Merge branch 'bwhitn-vbe'

n1474335 · n1474335 · commit f2d8f930fb4e · 2017-08-30T15:57:18.000Z
diff --git a/src/core/config/Categories.js b/src/core/config/Categories.js
@@ -282,6 +282,7 @@ const Categories = [
             "XPath expression",
             "JPath expression",
             "CSS selector",
+            "Microsoft Script Decoder",
             "Strip HTML tags",
             "Diff",
             "To Snake case",
diff --git a/src/core/config/OperationConfig.js b/src/core/config/OperationConfig.js
@@ -25,6 +25,7 @@ import IP from "../operations/IP.js";
 import JS from "../operations/JS.js";
 import MAC from "../operations/MAC.js";
 import MorseCode from "../operations/MorseCode.js";
+import MS from "../operations/MS.js";
 import NetBIOS from "../operations/NetBIOS.js";
 import Numberwang from "../operations/Numberwang.js";
 import OS from "../operations/OS.js";
@@ -520,6 +521,7 @@ const OperationConfig = {
             }
         ]
     },
+
     "To Charcode": {
         description: "Converts text to its unicode character code equivalent.<br><br>e.g. <code>Γειά σου</code> becomes <code>0393 03b5 03b9 03ac 20 03c3 03bf 03c5</code>",
         run: ByteRepr.runToCharcode,
@@ -3204,6 +3206,13 @@ const OperationConfig = {
             }
         ]
     },
+    "Microsoft Script Decoder": {
+        description: "Decodes Microsoft Encoded Script files that have been encoded with Microsoft's custom encoding. These are often VBS (Visual Basic Script) files that are encoded and renamed with a '.vbe' extention or JS (JScript) files renamed with a '.jse' extention.<br><br><b>Sample</b><br><br>Encoded:<br><code>#@~^RQAAAA==-mD~sX|:/TP{~J:+dYbxL~@!F@*@!+@*@!&amp;@*eEI@#@&amp;@#@&amp;.jm.raY 214Wv:zms/obI0xEAAA==^#~@</code><br><br>Decoded:<br><code>var my_msg = &#34;Testing <1><2><3>!&#34;;\n\nVScript.Echo(my_msg);</code>",
+        run: MS.runDecodeScript,
+        inputType: "string",
+        outputType: "string",
+        args: []
+    },
     "Syntax highlighter": {
         description: "Adds syntax highlighting to a range of source code languages. Note that this will not indent the code. Use one of the 'Beautify' operations for that.",
         run: Code.runSyntaxHighlight,
diff --git a/src/core/operations/MS.js b/src/core/operations/MS.js
@@ -0,0 +1,213 @@
+/**
+ * Microsoft operations. 
+ *
+ * @author bmwhitn [brian.m.whitney@outlook.com]
+ * @copyright Crown Copyright 2017
+ * @license Apache-2.0
+ *
+ * @namespace
+ */
+const MS = {
+
+    /**
+     * @constant
+     * @default
+     */
+    D_DECODE: [
+        "",
+        "",
+        "",
+        "",
+        "",
+        "",
+        "",
+        "",
+        "",
+        "\x57\x6E\x7B",
+        "\x4A\x4C\x41",
+        "\x0B\x0B\x0B",
+        "\x0C\x0C\x0C",
+        "\x4A\x4C\x41",
+        "\x0E\x0E\x0E",
+        "\x0F\x0F\x0F",
+        "\x10\x10\x10",
+        "\x11\x11\x11",
+        "\x12\x12\x12",
+        "\x13\x13\x13",
+        "\x14\x14\x14",
+        "\x15\x15\x15",
+        "\x16\x16\x16",
+        "\x17\x17\x17",
+        "\x18\x18\x18",
+        "\x19\x19\x19",
+        "\x1A\x1A\x1A",
+        "\x1B\x1B\x1B",
+        "\x1C\x1C\x1C",
+        "\x1D\x1D\x1D",
+        "\x1E\x1E\x1E",
+        "\x1F\x1F\x1F",
+        "\x2E\x2D\x32",
+        "\x47\x75\x30",
+        "\x7A\x52\x21",
+        "\x56\x60\x29",
+        "\x42\x71\x5B",
+        "\x6A\x5E\x38",
+        "\x2F\x49\x33",
+        "\x26\x5C\x3D",
+        "\x49\x62\x58",
+        "\x41\x7D\x3A",
+        "\x34\x29\x35",
+        "\x32\x36\x65",
+        "\x5B\x20\x39",
+        "\x76\x7C\x5C",
+        "\x72\x7A\x56",
+        "\x43\x7F\x73",
+        "\x38\x6B\x66",
+        "\x39\x63\x4E",
+        "\x70\x33\x45",
+        "\x45\x2B\x6B",
+        "\x68\x68\x62",
+        "\x71\x51\x59",
+        "\x4F\x66\x78",
+        "\x09\x76\x5E",
+        "\x62\x31\x7D",
+        "\x44\x64\x4A",
+        "\x23\x54\x6D",
+        "\x75\x43\x71",
+        "\x4A\x4C\x41",
+        "\x7E\x3A\x60",
+        "\x4A\x4C\x41",
+        "\x5E\x7E\x53",
+        "\x40\x4C\x40",
+        "\x77\x45\x42",
+        "\x4A\x2C\x27",
+        "\x61\x2A\x48",
+        "\x5D\x74\x72",
+        "\x22\x27\x75",
+        "\x4B\x37\x31",
+        "\x6F\x44\x37",
+        "\x4E\x79\x4D",
+        "\x3B\x59\x52",
+        "\x4C\x2F\x22",
+        "\x50\x6F\x54",
+        "\x67\x26\x6A",
