Mirror
/
CyberChef
mirror of https://github.com/gchq/CyberChef.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,310 Commits 2 Branches 491 Tags 366 MiB
Commit Graph

3310 Commits

Author SHA1 Message Date
XlogicX 1a9a070c3b
Removal of unnecessary error condition 
This situation occurs because the dependancy (zlibjs/bin/rawinflate.min.js) doesn't do a sanity check on distances going back farther than the current buffer.

For example:
DEFLATE data of '123' and then a length of 9 going back a distance of 6
ASCIIHEX: 333432869300

! infgen 3.0 output
!
last			! 1
fixed			! 01
literal '1		! 10000110
literal '2		! 01000110
literal '3		! 11000110
match 9 6		! 1 00100 1110000
infgen warning: distance too far back (6/3)
end			! 0000000
			! 0

We only have 3 characters, we shouldn't be able to seek 6 characters back. But rawinflate.min.js doesn't check for this like the infgen debug tool (and others) would. So CyberChef would happily provide this as the result:
123...123...
Where the dots are just nulls of likley empty memory preceding the actual buffer

So with the example in this source
// e.g. Input data of [8b, 1d, dc, 44]

last			! 1
fixed			! 01
literal ']		! 10110001
match 158 5		! 0 00100 11011 10000011
infgen warning: distance too far back (5/1)

This means we have a literal ']' and then we are asking for 158 more characters and to find them a distance of 5 back. This explains why the ']', why it repeats every 5, and why it is a length > 158.

This code should just be removed; it isn't justified. Being that this issue is a lack of sanity checking in a dependancy, and that this routine only catches the symptom of one of the nearly unlimited edge cases like this, AND it could filter out correct inputs, such as a recipe of this as input to RAWDEFLATE
]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX
Then getting an error with the INFLATE even though the input is actually valid.
 2022-10-06 14:02:27 -04:00
XlogicX 32bee35f85
Removal of unnecessary error checking routine 
This situation occurs because the dependancy (zlibjs/bin/rawinflate.min.js) doesn't do a sanity check on distances going back farther than the current buffer.

For example:
DEFLATE data of '123' and then a length of 9 going back a distance of 6
ASCIIHEX: 333432869300

! infgen 3.0 output
!
last			! 1
fixed			! 01
literal '1		! 10000110
literal '2		! 01000110
literal '3		! 11000110
match 9 6		! 1 00100 1110000
infgen warning: distance too far back (6/3)
end			! 0000000
			! 0

We only have 3 characters, we shouldn't be able to seek 6 characters back. But rawinflate.min.js doesn't check for this like the infgen debug tool (and others) would. So CyberChef would happily provide this as the result:
123...123...
Where the dots are just nulls of likley empty memory preceding the actual buffer

So with the example in this source
// e.g. Input data of [8b, 1d, dc, 44]

last			! 1
fixed			! 01
literal ']		! 10110001
match 158 5		! 0 00100 11011 10000011
infgen warning: distance too far back (5/1)

This means we have a literal ']' and then we are asking for 158 more characters and to find them a distance of 5 back. This explains why the ']', why it repeats every 5, and why it is a length > 158.

