Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bring up to date with master #1

Merged
merged 79 commits into from
Mar 12, 2019
Merged
Changes from 4 commits
Commits
Show all changes
79 commits
Select commit Hold shift + click to select a range
6aa9d2b
Added 'Extract Files' operation and 'Forensics' category.
n1474335 Dec 14, 2018
d021245
Merge branch 'master' into feature-extract-files
n1474335 Dec 18, 2018
e6fb0be
Refactored file type detection engine
n1474335 Dec 18, 2018
9829491
Merge branch 'master' into feature-extract-files
n1474335 Dec 20, 2018
8d3836c
Added support for a number of further file types and file detection m…
n1474335 Dec 21, 2018
321718d
Merge branch 'master' into feature-extract-files
n1474335 Dec 26, 2018
f355fe3
Merge branch 'feature-extract-files' of github.com:gchq/CyberChef int…
n1474335 Dec 26, 2018
f4f9b5c
Added 'isImage' and 'isType' functions
n1474335 Dec 26, 2018
7293073
Converted all previous file signatures to the new format.
n1474335 Dec 26, 2018
0198f05
Added and improved file signatures.
n1474335 Dec 27, 2018
fd07b89
Merge branch 'master' into feature-extract-files
n1474335 Dec 30, 2018
3ae225a
Untar operation now uses lib/Stream library
n1474335 Dec 30, 2018
ede7553
Added PNG and BMP extractors
n1474335 Dec 30, 2018
4c285bc
Refactored scanning for file types to be more than twice as fast.
n1474335 Jan 1, 2019
a56f92c
Significantly improved performance when scanning for embedded files b…
n1474335 Jan 2, 2019
cd0c86e
File scan now uses bytesMatch() instead of signatureMatches(), reduci…
n1474335 Jan 3, 2019
0449c46
Added FLV extractor.
n1474335 Jan 3, 2019
7d8d80c
Added extractor for MS Office 2007+ files
n1474335 Jan 3, 2019
0d2cb02
Fixed FLV previous tag size error
n1474335 Jan 4, 2019
19b7957
Added RTF extractor
n1474335 Jan 4, 2019
2a6db47
Began implementing GZIP/DEFLATE extraction. Unfinished.
n1474335 Jan 4, 2019
c077b22
Stream.readBits() method implemented. Unfinished.
n1474335 Jan 10, 2019
4e57b4b
Completed GZIP extraction
n1474335 Jan 11, 2019
2307325
Added Zlib extraction
n1474335 Jan 11, 2019
cd2c807
Added ELF extractor. You can now specific which categories to search …
n1474335 Jan 14, 2019
91f4681
Add rotate image operation
j433866 Feb 19, 2019
57e1061
Add Scale Image operation
j433866 Feb 19, 2019
eb8725a
Fix degrees error
j433866 Feb 19, 2019
1a2c5a9
Add resize image operation
j433866 Feb 19, 2019
01acefe
Remove scale image operation.
j433866 Feb 19, 2019
b691c30
Add dither image operation
j433866 Feb 20, 2019
74c2a2b
Add Invert Image operation
j433866 Feb 20, 2019
a0b94bb
Change run() functions to be async
j433866 Feb 20, 2019
0dd4304
Add new Blur Image operation.
j433866 Feb 20, 2019
fd160e8
Add image operations to Categories
j433866 Feb 20, 2019
da838e2
Add flip image operation
j433866 Feb 20, 2019
9f4aa0a
Remove trailing space
j433866 Feb 20, 2019
0d86a7e
Add resize algorithm option
j433866 Feb 20, 2019
6827826
Update libyara-wasm
mattnotmitt Feb 23, 2019
24a4744
Merge branch 'master' into feature-extract-files
n1474335 Mar 2, 2019
9fa7edf
