mirror of
https://github.com/gchq/CyberChef
synced 2025-01-10 03:28:48 +00:00
Added detection patterns for X.509 certs, Morse Code, Tar, images and BCD.
This commit is contained in:
n1474335
parent
615a020469
commit
b035f6c410
2 changed files with 36 additions and 33 deletions
|
|
@ -3618,12 +3618,12 @@ const OperationConfig = {
|
||||||
value: PublicKey.X509_INPUT_FORMAT
|
value: PublicKey.X509_INPUT_FORMAT
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
patterns: [ // TODO
|
patterns: [
|
||||||
//{
|
{
|
||||||
// match: "^$",
|
match: "^-+BEGIN CERTIFICATE-+\\r?\\n[\\da-z+/\\n\\r]+-+END CERTIFICATE-+\\r?\\n?$",
|
||||||
// flags: "",
|
flags: "i",
|
||||||
// args: []
|
args: ["PEM"]
|
||||||
//},
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"PEM to Hex": {
|
"PEM to Hex": {
|
||||||
|
|
@ -3896,12 +3896,12 @@ const OperationConfig = {
|
||||||
value: MorseCode.WORD_DELIM_OPTIONS
|
value: MorseCode.WORD_DELIM_OPTIONS
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
patterns: [ // TODO
|
patterns: [
|
||||||
//{
|
{
|
||||||
// match: "^$",
|
match: "(?:^[-. \\n]{5,}$|^[_. \\n]{5,}$|^(?:dash|dot| |\\n){5,}$)",
|
||||||
// flags: "",
|
flags: "i",
|
||||||
// args: []
|
args: ["Space", "Line feed"]
|
||||||
//},
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"Tar": {
|
"Tar": {
|
||||||
|
|
@ -3922,14 +3922,13 @@ const OperationConfig = {
|
||||||
description: "Unpacks a tarball and displays it per file.",
|
description: "Unpacks a tarball and displays it per file.",
|
||||||
inputType: "byteArray",
|
inputType: "byteArray",
|
||||||
outputType: "html",
|
outputType: "html",
|
||||||
args: [
|
args: [],
|
||||||
],
|
patterns: [
|
||||||
patterns: [ // TODO
|
{
|
||||||
//{
|
match: "^.{257}\\x75\\x73\\x74\\x61\\x72",
|
||||||
// match: "^$",
|
flags: "",
|
||||||
// flags: "",
|
args: []
|
||||||
// args: []
|
},
|
||||||
//},
|
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"Head": {
|
"Head": {
|
||||||
|
|
@ -4072,12 +4071,12 @@ const OperationConfig = {
|
||||||
value: Image.INPUT_FORMAT
|
value: Image.INPUT_FORMAT
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
patterns: [ // TODO
|
patterns: [
|
||||||
//{
|
{
|
||||||
// match: "^$",
|
match: "^(?:\\xff\\xd8\\xff|\\x89\\x50\\x4e\\x47|\\x47\\x49\\x46|.{8}\\x57\\x45\\x42\\x50|\\x42\\x4d)",
|
||||||
// flags: "",
|
flags: "",
|
||||||
// args: []
|
args: ["Raw"]
|
||||||
//},
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"Remove EXIF": {
|
"Remove EXIF": {
|
||||||
|
|
@ -4160,12 +4159,12 @@ const OperationConfig = {
|
||||||
value: BCD.FORMAT
|
value: BCD.FORMAT
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
patterns: [ // TODO
|
patterns: [
|
||||||
//{
|
{
|
||||||
// match: "^$",
|
match: "^(?:\\d{4} ){3,}\\d{4}$",
|
||||||
// flags: "",
|
flags: "",
|
||||||
// args: []
|
args: ["8 4 2 1", true, false, "Nibbles"]
|
||||||
//},
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"To BCD": {
|
"To BCD": {
|
||||||
|
|
|
||||||
|
|
@ -60,7 +60,7 @@ const PublicKey = {
|
||||||
pkStr = "",
|
pkStr = "",
|
||||||
sig = cert.getSignatureValueHex(),
|
sig = cert.getSignatureValueHex(),
|
||||||
sigStr = "",
|
sigStr = "",
|
||||||
extensions = cert.getInfo().split("X509v3 Extensions:\n")[1].split("signature")[0];
|
extensions = "";
|
||||||
|
|
||||||
// Public Key fields
|
// Public Key fields
|
||||||
pkFields.push({
|
pkFields.push({
|
||||||
|
|
@ -142,6 +142,10 @@ const PublicKey = {
|
||||||
sigStr = " Signature: " + PublicKey._formatByteStr(sig, 16, 18);
|
sigStr = " Signature: " + PublicKey._formatByteStr(sig, 16, 18);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Extensions
|
||||||
|
try {
|
||||||
|
extensions = cert.getInfo().split("X509v3 Extensions:\n")[1].split("signature")[0];
|
||||||
|
} catch (err) {}
|
||||||
|
|
||||||
let issuerStr = PublicKey._formatDnStr(issuer, 2),
|
let issuerStr = PublicKey._formatDnStr(issuer, 2),
|
||||||
nbDate = PublicKey._formatDate(cert.getNotBefore()),
|
nbDate = PublicKey._formatDate(cert.getNotBefore()),
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue