6.6.3

update

README.md

@@ -100,6 +100,6 @@ CyberChef is released under the [Apache 2.0 Licence](https://www.apache.org/lice
   [5]: https://gchq.github.io/CyberChef/#recipe=From_Hexdump()Gunzip()&input=MDAwMDAwMDAgIDFmIDhiIDA4IDAwIDEyIGJjIGYzIDU3IDAwIGZmIDBkIGM3IGMxIDA5IDAwIDIwICB8Li4uLi6881cu/y7HwS4uIHwKMDAwMDAwMTAgIDA4IDA1IGQwIDU1IGZlIDA0IDJkIGQzIDA0IDFmIGNhIDhjIDQ0IDIxIDViIGZmICB8Li7QVf4uLdMuLsouRCFb/3wKMDAwMDAwMjAgIDYwIGM3IGQ3IDAzIDE2IGJlIDQwIDFmIDc4IDRhIDNmIDA5IDg5IDBiIDlhIDdkICB8YMfXLi6%2BQC54Sj8uLi4ufXwKMDAwMDAwMzAgIDRlIGM4IDRlIDZkIDA1IDFlIDAxIDhiIDRjIDI0IDAwIDAwIDAwICAgICAgICAgICB8TshObS4uLi5MJC4uLnw
   [6]: https://gchq.github.io/CyberChef/#recipe=RC4(%7B'option':'UTF8','string':'secret'%7D,'Hex','Hex')Disassemble_x86('64','Full%20x86%20architecture',16,0,true,true)&input=MjFkZGQyNTQwMTYwZWU2NWZlMDc3NzEwM2YyYTM5ZmJlNWJjYjZhYTBhYWJkNDE0ZjkwYzZjYWY1MzEyNzU0YWY3NzRiNzZiM2JiY2QxOTNjYjNkZGZkYmM1YTI2NTMzYTY4NmI1OWI4ZmVkNGQzODBkNDc0NDIwMWFlYzIwNDA1MDcxMzhlMmZlMmIzOTUwNDQ2ZGIzMWQyYmM2MjliZTRkM2YyZWIwMDQzYzI5M2Q3YTVkMjk2MmMwMGZlNmRhMzAwNzJkOGM1YTZiNGZlN2Q4NTlhMDQwZWVhZjI5OTczMzYzMDJmNWEwZWMxOQ
   [7]: https://gchq.github.io/CyberChef/#recipe=Fork('%5C%5Cn','%5C%5Cn',false)From_UNIX_Timestamp('Seconds%20(s)')&input=OTc4MzQ2ODAwCjEwMTI2NTEyMDAKMTA0NjY5NjQwMAoxMDgxMDg3MjAwCjExMTUzMDUyMDAKMTE0OTYwOTYwMA
-  [8]: https://gchq.github.io/CyberChef/#recipe=Fork('%5C%5Cn','%5C%5Cn',false)Conditional_Jump('1',2,10)To_Hex('Space')Return()To_Base64('A-Za-z0-9%2B/%3D')&input=U29tZSBkYXRhIHdpdGggYSAxIGluIGl0ClNvbWUgZGF0YSB3aXRoIGEgMiBpbiBpdA
+  [8]: https://gchq.github.ioeCyberChef/#recipe=Fork('%5C%5Cn','%5C%5Cn',false)Conditional_Jump('1',false,'base64',10)To_Hex('Space')Return()Label('base64')To_Base64('A-Za-z0-9%2B/%3D')&input=U29tZSBkYXRhIHdpdGggYSAxIGluIGl0ClNvbWUgZGF0YSB3aXRoIGEgMiBpbiBpdA
   [9]: https://gchq.github.io/CyberChef/#recipe=Register('key%3D(%5B%5C%5Cda-f%5D*)',true,false)Find_/_Replace(%7B'option':'Regex','string':'.*data%3D(.*)'%7D,'$1',true,false,true)RC4(%7B'option':'Hex','string':'$R0'%7D,'Hex','Latin1')&input=aHR0cDovL21hbHdhcmV6LmJpei9iZWFjb24ucGhwP2tleT0wZTkzMmE1YyZkYXRhPThkYjdkNWViZTM4NjYzYTU0ZWNiYjMzNGUzZGIxMQ
   [10]: https://gchq.github.io/CyberChef/#recipe=XOR(%7B'option':'Hex','string':'3a'%7D,'',false)To_Hexdump(16,false,false)&input=VGhlIGFuc3dlciB0byB0aGUgdWx0aW1hdGUgcXVlc3Rpb24gb2YgbGlmZSwgdGhlIFVuaXZlcnNlLCBhbmQgZXZlcnl0aGluZyBpcyA0Mi4

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "6.5.0",
+  "version": "6.6.3",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "6.5.0",
+  "version": "6.6.3",
   "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
   "author": "n1474335 <n1474335@gmail.com>",
   "homepage": "https://gchq.github.io/CyberChef",

src/core/FlowControl.js

@@ -170,18 +170,14 @@ const FlowControl = {
      */
     runJump: function(state) {
         let ings     = state.opList[state.progress].getIngValues(),
-            jumpNum  = ings[0],
+            jmpIndex = FlowControl._getLabelIndex(ings[0], state),
             maxJumps = ings[1];
 
-        if (jumpNum < 0) {
-            jumpNum--;
-        }
-
-        if (state.numJumps >= maxJumps) {
+        if (state.numJumps >= maxJumps || jmpIndex === -1) {
             return state;
         }
 
-        state.progress += jumpNum;
+        state.progress = jmpIndex;
         state.numJumps++;
         return state;
     },
@@ -201,20 +197,20 @@ const FlowControl = {
         let ings     = state.opList[state.progress].getIngValues(),
             dish     = state.dish,
             regexStr = ings[0],
-            jumpNum  = ings[1],
-            maxJumps = ings[2];
+            invert   = ings[1],
+            jmpIndex = FlowControl._getLabelIndex(ings[2], state),
+            maxJumps = ings[3];
 
-        if (jumpNum < 0) {
-            jumpNum--;
-        }
-
-        if (state.numJumps >= maxJumps) {
+        if (state.numJumps >= maxJumps || jmpIndex === -1) {
             return state;
         }
 
-        if (regexStr !== "" && dish.get(Dish.STRING).search(regexStr) > -1) {
-            state.progress += jumpNum;
-            state.numJumps++;
+        if (regexStr !== "") {
+            let strMatch = dish.get(Dish.STRING).search(regexStr) > -1;
+            if (!invert && strMatch || invert && !strMatch) {
+                state.progress = jmpIndex;
+                state.numJumps++;
+            }
         }
 
         return state;
@@ -249,6 +245,26 @@ const FlowControl = {
         return state;
     },
 
+
+    /**
+     * Returns the index of a label.
+     *
+     * @param {Object} state
+     * @param {string} name
+     * @returns {number}
+     */
+    _getLabelIndex: function(name, state) {
+        for (let o = 0; o < state.opList.length; o++) {
+            let operation = state.opList[o];
+            if (operation.name === "Label"){
+                let ings = operation.getIngValues();
+                if (name === ings[0]) {
+                    return o;
+                }
+            }
+        }
+        return -1;
+    },
 };
 
 export default FlowControl;

src/core/config/Categories.js

@@ -320,6 +320,7 @@ const Categories = [
             "Fork",
             "Merge",
             "Register",
+            "Label",
             "Jump",
             "Conditional Jump",
             "Return",

src/core/config/OperationConfig.js

@@ -137,15 +137,15 @@ const OperationConfig = {
     },
     "Jump": {
         module: "Default",
-        description: "Jump forwards or backwards over the specified number of operations.",
+        description: "Jump forwards or backwards to the specified Label",
         inputType: "string",
         outputType: "string",
         flowControl: true,
         args: [
             {
-                name: "Number of operations to jump over",
-                type: "number",
-                value: 0
+                name: "Label name",
+                type: "string",
+                value: ""
             },
             {
                 name: "Maximum jumps (if jumping backwards)",
@@ -156,7 +156,7 @@ const OperationConfig = {
     },
     "Conditional Jump": {
         module: "Default",
-        description: "Conditionally jump forwards or backwards over the specified number of operations based on whether the data matches the specified regular expression.",
+        description: "Conditionally jump forwards or backwards to the specified Label  based on whether the data matches the specified regular expression.",
         inputType: "string",
         outputType: "string",
         flowControl: true,
@@ -167,9 +167,14 @@ const OperationConfig = {
                 value: ""
             },
             {
-                name: "Number of operations to jump over if match found",
-                type: "number",
-                value: 0
+                name: "Invert match",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "Label name",
+                type: "shortString",
+                value: ""
             },
             {
                 name: "Maximum jumps (if jumping backwards)",
@@ -178,6 +183,20 @@ const OperationConfig = {
             }
         ]
     },
+    "Label": {
+        module: "Default",
+        description: "Provides a location for conditional and fixed jumps to redirect execution to.",
+        inputType: "string",
+        outputType: "string",
+        flowControl: true,
+        args: [
+            {
+                name: "Name",
+                type: "shortString",
+                value: ""
+            }
+        ]
+    },
     "Return": {
         module: "Default",
         description: "End execution of operations at this point in the recipe.",
@@ -3821,7 +3840,7 @@ const OperationConfig = {
     "Generate HOTP": {
         module: "Default",
         description: "The HMAC-based One-Time Password algorithm (HOTP) is an algorithm that computes a one-time password from a shared secret key and an incrementing counter. It has been adopted as Internet Engineering Task Force standard RFC 4226, is the cornerstone of Initiative For Open Authentication (OATH), and is used in a number of two-factor authentication systems.<br><br>Enter the secret as the input or leave it blank for a random secret to be generated.",
-        inputType: "string",
+        inputType: "byteArray",
         outputType: "string",
         args: [
             {

