Tool CESIL v0.1.3

F

Fikedever

Member
May 26, 2020
102
330
Purpose
I am developing a debundling and code injection tool for JavaScript apps. The end goal is to be able to consistently inject mods into JavaScript apps with minimal changes to the mods across the target app's version. See Milestones for what is implemented. I hope for this to work for all JavaScript apps, but I am currently testing on CoC2 only.

Usage
You don't have permission to view the spoiler content. Log in or register now.
You don't have permission to view the spoiler content. Log in or register now.

Downloads
You must be registered to see the links


Resource Access
The program should not access your network. As of version 0.1.1, it requires write access to the output folder you give it and read access to the input files you give it.

Feel free to
You must be registered to see the links
or suggest improvements.

Issue Tracking
If you'd like to report an Issue, you have an additional option outside of this thread at
You must be registered to see the links
.

Milestones
You don't have permission to view the spoiler content. Log in or register now.
 
Last edited:
  • Like
Reactions: Theratul, jfmherokiller and Fatalmasterpiece
jfmherokiller

jfmherokiller

Well-Known Member
May 25, 2020
1,139
1,534
I just want to suggest putting the code on github or other git hosting site. Even if you say it wont access the network seeing the exe have a DLL include of ws2_32 is concerning.
 
Last edited:
F

Fikedever

Member
May 26, 2020
102
330
jfmherokiller said:
I just want to suggest putting the code on github or other git hosting site. Even if you say it wont access the network seeing the exe have a DLL include of ws2_32 is concerning.
Click to expand...
Weird. I would guess it is included either because portions of SWC were not shaken out of compilation, or compiling to Windows on Linux includes unnecessary things. Part of the reason I mentioned it was so that if someone wanted they would easily know how to restrict the application, and, like you have, let me know if something is up.

Repository
You must be registered to see the links
is now public. It is unlicensed, which does not mean copyright free. I would consider doing a dual licensed MIT/Apache2 like most Rust projects, or a GPLv2, but I haven't decided.

Thread Title
Should this thread have the HTML tag since it targets JavaScript?

Token Reverse/Replace
The token replace system is very basic in how it finds and replaces, Additionally, I suspect I'm not doing it correctly, or the token table is just wrong.

It is thrown off by the comments at the start of the JavaScript file, do deleting it might help. The line/column mapping for the tokens in the .map don't take it into account, or I'm doing something wrong..

I am going to make it an option to token replace next version.
 
Last edited:
F

Fikedever

Member
May 26, 2020
102
330
You must be registered to see the links


Change Log
  • Added the option to disable token replacement in cesil-beautify.
If you'd like to report an Issue, you have an additional option at
You must be registered to see the links
.
 
  • Like
Reactions: ZaidMesa
jfmherokiller

jfmherokiller

Well-Known Member
May 25, 2020
1,139
1,534
Fikedever said:
Weird. I would guess it is included either because portions of SWC were not shaken out of compilation, or compiling to Windows on Linux includes unnecessary things. Part of the reason I mentioned it was so that if someone wanted they would easily know how to restrict the application, and, like you have, let me know if something is up.

Repository
You must be registered to see the links
is now public. It is unlicensed, which does not mean copyright free. I would consider doing a dual licensed MIT/Apache2 like most Rust projects, or a GPLv2, but I haven't decided.

Thread Title
Should this thread have the HTML tag since it targets JavaScript?

Token Reverse/Replace
The token replace system is very basic in how it finds and replaces, Additionally, I suspect I'm not doing it correctly, or the token table is just wrong.

It is thrown off by the comments at the start of the JavaScript file, do deleting it might help. The line/column mapping for the tokens in the .map don't take it into account, or I'm doing something wrong..

I am going to make it an option to token replace next version.
Click to expand...
I did try to see where the DLL was being used via examination through ida 7.6 (I only tested the windows exe) and as far as I can tell its probably from a dependency. I also sent it to virus total seen here
You must be registered to see the links
and as far as it shows the only network connection seems to be to a DNS server.
 
jfmherokiller

jfmherokiller

Well-Known Member
May 25, 2020
1,139
1,534
btw ill provide deeper info for how I derived the typescript definition files here.

First I must make it known I enabled the chrome devtools by editing "main.js" and uncommented the opendevtools line.


For the enum file I first created a new game went through the tutorial then put JSON.stringify(GLOBALS) in the devtools console and copied the result to a new file in vscode and started "ripping it apart" (seporating the enums).

The rest was mostly reading the webpacked prettified file and the files I got from that mod and using that to kind of "fill out the functions and properties". I did also once see the empty files from the map file but I haven't been using that knowledge for much.
 
jfmherokiller

jfmherokiller

Well-Known Member
May 25, 2020
1,139
1,534
btw I learned a few parts so far: These are class functions and most seem to be nonstatic


and classes seem to start with a line like if (!(e instanceof t)) throw new TypeError("Cannot call a class as a function")
 
jfmherokiller

jfmherokiller

Well-Known Member
May 25, 2020
1,139
1,534
oh I just discovered that main will overflow if the app is compiled with msvc

Code: 
app $ .\cesil.exe beautify --input .\main.464b08a3b93b0d7f1ed8.js --source-map .\main.464b08a3b93b0d7f1ed8.js.map

thread 'main' has overflowed its stack
I am going to try to see what it's doing.
 
jfmherokiller

jfmherokiller

Well-Known Member
May 25, 2020
1,139
1,534
Here are the changes I made which fixed the stack overflow by upgrading the dependencies and I also applied some clippy suggestions.
 
F

Fikedever

Member
May 26, 2020
102
330
That overflow is strange. I just tested msvc compilation without changing anything and had no stack over flow. Either way, I put your changes in. You can submit a merge request in the future if you would like.
 
  • Like
Reactions: jfmherokiller
jfmherokiller

jfmherokiller

Well-Known Member
May 25, 2020
1,139
1,534
Fikedever said:
That overflow is strange. I just tested msvc compilation without changing anything and had no stack over flow. Either way, I put your changes in. You can submit a merge request in the future if you would like.
Click to expand...
I would have done a merge request like I do on github but I couldn't find the fork button.
 
You must log in or register to reply here.
Top Bottom