mirror of
https://github.com/gchq/CyberChef
synced 2025-12-16 00:04:20 +00:00
Compare commits
55 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
c9d29c89bb | ||
|
|
7d4e554571 | ||
|
|
2858a74cbf | ||
|
|
28e599a835 | ||
|
|
1fb1d9cbb7 | ||
|
|
2f097e5dfc | ||
|
|
b71e3241be | ||
|
|
4b018bf421 | ||
|
|
f751de896f | ||
|
|
65aeae9c1e | ||
|
|
80943b0c26 | ||
|
|
a9657ac5c7 | ||
|
|
6fa2e49f3a | ||
|
|
50f0f70805 | ||
|
|
fc95d82c49 | ||
|
|
bb6c1c54ff | ||
|
|
c4414bd910 | ||
|
42c911838d | ||
|
|
8917eabfd1 | ||
|
|
fc91469807 | ||
|
1735d9c091 | ||
|
|
00d754d466 | ||
|
|
906727f133 | ||
|
|
191d7f11f7 | ||
|
|
54fdc05e3a | ||
|
|
2267569c8d | ||
|
|
2f53ee3974 | ||
|
|
a3b846638f | ||
|
|
cc3033266c | ||
|
|
23b168515c | ||
|
|
049690fea2 | ||
|
|
d3de91de85 | ||
|
|
64eae37788 | ||
|
|
8c71b0b8df | ||
|
|
2bf1ac6b9c | ||
|
|
7197a434c2 | ||
|
|
5349115b94 | ||
|
|
4274e8f3a2 | ||
|
|
7610e159a3 | ||
|
|
9ec94434bb | ||
|
|
1ab444bda2 | ||
|
|
3990ba774f | ||
|
1fea9a25a5 | ||
|
f5a7db03cd | ||
|
|
ee408f7add | ||
|
|
1294d764e2 | ||
|
|
eab1be0e2c | ||
|
|
15dd9d4c93 | ||
|
|
103ecff6a7 | ||
|
|
0182cdda69 | ||
|
|
d8405e5f81 | ||
|
|
0295d0c9b4 | ||
|
|
8e1e1d56ca | ||
|
|
63bb19d48d | ||
|
|
e92ed13864 |
@@ -13,6 +13,9 @@ All major and minor version changes will be documented in this file. Details of
|
||||
|
||||
## Details
|
||||
|
||||
### [9.39.0] - 2022-06-09
|
||||
- Added 'ELF Info' operation [@n1073645] | [#1364]
|
||||
|
||||
### [9.38.0] - 2022-05-30
|
||||
- Added 'Parse TCP' operation [@n1474335] | [a895d1d]
|
||||
|
||||
@@ -291,6 +294,7 @@ All major and minor version changes will be documented in this file. Details of
|
||||
|
||||
|
||||
|
||||
[9.39.0]: https://github.com/gchq/CyberChef/releases/tag/v9.39.0
|
||||
[9.38.0]: https://github.com/gchq/CyberChef/releases/tag/v9.38.0
|
||||
[9.37.0]: https://github.com/gchq/CyberChef/releases/tag/v9.37.0
|
||||
[9.36.0]: https://github.com/gchq/CyberChef/releases/tag/v9.36.0
|
||||
@@ -508,3 +512,4 @@ All major and minor version changes will be documented in this file. Details of
|
||||
[#1244]: https://github.com/gchq/CyberChef/pull/1244
|
||||
[#1313]: https://github.com/gchq/CyberChef/pull/1313
|
||||
[#1326]: https://github.com/gchq/CyberChef/pull/1326
|
||||
[#1364]: https://github.com/gchq/CyberChef/pull/1364
|
||||
|
||||
9
package-lock.json
generated
9
package-lock.json
generated
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "cyberchef",
|
||||
"version": "9.38.6",
|
||||
"version": "9.40.0",
|
||||
"lockfileVersion": 2,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "cyberchef",
|
||||
"version": "9.38.6",
|
||||
"version": "9.40.0",
|
||||
"hasInstallScript": true,
|
||||
"license": "Apache-2.0",
|
||||
"dependencies": {
|
||||
@@ -45,6 +45,7 @@
|
||||
"js-crc": "^0.2.0",
|
||||
"js-sha3": "^0.8.0",
|
||||
"jsesc": "^3.0.2",
|
||||
"json5": "^2.2.1",
|
||||
"jsonpath": "^1.1.1",
|
||||
"jsonwebtoken": "^8.5.1",
|
||||
"jsqr": "^1.4.0",
|
||||
@@ -9489,7 +9490,6 @@
|
||||
"version": "2.2.1",
|
||||
"resolved": "https://registry.npmjs.org/json5/-/json5-2.2.1.tgz",
|
||||
"integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==",
|
||||
"dev": true,
|
||||
"bin": {
|
||||
"json5": "lib/cli.js"
|
||||
},
|
||||
@@ -23014,8 +23014,7 @@
|
||||
"json5": {
|
||||
"version": "2.2.1",
|
||||
"resolved": "https://registry.npmjs.org/json5/-/json5-2.2.1.tgz",
|
||||
"integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==",
|
||||
"dev": true
|
||||
"integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA=="
|
||||
},
|
||||
"jsonpath": {
|
||||
"version": "1.1.1",
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "cyberchef",
|
||||
"version": "9.38.6",
|
||||
"version": "9.40.0",
|
||||
"description": "The Cyber Swiss Army Knife for encryption, encoding, compression and data analysis.",
|
||||
"author": "n1474335 <n1474335@gmail.com>",
|
||||
"homepage": "https://gchq.github.io/CyberChef",
|
||||
@@ -122,6 +122,7 @@
|
||||
"js-crc": "^0.2.0",
|
||||
"js-sha3": "^0.8.0",
|
||||
"jsesc": "^3.0.2",
|
||||
"json5": "^2.2.1",
|
||||
"jsonpath": "^1.1.1",
|
||||
"jsonwebtoken": "^8.5.1",
|
||||
"jsqr": "^1.4.0",
|
||||
|
||||
@@ -413,7 +413,8 @@
|
||||
"Extract RGBA",
|
||||
"View Bit Plane",
|
||||
"Randomize Colour Palette",
|
||||
"Extract LSB"
|
||||
"Extract LSB",
|
||||
"ELF Info"
|
||||
]
|
||||
},
|
||||
{
|
||||
@@ -456,6 +457,7 @@
|
||||
"Frequency distribution",
|
||||
"Index of Coincidence",
|
||||
"Chi Square",
|
||||
"P-list Viewer",
|
||||
"Disassemble x86",
|
||||
"Pseudo-Random Number Generator",
|
||||
"Generate UUID",
|
||||
|
||||
@@ -131,7 +131,7 @@ const getFeature = function() {
|
||||
|
||||
// PR IDs
|
||||
prIDs.forEach(prID => {
|
||||
changelogData = changelogData.replace(/(\n\[#[^\]]+\]: https:\/\/github.com\/gchq\/CyberChef\/pull\/[^\n]+\n)\n/, "$1" + prID + "\n\n");
|
||||
changelogData = changelogData.replace(/(\n\[#[^\]]+\]: https:\/\/github.com\/gchq\/CyberChef\/pull\/[^\n]+\n)\n*$/, "$1" + prID + "\n\n");
|
||||
});
|
||||
|
||||
fs.writeFileSync(path.join(process.cwd(), "CHANGELOG.md"), changelogData);
|
||||
|
||||
@@ -130,10 +130,11 @@ export function fromBase64(data, alphabet="A-Za-z0-9+/=", returnType="string", r
|
||||
i = 0;
|
||||
|
||||
while (i < data.length) {
|
||||
enc1 = alphabet.indexOf(data.charAt(i++));
|
||||
enc2 = alphabet.indexOf(data.charAt(i++));
|
||||
enc3 = alphabet.indexOf(data.charAt(i++));
|
||||
enc4 = alphabet.indexOf(data.charAt(i++));
|
||||
// Including `|| null` forces empty strings to null so that indexOf returns -1 instead of 0
|
||||
enc1 = alphabet.indexOf(data.charAt(i++) || null);
|
||||
enc2 = alphabet.indexOf(data.charAt(i++) || null);
|
||||
enc3 = alphabet.indexOf(data.charAt(i++) || null);
|
||||
enc4 = alphabet.indexOf(data.charAt(i++) || null);
|
||||
|
||||
if (strictMode && (enc1 < 0 || enc2 < 0 || enc3 < 0 || enc4 < 0)) {
|
||||
throw new OperationError("Error: Base64 input contains non-alphabet char(s)");
|
||||
@@ -143,13 +144,13 @@ export function fromBase64(data, alphabet="A-Za-z0-9+/=", returnType="string", r
|
||||
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
|
||||
chr3 = ((enc3 & 3) << 6) | enc4;
|
||||
|
||||
if (chr1 < 256) {
|
||||
if (chr1 >= 0 && chr1 < 256) {
|
||||
output.push(chr1);
|
||||
}
|
||||
if (chr2 < 256 && enc3 !== 64) {
|
||||
if (chr2 >= 0 && chr2 < 256 && enc3 !== 64) {
|
||||
output.push(chr2);
|
||||
}
|
||||
if (chr3 < 256 && enc4 !== 64) {
|
||||
if (chr3 >= 0 && chr3 < 256 && enc4 !== 64) {
|
||||
output.push(chr3);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
import Utils from "../Utils.mjs";
|
||||
|
||||
/**
|
||||
* Base85 resources.
|
||||
*
|
||||
@@ -32,13 +34,12 @@ export const ALPHABET_OPTIONS = [
|
||||
* @returns {string}
|
||||
*/
|
||||
export function alphabetName(alphabet) {
|
||||
alphabet = alphabet.replace(/'/g, "'");
|
||||
alphabet = alphabet.replace(/"/g, """);
|
||||
alphabet = alphabet.replace(/\\/g, "\");
|
||||
alphabet = escape(alphabet);
|
||||
let name;
|
||||
|
||||
ALPHABET_OPTIONS.forEach(function(a) {
|
||||
if (escape(alphabet) === escape(a.value)) name = a.name;
|
||||
const expanded = Utils.expandAlphRange(a.value).join("");
|
||||
if (alphabet === escape(expanded)) name = a.name;
|
||||
});
|
||||
|
||||
return name;
|
||||
|
||||
@@ -70,7 +70,7 @@ export const FILE_SIGNATURES = {
|
||||
10: 0x42,
|
||||
11: 0x50
|
||||
},
|
||||
extractor: null
|
||||
extractor: extractWEBP
|
||||
},
|
||||
{
|
||||
name: "Camera Image File Format",
|
||||
@@ -3032,6 +3032,30 @@ export function extractPNG(bytes, offset) {
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* WEBP extractor.
|
||||
*
|
||||
* @param {Uint8Array} bytes
|
||||
* @param {number} offset
|
||||
* @returns {Uint8Array}
|
||||
*/
|
||||
export function extractWEBP(bytes, offset) {
|
||||
const stream = new Stream(bytes.slice(offset));
|
||||
|
||||
// Move to file size offset.
|
||||
stream.moveForwardsBy(4);
|
||||
|
||||
// Read file size field.
|
||||
const fileSize = stream.readInt(4, "le");
|
||||
|
||||
// Move to end of file.
|
||||
// There is no need to minus 8 from the size as the size factors in the offset.
|
||||
stream.moveForwardsBy(fileSize);
|
||||
|
||||
return stream.carve();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* BMP extractor.
|
||||
*
|
||||
|
||||
@@ -9,35 +9,25 @@
|
||||
import { toHex, fromHex } from "./Hex.mjs";
|
||||
|
||||
/**
|
||||
* Formats Distinguished Name (DN) strings.
|
||||
* Formats Distinguished Name (DN) objects to strings.
|
||||
*
|
||||
* @param {string} dnStr
|
||||
* @param {Object} dnObj
|
||||
* @param {number} indent
|
||||
* @returns {string}
|
||||
*/
|
||||
export function formatDnStr(dnStr, indent) {
|
||||
const fields = dnStr.substr(1).replace(/([^\\])\//g, "$1$1/").split(/[^\\]\//);
|
||||
let output = "",
|
||||
maxKeyLen = 0,
|
||||
key,
|
||||
value,
|
||||
i,
|
||||
str;
|
||||
export function formatDnObj(dnObj, indent) {
|
||||
let output = "";
|
||||
|
||||
for (i = 0; i < fields.length; i++) {
|
||||
if (!fields[i].length) continue;
|
||||
const maxKeyLen = dnObj.array.reduce((max, item) => {
|
||||
return item[0].type.length > max ? item[0].type.length : max;
|
||||
}, 0);
|
||||
|
||||
key = fields[i].split("=")[0];
|
||||
for (let i = 0; i < dnObj.array.length; i++) {
|
||||
if (!dnObj.array[i].length) continue;
|
||||
|
||||
maxKeyLen = key.length > maxKeyLen ? key.length : maxKeyLen;
|
||||
}
|
||||
|
||||
for (i = 0; i < fields.length; i++) {
|
||||
if (!fields[i].length) continue;
|
||||
|
||||
key = fields[i].split("=")[0];
|
||||
value = fields[i].split("=")[1];
|
||||
str = key.padEnd(maxKeyLen, " ") + " = " + value + "\n";
|
||||
const key = dnObj.array[i][0].type;
|
||||
const value = dnObj.array[i][0].value;
|
||||
const str = `${key.padEnd(maxKeyLen, " ")} = ${value}\n`;
|
||||
|
||||
output += str.padStart(indent + str.length, " ");
|
||||
}
|
||||
|
||||
@@ -48,12 +48,14 @@ export default class Stream {
|
||||
* Interpret the following bytes as a string, stopping at the next null byte or
|
||||
* the supplied limit.
