fix: hook

Author: CC11001100

src/analyzer/param-encryption-analyzer.js

@@ -1,105 +1,104 @@
 /**
- * 分析参数加密
+ * 参数加密分析器类，用于检测输入参数的加密类型。
  */
 class ParamEncryptionAnalyzer {
 
     /**
-     *
-     * @param param {Param}
+     * 分析参数的加密类型。
+     * @param {Param} param - 需要分析的参数对象，包含一个 `value` 属性。
+     * @returns {string|null} 返回检测到的加密类型，如果无法识别则返回 `null`。
      */
     analyze(param) {
         return this.detectEncryptionType(param.value);
     }
 
+    /**
+     * 检测输入字符串的加密类型。
+     * @param {string} input - 需要检测的输入字符串。
+     * @returns {string|null} 返回检测到的加密类型，如果无法识别则返回 `null`。
+     */
     detectEncryptionType(input) {
-        // Base64
-        const base64Regex = /^[A-Za-z0-9+/]+={0,2}$/;
-        if (base64Regex.test(input) && input.length % 4 === 0) {
-            return "Base64";
+
+        // 如果输入为空，直接返回 null
+        if (!input) {
+            return null;
         }
 
-        // MD5
+        // // Base64 编码检测
+        // const base64Regex = /^[A-Za-z0-9+/]+={0,2}$/;
+        // if (base64Regex.test(input) && input.length % 4 === 0) {
+        //     return "Base64";
+        // }
+
+        // MD5 哈希检测
         const md5Regex = /^[a-f0-9]{32}$/i;
         if (md5Regex.test(input)) {
             return "MD5";
         }
 
-        // SHA-1
+        // SHA-1 哈希检测
         const sha1Regex = /^[a-f0-9]{40}$/i;
         if (sha1Regex.test(input)) {
             return "SHA-1";
         }
 
-        // SHA-256
+        // SHA-256 哈希检测
         const sha256Regex = /^[a-f0-9]{64}$/i;
         if (sha256Regex.test(input)) {
             return "SHA-256";
         }
 
-        // SHA-512
+        // SHA-512 哈希检测
         const sha512Regex = /^[a-f0-9]{128}$/i;
         if (sha512Regex.test(input)) {
             return "SHA-512";
         }
 
-        // bcrypt
+        // bcrypt 哈希检测
         const bcryptRegex = /^\$2[aby]\$\d{2}\$[.\/A-Za-z0-9]{53}$/;
         if (bcryptRegex.test(input)) {
             return "bcrypt";
         }
 
-        // URL编码
-        const urlEncodedRegex = /%[0-9A-Fa-f]{2}/;
-        if (urlEncodedRegex.test(input)) {
-            return "URL Encoded";
-        }
-
-        // Hex编码
-        const hexRegex = /^[0-9A-Fa-f]+$/;
-        if (hexRegex.test(input) && input.length % 2 === 0) {
-            return "Hex Encoded";
-        }
-
-        // ROT13
-        const rot13Regex = /^[A-Za-z]+$/;
-        if (rot13Regex.test(input) && input === input.replace(/[A-Za-z]/g, function (c) {
-            return String.fromCharCode(c.charCodeAt(0) + (c.toLowerCase() < 'n' ? 13 : -13));
-        })) {
-            return "ROT13";
-        }
-
-        // JWT
-        const jwtRegex = /^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]*$/;
-        if (jwtRegex.test(input)) {
-            return "JWT";
-        }
-
-        // UUID
+        // // URL 编码检测
+        // const urlEncodedRegex = /%[0-9A-Fa-f]{2}/;
+        // if (urlEncodedRegex.test(input)) {
+        //     return "URL Encoded";
+        // }
+        //
+        // // Hex 编码检测
+        // const hexRegex = /^[0-9A-Fa-f]+$/;
+        // if (hexRegex.test(input) && input.length % 2 === 0) {
+        //     return "Hex Encoded";
+        // }
+
+        // // ROT13 编码检测
+        // const rot13Regex = /^[A-Za-z]+$/;
+        // if (rot13Regex.test(input) && input === input.replace(/[A-Za-z]/g, function (c) {
+        //     return String.fromCharCode(c.charCodeAt(0) + (c.toLowerCase() < 'n' ? 13 : -13));
+        // })) {
+        //     return "ROT13";
+        // }
+
+        // // JWT (JSON Web Token) 检测
+        // const jwtRegex = /^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]*$/;
+        // if (jwtRegex.test(input)) {
+        //     return "JWT";
+        // }
+
+        // UUID 检测
         const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
         if (uuidRegex.test(input)) {
             return "UUID";
         }
 
