forked from CapacitorSet/box-js
-
Notifications
You must be signed in to change notification settings - Fork 0
/
flags.json
235 lines (235 loc) · 8.33 KB
/
flags.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
{
"run": [
{
"name": "help",
"alias": "h",
"type": "Boolean",
"description": "Show the help text and quit"
},
{
"name": "version",
"alias": "v",
"type": "Boolean",
"description": "Show the package version and quit"
},
{
"name": "license",
"type": "Boolean",
"description": "Show the license and quit"
},
{
"name": "debug",
"type": "Boolean",
"description": "Die when an emulation error occurs, even in \"batch mode\", and pass on the exit code."
},
{
"name": "loglevel",
"type": "String",
"description": "Logging level (debug, verbose, info, warning, error - default \"info\")"
},
{
"name": "threads",
"type": "Number",
"description": "When running in batch mode, how many analyses to run at the same time (0 = unlimited, default: as many as the number of CPU cores)"
},
{
"name": "download",
"type": "Boolean",
"description": "Actually download the payloads"
},
{
"name": "encoding",
"type": "String",
"description": "Encoding of the input sample (will be automatically detected by default)"
},
{
"name": "timeout",
"type": "Number",
"description": "The script will timeout after this many seconds (default 10)"
},
{
"name": "output-dir",
"type": "String",
"description": "The location on disk to write the results files and folders to (defaults to the current directory)"
},
{
"name": "preprocess",
"type": "Boolean",
"description": "Preprocess the original source code (makes reverse engineering easier, but takes a few seconds)"
},
{
"name": "unsafe-preprocess",
"type": "Boolean",
"description": "More aggressive preprocessing. Often results in better code, but can break on some edge cases (eg. redefining prototypes)"
},
{
"name": "no-kill",
"type": "Boolean",
"description": "Do not kill the application when runtime errors occur"
},
{
"name": "no-echo",
"type": "Boolean",
"description": "When the script prints data, do not print it to the console"
},
{
"name": "no-rewrite",
"type": "Boolean",
"description": "Do not rewrite the source code at all, other than for `@cc_on` support"
},
{
"name": "no-catch-rewrite",
"type": "Boolean",
"description": "Do not rewrite try..catch clauses to make the exception global-scoped"
},
{
"name": "no-cc_on-rewrite",
"type": "Boolean",
"description": "Do not rewrite `/*@cc_on <...>@*/` to `<...>`"
},
{
"name": "no-eval-rewrite",
"type": "Boolean",
"description": "Do not rewrite `eval` so that its argument is rewritten"
},
{
"name": "no-file-exists",
"type": "Boolean",
"description": "Return `false` for Scripting.FileSystemObject.FileExists(x)"
},
{
"name": "no-folder-exists",
"type": "Boolean",
"description": "Return `false` for Scripting.FileSystemObject.FileExists(x)"
},
{
"name": "function-rewrite",
"type": "Boolean",
"description": "Rewrite function calls in order to catch eval calls"
},
{
"name": "no-rewrite-prototype",
"type": "Boolean",
"description": "Do not rewrite expressions like `function A.prototype.B()` as `A.prototype.B = function()`"
},
{
"name": "no-hoist-prototype",
"type": "Boolean",
"description": "Do not hoist expressions like `function A.prototype.B()` (implied by no-rewrite-prototype)"
},
{
"name": "no-shell-error",
"type": "Boolean",
"description": "Do not throw a fake error when executing `WScriptShell.Run` (it throws a fake error by default to pretend that the distribution sites are down, so that the script will attempt to poll every site)"
},
{
"name": "no-typeof-rewrite",
"type": "Boolean",
"description": "Do not rewrite `typeof` (e.g. `typeof ActiveXObject`, which must return 'unknown' in the JScript standard and not 'object')"
},
{
"name": "proxy",
"type": "String",
"description": "[experimental] Use the specified proxy for downloads. This is not relevant if the --download flag is not present."
},
{
"name": "windows-xp",
"type": "Boolean",
"description": "Emulate Windows XP (influences the value of environment variables)"
},
{
"name": "dangerous-vm",
"type": "Boolean",
"description": "Use the `vm` module, rather than `vm2`. This sandbox can be broken, so **don't use this** unless you're 100% sure of what you're doing. Helps with debugging by giving correct stack traces."
}
],
"export": [
{
"name": "help",
"alias": "h",
"type": "Boolean",
"description": "Show the help text and quit"
},
{
"name": "version",
"alias": "v",
"type": "Boolean",
"description": "Show the package version and quit"
},
{
"name": "license",
"type": "Boolean",
"description": "Show the license and quit"
},
{
"name": "loglevel",
"type": "String",
"description": "Logging level (debug, verbose, info, warning, error - default \"info\")"
},
{
"name": "cuckoo-address",
"type": "String",
"description": "Address of the Cuckoo API (format: host:port, eg. localhost:8000)"
},
{
"name": "cuckoo-all-files",
"type": "Boolean",
"description": "Submit all files written to disk to a Cuckoo sandbox"
},
{
"name": "cuckoo-executables",
"type": "Boolean",
"description": "Submit all executables written to disk to a Cuckoo sandbox. Has no effect when used with --cuckoo-all-files."
},
{
"name": "cuckoo-urls",
"type": "Boolean",
"description": "Submit URLs to a Cuckoo sandbox"
},
{
"name": "malwr-key",
"type": "String",
"description": "Malwr API key"
},
{
"name": "malwr-all-files",
"type": "Boolean",
"description": "Submit all files written to disk to Malwr"
},
{
"name": "malwr-executables",
"type": "Boolean",
"description": "Submit all executables written to disk to Malwr. Has no effect when used with --malwr-all-files."
},
{
"name": "malwr-private",
"type": "Boolean",
"description": "Mark Malwr samples as private (not to be shared with the community)"
},
{
"name": "vt-key",
"type": "String",
"description": "VirusTotal API key"
},
{
"name": "vt-all-files",
"type": "Boolean",
"description": "Submit all files written to disk to VirusTotal"
},
{
"name": "vt-executables",
"type": "Boolean",
"description": "Submit all executables written to disk to VirusTotal. Has no effect when used with --vt-all-files."
},
{
"name": "vt-rate-limit",
"type": "Number",
"description": "Rate limit (in requests per minute) against the VirusTotal API (default 4)"
},
{
"name": "vt-urls",
"type": "Boolean",
"description": "Submit URLs to VirusTotal"
}
]
}