|
||||
*
|
||||
* @param {number} numBytes
|
||||
* @param {number} [numBytes=-1]
|
||||
* @returns {string}
|
||||
*/
|
||||
readString(numBytes) {
|
||||
readString(numBytes=-1) {
|
||||
if (this.position > this.length) return undefined;
|
||||
|
||||
if (numBytes === -1) numBytes = this.length - this.position;
|
||||
|
||||
let result = "";
|
||||
for (let i = this.position; i < this.position + numBytes; i++) {
|
||||
const currentByte = this.bytes[i];
|
||||
|
||||
@@ -64,6 +64,7 @@ class ConditionalJump extends Operation {
|
||||
jmpIndex = getLabelIndex(label, state);
|
||||
|
||||
if (state.numJumps >= maxJumps || jmpIndex === -1) {
|
||||
state.numJumps = 0;
|
||||
return state;
|
||||
}
|
||||
|
||||
@@ -73,6 +74,8 @@ class ConditionalJump extends Operation {
|
||||
if (!invert && strMatch || invert && !strMatch) {
|
||||
state.progress = jmpIndex;
|
||||
state.numJumps++;
|
||||
} else {
|
||||
state.numJumps = 0;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
913
src/core/operations/ELFInfo.mjs
Normal file
913
src/core/operations/ELFInfo.mjs
Normal file
@@ -0,0 +1,913 @@
|
||||
/**
|
||||
* @author n1073645 [n1073645@gmail.com]
|
||||
* @copyright Crown Copyright 2022
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
|
||||
import Operation from "../Operation.mjs";
|
||||
import Stream from "../lib/Stream.mjs";
|
||||
import Utils from "../Utils.mjs";
|
||||
import OperationError from "../errors/OperationError.mjs";
|
||||
|
||||
/**
|
||||
* ELF Info operation
|
||||
*/
|
||||
class ELFInfo extends Operation {
|
||||
|
||||
/**
|
||||
* ELFInfo constructor
|
||||
*/
|
||||
constructor() {
|
||||
super();
|
||||
|
||||
this.name = "ELF Info";
|
||||
this.module = "Default";
|
||||
this.description = "Implements readelf-like functionality. This operation will extract the ELF Header, Program Headers, Section Headers and Symbol Table for an ELF file.";
|
||||
this.infoURL = "https://www.wikipedia.org/wiki/Executable_and_Linkable_Format";
|
||||
this.inputType = "ArrayBuffer";
|
||||
this.outputType = "string";
|
||||
this.args = [];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param {ArrayBuffer} input
|
||||
* @param {Object[]} args
|
||||
* @returns {string}
|
||||
*/
|
||||
run(input, args) {
|
||||
let phoff = 0;
|
||||
let phEntries = 0;
|
||||
let shoff = 0;
|
||||
let shEntries = 0;
|
||||
let shentSize = 0;
|
||||
let entry = 0;
|
||||
let format = 0;
|
||||
let endianness = "";
|
||||
let shstrtab = 0;
|
||||
|
||||
let namesOffset = 0;
|
||||
|
||||
let symtabOffset = 0;
|
||||
let symtabSize = 0;
|
||||
let symtabEntSize = 0;
|
||||
|
||||
let strtabOffset = 0;
|
||||
const align = 30;
|
||||
|
||||
/**
|
||||
* This function reads characters until it hits a null terminator.
|
||||
*
|
||||
* @param {stream} stream
|
||||
* @param {integer} namesOffset
|
||||
* @param {integer} nameOffset
|
||||
* @returns {string}
|
||||
*/
|
||||
function readString(stream, namesOffset, nameOffset) {
|
||||
const preMove = stream.position;
|
||||
stream.moveTo(namesOffset + nameOffset);
|
||||
|
||||
const nameResult = stream.readString();
|
||||
stream.moveTo(preMove);
|
||||
return nameResult;
|
||||
}
|
||||
|
||||
/**
|
||||
* This function parses and extracts relevant information from the ELF Header.
|
||||
*
|
||||
* @param {stream} stream
|
||||
* @returns {string}
|
||||
*/
|
||||
function elfHeader(stream) {
|
||||
/**
|
||||
* The ELF Header is comprised of the following structures depending on the binary's format.
|
||||
*
|
||||
* e_ident - The Magic Number 0x7F,0x45,0x4c,0x46
|
||||
* - Byte set to 1 or 2 to signify 32-bit or 64-bit format, respectively.
|
||||
* - Byte set to 1 or 2 to signify little of big endianness, respectively.
|
||||
* - Byte set to 1 for the version of ELF.
|
||||
* - Byte identifying the target OS ABI.
|
||||
* - Byte further identifying the OS ABI Version.
|
||||
* - 7 Padding Bytes.
|
||||
* e_type - 2 bytes identifying the object file type.
|
||||
* e_machine - 2 bytes identifying the instruction set architecture.
|
||||
* e_version - Byte set to 1 for the version of ELF.
|
||||
*
|
||||
* 32-bit:
|
||||
* e_entry - 4 Bytes specifying the entry point.
|
||||
* e_phoff - 4 Bytes specifying the offset of the Program Header Table.
|
||||
* e_shoff - 4 Bytes specifying the offset of the Section Header Table.
|
||||
*
|
||||
* 64-bit:
|
||||
* e_entry - 8 Bytes specifying the entry point.
|
||||
* e_phoff - 8 Bytes specifying the offset of the Program Header Table.
|
||||
* e_shoff - 8 Bytes specifying the offset of the Section Header Table.
|
||||
*
|
||||
* e_flags - 4 Bytes specifying processor specific flags.
|
||||
* e_ehsize - 2 Bytes specifying the size of the ELF Header.
|
||||
* e_phentsize - 2 Bytes specifying the size of a Program Header Table Entry.
|
||||
* e_phnum - 2 Bytes specifying the number of entries in the Program Header Table.
|
||||
* e_shentsize - 2 Bytes specifying the size of a Section Header Table Entry.
|
||||
* e_shnum - 2 Bytes specifying the number of entries in the Section Header Table.
|
||||
* e_shstrndx - 2 Bytes specifying the index of the section containing the section names in the Section Header Table.
|
||||
*/
|
||||
const ehResult = [];
|
||||
|
||||
const magic = stream.getBytes(4);
|
||||
if (magic.join("") !== [0x7f, 0x45, 0x4c, 0x46].join(""))
|
||||
throw new OperationError("Invalid ELF");
|
||||
|
||||
ehResult.push("Magic:".padEnd(align) + `${Utils.byteArrayToChars(magic)}`);
|
||||
|
||||
format = stream.readInt(1);
|
||||
ehResult.push("Format:".padEnd(align) + `${format === 1 ? "32-bit" : "64-bit"}`);
|
||||
|
||||
endianness = stream.readInt(1) === 1 ? "le" : "be";
|
||||
ehResult.push("Endianness:".padEnd(align) + `${endianness === "le" ? "Little" : "Big"}`);
|
||||
|
||||
ehResult.push("Version:".padEnd(align) + `${stream.readInt(1).toString()}`);
|
||||
|
||||
let ABI = "";
|
||||
switch (stream.readInt(1)) {
|
||||
case 0x00:
|
||||
ABI = "System V";
|
||||
break;
|
||||
case 0x01:
|
||||
ABI = "HP-UX";
|
||||
break;
|
||||
case 0x02:
|
||||
ABI = "NetBSD";
|
||||
break;
|
||||
case 0x03:
|
||||
ABI = "Linux";
|
||||
break;
|
||||
case 0x04:
|
||||
ABI = "GNU Hurd";
|
||||
break;
|
||||
case 0x06:
|
||||
ABI = "Solaris";
|
||||
break;
|
||||
case 0x07:
|
||||
ABI = "AIX";
|
||||
break;
|
||||
case 0x08:
|
||||
ABI = "IRIX";
|
||||
break;
|
||||
case 0x09:
|
||||
ABI = "FreeBSD";
|
||||
break;
|
||||
case 0x0A:
|
||||
ABI = "Tru64";
|
||||
break;
|
||||
case 0x0B:
|
||||
ABI = "Novell Modesto";
|
||||
break;
|
||||
case 0x0C:
|
||||
ABI = "OpenBSD";
|
||||
break;
|
||||
case 0x0D:
|
||||
ABI = "OpenVMS";
|
||||
break;
|
||||
case 0x0E:
|
||||
ABI = "NonStop Kernel";
|
||||
break;
|
||||
case 0x0F:
|
||||
ABI = "AROS";
|
||||
break;
|
||||
case 0x10:
|
||||
ABI = "Fenix OS";
|
||||
break;
|
||||
case 0x11:
|
||||
ABI = "CloudABI";
|
||||
break;
|
||||
case 0x12:
|
||||
ABI = "Stratus Technologies OpenVOS";
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
ehResult.push("ABI:".padEnd(align) + ABI);
|
||||
|
||||
// Linux Kernel does not use ABI Version.
|
||||
const abiVersion = stream.readInt(1).toString();
|
||||
if (ABI !== "Linux")
|
||||
ehResult.push("ABI Version:".padEnd(align) + abiVersion);
|
||||
|
||||
stream.moveForwardsBy(7);
|
||||
|
||||
let eType = "";
|
||||
switch (stream.readInt(2, endianness)) {
|
||||
case 0x0000:
|
||||
eType = "Unknown";
|
||||
break;
|
||||
case 0x0001:
|
||||
eType = "Relocatable File";
|
||||
break;
|
||||
case 0x0002:
|
||||
eType = "Executable File";
|
||||
break;
|
||||
case 0x0003:
|
||||
eType = "Shared Object";
|
||||
break;
|
||||
case 0x0004:
|
||||
eType = "Core File";
|
||||
break;
|
||||
case 0xFE00:
|
||||
eType = "LOOS";
|
||||
break;
|
||||
case 0xFEFF:
|
||||
eType = "HIOS";
|
||||
break;
|
||||
case 0xFF00:
|
||||
eType = "LOPROC";
|
||||
break;
|
||||
case 0xFFFF:
|
||||
eType = "HIPROC";
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
ehResult.push("Type:".padEnd(align) + eType);
|
||||
|
||||
let ISA = "";
|
||||
switch (stream.readInt(2, endianness)) {
|
||||
case 0x0000:
|
||||
ISA = "No specific instruction set";
|
||||
break;
|
||||
case 0x0001:
|
||||
ISA = "AT&T WE 32100";
|
||||
break;
|
||||
case 0x0002:
|
||||
ISA = "SPARC";
|
||||
break;
|
||||
case 0x0003:
|
||||
ISA = "x86";
|
||||
break;
|
||||
case 0x0004:
|
||||
ISA = "Motorola 68000 (M68k)";
|
||||
break;
|
||||
case 0x0005:
|
||||
ISA = "Motorola 88000 (M88k)";
|
||||
break;
|
||||
case 0x0006:
|
||||
ISA = "Intel MCU";
|
||||
break;
|
||||
case 0x0007:
|
||||
ISA = "Intel 80860";
|
||||
break;
|
||||
case 0x0008:
|
||||
ISA = "MIPS";
|
||||
break;
|
||||
case 0x0009:
|
||||
ISA = "IBM System/370";
|
||||
break;
|
||||
case 0x000A:
|
||||
ISA = "MIPS RS3000 Little-endian";
|
||||
break;
|
||||
case 0x000B:
|
||||
case 0x000C:
|
||||
case 0x000D:
|
||||
case 0x000E:
|
||||
case 0x0018:
|
||||
case 0x0019:
|
||||
case 0x001A:
|
||||
case 0x001B:
|
||||
case 0x001C:
|
||||
case 0x001D:
|
||||
case 0x001E:
|
||||
case 0x001F:
|
||||
case 0x0020:
|
||||
case 0x0021:
|
||||
case 0x0022:
|
||||
case 0x0023:
|
||||
ISA = "Reserved for future use";
|
||||
break;
|
||||
case 0x000F:
|
||||
ISA = "Hewlett-Packard PA-RISC";
|
||||
break;
|
||||
case 0x0011:
|
||||
ISA = "Fujitsu VPP500";
|
||||
break;
|
||||
case 0x0012:
|
||||
ISA = "Enhanced instruction set SPARC";
|
||||
break;
|
||||
case 0x0013:
|
||||
ISA = "Intel 80960";
|
||||
break;
|
||||
case 0x0014:
|
||||
ISA = "PowerPC";
|
||||
break;
|
||||
case 0x0015:
|
||||
ISA = "PowerPC (64-bit)";
|
||||
break;
|
||||
case 0x0016:
|
||||
ISA = "S390, including S390";
|
||||
break;
|
||||
case 0x0017:
|
||||
ISA = "IBM SPU/SPC";
|
||||
break;
|
||||
case 0x0024:
|
||||
ISA = "NEC V800";
|
||||
break;
|
||||
case 0x0025:
|
||||
ISA = "Fujitsu FR20";
|
||||
break;
|
||||
case 0x0026:
|
||||
ISA = "TRW RH-32";
|
||||
break;
|
||||
case 0x0027:
|
||||
ISA = "Motorola RCE";
|
||||
break;
|
||||
case 0x0028:
|
||||
ISA = "ARM (up to ARMv7/Aarch32)";
|
||||
break;
|
||||
case 0x0029:
|
||||
ISA = "Digital Alpha";
|
||||
break;
|
||||
case 0x002A:
|
||||
ISA = "SuperH";
|
||||
break;
|
||||
case 0x002B:
|
||||
ISA = "SPARC Version 9";
|
||||
break;
|
||||
case 0x002C:
|
||||
ISA = "Siemens TriCore embedded processor";
|
||||
break;
|
||||
case 0x002D:
|
||||
ISA = "Argonaut RISC Core";
|
||||
break;
|
||||
case 0x002E:
|
||||
ISA = "Hitachi H8/300";
|
||||
break;
|
||||
case 0x002F:
|
||||
ISA = "Hitachi H8/300H";
|
||||
break;
|
||||
case 0x0030:
|
||||
ISA = "Hitachi H8S";
|
||||
break;
|
||||
case 0x0031:
|
||||
ISA = "Hitachi H8/500";
|
||||
break;
|
||||
case 0x0032:
|
||||
ISA = "IA-64";
|
||||
break;
|
||||
case 0x0033:
|
||||
ISA = "Standford MIPS-X";
|
||||
break;
|
||||
case 0x0034:
|
||||
ISA = "Motorola ColdFire";
|
||||
break;
|
||||
case 0x0035:
|
||||
ISA = "Motorola M68HC12";
|
||||
break;
|
||||
case 0x0036:
|
||||
ISA = "Fujitsu MMA Multimedia Accelerator";
|
||||
break;
|
||||
case 0x0037:
|
||||
ISA = "Siemens PCP";
|
||||
break;
|
||||
case 0x0038:
|
||||
ISA = "Sony nCPU embedded RISC processor";
|
||||
break;
|
||||
case 0x0039:
|
||||
ISA = "Denso NDR1 microprocessor";
|
||||
break;
|
||||
case 0x003A:
|
||||
ISA = "Motorola Star*Core processor";
|
||||
break;
|
||||
case 0x003B:
|
||||
ISA = "Toyota ME16 processor";
|
||||
break;
|
||||
case 0x003C:
|
||||
ISA = "STMicroelectronics ST100 processor";
|
||||
