9.2.1

Also add test cases covering interchanging between all four
formats.

CHANGELOG.md

@@ -2,11 +2,12 @@
 All major and minor version changes will be documented in this file. Details of patch-level version changes can be found in [commit messages](https://github.com/gchq/CyberChef/commits/master).
 
 
-### [9.2.0] - 2019-08-13
-- 'Defang IP Addresses' operation added [@h345983745] | [#556]
+### [9.2.0] - 2019-08-23
+- 'Parse UDP' operation added [@h345983745] | [#614]
 
-### [9.1.0] - 2019-08-13
+### [9.1.0] - 2019-08-22
 - 'Parse SSH Host Key' operation added [@j433866] | [#595]
+- 'Defang IP Addresses' operation added [@h345983745] | [#556]
 
 ## [9.0.0] - 2019-07-09
 - [Multiple inputs](https://github.com/gchq/CyberChef/wiki/Multiple-Inputs) are now supported in the main web UI, allowing you to upload and process multiple files at once [@j433866] | [#566]
@@ -289,3 +290,4 @@ All major and minor version changes will be documented in this file. Details of
 [#585]: https://github.com/gchq/CyberChef/pull/585
 [#591]: https://github.com/gchq/CyberChef/pull/591
 [#595]: https://github.com/gchq/CyberChef/pull/595
+[#614]: https://github.com/gchq/CyberChef/pull/614

README.md

@@ -3,7 +3,6 @@
 [![Build Status](https://travis-ci.org/gchq/CyberChef.svg?branch=master)](https://travis-ci.org/gchq/CyberChef)
 [![dependencies Status](https://david-dm.org/gchq/CyberChef/status.svg)](https://david-dm.org/gchq/CyberChef)
 [![npm](https://img.shields.io/npm/v/cyberchef.svg)](https://www.npmjs.com/package/cyberchef)
-![](https://reposs.herokuapp.com/?path=gchq/CyberChef&color=blue)
 [![](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://github.com/gchq/CyberChef/blob/master/LICENSE)
 [![Gitter](https://badges.gitter.im/gchq/CyberChef.svg)](https://gitter.im/gchq/CyberChef?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
 

SECURITY.md

@@ -0,0 +1,26 @@
+# Security Policy
+
+## Supported Versions
+
+CyberChef is supported on a best endeavours basis. Patches will be applied to
+the latest version rather than retroactively to older versions. To ensure you
+are using the most secure version of CyberChef, please make sure you have the
+[latest release](https://github.com/gchq/CyberChef/releases/latest). The
+official [live demo](https://gchq.github.io/CyberChef/) is always up to date.
+
+## Reporting a Vulnerability
+
+In most scenarios, the most appropriate way to report a vulnerability is to
+[raise a new issue](https://github.com/gchq/CyberChef/issues/new/choose)
+describing the problem in as much detail as possible, ideally with examples.
+This will obviously be public. If you feel that the vulnerability is
+significant enough to warrant a private disclosure, please email
+[oss@gchq.gov.uk](mailto:oss@gchq.gov.uk) and
+[n1474335@gmail.com](mailto:n1474335@gmail.com).
+
+Disclosures of vulnerabilities in CyberChef are always welcomed. Whilst we aim
+to write clean and secure code free from bugs, we recognise that this is an open
+source project written by analysts in their spare time, relying on dozens of
+open source libraries that are modified and updated on a regular basis. We hope
+that the community will continue to support us as we endeavour to maintain and
+develop this tool together.

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "9.0.10",
+  "version": "9.2.1",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cyberchef",
-  "version": "9.0.10",
+  "version": "9.2.1",
   "description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
   "author": "n1474335 <n1474335@gmail.com>",
   "homepage": "https://gchq.github.io/CyberChef",

src/core/config/Categories.json

@@ -167,6 +167,7 @@
             "Parse IP range",
             "Parse IPv6 address",
             "Parse IPv4 header",
+            "Parse UDP",
             "Parse SSH Host Key",
             "Parse URI",
             "URL Encode",

src/core/operations/ChangeIPFormat.mjs

@@ -29,12 +29,12 @@ class ChangeIPFormat extends Operation {
             {
                 "name": "Input format",
                 "type": "option",
-                "value": ["Dotted Decimal", "Decimal", "Hex"]
+                "value": ["Dotted Decimal", "Decimal", "Octal", "Hex"]
             },
             {
                 "name": "Output format",
                 "type": "option",
-                "value": ["Dotted Decimal", "Decimal", "Hex"]
+                "value": ["Dotted Decimal", "Decimal", "Octal", "Hex"]
             }
         ];
     }
@@ -54,7 +54,6 @@ class ChangeIPFormat extends Operation {
             if (lines[i] === "") continue;
             let baIp = [];
             let octets;
-            let decimal;
 
