Skip to content

Commit 33bea1d

Browse files
CC11001100CC11001100
authored
Merge pull request #26 from JSREI/dev
refactor
2 parents 1fcbf16 + a973855 commit 33bea1d

18 files changed

+314
-313
lines changed

src/analyzer/param-encryption-analyzer.js

Lines changed: 53 additions & 54 deletions
Original file line numberDiff line numberDiff line change
@@ -1,105 +1,104 @@
11
/**
2-
* 分析参数加密
2+
* 参数加密分析器类,用于检测输入参数的加密类型。
33
*/
44
class ParamEncryptionAnalyzer {
55

66
/**
7-
*
8-
* @param param {Param}
7+
* 分析参数的加密类型。
8+
* @param {Param} param - 需要分析的参数对象,包含一个 `value` 属性。
9+
* @returns {string|null} 返回检测到的加密类型,如果无法识别则返回 `null`。
910
*/
1011
analyze(param) {
1112
return this.detectEncryptionType(param.value);
1213
}
1314

15+
/**
16+
* 检测输入字符串的加密类型。
17+
* @param {string} input - 需要检测的输入字符串。
18+
* @returns {string|null} 返回检测到的加密类型,如果无法识别则返回 `null`。
19+
*/
1420
detectEncryptionType(input) {
15-
// Base64
16-
const base64Regex = /^[A-Za-z0-9+/]+={0,2}$/;
17-
if (base64Regex.test(input) && input.length % 4 === 0) {
18-
return "Base64";
21+
22+
// 如果输入为空,直接返回 null
23+
if (!input) {
24+
return null;
1925
}
2026

21-
// MD5
27+
// // Base64 编码检测
28+
// const base64Regex = /^[A-Za-z0-9+/]+={0,2}$/;
29+
// if (base64Regex.test(input) && input.length % 4 === 0) {
30+
// return "Base64";
31+
// }
32+
33+
// MD5 哈希检测
2234
const md5Regex = /^[a-f0-9]{32}$/i;
2335
if (md5Regex.test(input)) {
2436
return "MD5";
2537
}
2638

27-
// SHA-1
39+
// SHA-1 哈希检测
2840
const sha1Regex = /^[a-f0-9]{40}$/i;
2941
if (sha1Regex.test(input)) {
3042
return "SHA-1";
3143
}
3244

33-
// SHA-256
45+
// SHA-256 哈希检测
3446
const sha256Regex = /^[a-f0-9]{64}$/i;
3547
if (sha256Regex.test(input)) {
3648
return "SHA-256";
3749
}
3850

39-
// SHA-512
51+
// SHA-512 哈希检测
4052
const sha512Regex = /^[a-f0-9]{128}$/i;
4153
if (sha512Regex.test(input)) {
4254
return "SHA-512";
4355
}
4456

45-
// bcrypt
57+
// bcrypt 哈希检测
4658
const bcryptRegex = /^\$2[aby]\$\d{2}\$[.\/A-Za-z0-9]{53}$/;
4759
if (bcryptRegex.test(input)) {
4860
return "bcrypt";
4961
}
5062