break;
|
||||
case 0x003D:
|
||||
ISA = "Advanced Logic Corp. TinyJ embedded processor family";
|
||||
break;
|
||||
case 0x003E:
|
||||
ISA = "AMD x86-64";
|
||||
break;
|
||||
case 0x003F:
|
||||
ISA = "Sony DSP Processor";
|
||||
break;
|
||||
case 0x0040:
|
||||
ISA = "Digital Equipment Corp. PDP-10";
|
||||
break;
|
||||
case 0x0041:
|
||||
ISA = "Digital Equipment Corp. PDP-11";
|
||||
break;
|
||||
case 0x0042:
|
||||
ISA = "Siemens FX66 microcontroller";
|
||||
break;
|
||||
case 0x0043:
|
||||
ISA = "STMicroelectronics ST9+ 8/16 bit microcontroller";
|
||||
break;
|
||||
case 0x0044:
|
||||
ISA = "STMicroelectronics ST7 8-bit microcontroller";
|
||||
break;
|
||||
case 0x0045:
|
||||
ISA = "Motorola MC68HC16 Microcontroller";
|
||||
break;
|
||||
case 0x0046:
|
||||
ISA = "Motorola MC68HC11 Microcontroller";
|
||||
break;
|
||||
case 0x0047:
|
||||
ISA = "Motorola MC68HC08 Microcontroller";
|
||||
break;
|
||||
case 0x0048:
|
||||
ISA = "Motorola MC68HC05 Microcontroller";
|
||||
break;
|
||||
case 0x0049:
|
||||
ISA = "Silicon Graphics SVx";
|
||||
break;
|
||||
case 0x004A:
|
||||
ISA = "STMicroelectronics ST19 8-bit microcontroller";
|
||||
break;
|
||||
case 0x004B:
|
||||
ISA = "Digital VAX";
|
||||
break;
|
||||
case 0x004C:
|
||||
ISA = "Axis Communications 32-bit embedded processor";
|
||||
break;
|
||||
case 0x004D:
|
||||
ISA = "Infineon Technologies 32-bit embedded processor";
|
||||
break;
|
||||
case 0x004E:
|
||||
ISA = "Element 14 64-bit DSP Processor";
|
||||
break;
|
||||
case 0x004F:
|
||||
ISA = "LSI Logic 16-bit DSP Processor";
|
||||
break;
|
||||
case 0x0050:
|
||||
ISA = "Donald Knuth's educational 64-bit processor";
|
||||
break;
|
||||
case 0x0051:
|
||||
ISA = "Harvard University machine-independent object files";
|
||||
break;
|
||||
case 0x0052:
|
||||
ISA = "SiTera Prism";
|
||||
break;
|
||||
case 0x0053:
|
||||
ISA = "Atmel AVR 8-bit microcontroller";
|
||||
break;
|
||||
case 0x0054:
|
||||
ISA = "Fujitsu FR30";
|
||||
break;
|
||||
case 0x0055:
|
||||
ISA = "Mitsubishi D10V";
|
||||
break;
|
||||
case 0x0056:
|
||||
ISA = "Mitsubishi D30V";
|
||||
break;
|
||||
case 0x0057:
|
||||
ISA = "NEC v850";
|
||||
break;
|
||||
case 0x0058:
|
||||
ISA = "Mitsubishi M32R";
|
||||
break;
|
||||
case 0x0059:
|
||||
ISA = "Matsushita MN10300";
|
||||
break;
|
||||
case 0x005A:
|
||||
ISA = "Matsushita MN10200";
|
||||
break;
|
||||
case 0x005B:
|
||||
ISA = "picoJava";
|
||||
break;
|
||||
case 0x005C:
|
||||
ISA = "OpenRISC 32-bit embedded processor";
|
||||
break;
|
||||
case 0x005D:
|
||||
ISA = "ARC Cores Tangent-A5";
|
||||
break;
|
||||
case 0x005E:
|
||||
ISA = "Tensilica Xtensa Architecture";
|
||||
break;
|
||||
case 0x005F:
|
||||
ISA = "Alphamosaic VideoCore processor";
|
||||
break;
|
||||
case 0x0060:
|
||||
ISA = "Thompson Multimedia General Purpose Processor";
|
||||
break;
|
||||
case 0x0061:
|
||||
ISA = "National Semiconductor 32000 series";
|
||||
break;
|
||||
case 0x0062:
|
||||
ISA = "Tenor Network TPC processor";
|
||||
break;
|
||||
case 0x0063:
|
||||
ISA = "Trebia SNP 1000 processor";
|
||||
break;
|
||||
case 0x0064:
|
||||
ISA = "STMicroelectronics (www.st.com) ST200 microcontroller";
|
||||
break;
|
||||
case 0x008C:
|
||||
ISA = "TMS320C6000 Family";
|
||||
break;
|
||||
case 0x00AF:
|
||||
ISA = "MCST Elbrus e2k";
|
||||
break;
|
||||
case 0x00B7:
|
||||
ISA = "ARM 64-bits (ARMv8/Aarch64)";
|
||||
break;
|
||||
case 0x00F3:
|
||||
ISA = "RISC-V";
|
||||
break;
|
||||
case 0x00F7:
|
||||
ISA = "Berkeley Packet Filter";
|
||||
break;
|
||||
case 0x0101:
|
||||
ISA = "WDC 65C816";
|
||||
break;
|
||||
default:
|
||||
ISA = "Unimplemented";
|
||||
break;
|
||||
}
|
||||
ehResult.push("Instruction Set Architecture:".padEnd(align) + ISA);
|
||||
|
||||
ehResult.push("ELF Version:".padEnd(align) + `${stream.readInt(4, endianness)}`);
|
||||
|
||||
const readSize = format === 1 ? 4 : 8;
|
||||
entry = stream.readInt(readSize, endianness);
|
||||
phoff = stream.readInt(readSize, endianness);
|
||||
shoff = stream.readInt(readSize, endianness);
|
||||
ehResult.push("Entry Point:".padEnd(align) + `0x${Utils.hex(entry)}`);
|
||||
ehResult.push("Entry PHOFF:".padEnd(align) + `0x${Utils.hex(phoff)}`);
|
||||
ehResult.push("Entry SHOFF:".padEnd(align) + `0x${Utils.hex(shoff)}`);
|
||||
|
||||
const flags = stream.readInt(4, endianness);
|
||||
ehResult.push("Flags:".padEnd(align) + `${Utils.bin(flags)}`);
|
||||
|
||||
ehResult.push("ELF Header Size:".padEnd(align) + `${stream.readInt(2, endianness)} bytes`);
|
||||
ehResult.push("Program Header Size:".padEnd(align) + `${stream.readInt(2, endianness)} bytes`);
|
||||
phEntries = stream.readInt(2, endianness);
|
||||
ehResult.push("Program Header Entries:".padEnd(align) + phEntries);
|
||||
shentSize = stream.readInt(2, endianness);
|
||||
ehResult.push("Section Header Size:".padEnd(align) + shentSize + " bytes");
|
||||
shEntries = stream.readInt(2, endianness);
|
||||
ehResult.push("Section Header Entries:".padEnd(align) + shEntries);
|
||||
shstrtab = stream.readInt(2, endianness);
|
||||
ehResult.push("Section Header Names:".padEnd(align) + shstrtab);
|
||||
|
||||
return ehResult.join("\n");
|
||||
}
|
||||
|
||||
/**
|
||||
* This function parses and extracts relevant information from a Program Header.
|
||||
*
|
||||
* @param {stream} stream
|
||||
* @returns {string}
|
||||
*/
|
||||
function programHeader(stream) {
|
||||
/**
|
||||
* A Program Header is comprised of the following structures depending on the binary's format.
|
||||
*
|
||||
* p_type - 4 Bytes identifying the type of the segment.
|
||||
*
|
||||
* 32-bit:
|
||||
* p_offset - 4 Bytes specifying the offset of the segment.
|
||||
* p_vaddr - 4 Bytes specifying the virtual address of the segment in memory.
|
||||
* p_paddr - 4 Bytes specifying the physical address of the segment in memory.
|
||||
* p_filesz - 4 Bytes specifying the size in bytes of the segment in the file image.
|
||||
* p_memsz - 4 Bytes specifying the size in bytes of the segment in memory.
|
||||
* p_flags - 4 Bytes identifying the segment dependent flags.
|
||||
* p_align - 4 Bytes set to 0 or 1 for alignment or no alignment, respectively.
|
||||
*
|
||||
* 64-bit:
|
||||
* p_flags - 4 Bytes identifying segment dependent flags.
|
||||
* p_offset - 8 Bytes specifying the offset of the segment.
|
||||
* p_vaddr - 8 Bytes specifying the virtual address of the segment in memory.
|
||||
* p_paddr - 8 Bytes specifying the physical address of the segment in memory.
|
||||
* p_filesz - 8 Bytes specifying the size in bytes of the segment in the file image.
|
||||
* p_memsz - 8 Bytes specifying the size in bytes of the segment in memory.
|
||||
* p_align - 8 Bytes set to 0 or 1 for alignment or no alignment, respectively.
|
||||
*/
|
||||
|
||||
/**
|
||||
* This function decodes the flags bitmask for the Program Header.
|
||||
*
|
||||
* @param {integer} flags
|
||||
* @returns {string}
|
||||
*/
|
||||
function readFlags(flags) {
|
||||
const result = [];
|
||||
if (flags & 0x1)
|
||||
result.push("Execute");
|
||||
if (flags & 0x2)
|
||||
result.push("Write");
|
||||
if (flags & 0x4)
|
||||
result.push("Read");
|
||||
if (flags & 0xf0000000)
|
||||
result.push("Unspecified");
|
||||
return result.join(",");
|
||||
}
|
||||
|
||||
const phResult = [];
|
||||
|
||||
let pType = "";
|
||||
const programHeaderType = stream.readInt(4, endianness);
|
||||
switch (true) {
|
||||
case (programHeaderType === 0x00000000):
|
||||
pType = "Unused";
|
||||
break;
|
||||
case (programHeaderType === 0x00000001):
|
||||
pType = "Loadable Segment";
|
||||
break;
|
||||
case (programHeaderType === 0x00000002):
|
||||
pType = "Dynamic linking information";
|
||||
break;
|
||||
case (programHeaderType === 0x00000003):
|
||||
pType = "Interpreter Information";
|
||||
break;
|
||||
case (programHeaderType === 0x00000004):
|
||||
pType = "Auxiliary Information";
|
||||
break;
|
||||
case (programHeaderType === 0x00000005):
|
||||
pType = "Reserved";
|
||||
break;
|
||||
case (programHeaderType === 0x00000006):
|
||||
pType = "Program Header Table";
|
||||
break;
|
||||
case (programHeaderType === 0x00000007):
|
||||
pType = "Thread-Local Storage Template";
|
||||
break;
|
||||
case (programHeaderType >= 0x60000000 && programHeaderType <= 0x6FFFFFFF):
|
||||
pType = "Reserved Inclusive Range. OS Specific";
|
||||
break;
|
||||
case (programHeaderType >= 0x70000000 && programHeaderType <= 0x7FFFFFFF):
|
||||
pType = "Reserved Inclusive Range. Processor Specific";
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
|
||||
}
|
||||
phResult.push("Program Header Type:".padEnd(align) + pType);
|
||||
|
||||
if (format === 2)
|
||||
phResult.push("Flags:".padEnd(align) + readFlags(stream.readInt(4, endianness)));
|
||||
|
||||
const readSize = format === 1? 4 : 8;
|
||||
phResult.push("Offset Of Segment:".padEnd(align) + `${stream.readInt(readSize, endianness)}`);
|
||||
phResult.push("Virtual Address of Segment:".padEnd(align) + `${stream.readInt(readSize, endianness)}`);
|
||||
phResult.push("Physical Address of Segment:".padEnd(align) + `${stream.readInt(readSize, endianness)}`);
|
||||
phResult.push("Size of Segment:".padEnd(align) + `${stream.readInt(readSize, endianness)} bytes`);
|
||||
phResult.push("Size of Segment in Memory:".padEnd(align) + `${stream.readInt(readSize, endianness)} bytes`);
|
||||
|
||||
if (format === 1)
|
||||
phResult.push("Flags:".padEnd(align) + readFlags(stream.readInt(4, endianness)));
|
||||
|
||||
stream.moveForwardsBy(readSize);
|
||||
|
||||
return phResult.join("\n");
|
||||
}
|
||||
|
||||
/**
|
||||
* This function parses and extracts relevant information from a Section Header.
|
||||
*
|
||||
* @param {stream} stream
|
||||
* @returns {string}
|
||||
*/
|
||||
function sectionHeader(stream) {
|
||||
/**
|
||||
* A Section Header is comprised of the following structures depending on the binary's format.
|
||||
*
|
||||
* sh_name - 4 Bytes identifying the offset into the .shstrtab for the name of this section.
|
||||
* sh_type - 4 Bytes identifying the type of this header.
|
||||
*
|
||||
* 32-bit:
|
||||
* sh_flags - 4 Bytes identifying section specific flags.
|
||||
* sh_addr - 4 Bytes identifying the virtual address of the section in memory.
|
||||
* sh_offset - 4 Bytes identifying the offset of the section in the file.
|
||||
* sh_size - 4 Bytes specifying the size in bytes of the section in the file image.
|
||||
* sh_link - 4 Bytes identifying the index of an associated section.
|
||||
* sh_info - 4 Bytes specifying extra information about the section.
|
||||
* sh_addralign - 4 Bytes containing the alignment for the section.
|
||||
* sh_entsize - 4 Bytes specifying the size, in bytes, of each entry in the section.
|
||||
*
|
||||
* 64-bit:
|
||||
* sh_flags - 8 Bytes identifying section specific flags.
|
||||
* sh_addr - 8 Bytes identifying the virtual address of the section in memory.
|
||||
* sh_offset - 8 Bytes identifying the offset of the section in the file.
|
||||
* sh_size - 8 Bytes specifying the size in bytes of the section in the file image.
|
||||
* sh_link - 4 Bytes identifying the index of an associated section.
|
||||
* sh_info - 4 Bytes specifying extra information about the section.
|
||||
* sh_addralign - 8 Bytes containing the alignment for the section.
|
||||
* sh_entsize - 8 Bytes specifying the size, in bytes, of each entry in the section.