             if (inFormat === outFormat) {
                 output += lines[i] + "\n";
@@ -70,11 +69,10 @@ class ChangeIPFormat extends Operation {
                     }
                     break;
                 case "Decimal":
-                    decimal = lines[i].toString();
-                    baIp.push(decimal >> 24 & 255);
-                    baIp.push(decimal >> 16 & 255);
-                    baIp.push(decimal >> 8 & 255);
-                    baIp.push(decimal & 255);
+                    baIp = this.fromNumber(lines[i].toString(), 10);
+                    break;
+                case "Octal":
+                    baIp = this.fromNumber(lines[i].toString(), 8);
                     break;
                 case "Hex":
                     baIp = fromHex(lines[i]);
@@ -100,6 +98,10 @@ class ChangeIPFormat extends Operation {
                     decIp = ((baIp[0] << 24) | (baIp[1] << 16) | (baIp[2] << 8) | baIp[3]) >>> 0;
                     output += decIp.toString() + "\n";
                     break;
+                case "Octal":
+                    decIp = ((baIp[0] << 24) | (baIp[1] << 16) | (baIp[2] << 8) | baIp[3]) >>> 0;
+                    output += "0" + decIp.toString(8) + "\n";
+                    break;
                 case "Hex":
                     hexIp = "";
                     for (j = 0; j < baIp.length; j++) {
@@ -115,6 +117,22 @@ class ChangeIPFormat extends Operation {
         return output.slice(0, output.length-1);
     }
 
+    /**
+     * Constructs an array of IP address octets from a numerical value.
+     * @param {string} value The value of the IP address
+     * @param {number} radix The numeral system to be used
+     * @returns {number[]}
+     */
+    fromNumber(value, radix) {
+        const decimal = parseInt(value, radix);
+        const baIp = [];
+        baIp.push(decimal >> 24 & 255);
+        baIp.push(decimal >> 16 & 255);
+        baIp.push(decimal >> 8 & 255);
+        baIp.push(decimal & 255);
+        return baIp;
+    }
+
 }
 
 export default ChangeIPFormat;

src/core/operations/ParseUDP.mjs

@@ -0,0 +1,84 @@
+/**
+ * @author h345983745 []
+ * @copyright Crown Copyright 2019
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation.mjs";
+import Stream from "../lib/Stream.mjs";
+import {toHex} from "../lib/Hex.mjs";
+import OperationError from "../errors/OperationError.mjs";
+
+/**
+ * Parse UDP operation
+ */
+class ParseUDP extends Operation {
+
+    /**
+     * ParseUDP constructor
+     */
+    constructor() {
+        super();
+
+        this.name = "Parse UDP";
+        this.module = "Default";
+        this.description = "Parses a UDP header and payload (if present).";
+        this.infoURL = "https://wikipedia.org/wiki/User_Datagram_Protocol";
+        this.inputType = "ArrayBuffer";
+        this.outputType = "json";
+        this.presentType = "html";
+        this.args = [];
+    }
+
+    /**
+     * @param {ArrayBuffer} input
+     * @returns {Object}
+     */
+    run(input, args) {
+        if (input.byteLength < 8) {
+            throw new OperationError("Need 8 bytes for a UDP Header");
+        }
+
+        const s = new Stream(new Uint8Array(input));
+        // Parse Header
+        const UDPPacket = {
+            "Source port": s.readInt(2),
+            "Destination port": s.readInt(2),
+            "Length": s.readInt(2),
+            "Checksum": toHex(s.getBytes(2), "")
+        };
+        // Parse data if present
+        if (s.hasMore()) {
+            UDPPacket.Data = toHex(s.getBytes(UDPPacket.Length - 8), "");
+        }
+
+        return UDPPacket;
+    }
+
+    /**
+     * Displays the UDP Packet in a table style
+     * @param {Object} data
+     * @returns {html}
+     */
+    present(data) {
+        const html = [];
+        html.push("<table class='table table-hover table-sm table-bordered table-nonfluid' style='table-layout: fixed'>");
+        html.push("<tr>");
+        html.push("<th>Field</th>");
+        html.push("<th>Value</th>");
+        html.push("</tr>");
+
+        for (const key in data) {
+            html.push("<tr>");
+            html.push("<td style=\"word-wrap:break-word\">" + key + "</td>");
+            html.push("<td>" + data[key] + "</td>");
+            html.push("</tr>");
+        }
+        html.push("</table>");
+        return html.join("");
+    }
+
+}
+
+
+export default ParseUDP;