src/core/config/modules/Default.js

@@ -39,6 +39,7 @@ import UUID from "../../operations/UUID.js";
  *  - Utils.js
  *    - CryptoJS
  *  - otp
+ *  - crypto
  *
  * @author n1474335 [n1474335@gmail.com]
  * @copyright Crown Copyright 2017
@@ -151,6 +152,7 @@ OpModules.Default = {
     "Fork":                 FlowControl.runFork,
     "Merge":                FlowControl.runMerge,
     "Register":             FlowControl.runRegister,
+    "Label":                FlowControl.runComment,
     "Jump":                 FlowControl.runJump,
     "Conditional Jump":     FlowControl.runCondJump,
     "Return":               FlowControl.runReturn,

src/core/operations/NetBIOS.js

@@ -26,9 +26,14 @@ const NetBIOS = {
         let output = [],
             offset = args[0];
 
-        for (let i = 0; i < input.length; i++) {
-            output.push((input[i] >> 4) + offset);
-            output.push((input[i] & 0xf) + offset);
+        if (input.length <= 16) {
+            let len = input.length;
+            input.length = 16;
+            input.fill(32, len, 16);
+            for (let i = 0; i < input.length; i++) {
+                output.push((input[i] >> 4) + offset);
+                output.push((input[i] & 0xf) + offset);
+            }
         }
 
         return output;
@@ -46,9 +51,15 @@ const NetBIOS = {
         let output = [],
             offset = args[0];
 
-        for (let i = 0; i < input.length; i += 2) {
-            output.push(((input[i] - offset) << 4) |
-                        ((input[i + 1] - offset) & 0xf));
+        if (input.length <= 32 && (input.length % 2) === 0) {
+            for (let i = 0; i < input.length; i += 2) {
+                output.push((((input[i] & 0xff) - offset) << 4) |
+                            (((input[i + 1] & 0xff) - offset) & 0xf));
+            }
+            for (let i = output.length - 1; i > 0; i--) {
+                if (output[i] === 32) output.splice(i, i);
+                else break;
+            }
         }
 
         return output;

src/core/operations/OTP.js

@@ -1,6 +1,7 @@
 import otp from "otp";
 import Base64 from "./Base64.js";
 
+
 /**
  * One-Time Password operations.
  *

src/core/operations/UUID.js

@@ -1,3 +1,6 @@
+import crypto from "crypto";
+
+
 /**
  * UUID operations.
  *
@@ -17,25 +20,17 @@ const UUID = {
      * @returns {string}
      */
     runGenerateV4: function(input, args) {
-        if (window && typeof(window.crypto) !== "undefined" && typeof(window.crypto.getRandomValues) !== "undefined") {
-            let buf = new Uint32Array(4),
-                i = 0;
-            window.crypto.getRandomValues(buf);
-            return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function(c) {
-                let r = (buf[i >> 3] >> ((i % 8) * 4)) & 0xf,
-                    v = c === "x" ? r : (r & 0x3 | 0x8);
-                i++;
-                return v.toString(16);
-            });
-        } else {
-            return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function(c) {
-                let r = Math.random() * 16 | 0,
-                    v = c === "x" ? r : (r & 0x3 | 0x8);
-                return v.toString(16);
-            });
-        }
-    },
-
+        const buf = new Uint32Array(4).map(() => {
+            return crypto.randomBytes(4).readUInt32BE(0, true);
+        });
+        let i = 0;
+        return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function(c) {
+            let r = (buf[i >> 3] >> ((i % 8) * 4)) & 0xf,
+                v = c === "x" ? r : (r & 0x3 | 0x8);
+            i++;
+            return v.toString(16);
+        });
+    }
 };
 
 export default UUID;

