Back to Details

competition-bundle-sourcemap-recovery

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Competition Bundle Sourcemap Recovery

竞赛场景Bundle Sourcemap恢复

Use this skill only as a downstream specialization after 
$ctf-sandbox-orchestrator
is already active and has established sandbox assumptions, node ownership, and evidence priorities. If that has not happened yet, return to 
$ctf-sandbox-orchestrator
first.
Use this skill when runtime truth lives in built assets, source maps, chunk tables, or obfuscated loader flow rather than in checked-in source alone.
Reply in Simplified Chinese unless the user explicitly requests English.
仅可在
$ctf-sandbox-orchestrator
已激活,且已经确立沙箱假设、节点归属关系和证据优先级后,将本技能作为下游专项能力使用。如果未满足上述前提,请先返回
$ctf-sandbox-orchestrator
流程。
当运行时真实逻辑存在于已构建产物、source maps、chunk tables或混淆加载器流程中,而非仅存在于入库的源代码中时,使用本技能。
除非用户明确要求英文回复,否则请使用简体中文回复。

Quick Start

快速开始

  1. Start from the served artifact set: entry HTML, build manifest, bootstrap bundle, chunk map, and source maps.
  2. Record chunk ids, route chunks, loader functions, endpoint strings, and config keys before broad manual deobfuscation.
  3. Reconstruct the smallest runtime graph that explains which asset executes now.
  4. Keep served artifact truth separate from repository source unless parity is proven.
  5. Reproduce the smallest asset-to-runtime boundary that proves the decisive behavior.
  1. 从已分发的资产集合入手:入口HTML、build manifest、启动bundle、chunk map以及source maps。
  2. 在开展大范围手动反混淆工作前,先记录chunk id、路由chunk、加载器函数、端点字符串和配置键。
  3. 重构最小运行时依赖图,明确当前正在执行的资产逻辑。
  4. 除非已证明两者完全一致,否则将已分发资产的真实逻辑与代码仓库中的源代码分开处理。
  5. 复现最小的资产到运行时边界,以此验证决定性行为。

Workflow

工作流

1. Map The Served Artifact Set

1. 映射已分发资产集合

  • Record entry HTML, script tags, preload hints, manifest files, asset map, chunk registry, and source map URLs.
  • Note framework-specific artifacts such as route manifests, client reference manifests, or lazy-loader tables when present.
  • Keep emitted filenames, hash suffixes, and route ownership tied together.
  • 记录入口HTML、script标签、预加载提示、manifest文件、资产映射表、chunk registry和source map URL。
  • 若存在框架特有的产物,例如路由manifest、客户端引用manifest或懒加载表,请额外记录。
  • 将构建输出的文件名、哈希后缀和路由归属关系关联存储。

2. Reconstruct Runtime Structure

2. 重构运行时结构

  • Follow bootstrap code, chunk loaders, module registry, string decoders, and lazy import boundaries.
  • Use source maps, manifest files, and stable symbol clusters to recover route names, API calls, feature flags, and hidden panels.
  • Distinguish build-time intent from the bundle that is actively served now.
  • 追踪启动代码、chunk加载器、模块注册表、字符串解码器和懒导入边界。
  • 利用source maps、manifest文件和稳定符号簇恢复路由名称、API调用、功能开关和隐藏面板。
  • 区分构建时的预设逻辑和当前实际分发的bundle运行逻辑。

3. Reduce To The Decisive Bundle Path

3. 缩减到决定性Bundle路径

  • Compress the result to the smallest sequence: served asset -> loader path -> module or symbol -> runtime effect.
  • State clearly whether the decisive weakness lives in manifest drift, chunk loading, hidden route code, string decoding, or stale source assumptions.
  • If the task shifts from built assets to SSR or template enforcement, hand back to the tighter template-render skill.
  • 将结果压缩为最小链路:已分发资产 -> 加载器路径 -> 模块或符号 -> 运行时效果。
  • 明确说明决定性漏洞存在于manifest漂移、chunk加载、隐藏路由代码、字符串解码还是过时的源代码假设中。
  • 如果任务从构建资产分析转向SSR或模板校验场景,请移交到更适配的template-render技能处理。

Read This Reference

参考资料

  • Load 
    references/bundle-sourcemap-recovery.md
    for the artifact checklist, deobfuscation checklist, and evidence packaging.
  • 加载
    references/bundle-sourcemap-recovery.md
    查看资产检查清单、反混淆检查清单和证据打包规范。

What To Preserve

需要留存的内容

  • Served filenames, chunk ids, manifest entries, source map paths, recovered symbols, and endpoint strings
  • The exact executing bundle or module that proves the runtime branch
  • One minimal asset-to-runtime sequence that reaches the decisive effect
  • 已分发的文件名、chunk id、manifest条目、source map路径、恢复的符号和端点字符串
  • 可证明运行时分支的实际执行bundle或模块的准确内容
  • 可触发决定性效果的一个最小资产到运行时链路