This repository was archived by the owner on Jun 8, 2023. It is now read-only.
- Notifications
You must be signed in to change notification settings - Fork17
javascript runtime ( JSRT ) project for windows , based on chakra
License
NotificationsYou must be signed in to change notification settings
tinysec/jsrt
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
- javascript runtime for windows , based onchakra
- author: TinySec(@TinySecEx )
- JSRT is friend for binary hacker , special for windows.
- this version is a public new version , feel free to open issue.
- always download the latest version.
https://github.com/tinysec/jsrt/wiki
| filename | host | arch | usage |
|---|---|---|---|
| js.exe | console | i386 | js.exe [options] [--eval script or script.js] [arguments] |
| js64.exe | console | amd64 | js64.exe [options] [--eval script or script.js] [arguments] |
| jsw.exe | window | i386 | jsw.exe [options] [--eval script or script.js] [arguments] |
| jsw64.exe | window | amd64 | jsw64.exe [options] [--eval script or script.js] [arguments] |
| jsida.plw | IDA | i386 | [options] [--eval script or script.js] [arguments] |
| jsida.p64 | IDA | amd64 | [options] [--eval script or script.js] [arguments] |
| jswd.dll | windbg | i386 | !js [options] [--eval script or script.js] [arguments] |
| jswd64.dll | windbg | amd64 | !js [options] [--eval script or script.js] [arguments] |
| jsk.sys | kernel | i386 | TODO , support kernel access |
| jsk64.sys | kernel | amd64 | TODO , support kernel access |
- real native multi-thread support
- 64-bit number
- Buffer
- host full memory access , and support both GC and manual memory manager.
- c-like printf and sprintf
- ffi , support some windows type , full windows api access
- serialize and unserialize
- re-entry support for windbg and ida mode
- portable fromwindows xp ~ windows 10 rs2
- small dist.
- anything you want for binary hack.
- firefox style ctypes
- c-style struct and union handle
- kernel support
- more documents.
Usage:js[options][--evalscriptorscript.js][arguments]Options:--versionshowversion--verboseverbosemode--helpshowhelp--evalevalmodeEnvironment:JSRT_SYSTEM_MODULE_PATHsystemjsrtmodulesearchpathJSRT_MODULE_PATHcommonjsrtmodulesearchpathJSRT_IDA_MODULE_PATHjsrt-idamodulesearchpathJSRT_WINDBG_MODULE_PATHjsrt-windbgmodulesearchpathmoreinfoisat https://github.com/tinysec/jsrt
enum windows
constffi=require("ffi");constprintf=require("cprintf").printf;constsprintf=require("cprintf").sprintf;constKdPrint=require("cprintf").KdPrint;varhUser32=ffi.loadLibrary("user32.dll");varfnEnumWindows=ffi.bindModule(hUser32,"BOOL WINAPI EnumWindows(_In_ void* lpEnumFunc,_In_ LPARAM lParam); ");varfnGetClassNameA=ffi.bindModule(hUser32,"int WINAPI GetClassNameA(_In_ HWND hWnd,_Out_ LPTSTR lpClassName,_In_ int nMaxCount);");// BOOL CALLBACK EnumWindowsProc(_In_ HWND hwnd,_In_ LPARAM lParam);functionenumRoutine(hWnd,lParam){varlpClassNameA=Buffer.alloc(250).fill(0);varnRet=0;nRet=fnGetClassNameA(hWnd,lpClassNameA,250);printf("0x%p -> %s|\n",hWnd,lpClassNameA.toString());lpClassNameA.free();returntrue;}functionmain(){varlpEnumFunc=ffi.thunk(enumRoutine,"BOOL CALLBACK EnumWindowsProc(_In_ HWND hwnd,_In_ LPARAM lParam);");fnEnumWindows(lpEnumFunc,0);lpEnumFunc.free();return0;}if(!module.parent){main();}
and you will got
0x0001014A->ForegroundStaging|0x00010176->ForegroundStaging|0x000100FC->tooltips_class32|0x00010100->tooltips_class32|0x002F0A7E->NetUIToolWindow|0x01840922->NetUIToolWindow|0x02A50EF4->tooltips_class32|0x016D0E1A->UIRibbonStdCompMgr|0x02A00DCC->tooltips_class32|0x010C0DA4->tooltips_class32|0x00890D2E->tooltips_class32|0x0001041A->Chrome_SystemMessageWindow|0x00010414->Base_PowerMessageWindow|0x00010180->IME|0x00010148->IME|0x0001011C->IME|0x02630B5A->IME|0x015A074C->IME|..........
JSRT project had two version ,
- the pre-version is self use , not-published , it was written between 2015-07 ~ 2016-09
- the current version is going to public release , support some compatible to other bindings.