From 47049821846184c7e6766ed3e133652caef4fa6c Mon Sep 17 00:00:00 2001 From: ajmallesh Date: Thu, 23 Oct 2025 11:57:14 -0700 Subject: [PATCH] chore: remove deprecated scripts --- tools/deprecated/generate-totp-standalone.mjs | 131 ---------------- tools/deprecated/save_deliverable.js | 145 ------------------ 2 files changed, 276 deletions(-) delete mode 100644 tools/deprecated/generate-totp-standalone.mjs delete mode 100755 tools/deprecated/save_deliverable.js diff --git a/tools/deprecated/generate-totp-standalone.mjs b/tools/deprecated/generate-totp-standalone.mjs deleted file mode 100644 index caeb5dc..0000000 --- a/tools/deprecated/generate-totp-standalone.mjs +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/env node - -import { createHmac } from 'crypto'; - -/** - * Standalone TOTP generator that doesn't require external dependencies - * Based on RFC 6238 (TOTP: Time-Based One-Time Password Algorithm) - */ - -function parseArgs() { - const args = {}; - for (let i = 2; i < process.argv.length; i++) { - if (process.argv[i] === '--secret' && i + 1 < process.argv.length) { - args.secret = process.argv[i + 1]; - i++; // Skip the next argument since it's the value - } else if (process.argv[i] === '--help' || process.argv[i] === '-h') { - args.help = true; - } - } - return args; -} - -function showHelp() { - console.log(` -Usage: node generate-totp-standalone.mjs --secret - -Generate a Time-based One-Time Password (TOTP) from a secret key. -This standalone version doesn't require external dependencies. - -Options: - --secret The base32-encoded TOTP secret key (required) - --help, -h Show this help message - -Examples: - node generate-totp-standalone.mjs --secret "JBSWY3DPEHPK3PXP" - node generate-totp-standalone.mjs --secret "u4e2ewg3d6w7gya3p7plgkef6zgfzo23" - -Output: - A 6-digit TOTP code (e.g., 123456) -`); -} - -// Base32 decoding function -function base32Decode(encoded) { - const alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'; - const cleanInput = encoded.toUpperCase().replace(/[^A-Z2-7]/g, ''); - - if (cleanInput.length === 0) { - return Buffer.alloc(0); - } - - const output = []; - let bits = 0; - let value = 0; - - for (const char of cleanInput) { - const index = alphabet.indexOf(char); - if (index === -1) { - throw new Error(`Invalid base32 character: ${char}`); - } - - value = (value << 5) | index; - bits += 5; - - if (bits >= 8) { - output.push((value >>> (bits - 8)) & 255); - bits -= 8; - } - } - - return Buffer.from(output); -} - -// HOTP implementation (RFC 4226) -function generateHOTP(secret, counter, digits = 6) { - const key = base32Decode(secret); - - // Convert counter to 8-byte buffer (big-endian) - const counterBuffer = Buffer.alloc(8); - counterBuffer.writeBigUInt64BE(BigInt(counter)); - - // Generate HMAC-SHA1 - const hmac = createHmac('sha1', key); - hmac.update(counterBuffer); - const hash = hmac.digest(); - - // Dynamic truncation - const offset = hash[hash.length - 1] & 0x0f; - const code = ( - ((hash[offset] & 0x7f) << 24) | - ((hash[offset + 1] & 0xff) << 16) | - ((hash[offset + 2] & 0xff) << 8) | - (hash[offset + 3] & 0xff) - ); - - // Generate digits - const otp = (code % Math.pow(10, digits)).toString().padStart(digits, '0'); - return otp; -} - -// TOTP implementation (RFC 6238) -function generateTOTP(secret, timeStep = 30, digits = 6) { - const currentTime = Math.floor(Date.now() / 1000); - const counter = Math.floor(currentTime / timeStep); - return generateHOTP(secret, counter, digits); -} - -function main() { - const args = parseArgs(); - - if (args.help) { - showHelp(); - return; - } - - if (!args.secret) { - console.error('Error: --secret parameter is required'); - console.error('Use --help for usage information'); - process.exit(1); - } - - try { - const totpCode = generateTOTP(args.secret); - console.log(totpCode); - } catch (error) { - console.error(`Error: ${error.message}`); - process.exit(1); - } -} - -main(); \ No newline at end of