src/web/html/index.html

@@ -428,7 +428,7 @@
                                             <li><a href="#recipe=From_Hexdump()Gunzip()&input=MDAwMDAwMDAgIDFmIDhiIDA4IDAwIDEyIGJjIGYzIDU3IDAwIGZmIDBkIGM3IGMxIDA5IDAwIDIwICB8Li4uLi6881cu/y7HwS4uIHwKMDAwMDAwMTAgIDA4IDA1IGQwIDU1IGZlIDA0IDJkIGQzIDA0IDFmIGNhIDhjIDQ0IDIxIDViIGZmICB8Li7QVf4uLdMuLsouRCFb/3wKMDAwMDAwMjAgIDYwIGM3IGQ3IDAzIDE2IGJlIDQwIDFmIDc4IDRhIDNmIDA5IDg5IDBiIDlhIDdkICB8YMfXLi6%2BQC54Sj8uLi4ufXwKMDAwMDAwMzAgIDRlIGM4IDRlIDZkIDA1IDFlIDAxIDhiIDRjIDI0IDAwIDAwIDAwICAgICAgICAgICB8TshObS4uLi5MJC4uLnw">Convert data from a hexdump, then decompress</a></li>
                                             <li><a href="#recipe=RC4(%7B'option':'UTF8','string':'secret'%7D,'Hex','Hex')Disassemble_x86('64','Full%20x86%20architecture',16,0,true,true)&input=MjFkZGQyNTQwMTYwZWU2NWZlMDc3NzEwM2YyYTM5ZmJlNWJjYjZhYTBhYWJkNDE0ZjkwYzZjYWY1MzEyNzU0YWY3NzRiNzZiM2JiY2QxOTNjYjNkZGZkYmM1YTI2NTMzYTY4NmI1OWI4ZmVkNGQzODBkNDc0NDIwMWFlYzIwNDA1MDcxMzhlMmZlMmIzOTUwNDQ2ZGIzMWQyYmM2MjliZTRkM2YyZWIwMDQzYzI5M2Q3YTVkMjk2MmMwMGZlNmRhMzAwNzJkOGM1YTZiNGZlN2Q4NTlhMDQwZWVhZjI5OTczMzYzMDJmNWEwZWMxOQ">Decrypt and disassemble shellcode</a></li>
                                             <li><a href="#recipe=Fork('%5C%5Cn','%5C%5Cn',false)From_UNIX_Timestamp('Seconds%20(s)')&input=OTc4MzQ2ODAwCjEwMTI2NTEyMDAKMTA0NjY5NjQwMAoxMDgxMDg3MjAwCjExMTUzMDUyMDAKMTE0OTYwOTYwMA">Display multiple timestamps as full dates</a></li>
-                                            <li><a href="#recipe=Fork('%5C%5Cn','%5C%5Cn',false)Conditional_Jump('1',2,10)To_Hex('Space')Return()To_Base64('A-Za-z0-9%2B/%3D')&input=U29tZSBkYXRhIHdpdGggYSAxIGluIGl0ClNvbWUgZGF0YSB3aXRoIGEgMiBpbiBpdA">Carry out different operations on data of different types</a></li>
+                                            <li><a href="#recipe=Fork('%5C%5Cn','%5C%5Cn',false)Conditional_Jump('1',false,'base64',10)To_Hex('Space')Return()Label('base64')To_Base64('A-Za-z0-9%2B/%3D')&input=U29tZSBkYXRhIHdpdGggYSAxIGluIGl0ClNvbWUgZGF0YSB3aXRoIGEgMiBpbiBpdA">Carry out different operations on data of different types</a></li>
                                             <li><a href="#recipe=Register('key%3D(%5B%5C%5Cda-f%5D*)',true,false)Find_/_Replace(%7B'option':'Regex','string':'.*data%3D(.*)'%7D,'$1',true,false,true)RC4(%7B'option':'Hex','string':'$R0'%7D,'Hex','Latin1')&input=aHR0cDovL21hbHdhcmV6LmJpei9iZWFjb24ucGhwP2tleT0wZTkzMmE1YyZkYXRhPThkYjdkNWViZTM4NjYzYTU0ZWNiYjMzNGUzZGIxMQ">Use parts of the input as arguments to operations</a></li>
                                         </ul>
                                     </div>

test/index.js

@@ -26,6 +26,8 @@ import "./tests/operations/Image.js";
 import "./tests/operations/MorseCode.js";
 import "./tests/operations/MS.js";
 import "./tests/operations/PHP.js";
+import "./tests/operations/NetBIOS.js";
+import "./tests/operations/OTP.js";
 import "./tests/operations/StrUtils.js";
 import "./tests/operations/SeqUtils.js";
 