Improved file extraction error handling
n1474335 Mar 2, 2019
7975fad
Add options for min, max and step values for number inputs.
j433866 Mar 4, 2019
7b6062a
Set min blur amount to 1, add status message for gaussian blur.
j433866 Mar 4, 2019
d09e608
Add min width and height values
j433866 Mar 4, 2019
f281a32
Add Wikipedia URLs
j433866 Mar 4, 2019
588a8b2
Fix code syntax
j433866 Mar 4, 2019
4f1a897
Add Crop Image operation
j433866 Mar 4, 2019
737ce99
Add image brightness / contrast operation
j433866 Mar 4, 2019
ec1fd7b
Add image opacity operation
j433866 Mar 4, 2019
514eef5
Add image filter operation
j433866 Mar 4, 2019
370ae32
Fix linting
j433866 Mar 5, 2019
662922b
Add resizing status message
j433866 Mar 6, 2019
833c1cd
Add Contain Image, Cover Image and Image Hue / Saturation / Lightness…
j433866 Mar 7, 2019
4a7ea46
Add status messages for image operations
j433866 Mar 7, 2019
1031429
Add error handling
j433866 Mar 7, 2019
0c9db5a
Fix typo
j433866 Mar 7, 2019
2b53806
Fix fork operation not setting ingredient values correctly.
j433866 Mar 7, 2019
d923c99
Fix same bug in subsection
j433866 Mar 7, 2019
360effb
Merge branch 'j433866-fork-fix'
n1474335 Mar 9, 2019
58d41f4
8.24.3
n1474335 Mar 9, 2019
84d31c1
Added 'Move to input' button to output file list. Improved zlib extra…
n1474335 Mar 9, 2019
dcb59ed
Merge branch 'feature-extract-files'
n1474335 Mar 9, 2019
d2d30bf
8.25.0
n1474335 Mar 9, 2019
369b640
Merge branch 'master' into j433866-image-operations
n1474335 Mar 9, 2019
e10d4bf
Tidied up image manipulation ops
n1474335 Mar 9, 2019
45c1c23
Merge branch 'j433866-image-operations'
n1474335 Mar 9, 2019
e8880f0
8.26.0
n1474335 Mar 9, 2019
c2e130f
Update disassembler
mattnotmitt Mar 10, 2019
3412372
Added support for non-prefixed default namespace selectors
MShwed Mar 10, 2019
432d5b4
Fix some misspellings
mattnotmitt Mar 10, 2019
978bf75
Merge branch 'bugs/disassembler' of https://github.com/artemisbot/Cyb…
n1474335 Mar 11, 2019
b99f739
Merge branch 'artemisbot-bugs/disassembler'
n1474335 Mar 11, 2019
c1bb42f
8.26.1
n1474335 Mar 11, 2019
8e3425e
Merge branch 'bugs/xpath-namespace-prefix-fix' of https://github.com/…
n1474335 Mar 11, 2019
90ddc2b
Merge branch 'MShwed-bugs/xpath-namespace-prefix-fix'
n1474335 Mar 11, 2019
7b3efa7
8.26.2
n1474335 Mar 11, 2019
6f45d33
Fix disassembler issue
mattnotmitt Mar 11, 2019
80bdf74
Merge branch 'artemisbot-bugs/disassembler-fix'
n1474335 Mar 11, 2019
981d4be
8.26.3
n1474335 Mar 11, 2019
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
97 changes: 68 additions & 29 deletions src/core/vendor/DisassembleX86-64.mjs
Original file line number Diff line number Diff line change
@@ -1,3 +1,31 @@
/*-------------------------------------------------------------------------------------------------------------------------
Created by Damian Recoskie (https://github.com/Recoskie/X86-64-Disassembler-JS)
& exported for CyberChef by Matt [me@mitt.dev]
---------------------------------------------------------------------------------------------------------------------------
MIT License