|
||||
*/
|
||||
const shResult = [];
|
||||
|
||||
const nameOffset = stream.readInt(4, endianness);
|
||||
let type = "";
|
||||
const shType = stream.readInt(4, endianness);
|
||||
switch (true) {
|
||||
case (shType === 0x00000001):
|
||||
type = "Program Data";
|
||||
break;
|
||||
case (shType === 0x00000002):
|
||||
type = "Symbol Table";
|
||||
break;
|
||||
case (shType === 0x00000003):
|
||||
type = "String Table";
|
||||
break;
|
||||
case (shType === 0x00000004):
|
||||
type = "Relocation Entries with Addens";
|
||||
break;
|
||||
case (shType === 0x00000005):
|
||||
type = "Symbol Hash Table";
|
||||
break;
|
||||
case (shType === 0x00000006):
|
||||
type = "Dynamic Linking Information";
|
||||
break;
|
||||
case (shType === 0x00000007):
|
||||
type = "Notes";
|
||||
break;
|
||||
case (shType === 0x00000008):
|
||||
type = "Program Space with No Data";
|
||||
break;
|
||||
case (shType === 0x00000009):
|
||||
type = "Relocation Entries with no Addens";
|
||||
break;
|
||||
case (shType === 0x0000000A):
|
||||
type = "Reserved";
|
||||
break;
|
||||
case (shType === 0x0000000B):
|
||||
type = "Dynamic Linker Symbol Table";
|
||||
break;
|
||||
case (shType === 0x0000000E):
|
||||
type = "Array of Constructors";
|
||||
break;
|
||||
case (shType === 0x0000000F):
|
||||
type = "Array of Destructors";
|
||||
break;
|
||||
case (shType === 0x00000010):
|
||||
type = "Array of pre-constructors";
|
||||
break;
|
||||
case (shType === 0x00000011):
|
||||
type = "Section group";
|
||||
break;
|
||||
case (shType === 0x00000012):
|
||||
type = "Extended section indices";
|
||||
break;
|
||||
case (shType === 0x00000013):
|
||||
type = "Number of defined types";
|
||||
break;
|
||||
case (shType >= 0x60000000 && shType <= 0x6fffffff):
|
||||
type = "OS-specific";
|
||||
break;
|
||||
case (shType >= 0x70000000 && shType <= 0x7fffffff):
|
||||
type = "Processor-specific";
|
||||
break;
|
||||
case (shType >= 0x80000000 && shType <= 0x8fffffff):
|
||||
type = "Application-specific";
|
||||
break;
|
||||
default:
|
||||
type = "Unused";
|
||||
break;
|
||||
}
|
||||
|
||||
shResult.push("Type:".padEnd(align) + type);
|
||||
|
||||
let nameResult = "";
|
||||
if (type !== "Unused") {
|
||||
nameResult = readString(stream, namesOffset, nameOffset);
|
||||
shResult.push("Section Name: ".padEnd(align) + nameResult);
|
||||
}
|
||||
|
||||
const readSize = (format === 1) ? 4 : 8;
|
||||
|
||||
const flags = stream.readInt(readSize, endianness);
|
||||
const shFlags = [];
|
||||
const bitMasks = [
|
||||
[0x00000001, "Writable"],
|
||||
[0x00000002, "Alloc"],
|
||||
[0x00000004, "Executable"],
|
||||
[0x00000010, "Merge"],
|
||||
[0x00000020, "Strings"],
|
||||
[0x00000040, "SHT Info Link"],
|
||||
[0x00000080, "Link Order"],
|
||||
[0x00000100, "OS Specific Handling"],
|
||||
[0x00000200, "Group"],
|
||||
[0x00000400, "Thread Local Data"],
|
||||
[0x0FF00000, "OS-Specific"],
|
||||
[0xF0000000, "Processor Specific"],
|
||||
[0x04000000, "Special Ordering (Solaris)"],
|
||||
[0x08000000, "Excluded (Solaris)"]
|
||||
];
|
||||
bitMasks.forEach(elem => {
|
||||
if (flags & elem[0])
|
||||
shFlags.push(elem[1]);
|
||||
});
|
||||
shResult.push("Flags:".padEnd(align) + shFlags);
|
||||
|
||||
const vaddr = stream.readInt(readSize, endianness);
|
||||
shResult.push("Section Vaddr in memory:".padEnd(align) + vaddr);
|
||||
|
||||
const shoffset = stream.readInt(readSize, endianness);
|
||||
shResult.push("Offset of the section:".padEnd(align) + shoffset);
|
||||
|
||||
const secSize = stream.readInt(readSize, endianness);
|
||||
shResult.push("Section Size:".padEnd(align) + secSize);
|
||||
|
||||
const associatedSection = stream.readInt(4, endianness);
|
||||
shResult.push("Associated Section:".padEnd(align) + associatedSection);
|
||||
|
||||
const extraInfo = stream.readInt(4, endianness);
|
||||
shResult.push("Section Extra Information:".padEnd(align) + extraInfo);
|
||||
|
||||
// Jump over alignment field.
|
||||
stream.moveForwardsBy(readSize);
|
||||
const entSize = stream.readInt(readSize, endianness);
|
||||
switch (nameResult) {
|
||||
case ".strtab":
|
||||
strtabOffset = shoffset;
|
||||
break;
|
||||
case ".symtab":
|
||||
symtabOffset = shoffset;
|
||||
symtabSize = secSize;
|
||||
symtabEntSize = entSize;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
return shResult.join("\n");
|
||||
}
|
||||
|
||||
/**
|
||||
* This function returns the offset of the Section Header Names Section.
|
||||
*
|
||||
* @param {stream} stream
|
||||
*/
|
||||
function getNamesOffset(stream) {
|
||||
const preMove = stream.position;
|
||||
stream.moveTo(shoff + (shentSize * shstrtab));
|
||||
if (format === 1) {
|
||||
stream.moveForwardsBy(0x10);
|
||||
namesOffset = stream.readInt(4, endianness);
|
||||
} else {
|
||||
stream.moveForwardsBy(0x18);
|
||||
namesOffset = stream.readInt(8, endianness);
|
||||
}
|
||||
stream.position = preMove;
|
||||
}
|
||||
|
||||
/**
|
||||
* This function returns a symbol's name from the string table.
|
||||
*
|
||||
* @param {stream} stream
|
||||
* @returns {string}
|
||||
*/
|
||||
function getSymbols(stream) {
|
||||
/**
|
||||
* The Symbol Table is comprised of Symbol Table Entries whose structure depends on the binary's format.
|
||||
*
|
||||
* 32-bit:
|
||||
* st_name - 4 Bytes specifying an index in the files symbol string table.
|
||||
* st_value - 4 Bytes identifying the value associated with the symbol.
|
||||
* st_size - 4 Bytes specifying the size associated with the symbol (this is not the size of the symbol).
|
||||
* st_info - A byte specifying the type and binding of the symbol.
|
||||
* st_other - A byte specifying the symbol's visibility.
|
||||
* st_shndx - 2 Bytes identifying the section that this symbol is related to.
|
||||
*
|
||||
* 64-bit:
|
||||
* st_name - 4 Bytes specifying an index in the files symbol string table.
|
||||
* st_info - A byte specifying the type and binding of the symbol.
|
||||
* st_other - A byte specifying the symbol's visibility.
|
||||
* st_shndx - 2 Bytes identifying the section that this symbol is related to.
|
||||
* st_value - 8 Bytes identifying the value associated with the symbol.
|
||||
* st_size - 8 Bytes specifying the size associated with the symbol (this is not the size of the symbol).
|
||||
*/
|
||||
const nameOffset = stream.readInt(4, endianness);
|
||||
stream.moveForwardsBy(format === 2 ? 20 : 12);
|
||||
return readString(stream, strtabOffset, nameOffset);
|
||||
}
|
||||
|
||||
input = new Uint8Array(input);
|
||||
const stream = new Stream(input);
|
||||
const result = ["=".repeat(align) + " ELF Header " + "=".repeat(align)];
|
||||
result.push(elfHeader(stream) + "\n");
|
||||
|
||||
getNamesOffset(stream);
|
||||
|
||||
result.push("=".repeat(align) + " Program Header " + "=".repeat(align));
|
||||
stream.moveTo(phoff);
|
||||
for (let i = 0; i < phEntries; i++)
|
||||
result.push(programHeader(stream) + "\n");
|
||||
|
||||
result.push("=".repeat(align) + " Section Header " + "=".repeat(align));
|
||||
stream.moveTo(shoff);
|
||||
for (let i = 0; i < shEntries; i++)
|
||||
result.push(sectionHeader(stream) + "\n");
|
||||
|
||||
result.push("=".repeat(align) + " Symbol Table " + "=".repeat(align));
|
||||
|
||||
stream.moveTo(symtabOffset);
|
||||
let elem = "";
|
||||
for (let i = 0; i < (symtabSize / symtabEntSize); i++)
|
||||
if ((elem = getSymbols(stream)) !== "")
|
||||
result.push("Symbol Name:".padEnd(align) + elem);
|
||||
|
||||
return result.join("\n");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
export default ELFInfo;
|
||||
@@ -38,7 +38,7 @@ class ExtractFiles extends Operation {
|
||||
<li>
|
||||
${supportedExts.join("</li><li>")}
|
||||
</li>
|
||||
</ul>`;
|
||||
</ul>Minimum File Size can be used to prune small false positives.`;
|
||||
this.infoURL = "https://forensicswiki.xyz/wiki/index.php?title=File_Carving";
|
||||
this.inputType = "ArrayBuffer";
|
||||
this.outputType = "List<File>";
|
||||
@@ -54,6 +54,11 @@ class ExtractFiles extends Operation {
|
||||
name: "Ignore failed extractions",
|
||||
type: "boolean",
|
||||
value: true
|
||||
},
|
||||
{
|
||||
name: "Minimum File Size",
|
||||
type: "number",
|
||||
value: 100
|
||||
}
|
||||
]);
|
||||
}
|
||||
@@ -66,6 +71,7 @@ class ExtractFiles extends Operation {
|
||||
run(input, args) {
|
||||
const bytes = new Uint8Array(input),
|
||||
categories = [],
|
||||
minSize = args.pop(1),
|
||||
ignoreFailedExtractions = args.pop(1);
|
||||
|
||||
args.forEach((cat, i) => {
|
||||
@@ -80,7 +86,9 @@ class ExtractFiles extends Operation {
|
||||
const errors = [];
|
||||
detectedFiles.forEach(detectedFile => {
|
||||
try {
|
||||
files.push(extractFile(bytes, detectedFile.fileDetails, detectedFile.offset));
|
||||
const file = extractFile(bytes, detectedFile.fileDetails, detectedFile.offset);
|
||||
if (file.size >= minSize)
|
||||
files.push(file);
|
||||
} catch (err) {
|
||||
if (!ignoreFailedExtractions && err.message.indexOf("No extraction algorithm available") < 0) {
|
||||
errors.push(
|
||||
|
||||
@@ -65,12 +65,21 @@ class Fork extends Operation {
|
||||
if (input)
|
||||
inputs = input.split(splitDelim);
|
||||
|
||||
// Set to 1 as if we are here, then there is one, the current one.
|
||||
let numOp = 1;
|
||||
// Create subOpList for each tranche to operate on
|
||||
// (all remaining operations unless we encounter a Merge)
|
||||
// all remaining operations unless we encounter a Merge
|
||||
for (i = state.progress + 1; i < opList.length; i++) {
|
||||
if (opList[i].name === "Merge" && !opList[i].disabled) {
|
||||
break;
|
||||
numOp--;
|
||||
if (numOp === 0 || opList[i].ingValues[0])
|
||||
break;
|
||||
else
|
||||
// Not this Fork's Merge.
|
||||
subOpList.push(opList[i]);
|
||||
} else {
|
||||
if (opList[i].name === "Fork" || opList[i].name === "Subsection")
|
||||
numOp++;
|
||||
subOpList.push(opList[i]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -32,7 +32,12 @@ class FromBase45 extends Operation {
|
||||
name: "Alphabet",
|
||||
type: "string",
|
||||
value: ALPHABET
|
||||
}
|
||||
},
|
||||
{
|
||||
name: "Remove non-alphabet chars",
|
||||
type: "boolean",
|
||||
value: true
|
||||
},
|
||||
];
|
||||
|
||||
this.highlight = highlightFromBase45;
|
||||
@@ -46,10 +51,17 @@ class FromBase45 extends Operation {
|
||||
*/
|
||||
run(input, args) {
|
||||
if (!input) return [];
|
||||
const alphabet = Utils.expandAlphRange(args[0]);
|
||||
const alphabet = Utils.expandAlphRange(args[0]).join("");
|
||||
const removeNonAlphChars = args[1];
|
||||
|
||||
const res = [];
|
||||
|
||||
// Remove non-alphabet characters
|
||||
if (removeNonAlphChars) {
|
||||
const re = new RegExp("[^" + alphabet.replace(/[[\]\\\-^$]/g, "\\$&") + "]", "g");
|
||||
input = input.replace(re, "");
|
||||
}
|
||||
|
||||
for (const triple of Utils.chunked(input, 3)) {
|
||||
triple.reverse();
|
||||
let b = 0;
|
||||
|
||||
@@ -32,6 +32,40 @@ class FromBase85 extends Operation {
|
||||
type: "editableOption",
|
||||
value: ALPHABET_OPTIONS
|
||||
},
|
||||
{
|
||||
name: "Remove non-alphabet chars",
|
||||
type: "boolean",
|
||||
value: true
|
||||
},
|
||||
];
|
||||
this.checks = [
|
||||
{
|
||||
pattern:
|
||||
"^\\s*(?:<~)?" + // Optional whitespace and starting marker
|
||||
"[\\s!-uz]*" + // Any amount of base85 characters and whitespace
|
||||
"[!-uz]{15}" + // At least 15 continoues base85 characters without whitespace
|
||||
"[\\s!-uz]*" + // Any amount of base85 characters and whitespace
|
||||
"(?:~>)?\\s*$", // Optional ending marker and whitespace
|
||||
args: ["!-u"],
|
||||
},
|
||||
{
|
||||
pattern:
|
||||
"^" +
|
||||
"[\\s0-9a-zA-Z.\\-:+=^!/*?&<>()[\\]{}@%$#]*" +
|
||||
"[0-9a-zA-Z.\\-:+=^!/*?&<>()[\\]{}@%$#]{15}" + // At least 15 continoues base85 characters without whitespace
|
||||
"[\\s0-9a-zA-Z.\\-:+=^!/*?&<>()[\\]{}@%$#]*" +
|
||||
"$",
|
||||
args: ["0-9a-zA-Z.\\-:+=^!/*?&<>()[]{}@%$#"],
|
||||
},
|
||||
{
|
||||
pattern:
|
||||
"^" +
|
||||
"[\\s0-9A-Za-z!#$%&()*+\\-;<=>?@^_`{|}~]*" +
|
||||
"[0-9A-Za-z!#$%&()*+\\-;<=>?@^_`{|}~]{15}" + // At least 15 continoues base85 characters without whitespace
|
||||
"[\\s0-9A-Za-z!#$%&()*+\\-;<=>?@^_`{|}~]*" +
|
||||
"$",
|
||||
args: ["0-9A-Za-z!#$%&()*+\\-;<=>?@^_`{|}~"],
|
||||
},
|
||||
];
|
||||
}
|
||||
|
||||
@@ -43,6 +77,7 @@ class FromBase85 extends Operation {
|
||||
run(input, args) {
|
||||
const alphabet = Utils.expandAlphRange(args[0]).join(""),
|
||||
encoding = alphabetName(alphabet),
|
||||
removeNonAlphChars = args[1],
|
||||
result = [];
|
||||
|
||||
if (alphabet.length !== 85 ||
|
||||
@@ -50,11 +85,18 @@ class FromBase85 extends Operation {
|
||||
throw new OperationError("Alphabet must be of length 85");
|
||||
}
|
||||
|
||||
if (input.length === 0) return [];
|
||||
|
||||
const matches = input.match(/<~(.+?)~>/);
|
||||
// Remove delimiters if present
|
||||
const matches = input.match(/^<~(.+?)~>$/);
|
||||
if (matches !== null) input = matches[1];
|
||||
|
||||
// Remove non-alphabet characters
|
||||
if (removeNonAlphChars) {
|
||||
const re = new RegExp("[^" + alphabet.replace(/[[\]\\\-^$]/g, "\\$&") + "]", "g");
|
||||
input = input.replace(re, "");
|
||||
}
|
||||
|
||||
if (input.length === 0) return [];
|
||||
|
||||
let i = 0;
|
||||
let block, blockBytes;
|
||||
while (i < input.length) {
|
||||
@@ -69,7 +111,7 @@ class FromBase85 extends Operation {
|
||||
.map((chr, idx) => {
|
||||
const digit = alphabet.indexOf(chr);
|
||||
if (digit < 0 || digit > 84) {
|
||||
throw `Invalid character '${chr}' at index ${idx}`;
|
||||
throw `Invalid character '${chr}' at index ${i + idx}`;