file diff --git a/tools/deprecated/save_deliverable.js b/tools/deprecated/save_deliverable.js deleted file mode 100755 index 3e910d4..0000000 --- a/tools/deprecated/save_deliverable.js +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/env node - -/** - * Save Deliverable Tool - * - * This tool handles saving deliverable files with correct filenames and validation. - * AI agents call this instead of using fs.writeFile directly. - * - * Usage: node save_deliverable.js - * - * Example: node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": []}' - */ - -import { writeFileSync, mkdirSync } from 'fs'; -import { join, dirname } from 'path'; -import { fileURLToPath } from 'url'; - -const __filename = fileURLToPath(import.meta.url); -const __dirname = dirname(__filename); - -// Hard-coded filename mappings from agent prompts -const DELIVERABLE_TYPES = { - // Pre-recon agent - CODE_ANALYSIS: 'code_analysis_deliverable.md', - - // Recon agent - RECON: 'recon_deliverable.md', - - // Vulnerability analysis agents - INJECTION_ANALYSIS: 'injection_analysis_deliverable.md', - INJECTION_QUEUE: 'injection_exploitation_queue.json', - - XSS_ANALYSIS: 'xss_analysis_deliverable.md', - XSS_QUEUE: 'xss_exploitation_queue.json', - - AUTH_ANALYSIS: 'auth_analysis_deliverable.md', - AUTH_QUEUE: 'auth_exploitation_queue.json', - - AUTHZ_ANALYSIS: 'authz_analysis_deliverable.md', - AUTHZ_QUEUE: 'authz_exploitation_queue.json', - - SSRF_ANALYSIS: 'ssrf_analysis_deliverable.md', - SSRF_QUEUE: 'ssrf_exploitation_queue.json', - - // Exploitation agents - INJECTION_EVIDENCE: 'injection_exploitation_evidence.md', - XSS_EVIDENCE: 'xss_exploitation_evidence.md', - AUTH_EVIDENCE: 'auth_exploitation_evidence.md', - AUTHZ_EVIDENCE: 'authz_exploitation_evidence.md', - SSRF_EVIDENCE: 'ssrf_exploitation_evidence.md' -}; - -/** - * Validate JSON structure for queue files - */ -function validateQueueJson(content, type) { - try { - const parsed = JSON.parse(content); - - // Queue files must have a 'vulnerabilities' array - if (!parsed.vulnerabilities || !Array.isArray(parsed.vulnerabilities)) { - return { - valid: false, - message: `Invalid ${type}: Missing or invalid 'vulnerabilities' array. Expected format: {"vulnerabilities": [...]}` - }; - } - - return { valid: true }; - } catch (error) { - return { - valid: false, - message: `Invalid JSON in ${type}: ${error.message}` - }; - } -} - -/** - * Main execution - */ -function main() { - try { - // Parse command line arguments - const args = process.argv.slice(2); - - if (args.length < 2) { - console.log(JSON.stringify({ - status: 'error', - message: 'Usage: node save_deliverable.js ' - })); - process.exit(1); - } - - const type = args[0]; - const content = args.slice(1).join(' '); - - // Validate type - if (!DELIVERABLE_TYPES[type]) { - console.log(JSON.stringify({ - status: 'error', - message: `Unknown deliverable type: ${type}. Valid types: ${Object.keys(DELIVERABLE_TYPES).join(', ')}` - })); - process.exit(1); - } - - // Validate JSON structure for queue files - if (type.endsWith('_QUEUE')) { - const validation = validateQueueJson(content, type); - if (!validation.valid) { - console.log(JSON.stringify({ - status: 'error', - message: validation.message - })); - process.exit(1); - } - } - - // Determine file path (deliverables/ directory) - const filename = DELIVERABLE_TYPES[type]; - const deliverablesDir = join(process.cwd(), 'deliverables'); - const filepath = join(deliverablesDir, filename); - - // Ensure deliverables directory exists - try { - mkdirSync(deliverablesDir, { recursive: true }); - } catch (error) { - // Directory might already exist, ignore - } - - // Write file - writeFileSync(filepath, content, 'utf8'); - - // Success - console.log(JSON.stringify({ status: 'success' })); - process.exit(0); - - } catch (error) { - console.log(JSON.stringify({ - status: 'error', - message: `Failed to save deliverable: ${error.message}` - })); - process.exit(1); - } -} - -main();