+        "\x2A\x72\x47",
+        "\x7D\x6A\x64",
+        "\x74\x39\x2D",
+        "\x54\x7B\x20",
+        "\x2B\x3F\x7F",
+        "\x2D\x38\x2E",
+        "\x2C\x77\x4C",
+        "\x30\x67\x5D",
+        "\x6E\x53\x7E",
+        "\x6B\x47\x6C",
+        "\x66\x34\x6F",
+        "\x35\x78\x79",
+        "\x25\x5D\x74",
+        "\x21\x30\x43",
+        "\x64\x23\x26",
+        "\x4D\x5A\x76",
+        "\x52\x5B\x25",
+        "\x63\x6C\x24",
+        "\x3F\x48\x2B",
+        "\x7B\x55\x28",
+        "\x78\x70\x23",
+        "\x29\x69\x41",
+        "\x28\x2E\x34",
+        "\x73\x4C\x09",
+        "\x59\x21\x2A",
+        "\x33\x24\x44",
+        "\x7F\x4E\x3F",
+        "\x6D\x50\x77",
+        "\x55\x09\x3B",
+        "\x53\x56\x55",
+        "\x7C\x73\x69",
+        "\x3A\x35\x61",
+        "\x5F\x61\x63",
+        "\x65\x4B\x50",
+        "\x46\x58\x67",
+        "\x58\x3B\x51",
+        "\x31\x57\x49",
+        "\x69\x22\x4F",
+        "\x6C\x6D\x46",
+        "\x5A\x4D\x68",
+        "\x48\x25\x7C",
+        "\x27\x28\x36",
+        "\x5C\x46\x70",
+        "\x3D\x4A\x6E",
+        "\x24\x32\x7A",
+        "\x79\x41\x2F",
+        "\x37\x3D\x5F",
+        "\x60\x5F\x4B",
+        "\x51\x4F\x5A",
+        "\x20\x42\x2C",
+        "\x36\x65\x57"
+    ],
+
+    /**
+     * @constant
+     * @default
+     */
+    D_COMBINATION: [
+        0, 1, 2, 0, 1, 2, 1, 2, 2, 1, 2, 1, 0, 2, 1, 2, 0, 2, 1, 2, 0, 0, 1, 2, 2, 1, 0, 2, 1, 2, 2, 1,
+        0, 0, 2, 1, 2, 1, 2, 0, 2, 0, 0, 1, 2, 0, 2, 1, 0, 2, 1, 2, 0, 0, 1, 2, 2, 0, 0, 1, 2, 0, 2, 1
+    ],
+
+
+    /**
+     * Decodes Microsoft Encoded Script files that can be read and executed by cscript.exe/wscript.exe.
+     * This is a conversion of a Python script that was originally created by Didier Stevens
+     * (https://DidierStevens.com).
+     *
+     * @private
+     * @param {string} data
+     * @returns {string}
+     */
+    _decode: function (data) {
+        let result = [];
+        let index = -1;
+        data = data.replace(/@&/g, String.fromCharCode(10))
+            .replace(/@#/g, String.fromCharCode(13))
+            .replace(/@\*/g, ">")
+            .replace(/@!/g, "<")
+            .replace(/@\$/g, "@");
+
+        for (let i = 0; i < data.length; i++) {
+            let byte = data.charCodeAt(i);
+            let char = data.charAt(i);
+            if (byte < 128) {
+                index++;
+            }
+
+            if ((byte === 9 || byte > 31 && byte < 128) &&
+                byte !== 60 &&
+                byte !== 62 &&
+                byte !== 64) {
+                char = MS.D_DECODE[byte].charAt(MS.D_COMBINATION[index % 64]);
+            }
+            result.push(char);
+        }
+        return result.join("");
+    },
+
+
+    /**
+     * Microsoft Script Decoder operation.
+     *
+     * @param {string} input
+     * @param {Object[]} args
+     * @returns {string}
+     */
+    runDecodeScript: function (input, args) {
+        let matcher = /#@~\^.{6}==(.+).{6}==\^#~@/;
+        let encodedData = matcher.exec(input);
+        if (encodedData){
+            return MS._decode(encodedData[1]);
+        } else {
+            return "";
+        }
+    }
+
+};
+
+export default MS;
diff --git a/test/index.js b/test/index.js
@@ -22,9 +22,11 @@ import "./tests/operations/DateTime.js";
 import "./tests/operations/FlowControl.js";
 import "./tests/operations/Image.js";
 import "./tests/operations/MorseCode.js";
+import "./tests/operations/MS.js";
 import "./tests/operations/StrUtils.js";
 import "./tests/operations/SeqUtils.js";
 
+
 let allTestsPassing = true;
 const testStatusCounts = {
     total: 0,
diff --git a/test/tests/operations/MS.js b/test/tests/operations/MS.js
@@ -0,0 +1,22 @@
+/**
+ * MS tests.
+ *
+ * @author bwhitn [brian.m.whitney@outlook.com]
+ * @copyright Crown Copyright 2017
+ * @license Apache-2.0
+ */
+import TestRegister from "../../TestRegister.js";
+
+TestRegister.addTests([
+    {
+        name: "Microsoft Script Decoder",
+        input: "#@~^RQAAAA==-mD~sX|:/TP{~J:+dYbxL~@!F@*@!+@*@!&@*eEI@#@&@#@&\x7fjm.raY 214Wv:zms/obI0xEAAA==^#~@",
+        expectedOutput: "var my_msg = \"Testing <1><2><3>!\";\r\n\r\nWScript.Echo(my_msg);",
+        recipeConfig: [
+            {
+                "op": "Microsoft Script Decoder",
+                "args": []
+            },
+        ],
+    },
+]);