|
||||
}
|
||||
return digit;
|
||||
});
|
||||
|
||||
@@ -5,8 +5,10 @@
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
|
||||
import vkbeautify from "vkbeautify";
|
||||
import JSON5 from "json5";
|
||||
import OperationError from "../errors/OperationError.mjs";
|
||||
import Operation from "../Operation.mjs";
|
||||
import Utils from "../Utils.mjs";
|
||||
|
||||
/**
|
||||
* JSON Beautify operation
|
||||
@@ -21,19 +23,25 @@ class JSONBeautify extends Operation {
|
||||
|
||||
this.name = "JSON Beautify";
|
||||
this.module = "Code";
|
||||
this.description = "Indents and prettifies JavaScript Object Notation (JSON) code.";
|
||||
this.description = "Indents and pretty prints JavaScript Object Notation (JSON) code.<br><br>Tags: json viewer, prettify, syntax highlighting";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
this.presentType = "html";
|
||||
this.args = [
|
||||
{
|
||||
"name": "Indent string",
|
||||
"type": "binaryShortString",
|
||||
"value": " "
|
||||
name: "Indent string",
|
||||
type: "binaryShortString",
|
||||
value: " "
|
||||
},
|
||||
{
|
||||
"name": "Sort Object Keys",
|
||||
"type": "boolean",
|
||||
"value": false
|
||||
name: "Sort Object Keys",
|
||||
type: "boolean",
|
||||
value: false
|
||||
},
|
||||
{
|
||||
name: "Formatted",
|
||||
type: "boolean",
|
||||
value: true
|
||||
}
|
||||
];
|
||||
}
|
||||
@@ -44,35 +52,193 @@ class JSONBeautify extends Operation {
|
||||
* @returns {string}
|
||||
*/
|
||||
run(input, args) {
|
||||
const [indentStr, sortBool] = args;
|
||||
|
||||
if (!input) return "";
|
||||
if (sortBool) {
|
||||
input = JSON.stringify(JSONBeautify._sort(JSON.parse(input)));
|
||||
|
||||
const [indentStr, sortBool] = args;
|
||||
let json = null;
|
||||
|
||||
try {
|
||||
json = JSON5.parse(input);
|
||||
} catch (err) {
|
||||
throw new OperationError("Unable to parse input as JSON.\n" + err);
|
||||
}
|
||||
return vkbeautify.json(input, indentStr);
|
||||
|
||||
if (sortBool) json = sortKeys(json);
|
||||
|
||||
return JSON.stringify(json, null, indentStr);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Sort JSON representation of an object
|
||||
* Adds various dynamic features to the JSON blob
|
||||
*
|
||||
* @author Phillip Nordwall [phillip.nordwall@gmail.com]
|
||||
* @private
|
||||
* @param {object} o
|
||||
* @returns {object}
|
||||
* @param {string} data
|
||||
* @param {Object[]} args
|
||||
* @returns {html}
|
||||
*/
|
||||
static _sort(o) {
|
||||
if (Array.isArray(o)) {
|
||||
return o.map(JSONBeautify._sort);
|
||||
} else if ("[object Object]" === Object.prototype.toString.call(o)) {
|
||||
return Object.keys(o).sort().reduce(function(a, k) {
|
||||
a[k] = JSONBeautify._sort(o[k]);
|
||||
return a;
|
||||
}, {});
|
||||
present(data, args) {
|
||||
const formatted = args[2];
|
||||
if (!formatted) return Utils.escapeHtml(data);
|
||||
|
||||
const json = JSON5.parse(data);
|
||||
const options = {
|
||||
withLinks: true,
|
||||
bigNumbers: true
|
||||
};
|
||||
let html = '<div class="json-document">';
|
||||
|
||||
if (isCollapsable(json)) {
|
||||
const isArr = json instanceof Array;
|
||||
html += '<details open class="json-details">' +
|
||||
`<summary class="json-summary ${isArr ? "json-arr" : "json-obj"}"></summary>` +
|
||||
json2html(json, options) +
|
||||
"</details>";
|
||||
} else {
|
||||
html += json2html(json, options);
|
||||
}
|
||||
return o;
|
||||
|
||||
html += "</div>";
|
||||
return html;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sort keys in a JSON object
|
||||
*
|
||||
* @author Phillip Nordwall [phillip.nordwall@gmail.com]
|
||||
* @param {object} o
|
||||
* @returns {object}
|
||||
*/
|
||||
function sortKeys(o) {
|
||||
if (Array.isArray(o)) {
|
||||
return o.map(sortKeys);
|
||||
} else if ("[object Object]" === Object.prototype.toString.call(o)) {
|
||||
return Object.keys(o).sort().reduce(function(a, k) {
|
||||
a[k] = sortKeys(o[k]);
|
||||
return a;
|
||||
}, {});
|
||||
}
|
||||
return o;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check if arg is either an array with at least 1 element, or a dict with at least 1 key
|
||||
* @returns {boolean}
|
||||
*/
|
||||
function isCollapsable(arg) {
|
||||
return arg instanceof Object && Object.keys(arg).length > 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a string looks like a URL, based on protocol
|
||||
* @returns {boolean}
|
||||
*/
|
||||
function isUrl(string) {
|
||||
const protocols = ["http", "https", "ftp", "ftps"];
|
||||
for (let i = 0; i < protocols.length; i++) {
|
||||
if (string.startsWith(protocols[i] + "://")) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Transform a json object into html representation
|
||||
*
|
||||
* Adapted for CyberChef by @n1474335 from jQuery json-viewer
|
||||
* @author Alexandre Bodelot <alexandre.bodelot@gmail.com>
|
||||
* @link https://github.com/abodelot/jquery.json-viewer
|
||||
* @license MIT
|
||||
*
|
||||
* @returns {string}
|
||||
*/
|
||||
function json2html(json, options) {
|
||||
let html = "";
|
||||
if (typeof json === "string") {
|
||||
// Escape tags and quotes
|
||||
json = Utils.escapeHtml(json);
|
||||
|
||||
if (options.withLinks && isUrl(json)) {
|
||||
html += `<a href="${json}" class="json-string" target="_blank">${json}</a>`;
|
||||
} else {
|
||||
// Escape double quotes in the rendered non-URL string.
|
||||
json = json.replace(/"/g, "\\"");
|
||||
html += `<span class="json-string">"${json}"</span>`;
|
||||
}
|
||||
} else if (typeof json === "number" || typeof json === "bigint") {
|
||||
html += `<span class="json-literal">${json}</span>`;
|
||||
} else if (typeof json === "boolean") {
|
||||
html += `<span class="json-literal">${json}</span>`;
|
||||
} else if (json === null) {
|
||||
html += '<span class="json-literal">null</span>';
|
||||
} else if (json instanceof Array) {
|
||||
if (json.length > 0) {
|
||||
html += '<span class="json-bracket">[</span><ol class="json-array">';
|
||||
for (let i = 0; i < json.length; i++) {
|
||||
html += "<li>";
|
||||
|
||||
// Add toggle button if item is collapsable
|
||||
if (isCollapsable(json[i])) {
|
||||
const isArr = json[i] instanceof Array;
|
||||
html += '<details open class="json-details">' +
|
||||
`<summary class="json-summary ${isArr ? "json-arr" : "json-obj"}"></summary>` +
|
||||
json2html(json[i], options) +
|
||||
"</details>";
|
||||
} else {
|
||||
html += json2html(json[i], options);
|
||||
}
|
||||
|
||||
// Add comma if item is not last
|
||||
if (i < json.length - 1) {
|
||||
html += '<span class="json-comma">,</span>';
|
||||
}
|
||||
html += "</li>";
|
||||
}
|
||||
html += '</ol><span class="json-bracket">]</span>';
|
||||
} else {
|
||||
html += '<span class="json-bracket">[]</span>';
|
||||
}
|
||||
} else if (typeof json === "object") {
|
||||
// Optional support different libraries for big numbers
|
||||
// json.isLosslessNumber: package lossless-json
|
||||
// json.toExponential(): packages bignumber.js, big.js, decimal.js, decimal.js-light, others?
|
||||
if (options.bigNumbers && (typeof json.toExponential === "function" || json.isLosslessNumber)) {
|
||||
html += `<span class="json-literal">${json.toString()}</span>`;
|
||||
} else {
|
||||
let keyCount = Object.keys(json).length;
|
||||
if (keyCount > 0) {
|
||||
html += '<span class="json-brace">{</span><ul class="json-dict">';
|
||||
for (const key in json) {
|
||||
if (Object.prototype.hasOwnProperty.call(json, key)) {
|
||||
const safeKey = Utils.escapeHtml(key);
|
||||
html += "<li>";
|
||||
|
||||
// Add toggle button if item is collapsable
|
||||
if (isCollapsable(json[key])) {
|
||||
const isArr = json[key] instanceof Array;
|
||||
html += '<details open class="json-details">' +
|
||||
`<summary class="json-summary ${isArr ? "json-arr" : "json-obj"}">${safeKey}<span class="json-colon">:</span> </summary>` +
|
||||
json2html(json[key], options) +
|
||||
"</details>";
|
||||
} else {
|
||||
html += safeKey + '<span class="json-colon">:</span> ' + json2html(json[key], options);
|
||||
}
|
||||
|
||||
// Add comma if item is not last
|
||||
if (--keyCount > 0) {
|
||||
html += '<span class="json-comma">,</span>';
|
||||
}
|
||||
html += "</li>";
|
||||
}
|
||||
}
|
||||
html += '</ul><span class="json-brace">}</span>';
|
||||
} else {
|
||||
html += '<span class="json-brace">{}</span>';
|
||||
}
|
||||
}
|
||||
}
|
||||
return html;
|
||||
}
|
||||
|
||||
export default JSONBeautify;
|
||||
|
||||
@@ -52,6 +52,7 @@ class Jump extends Operation {
|
||||
const jmpIndex = getLabelIndex(label, state);
|
||||
|
||||
if (state.numJumps >= maxJumps || jmpIndex === -1) {
|
||||
state.numJumps = 0;
|
||||
return state;
|
||||
}
|
||||
|
||||
|
||||
@@ -20,10 +20,16 @@ class Merge extends Operation {
|
||||
this.name = "Merge";
|
||||
this.flowControl = true;
|
||||
this.module = "Default";
|
||||
this.description = "Consolidate all branches back into a single trunk. The opposite of Fork.";
|
||||
this.description = "Consolidate all branches back into a single trunk. The opposite of Fork. Unticking the Merge All checkbox will only consolidate all branches up to the nearest Fork/Subsection.";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
this.args = [];
|
||||
this.args = [
|
||||
{
|
||||
name: "Merge All",
|
||||
type: "boolean",
|
||||
value: true,
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -24,7 +24,7 @@ class PEMToHex extends Operation {
|
||||
this.name = "PEM to Hex";
|
||||
this.module = "Default";
|
||||
this.description = "Converts PEM (Privacy Enhanced Mail) format to a hexadecimal DER (Distinguished Encoding Rules) string.";
|
||||
this.infoURL = "https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail#Format";
|
||||
this.infoURL = "https://wikipedia.org/wiki/Privacy-Enhanced_Mail#Format";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
this.args = [];
|
||||
|
||||
133
src/core/operations/PLISTViewer.mjs
Normal file
133
src/core/operations/PLISTViewer.mjs
Normal file
@@ -0,0 +1,133 @@
|
||||
/**
|
||||
* @author n1073645 [n1073645@gmail.com]
|
||||
* @copyright Crown Copyright 2019
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
|
||||
import Operation from "../Operation.mjs";
|
||||
|
||||
/**
|
||||
* P-list Viewer operation
|
||||
*/
|
||||
class PlistViewer extends Operation {
|
||||
|
||||
/**
|
||||
* PlistViewer constructor
|
||||
*/
|
||||
constructor() {
|
||||
super();
|
||||
|
||||
this.name = "P-list Viewer";
|
||||
this.module = "Default";
|
||||
this.description = "In the macOS, iOS, NeXTSTEP, and GNUstep programming frameworks, property list files are files that store serialized objects. Property list files use the filename extension .plist, and thus are often referred to as p-list files.<br><br>This operation displays plist files in a human readable format.";
|
||||
this.infoURL = "https://wikipedia.org/wiki/Property_list";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
this.args = [];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param {string} input
|
||||
* @param {Object[]} args
|
||||
* @returns {string}
|
||||
*/
|
||||
run(input, args) {
|
||||
|
||||
// Regexes are designed to transform the xml format into a more readable string format.
|
||||
input = input.slice(input.indexOf("<plist"))
|
||||
.replace(/<plist.+>/g, "plist => ")
|
||||
.replace(/<dict>/g, "{")
|
||||
.replace(/<\/dict>/g, "}")
|
||||
.replace(/<array>/g, "[")
|
||||
.replace(/<\/array>/g, "]")
|
||||
.replace(/<key>.+<\/key>/g, m => `${m.slice(5, m.indexOf(/<\/key>/g)-5)}\t=> `)
|
||||
.replace(/<real>.+<\/real>/g, m => `${m.slice(6, m.indexOf(/<\/real>/g)-6)}\n`)
|
||||
.replace(/<string>.+<\/string>/g, m => `"${m.slice(8, m.indexOf(/<\/string>/g)-8)}"\n`)
|
||||
.replace(/<integer>.+<\/integer>/g, m => `${m.slice(9, m.indexOf(/<\/integer>/g)-9)}\n`)
|
||||
.replace(/<false\/>/g, m => "false")
|
||||
.replace(/<true\/>/g, m => "true")
|
||||
.replace(/<\/plist>/g, "/plist")
|
||||
.replace(/<date>.+<\/date>/g, m => `${m.slice(6, m.indexOf(/<\/integer>/g)-6)}`)
|
||||
.replace(/<data>(\s|.)+?<\/data>/g, m => `${m.slice(6, m.indexOf(/<\/data>/g)-6)}`)
|
||||
.replace(/[ \t\r\f\v]/g, "");
|
||||
|
||||
/**
|
||||
* Depending on the type of brace, it will increment the depth and amount of arrays accordingly.
|
||||
*
|
||||
* @param {string} elem
|
||||
* @param {array} vals
|
||||
* @param {number} offset
|
||||
*/
|
||||
function braces(elem, vals, offset) {
|
||||
const temp = vals.indexOf(elem);
|
||||
if (temp !== -1) {
|
||||
depthCount += offset;
|
||||
if (temp === 1)
|
||||
arrCount += offset;
|
||||
}
|
||||
}
|
||||
|
||||
let result = "";
|
||||
let arrCount = 0;
|
||||
let depthCount = 0;
|
||||
|
||||
/**
|
||||
* Formats the input after the regex has replaced all of the relevant parts.
|
||||
*
|
||||
* @param {array} input
|
||||
* @param {number} index
|
||||
*/
|
||||
function printIt(input, index) {
|
||||
if (!(input.length))
|
||||
return;
|
||||
|
||||
let temp = "";
|
||||
const origArr = arrCount;
|
||||
let currElem = input[0];
|
||||
|
||||
// If the current position points at a larger dynamic structure.
|
||||
if (currElem.indexOf("=>") !== -1) {
|
||||
|
||||
// If the LHS also points at a larger structure (nested plists in a dictionary).
|
||||
if (input[1].indexOf("=>") !== -1)
|
||||
temp = currElem.slice(0, -2) + " => " + input[1].slice(0, -2) + " =>\n";
|
||||
else
|
||||
temp = currElem.slice(0, -2) + " => " + input[1] + "\n";
|
||||
|
||||
input = input.slice(1);
|
||||
} else {
|
||||
// Controls the tab depth for how many closing braces there have been.