This code should just be removed; it isn't justified. Being that this issue is a lack of sanity checking in a dependancy, and that this routine only catches the symptom of one of the nearly unlimited edge cases like this, AND it could filter out correct inputs, such as a recipe of this as input to RAWDEFLATE
]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX[]OMG[]HAX
Then getting an error with the INFLATE even though the input is actually valid.
 2022-10-06 13:53:32 -04:00
n1474335 c2cf535f88 Added node builder script to package.json 2022-09-16 14:37:31 +01:00
n1474335 ced9ab68fa 9.46.5 2022-09-16 14:16:42 +01:00
n1474335 cdb197a9c3 Reverted to local copies of Tesseract trainddata in order to remain self-contained. 2022-09-16 14:15:54 +01:00
Sean Marpo c8eacb9942 Linting fixes 2022-09-09 14:45:06 -07:00
Sean Marpo 1c8e37cb64 Update tesseract, fix API for tesseract 3.0 2022-09-09 14:33:49 -07:00
n1474335 1b0ced9f9b 9.46.4 2022-09-09 21:23:09 +01:00
n1474335 7b245b084a Updated to Node v18 and removed node-sass dependency 2022-09-09 21:22:55 +01:00
n1474335 b00f64518f Merge branch 'nodejs18' of https://github.com/john19696/CyberChef 2022-09-09 20:55:18 +01:00
n1474335 c3434e894d 9.46.3 2022-09-09 20:53:37 +01:00
n1474335 dd66f728b3 Merge branch 'fix-protobuf-order' of https://github.com/oliverrahner/CyberChef 2022-09-09 20:52:36 +01:00
n1474335 e40142b8c5 9.46.2 2022-09-09 20:39:35 +01:00
n1474335 1dd1b839b8 Switched jsonpath library to jsonpath-plus. Fixes #1318 2022-09-09 20:39:28 +01:00
n1474335 d90d845f27 9.46.1 2022-09-09 16:51:38 +01:00
n1474335 8c9ad81039 Merge branch 'feat-primitive' of https://github.com/jeiea/CyberChef 2022-09-09 16:49:12 +01:00
n1474335 cef7a7b27d Lint 2022-09-09 16:44:41 +01:00
n1474335 3e715ef21a Merge branch 'fix-select' of https://github.com/IsSafrullah/CyberChef 2022-09-09 16:43:15 +01:00
n1474335 86b43b4ffa Updated README 2022-09-09 16:39:10 +01:00
IsSafrullah 65d883496b fix select when change theme 2022-09-06 03:52:42 +07:00
jeiea 69e59916e2 feat: support boolean and null in JSON to CSV 2022-08-17 02:12:39 +09:00
Philippe Arteau 475282984b
Minor typos 2022-07-29 14:32:46 -04:00
Oliver Rahner 2f89130f41
fix protobuf field order 2022-07-21 16:36:15 +02:00
john19696 e9dd7eceb8 upgrade to nodejs v18 2022-07-14 14:27:59 +01:00
n1474335 037590f831 Updated CHANGELOG 2022-07-08 17:18:20 +01:00
n1474335 85496684d8 9.46.0 2022-07-08 17:17:23 +01:00
n1474335 4200ed4eb9 Tidied Cetacean ciphers 2022-07-08 17:16:35 +01:00
n1474335 6b16f11d3b Merge branch 'master' of https://github.com/valdelaseras/CyberChef 2022-07-08 17:02:06 +01:00
n1474335 683bd3e5db Updated CHANGELOG 2022-07-08 16:34:21 +01:00
n1474335 6a10e94bfd 9.45.0 2022-07-08 16:33:33 +01:00
n1474335 25086386c6 Tidied ROT8000 2022-07-08 16:33:16 +01:00
n1474335 d99ee32cc4 Merge branch 'ROT8000' of https://github.com/thomasleplus/CyberChef 2022-07-08 16:28:42 +01:00
n1474335 f1d318f229 Updated CHANGELOG 2022-07-08 16:25:59 +01:00
n1474335 a7fc455e05 9.44.0 2022-07-08 16:24:47 +01:00
n1474335 c02c4a72e4 Merge branch 'add-lz-string' of https://github.com/crespyl/CyberChef 2022-07-08 16:23:15 +01:00
n1474335 f97ce18ff9 Updated CHANGELOG 2022-07-08 16:03:42 +01:00
n1474335 dfd9afc2c4 9.43.0 2022-07-08 16:02:35 +01:00
n1474335 eb5663a1ed Tidied ROT brute forcing ops 2022-07-08 16:02:24 +01:00
n1474335 418a7962a5 Merge branch 'rot_bruteforce' of https://github.com/mikecat/CyberChef 2022-07-08 15:55:27 +01:00
n1474335 2ffce23c67 Updated CHANGELOG 2022-07-08 15:52:00 +01:00
n1474335 b828b50ccc 9.42.0 2022-07-08 15:47:42 +01:00
n1474335 a6aa40db97 Tidied LS47 operations 2022-07-08 15:47:35 +01:00
n1474335 45ede4beaf Merge branch 'LS47Cipher' of https://github.com/n1073645/CyberChef 2022-07-08 15:41:16 +01:00
n1474335 98a95c8bbf Updated CHANGELOG 2022-07-08 15:38:12 +01:00
n1474335 74bb8d92dc 9.41.0 2022-07-08 15:36:36 +01:00
n1474335 6cccc2c786 Tidied Caesar Box Cipher 2022-07-08 15:36:30 +01:00
n1474335 99a0a05947 Merge branch 'caesarBoxCipher' of https://github.com/n1073645/CyberChef 2022-07-08 15:32:56 +01:00
n1474335 94700dab89 Updated CHANGELOG 2022-07-08 15:28:39 +01:00
n1474335 c9d29c89bb 9.40.0 2022-07-08 15:27:01 +01:00
n1474335 7d4e554571 Tweaks to P-List Viewer operation 2022-07-08 15:26:33 +01:00