-        // 如果都不匹配，返回未知
+        // 如果以上所有加密类型都不匹配，返回 null 表示未知加密类型
         return null;
     }
 
-// // 测试示例
-//     console.log(detectEncryptionType("SGVsbG8gV29ybGQ=")); // Base64
-//     console.log(detectEncryptionType("5d41402abc4b2a76b9719d911017c592")); // MD5
-//     console.log(detectEncryptionType("2fd4e1c67a2d28fced849ee1bb76e7391b93eb12")); // SHA-1
-//     console.log(detectEncryptionType("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")); // SHA-256
-//     console.log(detectEncryptionType("$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy")); // bcrypt
-//     console.log(detectEncryptionType("Hello%20World")); // URL Encoded
-//     console.log(detectEncryptionType("48656c6c6f20576f726c64")); // Hex Encoded
-//     console.log(detectEncryptionType("Uryyb Jbeyq")); // ROT13
-//     console.log(detectEncryptionType("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c")); // JWT
-//     console.log(detectEncryptionType("550e8400-e29b-41d4-a716-446655440000")); // UUID
-//     console.log(detectEncryptionType("randomstring")); // Unknown Encryption Type
-
 }
 
-
+// 导出 ParamEncryptionAnalyzer 类
 module.exports = {
     ParamEncryptionAnalyzer
 }

src/analyzer/request-analyzer.js

@@ -1,4 +1,5 @@
 const {getUnsafeWindow} = require("../utils/scope-util");
+const {ParamEncryptionAnalyzer} = require("./param-encryption-analyzer");
 
 /**
  * 分析请求中的jsonp情况，主要是看一下是否存在jsonp参数，并将其识别出来
@@ -10,16 +11,24 @@ class RequestAnalyzer {
      * @param requestContext {RequestContext}
      */
     analyze(requestContext) {
+
         if (!requestContext.params) {
             return null;
         }
-        requestContext.params = this.computeParamsJsonpCallbackScore(requestContext.params);
 
+        // 自动推断出jsonp参数
+        requestContext.params = this.computeParamsJsonpCallbackScore(requestContext.params);
         // 选出其中可能性最大的一个参数作为jsonp callback参数
         if (requestContext.params && requestContext.params.length && requestContext.params[0].jsonpCallbackScore > 0) {
             requestContext.params[0].isJsonpCallback = true;
         }
 
+        // 推断参数加密方式
+        const paramEncryptionAnalyzer = new ParamEncryptionAnalyzer();
+        for (let param of requestContext.params) {
+            param.encryptType = paramEncryptionAnalyzer.analyze(param);
+        }
+
     }
 
     /**

src/config/ui/component/configuration-component.js

@@ -4,7 +4,7 @@ const {getGlobalConfig} = require("../../config");
 const {getLanguage} = require("./language");
 
 /**
- * 使用之前要签署用户协议
+ * 配置组件
  */
 class ConfigurationComponent {
 

src/context/request/param.js

@@ -24,6 +24,8 @@ class Param {
         // 此参数是 JSONP 的 callback 参数的可能性有多大（用于评分）
         this.jsonpCallbackScore = 0;
 
+        // 参数的加密类型
+        this.encryptType = null;
     }
 
     /**

src/context/request/request-context.js

@@ -1,4 +1,5 @@
 const {repeat} = require("../../utils/string-util");
+const {Param} = require("./param");
 
 /**
  * 用于封装请求的上下文，包含从 URL 中解析出的各种信息。

src/formatter/request-formatter.js

@@ -70,24 +70,32 @@ class RequestFormatter {
 
         // 示例数据
         const data = [
-            ['名称', '值'],
-            [language.console.time, new Date().toLocaleString()],
-            [language.console.requestId, scriptContext.requestId],
-            [language.console.isJsonpRequest, scriptContext.isJsonp()],
-            [language.console.hostname, requestContext.hostname],
-            [language.console.path, requestContext.path],
-            [language.console.hash, requestContext.hash],
+            // TODO 2025-01-08 01:28:26 国际化
+            ["名称", "值", "备注"],
+            [language.console.time, new Date().toLocaleString(), ""],
+            [language.console.requestId, scriptContext.requestId, ""],
+            [language.console.isJsonpRequest, scriptContext.isJsonp(), ""],
+            [language.console.hostname, requestContext.hostname, ""],
+            [language.console.path, requestContext.path, ""],
+            [language.console.hash, requestContext.hash, ""],
             // [language.console.param, requestContext.params.length],
         ];
 
         let index = 1;
         for (let param of requestContext.params) {
+
             const name = `${language.console.param}(${index++}) ${param.name}`;
+
             let value = `${param.value}`;
+
+            let attribute = "";
             if (param.isJsonpCallback) {
-                value += "(jsonp callback)"
+                attribute = "jsonp callback";
+            } else if (param.encryptType) {
+                attribute = param.encryptType;
             }
-            data.push([name, value]);
+
+            data.push([name, value, attribute]);
         }
 
         // 示例样式

src/hook/jsonp-callback-hook.js

@@ -46,10 +46,11 @@ class JsonpCallbackHook {
         const hook = new ObjectFunctionHook(getUnsafeWindow(), jsonpCallbackFunctionName);
         if (getGlobalConfig().hookType === "use-redeclare-function") {
             hook.hookType = hookTypeUseDeclareFunction;
-            hook.addHook(this.callbackForDeclareFunction(_this), true);
+            hook.addHook(this.callbackForDeclareFunction(_this));
         } else if (getGlobalConfig().hookType === "use-proxy-function") {
             hook.hookType = hookTypeUseProxyFunction;
-            hook.addHook(this.callbackForProxyFunction(_this), true);
+            hook.callByHookCallbackFunction = true;
+            hook.addHook(this.callbackForProxyFunction(_this));
         }
     }
 

src/hook/object-function-hook.js

@@ -32,9 +32,8 @@ class ObjectFunctionHook {
     /**
      *
      * @param hookCallbackFunction
-     * @param callByHookCallbackFunction {boolean}
      */
-    addHook(hookCallbackFunction, callByHookCallbackFunction = false) {
+    addHook(hookCallbackFunction) {
 
         // 要Hook的函数必须存在
         const functionHolder = this.object[this.functionName];

src/hook/script-hook.js

@@ -1,14 +1,8 @@
-const Debugger = require("../debugger/debugger");
-const {JsonpCallbackFunctionAnalyzer} = require("../analyzer/response-analyzer");
 const {ScriptContext} = require("../context/script/script-context");
 const {RequestContext} = require("../context/request/request-context");
 const {RequestAnalyzer} = require("../analyzer/request-analyzer");
 const {getGlobalConfig} = require("../config/config");
 const {RequestFormatter} = require("../formatter/request-formatter");
-const {getUnsafeWindow} = require("../utils/scope-util");
-const {ObjectFunctionHook} = require("./object-function-hook");
-const {ResponseContext} = require("../context/response/response-context");
-const {ResponseFormatter} = require("../formatter/response-formatter");
 const {JsonpCallbackHook} = require("./jsonp-callback-hook");
 const {formatScriptSrcToUrl} = require("../utils/url-util");
 const {DebuggerTester} = require("../debugger/debugger-tester");
@@ -51,7 +45,7 @@ class ScriptHook {
                     // 在请求发送之前测试断点
                     if (new DebuggerTester().isNeedPrintToConsole(getGlobalConfig(), scriptContext)) {
                         const requestFormatter = new RequestFormatter();
-                        console.log(requestFormatter.format(scriptContext));
+                        requestFormatter.format(scriptContext)
                     }
 
                     const hitDebuggers = getGlobalConfig().testAll(scriptContext);