test/tests/operations/FlowControl.js

@@ -60,14 +60,15 @@ TestRegister.addTests([
         expectedOutput: "U29tZSBkYXRhIHdpdGggYSAxIGluIGl0\n53 6f 6d 65 20 64 61 74 61 20 77 69 74 68 20 61 20 32 20 69 6e 20 69 74\n",
         recipeConfig: [
             {"op": "Fork", "args": ["\\n", "\\n", false]},
-            {"op": "Conditional Jump", "args": ["1", "2", "10"]},
+            {"op": "Conditional Jump", "args": ["1", false, "skipReturn", "10"]},
             {"op": "To Hex", "args": ["Space"]},
             {"op": "Return", "args": []},
+            {"op": "Label", "args": ["skipReturn"]},
             {"op": "To Base64", "args": ["A-Za-z0-9+/="]}
         ]
     },
     {
-        name: "Jump: skips 0",
+        name: "Jump: Empty Label",
         input: [
             "should be changed",
         ].join("\n"),
@@ -77,7 +78,7 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 op: "Jump",
-                args: [0, 10],
+                args: ["", 10],
             },
             {
                 op: "Find / Replace",
@@ -105,7 +106,7 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 op: "Jump",
-                args: [1, 10],
+                args: ["skipReplace", 10],
             },
             {
                 op: "Find / Replace",
@@ -120,6 +121,10 @@ TestRegister.addTests([
                     true,
                 ],
             },
+            {
+                op: "Label",
+                args: ["skipReplace"]
+            },
         ],
     },
     {
@@ -137,7 +142,7 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 op: "Conditional Jump",
-                args: ["match", 0, 0],
+                args: ["match", false, "", 0],
             },
             {
                 op: "Find / Replace",
@@ -212,7 +217,7 @@ TestRegister.addTests([
         recipeConfig: [
             {
                 op: "Conditional Jump",
-                args: ["match", 1, 10],
+                args: ["match", false, "skip match", 10],
             },
             {
                 op: "Find / Replace",
@@ -227,6 +232,9 @@ TestRegister.addTests([
                     true,
                 ],
             },
+            {
+                op: "Label", args: ["skip match"],
+            },
             {
                 op: "Find / Replace",
                 args: [
@@ -251,9 +259,13 @@ TestRegister.addTests([
             "replaced",
         ].join("\n"),
         recipeConfig: [
+            {
+                op: "Label",
+                args: ["back to the beginning"],
+            },
             {
                 op: "Jump",
-                args: [1],
+                args: ["skip replace"],
             },
             {
                 op: "Find / Replace",
@@ -268,9 +280,13 @@ TestRegister.addTests([
                     true,
                 ],
             },
+            {
+                op: "Label",
+                args: ["skip replace"],
+            },
             {
                 op: "Conditional Jump",
-                args: ["match", -2, 10],
+                args: ["match", false, "back to the beginning", 10],
             },
         ],
     },

test/tests/operations/NetBIOS.js

@@ -0,0 +1,34 @@
+/**
+ * NetBIOS tests.
+ *
+ * @author bwhitn [brian.m.whitney@outlook.com]
+ *
+ * @copyright Crown Copyright 2017
+ * @license Apache-2.0
+ */
+import TestRegister from "../../TestRegister.js";
+
+TestRegister.addTests([
+    {
+        name: "Encode NetBIOS name",
+        input: "The NetBIOS name",
+        expectedOutput: "FEGIGFCAEOGFHEECEJEPFDCAGOGBGNGF",
+        recipeConfig: [
+            {
+                op: "Encode NetBIOS Name",
+                args: [65],
+            },
+        ],
+    },
+    {
+        name: "Decode NetBIOS Name",
+        input: "FEGIGFCAEOGFHEECEJEPFDCAGOGBGNGF",
+        expectedOutput: "The NetBIOS name",
+        recipeConfig: [
+            {
+                op: "Decode NetBIOS Name",
+                args: [65],
+            },
+        ],
+    },
+]);

test/tests/operations/OTP.js

@@ -0,0 +1,23 @@
+/**
+ * OTP HOTP tests.
+ *
+ * @author bwhitn [brian.m.whitney@outlook.com]
+ *
+ * @copyright Crown Copyright 2017
+ * @license Apache-2.0
+ */
+import TestRegister from "../../TestRegister.js";
+
+TestRegister.addTests([
+    {
+        name: "Generate HOTP",
+        input: "12345678901234567890",
+        expectedOutput: "URI: otpauth://hotp/OTPAuthentication?secret=GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ\n\nPassword: 755224",
+        recipeConfig: [
+            {
+                op: "Generate HOTP",
+                args: ["", 32, 6, 0],
+            },
+        ],
+    },
+]);