Copyright (c) 2019 Damian Recoskie

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
-------------------------------------------------------------------------------------------------------------------------*/


/*-------------------------------------------------------------------------------------------------------------------------
Binary byte code array.
---------------------------------------------------------------------------------------------------------------------------
@@ -3525,7 +3553,7 @@ export function LoadBinCode( HexStr )

var len = HexStr.length;

for( var i = 0, el = 0, Sing = 0, int32 = 0; i < len; i += 8 )
for( var i = 0, el = 0, Sign = 0, int32 = 0; i < len; i += 8 )
{
//It is faster to read 8 hex digits at a time if possible.

@@ -3541,22 +3569,22 @@ export function LoadBinCode( HexStr )

//The variable sing corrects the unusable sing bits during the 4 byte rotation algorithm.

Sing = int32;
Sign = int32;

//Remove the Sing bit value if active for when the number is changed to int32 during rotation.
//Remove the Sign bit value if active for when the number is changed to int32 during rotation.

int32 ^= int32 & 0x80000000;

//Rotate the 32 bit int so that each number is put in order in the BinCode array. Add the Sing Bit positions back though each rotation.
//Rotate the 32 bit int so that each number is put in order in the BinCode array. Add the Sign Bit positions back though each rotation.

int32 = ( int32 >> 24 ) | ( ( int32 << 8 ) & 0x7FFFFFFF );
BinCode[el++] = ( ( ( Sing >> 24 ) & 0x80 ) | int32 ) & 0xFF;
BinCode[el++] = ( ( ( Sign >> 24 ) & 0x80 ) | int32 ) & 0xFF;
int32 = ( int32 >> 24 ) | ( ( int32 << 8 ) & 0x7FFFFFFF );
BinCode[el++] = ( ( ( Sing >> 16 ) & 0x80 ) | int32 ) & 0xFF;
BinCode[el++] = ( ( ( Sign >> 16 ) & 0x80 ) | int32 ) & 0xFF;
int32 = ( int32 >> 24 ) | ( ( int32 << 8 ) & 0x7FFFFFFF );
BinCode[el++] = ( ( ( Sing >> 8 ) & 0x80 ) | int32 ) & 0xFF;
BinCode[el++] = ( ( ( Sign >> 8 ) & 0x80 ) | int32 ) & 0xFF;
int32 = ( int32 >> 24 ) | ( ( int32 << 8 ) & 0x7FFFFFFF );
BinCode[el++] = ( ( Sing & 0x80 ) | int32 ) & 0xFF;
BinCode[el++] = ( ( Sign & 0x80 ) | int32 ) & 0xFF;
}

//Remove elements past the Number of bytes in HexStr because int 32 is always 4 bytes it is possible to end in an uneven number.
@@ -3585,7 +3613,6 @@ function NextByte()
if ( CodePos < BinCode.length ) //If not out of bounds.
{
//Convert current byte to String, and pad.
var t;

( ( t = BinCode[CodePos++].toString(16) ).length === 1) && ( t = "0" + t );

@@ -3947,11 +3974,11 @@ function DecodeImmediate( type, BySize, SizeSetting )

var Pad32 = 0, Pad64 = 0;

//*Initialize the Sing value that is only set for Negative, or Positive Relative displacements.
//*Initialize the Sign value that is only set for Negative, or Positive Relative displacements.

var Sing = 0;
var Sign = 0;

//*Initialize the Sing Extend variable size as 0 Some Immediate numbers Sing extend.
//*Initialize the Sign Extend variable size as 0 Some Immediate numbers Sign extend.

var Extend = 0;

@@ -4017,21 +4044,33 @@ function DecodeImmediate( type, BySize, SizeSetting )

Pad32 = ( Math.min( BitMode, 1 ) << 2 ) + 4; Pad64 = Math.max( Math.min( BitMode, 2 ), 1 ) << 3;

//Add the 32 bit section to V32.

var C64 = 0; V32 += Pos32;

//If bit mode is 16 bits only the first 16 bits are used, or if Size Attribute is 16 bit.

( BitMode <= 0 || SizeAttrSelect <= 0 ) && ( V32 &= 0xFFFF );

//Adjust the 32 bit relative address section if it was not cropped to 16 bit's.
//Carry bit to 64 bit section.

var C64 = 0;

//Relative size.

var n = Math.min( 0x100000000, Math.pow( 2, 4 << ( S + 1 ) ) );

//Sign bit adjust.

if( V32 >= ( n >> 1 ) ) { V32 -= n; }

//Add position.

V32 += Pos32;

//Remove carry bit and add it to C64.

( C64 = ( ( V32 ) > 0xFFFFFFFF ) ) && ( V32 -= 0x100000000 );
( C64 = ( ( V32 ) >= 0x100000000 ) ) && ( V32 -= 0x100000000 );

//Do not carry to 64 if address is 32, and below.

if ( S <= 2 ) { C64 = false; }

//Add the 64 bit address section if in 64 bit mode, or higher.
//Add the 64 bit position plus carry.

( BitMode >= 2 ) && ( ( V64 += Pos64 + C64 ) > 0xFFFFFFFF ) && ( V64 -= 0x100000000 );
( ( V64 += Pos64 + C64 ) > 0xFFFFFFFF ) && ( V64 -= 0x100000000 );
}

/*---------------------------------------------------------------------------------------------------------------------------
@@ -4052,9 +4091,9 @@ function DecodeImmediate( type, BySize, SizeSetting )

var Center = 2 * ( 1 << ( n << 3 ) - 2 );

//By default the Sing is Positive.
//By default the Sign is Positive.

Sing = 1;
Sign = 1;

/*-------------------------------------------------------------------------------------------------------------------------
Calculate the VSIB displacement size if it is a VSIB Disp8.
@@ -4074,9 +4113,9 @@ function DecodeImmediate( type, BySize, SizeSetting )

V32 = Center * 2 - V32;

//The Sing is negative.
//The Sign is negative.

Sing = 2;
Sign = 2;
}
}

@@ -4110,7 +4149,7 @@ function DecodeImmediate( type, BySize, SizeSetting )

//*Return the Imm.

return ( ( Sing > 0 ? ( Sing > 1 ? "-" : "+" ) : "" ) + Imm.toUpperCase() );
return ( ( Sign > 0 ? ( Sign > 1 ? "-" : "+" ) : "" ) + Imm.toUpperCase() );

}