|
||||
|
||||
braces(currElem, ["}", "]"], -1);
|
||||
|
||||
// Has to be here since the formatting breaks otherwise.
|
||||
temp = currElem + "\n";
|
||||
}
|
||||
|
||||
currElem = input[0];
|
||||
|
||||
// Tab out to the correct distance.
|
||||
result += ("\t".repeat(depthCount));
|
||||
|
||||
// If it is enclosed in an array show index.
|
||||
if (arrCount > 0 && currElem !== "]")
|
||||
result += index.toString() + " => ";
|
||||
|
||||
result += temp;
|
||||
|
||||
// Controls the tab depth for how many opening braces there have been.
|
||||
braces(currElem, ["{", "["], 1);
|
||||
|
||||
// If there has been a new array then reset index.
|
||||
if (arrCount > origArr)
|
||||
return printIt(input.slice(1), 0);
|
||||
return printIt(input.slice(1), ++index);
|
||||
}
|
||||
|
||||
input = input.split("\n").filter(e => e !== "");
|
||||
printIt(input, 0);
|
||||
return result;
|
||||
}
|
||||
}
|
||||
|
||||
export default PlistViewer;
|
||||
@@ -7,7 +7,7 @@
|
||||
import r from "jsrsasign";
|
||||
import { fromBase64 } from "../lib/Base64.mjs";
|
||||
import { toHex } from "../lib/Hex.mjs";
|
||||
import { formatByteStr, formatDnStr } from "../lib/PublicKey.mjs";
|
||||
import { formatByteStr, formatDnObj } from "../lib/PublicKey.mjs";
|
||||
import Operation from "../Operation.mjs";
|
||||
import Utils from "../Utils.mjs";
|
||||
|
||||
@@ -76,8 +76,8 @@ class ParseX509Certificate extends Operation {
|
||||
}
|
||||
|
||||
const sn = cert.getSerialNumberHex(),
|
||||
issuer = cert.getIssuerString(),
|
||||
subject = cert.getSubjectString(),
|
||||
issuer = cert.getIssuer(),
|
||||
subject = cert.getSubject(),
|
||||
pk = cert.getPublicKey(),
|
||||
pkFields = [],
|
||||
sig = cert.getSignatureValueHex();
|
||||
@@ -170,10 +170,10 @@ class ParseX509Certificate extends Operation {
|
||||
extensions = cert.getInfo().split("X509v3 Extensions:\n")[1].split("signature")[0];
|
||||
} catch (err) {}
|
||||
|
||||
const issuerStr = formatDnStr(issuer, 2),
|
||||
const issuerStr = formatDnObj(issuer, 2),
|
||||
nbDate = formatDate(cert.getNotBefore()),
|
||||
naDate = formatDate(cert.getNotAfter()),
|
||||
subjectStr = formatDnStr(subject, 2);
|
||||
subjectStr = formatDnObj(subject, 2);
|
||||
|
||||
return `Version: ${cert.version} (0x${Utils.hex(cert.version - 1)})
|
||||
Serial number: ${new r.BigInteger(sn, 16).toString()} (0x${sn})
|
||||
|
||||
@@ -22,7 +22,7 @@ class Subsection extends Operation {
|
||||
this.name = "Subsection";
|
||||
this.flowControl = true;
|
||||
this.module = "Default";
|
||||
this.description = "Select a part of the input data using a regular expression (regex), and run all subsequent operations on each match separately.<br><br>You can use up to one capture group, where the recipe will only be run on the data in the capture group. If there's more than one capture group, only the first one will be operated on.";
|
||||
this.description = "Select a part of the input data using a regular expression (regex), and run all subsequent operations on each match separately.<br><br>You can use up to one capture group, where the recipe will only be run on the data in the capture group. If there's more than one capture group, only the first one will be operated on.<br><br>Use the Merge operation to reset the effects of subsection.";
|
||||
this.infoURL = "";
|
||||
this.inputType = "string";
|
||||
this.outputType = "string";
|
||||
@@ -67,12 +67,21 @@ class Subsection extends Operation {
|
||||
subOpList = [];
|
||||
|
||||
if (input && section !== "") {
|
||||
// Set to 1 as if we are here, then there is one, the current one.
|
||||
let numOp = 1;
|
||||
// Create subOpList for each tranche to operate on
|
||||
// all remaining operations unless we encounter a Merge
|
||||
for (let i = state.progress + 1; i < opList.length; i++) {
|
||||
if (opList[i].name === "Merge" && !opList[i].disabled) {
|
||||
break;
|
||||
numOp--;
|
||||
if (numOp === 0 || opList[i].ingValues[0])
|
||||
break;
|
||||
else
|
||||
// Not this subsection's Merge.
|
||||
subOpList.push(opList[i]);
|
||||
} else {
|
||||
if (opList[i].name === "Fork" || opList[i].name === "Subsection")
|
||||
numOp++;
|
||||
subOpList.push(opList[i]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -186,7 +186,7 @@ div.toggle-string {
|
||||
}
|
||||
|
||||
.ingredients .dropdown-toggle-split {
|
||||
height: 41px !important;
|
||||
height: 40px !important;
|
||||
}
|
||||
|
||||
.boolean-arg {
|
||||
|
||||
@@ -34,3 +34,6 @@
|
||||
@import "./layout/_operations.css";
|
||||
@import "./layout/_recipe.css";
|
||||
@import "./layout/_structure.css";
|
||||
|
||||
/* Operations */
|
||||
@import "./operations/json.css";
|
||||
|
||||
78
src/web/stylesheets/operations/json.css
Normal file
78
src/web/stylesheets/operations/json.css
Normal file
@@ -0,0 +1,78 @@
|
||||
/**
|
||||
* JSON styles
|
||||
*
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2022
|
||||
* @license Apache-2.0
|
||||
*
|
||||
* Adapted for CyberChef by @n1474335 from jQuery json-viewer
|
||||
* @author Alexandre Bodelot <alexandre.bodelot@gmail.com>
|
||||
* @link https://github.com/abodelot/jquery.json-viewer
|
||||
* @license MIT
|
||||
*/
|
||||
|
||||
/* Root element */
|
||||
.json-document {
|
||||
padding: .5em 1.5em;
|
||||
}
|
||||
|
||||
/* Syntax highlighting for JSON objects */
|
||||
ul.json-dict, ol.json-array {
|
||||
list-style-type: none;
|
||||
margin: 0 0 0 1px;
|
||||
border-left: 1px dotted #ccc;
|
||||
padding-left: 2em;
|
||||
}
|
||||
.json-string {
|
||||
color: green;
|
||||
}
|
||||
.json-literal {
|
||||
color: red;
|
||||
}
|
||||
.json-brace,
|
||||
.json-bracket,
|
||||
.json-colon,
|
||||
.json-comma {
|
||||
color: gray;
|
||||
}
|
||||
|
||||
/* Collapse */
|
||||
.json-details {
|
||||
display: inline;
|
||||
}
|
||||
.json-details[open] {
|
||||
display: contents;
|
||||
}
|
||||
.json-summary {
|
||||
display: contents;
|
||||
}
|
||||
|
||||
/* Display object and array brackets when closed */
|
||||
.json-summary.json-obj::after {
|
||||
color: gray;
|
||||
content: "{ ... }"
|
||||
}
|
||||
.json-summary.json-arr::after {
|
||||
color: gray;
|
||||
content: "[ ... ]"
|
||||
}
|
||||
.json-details[open] > .json-summary.json-obj::after,
|
||||
.json-details[open] > .json-summary.json-arr::after {
|
||||
content: "";
|
||||
}
|
||||
|
||||
/* Show arrows, even in inline mode */
|
||||
.json-summary::before {
|
||||
content: "\25BC";
|
||||
color: #c0c0c0;
|
||||
margin-left: -12px;
|
||||
margin-right: 5px;
|
||||
display: inline-block;
|
||||
transform: rotate(-90deg);
|
||||
}
|
||||
.json-summary:hover::before {
|
||||
color: #aaa;
|
||||
}
|
||||
.json-details[open] > .json-summary::before {
|
||||
transform: rotate(0deg);
|
||||
}
|
||||
@@ -12,6 +12,7 @@
|
||||
import Chef from "../../src/core/Chef.mjs";
|
||||
import Utils from "../../src/core/Utils.mjs";
|
||||
import cliProgress from "cli-progress";
|
||||
import log from "loglevel";
|
||||
|
||||
/**
|
||||
* Object to store and run the list of tests.
|
||||
@@ -50,6 +51,9 @@ class TestRegister {
|
||||
* Runs all the tests in the register.
|
||||
*/
|
||||
async runTests () {
|
||||
// Turn off logging to avoid messy errors
|
||||
log.setLevel("silent", false);
|
||||
|
||||
const progBar = new cliProgress.SingleBar({
|
||||
format: formatter,
|
||||
stopOnComplete: true
|
||||
@@ -84,7 +88,17 @@ class TestRegister {
|
||||
|
||||
if (result.error) {
|
||||
if (test.expectedError) {
|
||||
ret.status = "passing";
|
||||
if (result.error.displayStr === test.expectedOutput) {
|
||||
ret.status = "passing";
|
||||
} else {
|
||||
ret.status = "failing";
|
||||
ret.output = [
|
||||
"Expected",
|
||||
"\t" + test.expectedOutput.replace(/\n/g, "\n\t"),
|
||||
"Received",
|
||||
"\t" + result.error.displayStr.replace(/\n/g, "\n\t"),
|
||||
].join("\n");
|
||||
}
|
||||
} else {
|
||||
ret.status = "erroring";
|
||||
ret.output = result.error.displayStr;
|
||||
@@ -118,6 +132,9 @@ class TestRegister {
|
||||
progBar.increment();
|
||||
}
|
||||
|
||||
// Turn logging back on
|
||||
log.setLevel("info", false);
|
||||
|
||||
return testResults;
|
||||
}
|
||||
|
||||
|
||||
@@ -24,6 +24,7 @@ import "./tests/Base45.mjs";
|
||||
import "./tests/Base58.mjs";
|
||||
import "./tests/Base64.mjs";
|
||||
import "./tests/Base62.mjs";
|
||||
import "./tests/Base85.mjs";
|
||||
import "./tests/BitwiseOp.mjs";
|
||||
import "./tests/ByteRepr.mjs";
|
||||
import "./tests/CartesianProduct.mjs";
|
||||
@@ -113,6 +114,8 @@ import "./tests/JA3SFingerprint.mjs";
|
||||
import "./tests/HASSH.mjs";
|
||||
import "./tests/GetAllCasings.mjs";
|
||||
import "./tests/SIGABA.mjs";
|
||||
import "./tests/ELFInfo.mjs";
|
||||
import "./tests/Subsection.mjs";
|
||||
|
||||
|
||||
// Cannot test operations that use the File type yet
|
||||
|
||||
48
tests/operations/tests/Base85.mjs
Normal file
48
tests/operations/tests/Base85.mjs
Normal file
@@ -0,0 +1,48 @@
|
||||
/**
|
||||
* Base85 tests
|
||||
*
|
||||
* @author john19696
|
||||
* @copyright Crown Copyright 2019
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
import TestRegister from "../../lib/TestRegister.mjs";
|
||||
|
||||
// Example from Wikipedia
|
||||
const wpExample = "Man is distinguished, not only by his reason, but by this singular passion from other animals, which is a lust of the mind, that by a perseverance of delight in the continued and indefatigable generation of knowledge, exceeds the short vehemence of any carnal pleasure.";
|
||||
// Escape newline, quote & backslash
|
||||
const wpOutput = "9jqo^BlbD-BleB1DJ+*+F(f,q/0JhKF<GL>Cj@.4Gp$d7F!,L7@<6@)/0JDEF<G%<+EV:2F!,O<\
|
||||
DJ+*.@<*K0@<6L(Df-\\0Ec5e;DffZ(EZee.Bl.9pF\"AGXBPCsi+DGm>@3BB/F*&OCAfu2/AKYi(\
|
||||
DIb:@FD,*)+C]U=@3BN#EcYf8ATD3s@q?d$AftVqCh[NqF<G:8+EV:.+Cf>-FD5W8ARlolDIal(\
|
||||
DId<j@<?3r@:F%a+D58'ATD4$Bl@l3De:,-DJs`8ARoFb/0JMK@qB4^F!,R<AKZ&-DfTqBG%G>u\
|
||||
D.RTpAKYo'+CT/5+Cei#DII?(E,9)oF*2M7/c";
|
||||
|
||||
TestRegister.addTests([
|
||||
{
|
||||
name: "To Base85",
|
||||
input: wpExample,
|
||||
expectedOutput: wpOutput,
|
||||
recipeConfig: [
|
||||
{ "op": "To Base85",
|
||||
"args": ["!-u"] }
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "From Base85",
|
||||
input: wpOutput + "\n",
|
||||
expectedOutput: wpExample,
|
||||
recipeConfig: [
|
||||
{ "op": "From Base85",
|
||||
"args": ["!-u", true] }
|
||||
]
|
||||
},
|
||||
{
|
||||
name: "From Base85",
|
||||
input: wpOutput + "v",
|
||||
expectedError: true,
|
||||
expectedOutput: "From Base85 - Invalid character 'v' at index 337",
|
||||
recipeConfig: [
|
||||
{ "op": "From Base85",
|
||||
"args": ["!-u", false] }
|
||||
]
|
||||
},
|
||||
]);
|
||||
86
tests/operations/tests/ELFInfo.mjs
Normal file
86
tests/operations/tests/ELFInfo.mjs
Normal file
@@ -0,0 +1,86 @@
|
||||
/**
|
||||
* @author n1073645 [n1073645@gmail.com]
|
||||
* @copyright Crown Copyright 2022
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
import TestRegister from "../../lib/TestRegister.mjs";
|
||||
import {ELF32_LE, ELF32_BE, ELF64_LE, ELF64_BE} from "../../samples/Executables.mjs";
|
||||
|
||||
const ELF32_LE_OUTPUT = "============================== ELF Header ==============================\nMagic: \x7fELF\nFormat: 32-bit\nEndianness: Little\nVersion: 1\nABI: System V\nABI Version: 0\nType: Executable File\nInstruction Set Architecture: x86\nELF Version: 1\nEntry Point: 0x8062150\nEntry PHOFF: 0x34\nEntry SHOFF: 0x54\nFlags: 00000000\nELF Header Size: 52 bytes\nProgram Header Size: 32 bytes\nProgram Header Entries: 1\nSection Header Size: 40 bytes\nSection Header Entries: 3\nSection Header Names: 0\n\n============================== Program Header ==============================\nProgram Header Type: Program Header Table\nOffset Of Segment: 52\nVirtual Address of Segment: 134512692\nPhysical Address of Segment: 134512692\nSize of Segment: 256 bytes\nSize of Segment in Memory: 256 bytes\nFlags: Execute,Read\n\n============================== Section Header ==============================\nType: String Table\nSection Name: .shstrab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 204\nSection Size: 28\nAssociated Section: 0\nSection Extra Information: 0\n\nType: Symbol Table\nSection Name: .symtab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 230\nSection Size: 16\nAssociated Section: 0\nSection Extra Information: 0\n\nType: String Table\nSection Name: .strtab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 245\nSection Size: 4\nAssociated Section: 0\nSection Extra Information: 0\n\n============================== Symbol Table ==============================\nSymbol Name: test";
