-cors",
};
export default HTTPRequest;

55
src/core/operations/ParseUserAgent.mjs Normal file
View File

@ -0,0 +1,55 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2016
* @license Apache-2.0
*/
import Operation from "../Operation";
import UAParser from "ua-parser-js";
/**
* Parse User Agent operation
*/
class ParseUserAgent extends Operation {
/**
* ParseUserAgent constructor
*/
constructor() {
super();
this.name = "Parse User Agent";
this.module = "UserAgent";
this.description = "Attempts to identify and categorise information contained in a user-agent string.";
this.inputType = "string";
this.outputType = "string";
this.args = [];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const ua = UAParser(input);
return `Browser
Name: ${ua.browser.name || "unknown"}
Version: ${ua.browser.version || "unknown"}
Device
Model: ${ua.device.model || "unknown"}
Type: ${ua.device.type || "unknown"}
Vendor: ${ua.device.vendor || "unknown"}
Engine
Name: ${ua.engine.name || "unknown"}
Version: ${ua.engine.version || "unknown"}
OS
Name: ${ua.os.name || "unknown"}
Version: ${ua.os.version || "unknown"}
CPU
Architecture: ${ua.cpu.architecture || "unknown"}`;
}
}
export default ParseUserAgent;

80
src/core/operations/PseudoRandomNumberGenerator.mjs Normal file
View File

@ -0,0 +1,80 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2016
* @license Apache-2.0
*/
import Operation from "../Operation";
import Utils from "../Utils";
import forge from "node-forge/dist/forge.min.js";
import BigNumber from "bignumber.js";
/**
* Pseudo-Random Number Generator operation
*/
class PseudoRandomNumberGenerator extends Operation {
/**
* PseudoRandomNumberGenerator constructor
*/
constructor() {
super();
this.name = "Pseudo-Random Number Generator";
this.module = "Ciphers";
this.description = "A cryptographically-secure pseudo-random number generator (PRNG).<br><br>This operation uses the browser's built-in <code>crypto.getRandomValues()</code> method if available. If this cannot be found, it falls back to a Fortuna-based PRNG algorithm.";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
"name": "Number of bytes",
"type": "number",
"value": 32
},
{
"name": "Output as",
"type": "option",
"value": ["Hex", "Integer", "Byte array", "Raw"]
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const [numBytes, outputAs] = args;
let bytes;
if (ENVIRONMENT_IS_WORKER() && self.crypto) {
bytes = self.crypto.getRandomValues(new Uint8Array(numBytes));
bytes = Utils.arrayBufferToStr(bytes.buffer);
} else {
bytes = forge.random.getBytesSync(numBytes);
}
let value = new BigNumber(0),
i;
switch (outputAs) {
case "Hex":
return forge.util.bytesToHex(bytes);
case "Integer":
for (i = bytes.length - 1; i >= 0; i--) {
value = value.times(256).plus(bytes.charCodeAt(i));
}
return value.toFixed();
case "Byte array":
return JSON.stringify(Utils.strToCharcode(bytes));
case "Raw":
default:
return bytes;
}
}
}
export default PseudoRandomNumberGenerator;

42
src/core/operations/StripHTTPHeaders.mjs Normal file
View File

@ -0,0 +1,42 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2016
* @license Apache-2.0
*/
import Operation from "../Operation";
/**
* Strip HTTP headers operation
*/
class StripHTTPHeaders extends Operation {
/**
* StripHTTPHeaders constructor
*/
constructor() {
super();
this.name = "Strip HTTP headers";
this.module = "Default";
this.description = "Removes HTTP headers from a request or response by looking for the first instance of a double newline.";
this.inputType = "string";
this.outputType = "string";
this.args = [];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
let headerEnd = input.indexOf("\r\n\r\n");
headerEnd = (headerEnd < 0) ? input.indexOf("\n\n") + 2 : headerEnd + 4;
return (headerEnd < 2) ? input : input.slice(headerEnd, input.length);
}
}
export default StripHTTPHeaders;

52
src/core/operations/ToPunycode.mjs Normal file
View File

@ -0,0 +1,52 @@
/**
* @author n1474335 [n1474335@gmail.com]
* @copyright Crown Copyright 2016
* @license Apache-2.0
*/
import Operation from "../Operation";
import punycode from "punycode";
/**
* To Punycode operation
*/
class ToPunycode extends Operation {
/**
* ToPunycode constructor
*/
constructor() {
super();
this.name = "To Punycode";
this.module = "Encodings";
this.description = "Punycode is a way to represent Unicode with the limited character subset of ASCII supported by the Domain Name System.<br><br>e.g. <code>m\xfcnchen</code> encodes to <code>mnchen-3ya</code>";
this.inputType = "string";
this.outputType = "string";
this.args = [
{
"name": "Internationalised domain name",
"type": "boolean",
"value": false
}
];
}
/**
* @param {string} input
* @param {Object[]} args
* @returns {string}
*/
run(input, args) {
const idn = args[0];
if (idn) {
return punycode.toASCII(input);
} else {
return punycode.encode(input);
}
}
}
export default ToPunycode;