src/core/operations/ScanForEmbeddedFiles.mjs

@@ -41,7 +41,7 @@ class ScanForEmbeddedFiles extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        let output = "Scanning data for 'magic bytes' which may indicate embedded files. The following results may be false positives and should not be treat as reliable. Any suffiently long file is likely to contain these magic bytes coincidentally.\n",
+        let output = "Scanning data for 'magic bytes' which may indicate embedded files. The following results may be false positives and should not be treat as reliable. Any sufficiently long file is likely to contain these magic bytes coincidentally.\n",
             numFound = 0;
         const categories = [],
             data = new Uint8Array(input);

tests/operations/index.mjs

@@ -26,6 +26,7 @@ import "./tests/BitwiseOp";
 import "./tests/ByteRepr";
 import "./tests/CartesianProduct";
 import "./tests/CharEnc";
+import "./tests/ChangeIPFormat";
 import "./tests/Charts";
 import "./tests/Checksum";
 import "./tests/Ciphers";
@@ -88,6 +89,7 @@ import "./tests/BLAKE2s";
 import "./tests/Protobuf";
 import "./tests/ParseSSHHostKey";
 import "./tests/DefangIP";
+import "./tests/ParseUDP";
 
 // Cannot test operations that use the File type yet
 //import "./tests/SplitColourChannels";

tests/operations/tests/ChangeIPFormat.mjs

@@ -0,0 +1,52 @@
+/**
+ * Change IP format tests.
+ *
+ * @author Chris Smith
+ * @copyright Crown Copyright 2019
+ * @license Apache-2.0
+ */
+import TestRegister from "../../lib/TestRegister.mjs";
+
+TestRegister.addTests([
+    {
+        name: "Change IP format: Dotted Decimal to Hex",
+        input: "192.168.1.1",
+        expectedOutput: "c0a80101",
+        recipeConfig: [
+            {
+                op: "Change IP format",
+                args: ["Dotted Decimal", "Hex"],
+            },
+        ],
+    }, {
+        name: "Change IP format: Decimal to Dotted Decimal",
+        input: "3232235777",
+        expectedOutput: "192.168.1.1",
+        recipeConfig: [
+            {
+                op: "Change IP format",
+                args: ["Decimal", "Dotted Decimal"],
+            },
+        ],
+    }, {
+        name: "Change IP format: Hex to Octal",
+        input: "c0a80101",
+        expectedOutput: "030052000401",
+        recipeConfig: [
+            {
+                op: "Change IP format",
+                args: ["Hex", "Octal"],
+            },
+        ],
+    }, {
+        name: "Change IP format: Octal to Decimal",
+        input: "030052000401",
+        expectedOutput: "3232235777",
+        recipeConfig: [
+            {
+                op: "Change IP format",
+                args: ["Octal", "Decimal"],
+            },
+        ],
+    },
+]);

tests/operations/tests/ParseUDP.mjs

@@ -0,0 +1,68 @@
+/**
+ * Parse UDP tests.
+ *
+ * @author h345983745
+ *
+ * @copyright Crown Copyright 2019
+ * @license Apache-2.0
+ */
+import TestRegister from "../../lib/TestRegister.mjs";
+
+TestRegister.addTests([
+    {
+        name: "Parse UDP: No Data - JSON",
+        input: "04 89 00 35 00 2c 01 01",
+        expectedOutput: "{\"Source port\":1161,\"Destination port\":53,\"Length\":44,\"Checksum\":\"0101\"}",
+        recipeConfig: [
+            {
+                op: "From Hex",
+                args: ["Auto"],
+            },
+            {
+                op: "Parse UDP",
+                args: [],
+            },
+            {
+                op: "JSON Minify",
+                args: [],
+            },
+        ],
+    }, {
+        name: "Parse UDP: With Data - JSON",
+        input: "04 89 00 35 00 2c 01 01 02 02",
+        expectedOutput: "{\"Source port\":1161,\"Destination port\":53,\"Length\":44,\"Checksum\":\"0101\",\"Data\":\"0202\"}",
+        recipeConfig: [
+            {
+                op: "From Hex",
+                args: ["Auto"],
+            },
+            {
+                op: "Parse UDP",
+                args: [],
+            },
+            {
+                op: "JSON Minify",
+                args: [],
+            },
+        ],
+    },
+    {
+        name: "Parse UDP: Not Enough Bytes",
+        input: "04 89 00",
+        expectedOutput: "Need 8 bytes for a UDP Header",
+        recipeConfig: [
+            {
+                op: "From Hex",
+                args: ["Auto"],
+            },
+            {
+                op: "Parse UDP",
+                args: [],
+            },
+            {
+                op: "JSON Minify",
+                args: [],
+            },
+        ],
+    }
+]);