|
||||
const ELF32_BE_OUTPUT = "============================== ELF Header ==============================\nMagic: \x7fELF\nFormat: 32-bit\nEndianness: Big\nVersion: 1\nABI: System V\nABI Version: 0\nType: Executable File\nInstruction Set Architecture: x86\nELF Version: 1\nEntry Point: 0x8062150\nEntry PHOFF: 0x34\nEntry SHOFF: 0x54\nFlags: 00000000\nELF Header Size: 52 bytes\nProgram Header Size: 32 bytes\nProgram Header Entries: 1\nSection Header Size: 40 bytes\nSection Header Entries: 3\nSection Header Names: 0\n\n============================== Program Header ==============================\nProgram Header Type: Program Header Table\nOffset Of Segment: 52\nVirtual Address of Segment: 134512692\nPhysical Address of Segment: 134512692\nSize of Segment: 256 bytes\nSize of Segment in Memory: 256 bytes\nFlags: Execute,Read\n\n============================== Section Header ==============================\nType: String Table\nSection Name: .shstrab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 204\nSection Size: 28\nAssociated Section: 0\nSection Extra Information: 0\n\nType: Symbol Table\nSection Name: .symtab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 230\nSection Size: 16\nAssociated Section: 0\nSection Extra Information: 0\n\nType: String Table\nSection Name: .strtab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 245\nSection Size: 4\nAssociated Section: 0\nSection Extra Information: 0\n\n============================== Symbol Table ==============================\nSymbol Name: test";
|
||||
const ELF64_LE_OUTPUT = "============================== ELF Header ==============================\nMagic: \x7fELF\nFormat: 64-bit\nEndianness: Little\nVersion: 1\nABI: System V\nABI Version: 0\nType: Executable File\nInstruction Set Architecture: AMD x86-64\nELF Version: 1\nEntry Point: 0x8062150\nEntry PHOFF: 0x40\nEntry SHOFF: 0x78\nFlags: 00000000\nELF Header Size: 64 bytes\nProgram Header Size: 56 bytes\nProgram Header Entries: 1\nSection Header Size: 64 bytes\nSection Header Entries: 3\nSection Header Names: 0\n\n============================== Program Header ==============================\nProgram Header Type: Program Header Table\nFlags: Execute,Read\nOffset Of Segment: 52\nVirtual Address of Segment: 134512692\nPhysical Address of Segment: 134512692\nSize of Segment: 256 bytes\nSize of Segment in Memory: 256 bytes\n\n============================== Section Header ==============================\nType: String Table\nSection Name: .shstrab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 312\nSection Size: 28\nAssociated Section: 0\nSection Extra Information: 0\n\nType: Symbol Table\nSection Name: .symtab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 336\nSection Size: 16\nAssociated Section: 0\nSection Extra Information: 0\n\nType: String Table\nSection Name: .strtab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 361\nSection Size: 4\nAssociated Section: 0\nSection Extra Information: 0\n\n============================== Symbol Table ==============================\nSymbol Name: test";
|
||||
const ELF64_BE_OUTPUT = "============================== ELF Header ==============================\nMagic: \x7fELF\nFormat: 64-bit\nEndianness: Big\nVersion: 1\nABI: System V\nABI Version: 0\nType: Executable File\nInstruction Set Architecture: AMD x86-64\nELF Version: 1\nEntry Point: 0x8062150\nEntry PHOFF: 0x40\nEntry SHOFF: 0x78\nFlags: 00000000\nELF Header Size: 64 bytes\nProgram Header Size: 56 bytes\nProgram Header Entries: 1\nSection Header Size: 64 bytes\nSection Header Entries: 3\nSection Header Names: 0\n\n============================== Program Header ==============================\nProgram Header Type: Program Header Table\nFlags: Execute,Read\nOffset Of Segment: 52\nVirtual Address of Segment: 134512692\nPhysical Address of Segment: 134512692\nSize of Segment: 256 bytes\nSize of Segment in Memory: 256 bytes\n\n============================== Section Header ==============================\nType: String Table\nSection Name: .shstrab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 312\nSection Size: 28\nAssociated Section: 0\nSection Extra Information: 0\n\nType: Symbol Table\nSection Name: .symtab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 336\nSection Size: 16\nAssociated Section: 0\nSection Extra Information: 0\n\nType: String Table\nSection Name: .strtab\nFlags: \nSection Vaddr in memory: 0\nOffset of the section: 361\nSection Size: 4\nAssociated Section: 0\nSection Extra Information: 0\n\n============================== Symbol Table ==============================\nSymbol Name: test";
|
||||
|
||||
TestRegister.addTests([
|
||||
{
|
||||
name: "ELF Info invalid ELF.",
|
||||
input: "\x7f\x00\x00\x00",
|
||||
expectedOutput: "Invalid ELF",
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "ELF Info",
|
||||
args: [],
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "ELF Info 32-bit ELF Little Endian.",
|
||||
input: ELF32_LE,
|
||||
expectedOutput: ELF32_LE_OUTPUT,
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "From Hex",
|
||||
args: ["None"],
|
||||
},
|
||||
{
|
||||
op: "ELF Info",
|
||||
args: [],
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "ELF Info 32-bit ELF Big Endian.",
|
||||
input: ELF32_BE,
|
||||
expectedOutput: ELF32_BE_OUTPUT,
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "From Hex",
|
||||
args: ["None"],
|
||||
},
|
||||
{
|
||||
op: "ELF Info",
|
||||
args: [],
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "ELF Info 64-bit ELF Little Endian.",
|
||||
input: ELF64_LE,
|
||||
expectedOutput: ELF64_LE_OUTPUT,
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "From Hex",
|
||||
args: ["None"],
|
||||
},
|
||||
{
|
||||
op: "ELF Info",
|
||||
args: [],
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "ELF Info 64-bit ELF Big Endian.",
|
||||
input: ELF64_BE,
|
||||
expectedOutput: ELF64_BE_OUTPUT,
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "From Hex",
|
||||
args: ["None"],
|
||||
},
|
||||
{
|
||||
op: "ELF Info",
|
||||
args: [],
|
||||
},
|
||||
],
|
||||
},
|
||||
]);
|
||||
@@ -31,7 +31,7 @@ TestRegister.addTests([
|
||||
},
|
||||
{
|
||||
op: "Merge",
|
||||
args: [],
|
||||
args: [true],
|
||||
},
|
||||
],
|
||||
},
|
||||
@@ -50,7 +50,7 @@ TestRegister.addTests([
|
||||
},
|
||||
{
|
||||
op: "Merge",
|
||||
args: [],
|
||||
args: [true],
|
||||
},
|
||||
],
|
||||
},
|
||||
@@ -66,5 +66,16 @@ TestRegister.addTests([
|
||||
{"op": "Label", "args": ["skipReturn"]},
|
||||
{"op": "To Base64", "args": ["A-Za-z0-9+/="]}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
name: "Fork, Partial Merge",
|
||||
input: "Hello World",
|
||||
expectedOutput: "48656c6c6f 576f726c64",
|
||||
recipeConfig: [
|
||||
{ "op": "Fork", "args": [" ", " ", false] },
|
||||
{ "op": "Fork", "args": ["l", "l", false] },
|
||||
{ "op": "Merge", "args": [false] },
|
||||
{ "op": "To Hex", "args": ["None", 0] },
|
||||
]
|
||||
},
|
||||
]);
|
||||
|
||||
@@ -16,7 +16,7 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: [" ", false],
|
||||
args: [" ", false, false],
|
||||
},
|
||||
],
|
||||
},
|
||||
@@ -27,7 +27,7 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: [" ", false],
|
||||
args: [" ", false, false],
|
||||
},
|
||||
],
|
||||
},
|
||||
@@ -38,8 +38,12 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: [" ", false],
|
||||
args: [" ", false, false],
|
||||
},
|
||||
{
|
||||
op: "HTML To Text",
|
||||
args: []
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
@@ -49,7 +53,7 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: [" ", false],
|
||||
args: [" ", false, false],
|
||||
},
|
||||
],
|
||||
},
|
||||
@@ -60,7 +64,7 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: [" ", false],
|
||||
args: [" ", false, false],
|
||||
},
|
||||
],
|
||||
},
|
||||
@@ -71,7 +75,7 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: [" ", false],
|
||||
args: [" ", false, false],
|
||||
},
|
||||
],
|
||||
},
|
||||
@@ -82,7 +86,7 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: ["\t", false],
|
||||
args: ["\t", false, false],
|
||||
},
|
||||
],
|
||||
},
|
||||
@@ -93,8 +97,12 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: [" ", false],
|
||||
args: [" ", false, false],
|
||||
},
|
||||
{
|
||||
op: "HTML To Text",
|
||||
args: []
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
@@ -104,8 +112,12 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: ["\t", false],
|
||||
args: ["\t", false, false],
|
||||
},
|
||||
{
|
||||
op: "HTML To Text",
|
||||
args: []
|
||||
}
|
||||
],
|
||||
},
|
||||
{
|
||||
@@ -115,8 +127,12 @@ TestRegister.addTests([
|
||||
recipeConfig: [
|
||||
{
|
||||
op: "JSON Beautify",
|
||||
args: ["\t", true],
|
||||
args: ["\t", true, false],
|
||||
},
|
||||
{
|
||||
op: "HTML To Text",
|
||||
args: []
|
||||
}
|
||||
],
|
||||
},
|
||||
]);
|
||||
|
||||
102
tests/operations/tests/Subsection.mjs
Normal file
102
tests/operations/tests/Subsection.mjs
Normal file
@@ -0,0 +1,102 @@
|
||||
/**
|
||||
* Subsection Tests.
|
||||
*
|
||||
* @author n1073645 [n1073645@gmail.com]
|
||||
* @copyright Crown Copyright 2022
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
import TestRegister from "../../lib/TestRegister.mjs";
|
||||
|
||||
TestRegister.addTests([
|
||||
{
|
||||
name: "Subsection: nothing",
|
||||
input: "",
|
||||
expectedOutput: "",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "Subsection",
|
||||
"args": ["", true, true, false],
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "Subsection, Full Merge: nothing",
|
||||
input: "",
|
||||
expectedOutput: "",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "Subsection",
|
||||
"args": ["", true, true, false],
|
||||
},
|
||||
{
|
||||
"op": "Merge",
|
||||
"args": [true],
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "Subsection, Partial Merge: nothing",
|
||||
input: "",
|
||||
expectedOutput: "",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "Subsection",
|
||||
"args": ["", true, true, false],
|
||||
},
|
||||
{
|
||||
"op": "Merge",
|
||||
"args": [false],
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "Subsection, Full Merge: Base64 with Hex",
|
||||
input: "SGVsbG38675629ybGQ=",
|
||||
expectedOutput: "Hello World",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "Subsection",
|
||||
"args": ["386756", true, true, false],
|
||||
},
|
||||
{
|
||||
"op": "From Hex",
|
||||
"args": ["Auto"],
|
||||
},
|
||||
{
|
||||
"op": "Merge",
|
||||
"args": [true],
|
||||
},
|
||||
{
|
||||
"op": "From Base64",
|
||||
"args": ["A-Za-z0-9+/=", true, false],
|
||||
},
|
||||
],
|
||||
},
|
||||
{
|
||||
name: "Subsection, Partial Merge: Base64 with Hex surrounded by binary data.",
|
||||
input: "000000000SGVsbG38675629ybGQ=0000000000",
|
||||
expectedOutput: "000000000Hello World0000000000",
|
||||
recipeConfig: [
|
||||
{
|
||||
"op": "Subsection",
|
||||
"args": ["SGVsbG38675629ybGQ=", true, true, false],
|
||||
},
|
||||
{
|
||||
"op": "Subsection",
|
||||
"args": ["386756", true, true, false],
|
||||
},
|
||||
{
|
||||
"op": "From Hex",
|
||||
"args": ["Auto"],
|
||||
},
|
||||
{
|
||||
"op": "Merge",
|
||||
"args": [false],
|
||||
},
|
||||
{
|
||||
"op": "From Base64",
|
||||
"args": ["A-Za-z0-9+/=", true, false],
|
||||
},
|
||||
],
|
||||
},
|
||||
]);
|
||||
375
tests/samples/Executables.mjs
Normal file
375
tests/samples/Executables.mjs
Normal file
@@ -0,0 +1,375 @@
|
||||
/**
|
||||
* Executables in various formats for use in tests.