51-
// URL编码
52-
const urlEncodedRegex = /%[0-9A-Fa-f]{2}/;
53-
if (urlEncodedRegex.test(input)) {
54-
return "URL Encoded";
55-
}
56-
57-
// Hex编码
58-
const hexRegex = /^[0-9A-Fa-f]+$/;
59-
if (hexRegex.test(input) && input.length % 2 === 0) {
60-
return "Hex Encoded";
61-
}
62-
63-
// ROT13
64-
const rot13Regex = /^[A-Za-z]+$/;
65-
if (rot13Regex.test(input) && input === input.replace(/[A-Za-z]/g, function (c) {
66-
return String.fromCharCode(c.charCodeAt(0) + (c.toLowerCase() < 'n' ? 13 : -13));
67-
})) {
68-
return "ROT13";
69-
}
70-
71-
// JWT
72-
const jwtRegex = /^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]*$/;
73-
if (jwtRegex.test(input)) {
74-
return "JWT";
75-
}
76-
77-
// UUID
63+
// // URL 编码检测
64+
// const urlEncodedRegex = /%[0-9A-Fa-f]{2}/;
65+
// if (urlEncodedRegex.test(input)) {
66+
// return "URL Encoded";
67+
// }
68+
//
69+
// // Hex 编码检测
70+
// const hexRegex = /^[0-9A-Fa-f]+$/;
71+
// if (hexRegex.test(input) && input.length % 2 === 0) {
72+
// return "Hex Encoded";
73+
// }
74+
75+
// // ROT13 编码检测
76+
// const rot13Regex = /^[A-Za-z]+$/;
77+
// if (rot13Regex.test(input) && input === input.replace(/[A-Za-z]/g, function (c) {
78+
// return String.fromCharCode(c.charCodeAt(0) + (c.toLowerCase() < 'n' ? 13 : -13));
79+
// })) {
80+
// return "ROT13";
81+
// }
82+
83+
// // JWT (JSON Web Token) 检测
84+
// const jwtRegex = /^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]*$/;
85+
// if (jwtRegex.test(input)) {
86+
// return "JWT";
87+
// }
88+
89+
// UUID 检测
7890
const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
7991
if (uuidRegex.test(input)) {
8092
return "UUID";
8193
}
8294

83-
// 如果都不匹配,返回未知
95+
// 如果以上所有加密类型都不匹配,返回 null 表示未知加密类型
8496
return null;
8597
}
8698

87-
// // 测试示例
88-
// console.log(detectEncryptionType("SGVsbG8gV29ybGQ=")); // Base64
89-
// console.log(detectEncryptionType("5d41402abc4b2a76b9719d911017c592")); // MD5
90-
// console.log(detectEncryptionType("2fd4e1c67a2d28fced849ee1bb76e7391b93eb12")); // SHA-1
91-
// console.log(detectEncryptionType("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")); // SHA-256
92-
// console.log(detectEncryptionType("$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy")); // bcrypt
93-
// console.log(detectEncryptionType("Hello%20World")); // URL Encoded
94-
// console.log(detectEncryptionType("48656c6c6f20576f726c64")); // Hex Encoded
95-
// console.log(detectEncryptionType("Uryyb Jbeyq")); // ROT13
96-
// console.log(detectEncryptionType("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c")); // JWT
97-
// console.log(detectEncryptionType("550e8400-e29b-41d4-a716-446655440000")); // UUID
98-
// console.log(detectEncryptionType("randomstring")); // Unknown Encryption Type
99-
10099
}
101100

102-
101+
// 导出 ParamEncryptionAnalyzer 类
103102
module.exports = {
104103
ParamEncryptionAnalyzer
105104
}

src/analyzer/request-analyzer.js

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
const {getUnsafeWindow} = require("../utils/scope-util");
2+
const {ParamEncryptionAnalyzer} = require("./param-encryption-analyzer");
23

34
/**
45
* 分析请求中的jsonp情况,主要是看一下是否存在jsonp参数,并将其识别出来
@@ -10,16 +11,24 @@ class RequestAnalyzer {
1011
* @param requestContext {RequestContext}
1112
*/
1213
analyze(requestContext) {
14+
1315
if (!requestContext.params) {
1416
return null;
1517
}
16-
requestContext.params = this.computeParamsJsonpCallbackScore(requestContext.params);
1718

19+
// 自动推断出jsonp参数
20+
requestContext.params = this.computeParamsJsonpCallbackScore(requestContext.params);
1821
// 选出其中可能性最大的一个参数作为jsonp callback参数
1922
if (requestContext.params && requestContext.params.length && requestContext.params[0].jsonpCallbackScore > 0) {
2023
requestContext.params[0].isJsonpCallback = true;
2124
}
2225

26+
// 推断参数加密方式
27+
const paramEncryptionAnalyzer = new ParamEncryptionAnalyzer();
28+
for (let param of requestContext.params) {
29+
param.encryptType = paramEncryptionAnalyzer.analyze(param);
30+
}
31+
2332
}
2433