|
||||
*
|
||||
* @author n1474335 [n1474335@gmail.com]
|
||||
* @copyright Crown Copyright 2022
|
||||
* @license Apache-2.0
|
||||
*/
|
||||
|
||||
/**
|
||||
* ---------------ELF Header---------------
|
||||
* 7f454c46 - Magic: .ELF
|
||||
* 01 - Format: 32 bit
|
||||
* 01 - Endianness: Little
|
||||
* 01 - ELF Version: 1
|
||||
* 00 - Target ABI: System V
|
||||
* 00 - ABI Version: 0
|
||||
* 00000000000000 - Padding
|
||||
* 0200 - File Type: Executable File
|
||||
* 0300 - ISA: x86
|
||||
* 01000000 - ELF Version: 1
|
||||
* 50210608 - Entry Point: 0x8062150
|
||||
* 34000000 - PH Offset: 0x34
|
||||
* 54000000 - SH Offset: 0x54
|
||||
* 00000000 - Flags: 0
|
||||
* 3400 - ELF Header Size: 0x34
|
||||
* 2000 - PH Header Size: 0x20
|
||||
* 0100 - PH Entries: 1
|
||||
* 2800 - SH Size: 0x28
|
||||
* 0300 - SH Entries: 0x3
|
||||
* 0000 - SH Names Offset: 0x0
|
||||
*
|
||||
* -------------Program Header-------------
|
||||
* 06000000 - PH Type: Program Header Table
|
||||
* 34000000 - Segment Offset: 0x34
|
||||
* 34800408 - VAddr of segment: 134512692
|
||||
* 34800408 - PAddr of segment: 134512692
|
||||
* 00010000 - Size of segment: 256
|
||||
* 00010000 - Size of segment: 256
|
||||
* 05000000 - Flags: Execute,Read
|
||||
* 04000000 - Alignment
|
||||
*
|
||||
* --------------SH .shstrtab--------------
|
||||
* 00000000 - SH Name Offset: 0
|
||||
* 03000000 - SH Type: String Table
|
||||
* 00000000 - Flags:
|
||||
* 00000000 - VAddr of section: 0
|
||||
* cc000000 - Section offset: 204
|
||||
* 1c000000 - Section size: 28
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 00000000 - Alignment
|
||||
* 00000000 - Entry Size: 0
|
||||
*
|
||||
* ---------------SH .symtab---------------
|
||||
* 09000000 - SH Name Offset: 9
|
||||
* 02000000 - SH Type: Symbol Table
|
||||
* 00000000 - Flags:
|
||||
* 00000000 - VAddr of section: 0
|
||||
* e6000000 - Section offset: 230
|
||||
* 10000000 - Section size: 16
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 00000000 - Alignment
|
||||
* 10000000 - Entry Size: 16
|
||||
*
|
||||
* ---------------SH .strtab---------------
|
||||
* 11000000 - SH Name Offset: 17
|
||||
* 03000000 - SH Type: String Table
|
||||
* 00000000 - Flags:
|
||||
* 00000000 - VAddr of section: 0
|
||||
* f5000000 - Section offset: 245
|
||||
* 04000000 - Section size: 4
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 00000000 - Alignment
|
||||
* 00000000 - Entry Size: 0
|
||||
*
|
||||
* ---------------.shstrtab---------------
|
||||
* 2e73687374726162002e73796d746162002e73747274616200 - .shstrab\0.symtab\0.strtab\0
|
||||
*
|
||||
* ----------------.symtab----------------
|
||||
* 00000000 - Name Offset: 0
|
||||
* 00000000 - Value: 0
|
||||
* 00000000 - Size: 0
|
||||
* 00 - Info
|
||||
* 00 - other
|
||||
* 0000 - shdx
|
||||
*
|
||||
* ----------------.strtab----------------
|
||||
* 74657374 - test
|
||||
*/
|
||||
export const ELF32_LE = "7f454c46010101000000000000000000020003000100000050210608340000005400000000000000340020000100280003000000" +
|
||||
"0600000034000000348004083480040800010000000100000500000004000000" +
|
||||
"00000000030000000000000000000000cc0000001c00000000000000000000000000000000000000" +
|
||||
"09000000020000000000000000000000e60000001000000000000000000000000000000010000000" +
|
||||
"11000000030000000000000000000000f50000000400000000000000000000000000000000000000" +
|
||||
"2e73687374726162002e73796d746162002e73747274616200" +
|
||||
"00000000000000000000000000000000" +
|
||||
"74657374";
|
||||
|
||||
/**
|
||||
* ---------------ELF Header---------------
|
||||
* 7f454c46 - Magic: .ELF
|
||||
* 01 - Format: 32 bit
|
||||
* 02 - Endianness: Big
|
||||
* 01 - ELF Version: 1
|
||||
* 00 - Target ABI: System V
|
||||
* 00 - ABI Version: 0
|
||||
* 00000000000000 - Padding
|
||||
* 0002 - File Type: Executable File
|
||||
* 0003 - ISA: x86
|
||||
* 00000001 - ELF Version: 1
|
||||
* 08062150 - Entry Point: 0x8062150
|
||||
* 00000034 - PH Offset: 0x34
|
||||
* 00000054 - SH Offset: 0x54
|
||||
* 00000000 - Flags: 0
|
||||
* 0034 - ELF Header Size: 0x34
|
||||
* 0020 - PH Header Size: 0x20
|
||||
* 0001 - PH Entries: 1
|
||||
* 0028 - SH Size: 0x28
|
||||
* 0003 - SH Entries: 0x3
|
||||
* 0000 - SH Names Offset: 0x0
|
||||
*
|
||||
* -------------Program Header-------------
|
||||
* 00000006 - PH Type: Program Header Table
|
||||
* 00000034 - Segment Offset: 0x34
|
||||
* 08048034 - VAddr of segment: 134512692
|
||||
* 08048034 - PAddr of segment: 134512692
|
||||
* 00000100 - Size of segment: 256
|
||||
* 00000100 - Size of segment: 256
|
||||
* 00000005 - Flags: Execute,Read
|
||||
* 00000004 - Alignment
|
||||
*
|
||||
* --------------SH .shstrtab--------------
|
||||
* 00000000 - SH Name Offset: 0
|
||||
* 00000003 - SH Type: String Table
|
||||
* 00000000 - Flags:
|
||||
* 00000000 - VAddr of section: 0
|
||||
* 000000cc - Section offset: 204
|
||||
* 0000001c - Section size: 28
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 00000000 - Alignment
|
||||
* 00000000 - Entry Size: 0
|
||||
*
|
||||
* ---------------SH .symtab---------------
|
||||
* 00000009 - SH Name Offset: 9
|
||||
* 00000002 - SH Type: Symbol Table
|
||||
* 00000000 - Flags:
|
||||
* 00000000 - VAddr of section: 0
|
||||
* 000000e6 - Section offset: 230
|
||||
* 00000010 - Section size: 16
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 00000000 - Alignment
|
||||
* 00000010 - Entry Size: 16
|
||||
*
|
||||
* ---------------SH .strtab---------------
|
||||
* 00000011 - SH Name Offset: 17
|
||||
* 00000003 - SH Type: String Table
|
||||
* 00000000 - Flags:
|
||||
* 00000000 - VAddr of section: 0
|
||||
* 000000f5 - Section offset: 245
|
||||
* 00000004 - Section size: 4
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 00000000 - Alignment
|
||||
* 00000000 - Entry Size: 0
|
||||
*
|
||||
* ---------------.shstrtab---------------
|
||||
* 2e73687374726162002e73796d746162002e73747274616200 - .shstrab\0.symtab\0.strtab\0
|
||||
*
|
||||
* ----------------.symtab----------------
|
||||
* 00000000 - Name Offset: 0
|
||||
* 00000000 - Value: 0
|
||||
* 00000000 - Size: 0
|
||||
* 00 - Info
|
||||
* 00 - other
|
||||
* 0000 - shdx
|
||||
*
|
||||
* ----------------.strtab----------------
|
||||
* 74657374 - test
|
||||
*/
|
||||
export const ELF32_BE = "7f454c46010201000000000000000000000200030000000108062150000000340000005400000000003400200001002800030000" +
|
||||
"0000000600000034080480340804803400000100000001000000000500000004" +
|
||||
"00000000000000030000000000000000000000cc0000001c00000000000000000000000000000000" +
|
||||
"00000009000000020000000000000000000000e60000001000000000000000000000000000000010" +
|
||||
"00000011000000030000000000000000000000f50000000400000000000000000000000000000000" +
|
||||
"2e73687374726162002e73796d746162002e73747274616200" +
|
||||
"00000000000000000000000000000000" +
|
||||
"74657374";
|
||||
|
||||
/**
|
||||
* ---------------ELF Header---------------
|
||||
* 7f454c46 - Magic: .ELF
|
||||
* 02 - Format: 64 bit
|
||||
* 01 - Endianness: Little
|
||||
* 01 - ELF Version: 1
|
||||
* 00 - Target ABI: System V
|
||||
* 00 - ABI Version: 0
|
||||
* 00000000000000 - Padding
|
||||
* 0200 - File Type: Executable File
|
||||
* 3e00 - ISA: AMD x86-64
|
||||
* 01000000 - ELF Version: 1
|
||||
* 5021060800000000 - Entry Point: 0x8062150
|
||||
* 4000000000000000 - PH Offset: 0x40
|
||||
* 7800000000000000 - SH Offset: 0x78
|
||||
* 00000000 - Flags: 0
|
||||
* 4000 - ELF Header Size: 0x40
|
||||
* 3800 - PH Header Size: 0x38
|
||||
* 0100 - PH Entries: 1
|
||||
* 4000 - SH Size: 0x40
|
||||
* 0300 - SH Entries: 0x3
|
||||
* 0000 - SH Names Offset: 0x0
|
||||
*
|
||||
* -------------Program Header-------------
|
||||
* 06000000 - PH Type: Program Header Table
|
||||
* 05000000 - Flags: Execute,Read
|
||||
* 3400000000000000 - Segment Offset: 0x34
|
||||
* 3480040800000000 - VAddr of segment: 134512692
|
||||
* 3480040800000000 - PAddr of segment: 134512692
|
||||
* 0001000000000000 - Size of segment: 256
|
||||
* 0001000000000000 - Size of segment: 256
|
||||
* 0400000000000000 - Alignment
|
||||
*
|
||||
* --------------SH .shstrtab--------------
|
||||
* 00000000 - SH Name Offset: 0
|
||||
* 03000000 - SH Type: String Table
|
||||
* 0000000000000000 - Flags:
|
||||
* 0000000000000000 - VAddr of section: 0
|
||||
* 3801000000000000 - Section offset: 312
|
||||
* 1c00000000000000 - Section size: 28
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 0000000000000000 - Alignment
|
||||
* 0000000000000000 - Entry Size: 0
|
||||
*
|
||||
* ---------------SH .symtab---------------
|
||||
* 09000000 - SH Name Offset: 9
|
||||
* 02000000 - SH Type: Symbol Table
|
||||
* 0000000000000000 - Flags:
|
||||
* 0000000000000000 - VAddr of section: 0
|
||||
* 5001000000000000 - Section offset: 336
|
||||
* 1000000000000000 - Section size: 16
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 0000000000000000 - Alignment
|
||||
* 1800000000000000 - Entry Size: 24
|
||||
*
|
||||
* ---------------SH .strtab---------------
|
||||
* 11000000 - SH Name Offset: 17
|
||||
* 03000000 - SH Type: String Table
|
||||
* 0000000000000000 - Flags:
|
||||
* 0000000000000000 - VAddr of section: 0
|
||||
* 6901000000000000 - Section offset: 361
|
||||
* 0400000000000000 - Section size: 4
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 0000000000000000 - Alignment
|
||||
* 0000000000000000 - Entry Size: 0
|
||||
*
|
||||
* ---------------.shstrtab---------------
|
||||
* 2e73687374726162002e73796d746162002e73747274616200 - .shstrab\0.symtab\0.strtab\0
|
||||
*
|
||||
* ----------------.symtab----------------
|
||||
* 00000000 - Name Offset: 0
|
||||
* 00 - Info
|
||||
* 00 - other
|
||||
* 0000 - shdx
|
||||
* 0000000000000000 - Value: 0
|
||||
* 0000000000000000 - Size: 0
|
||||
*
|
||||
* ----------------.strtab----------------
|
||||
* 74657374 - test
|
||||
*/
|
||||
export const ELF64_LE = "7f454c4602010100000000000000000002003e000100000050210608000000004000000000000000780000000000000000000000400038000100400003000000" +
|
||||
"0600000005000000340000000000000034800408000000003480040800000000000100000000000000010000000000000400000000000000" +
|
||||
"00000000030000000000000000000000000000000000000038010000000000001c00000000000000000000000000000000000000000000000000000000000000" +
|
||||
"09000000020000000000000000000000000000000000000050010000000000001000000000000000000000000000000000000000000000001800000000000000" +
|
||||
"11000000030000000000000000000000000000000000000069010000000000000400000000000000000000000000000000000000000000000000000000000000" +
|
||||
"2e73687374726162002e73796d746162002e73747274616200" +
|
||||
"000000000000000000000000000000000000000000000000" +
|
||||
"74657374";
|
||||
|
||||
/**
|
||||
* ---------------ELF Header---------------
|
||||
* 7f454c46 - Magic: .ELF
|
||||
* 02 - Format: 64 bit
|
||||
* 02 - Endianness: Big
|
||||
* 01 - ELF Version: 1
|
||||
* 00 - Target ABI: System V
|
||||
* 00 - ABI Version: 0
|
||||
* 00000000000000 - Padding
|
||||
* 0002 - File Type: Executable File
|
||||
* 003e - ISA: AMD x86-64
|
||||
* 00000001 - ELF Version: 1
|
||||
* 0000000008062150 - Entry Point: 0x8062150
|
||||
* 0000000000000040 - PH Offset: 0x40
|
||||
* 0000000000000078 - SH Offset: 0x78
|
||||
* 00000000 - Flags: 0
|
||||
* 0040 - ELF Header Size: 0x40
|
||||
* 0038 - PH Header Size: 0x38
|
||||
* 0001 - PH Entries: 1
|
||||
* 0040 - SH Size: 0x40
|
||||
* 0003 - SH Entries: 0x3
|
||||
* 0000 - SH Names Offset: 0x0
|
||||
*
|
||||
* -------------Program Header-------------
|
||||
* 00000006 - PH Type: Program Header Table
|
||||
* 00000005 - Flags: Execute,Read
|
||||
* 0000000000000034 - Segment Offset: 0x34
|
||||
* 0000000008048034 - VAddr of segment: 134512692
|
||||
* 0000000008048034 - PAddr of segment: 134512692
|
||||
* 0000000000000100 - Size of segment: 256
|
||||
* 0000000000000100 - Size of segment: 256
|
||||
* 0400000000000000 - Alignment
|
||||
*
|
||||
* --------------SH .shstrtab--------------
|
||||
* 00000000 - SH Name Offset: 0
|
||||
* 00000003 - SH Type: String Table
|
||||
* 0000000000000000 - Flags:
|
||||
* 0000000000000000 - VAddr of section: 0
|
||||
* 0000000000000138 - Section offset: 312
|
||||
* 000000000000001c - Section size: 28
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 0000000000000000 - Alignment
|
||||
* 0000000000000000 - Entry Size: 0
|
||||
*
|
||||
* ---------------SH .symtab---------------
|
||||
* 00000009 - SH Name Offset: 9
|
||||
* 00000002 - SH Type: Symbol Table
|
||||
* 0000000000000000 - Flags:
|
||||
* 0000000000000000 - VAddr of section: 0
|
||||
* 0000000000000150 - Section offset: 336
|
||||
* 0000000000000010 - Section size: 16
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 0000000000000000 - Alignment
|
||||
* 0000000000000018 - Entry Size: 24
|
||||
*
|
||||
* ---------------SH .strtab---------------
|
||||
* 00000011 - SH Name Offset: 17
|
||||
* 00000003 - SH Type: String Table
|
||||
* 0000000000000000 - Flags:
|
||||
* 0000000000000000 - VAddr of section: 0
|
||||
* 0000000000000169 - Section offset: 361
|
||||
* 0000000000000004 - Section size: 4
|
||||
* 00000000 - Associated: 0
|
||||
* 00000000 - Extra Info: 0
|
||||
* 0000000000000000 - Alignment
|
||||
* 0000000000000000 - Entry Size: 0
|
||||
*
|
||||
* ---------------.shstrtab---------------
|
||||
* 2e73687374726162002e73796d746162002e73747274616200 - .shstrab\0.symtab\0.strtab\0
|
||||
*
|
||||
* ----------------.symtab----------------
|
||||
* 00000000 - Name Offset: 0
|
||||
* 00 - Info
|
||||
* 00 - other
|
||||
* 0000 - shdx
|
||||
* 0000000000000000 - Value: 0
|
||||
* 0000000000000000 - Size: 0
|
||||
*
|
||||
* ----------------.strtab----------------
|
||||
* 74657374 - test
|
||||
*/
|
||||
export const ELF64_BE = "7f454c460202010000000000000000000002003e0000000100000000080621500000000000000040000000000000007800000000004000380001004000030000" +
|
||||
"0000000600000005000000000000003400000000080480340000000008048034000000000000010000000000000001000400000000000000" +
|
||||
"0000000000000003000000000000000000000000000000000000000000000138000000000000001c000000000000000000000000000000000000000000000000" +
|
||||
"00000009000000020000000000000000000000000000000000000000000001500000000000000010000000000000000000000000000000000000000000000018" +
|
||||
"00000011000000030000000000000000000000000000000000000000000001690000000000000004000000000000000000000000000000000000000000000000" +
|
||||
"2e73687374726162002e73796d746162002e73747274616200" +
|
||||
"000000000000000000000000000000000000000000000000" +
|
||||
"74657374";
|
||||
Reference in New Issue
Block a user