2534
/**

src/config/config.js

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,15 +13,15 @@ class Config {
1313
this.language = "english";
1414

1515
// 让用户能够自己指定前缀,也许会有一些拥有感?之前ast hook好像就有个哥们喜欢这样干...
16-
this.prefix = "CC11001100";
16+
this.prefix = "JSREI";
1717

1818
this.hookType = "use-proxy-function";
1919

2020
// 是否忽略.js后缀的请求
21-
this.isIgnoreJsSuffixRequest = true;
21+
this.isIgnoreJsSuffixRequest = false;
2222

2323
// 是否忽略不是jsonp的请求
24-
this.isIgnoreNotJsonpRequest = true;
24+
this.isIgnoreNotJsonpRequest = false;
2525

2626
// 在打开配置页面的时候自动跳转到项目主页
2727
this.autoJumpProjectSiteOnConfiguraion = true;

src/config/ui/component/configuration-component.js

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -4,15 +4,15 @@ const {getGlobalConfig} = require("../../config");
44
const {getLanguage} = require("./language");
55

66
/**
7-
* 使用之前要签署用户协议
7+
* 配置组件
88
*/
99
class ConfigurationComponent {
1010

1111
constructor() {
1212
this.modalHTML = `
13-
<div id="cc11001100-js-script-hook-configuration-modal-window" style="display:none !important; position:fixed !important; left:0 !important; top:0 !important; width:100% !important; height:100% !important; background-color:rgba(0,0,0,0.85) !important; z-index:2147483646 !important; overflow-y:auto !important;">
13+
<div id="jsrei-js-script-hook-configuration-modal-window" style="display:none !important; position:fixed !important; left:0 !important; top:0 !important; width:100% !important; height:100% !important; background-color:rgba(0,0,0,0.85) !important; z-index:2147483646 !important; overflow-y:auto !important;">
1414
<div class="js-script-hook-scrollable-div" style="display: flex; width: 930px !important; text-align: center !important; padding: 30px !important; margin: 10px !important; position:absolute !important; left:50% !important; top:50% !important; transform:translate(-50%, -50%) !important; background:white !important; border-radius:5px !important; box-shadow: 0 4px 8px rgba(0,0,0,0.1) !important; max-width:80% !important; text-align:center !important; z-index:99999999999; !important">
15-
<button id="cc11001100-js-script-hook-configuration-close-btn" style="position:absolute; right:8px; top:8px; cursor:pointer; padding:3px 6px; border:none; background-color:#f44336; color:white; border-radius:50%; font-size:10px;">×</button>
15+
<button id="jsrei-js-script-hook-configuration-close-btn" style="position:absolute; right:8px; top:8px; cursor:pointer; padding:3px 6px; border:none; background-color:#f44336; color:white; border-radius:50%; font-size:10px;">×</button>
1616
<div id="js-script-hook-configuration-content" style="color: black;"></div>
1717
</div>
1818
</div>
@@ -39,15 +39,15 @@ class ConfigurationComponent {
3939
$("#js-script-hook-configuration-content").append(debuggerManager.render(language, getGlobalConfig().debuggers));
4040

4141
// 关闭按钮事件处理
42-
document.getElementById("cc11001100-js-script-hook-configuration-close-btn").addEventListener('click', this.closeModalWindow);
43-
document.getElementById("cc11001100-js-script-hook-configuration-modal-window").style.display = 'flex';
42+
document.getElementById("jsrei-js-script-hook-configuration-close-btn").addEventListener('click', this.closeModalWindow);
43+
document.getElementById("jsrei-js-script-hook-configuration-modal-window").style.display = 'flex';
4444
}
4545

4646
/**
4747
* 隐藏模态框的函数
4848
*/
4949
closeModalWindow() {
50-
const element = document.getElementById("cc11001100-js-script-hook-configuration-modal-window");
50+
const element = document.getElementById("jsrei-js-script-hook-configuration-modal-window");
5151
if (element) {
5252
element.parentNode.removeChild(element);
5353
}

0 commit comments

Comments
 (0)